Compare commits
No commits in common. "a6d69c319ebbe67d5923060c9aabf45a0e1aafbe" and "8a41d4bef2da4c9da27c0db6f569d2063eb3f22d" have entirely different histories.
a6d69c319e
...
8a41d4bef2
|
@ -21,11 +21,6 @@ allow_pass_protection=true
|
||||||
# This is shown only if allow_uploads = false
|
# This is shown only if allow_uploads = false
|
||||||
# upload_disable_reason="File uploads were disabled because of an ongoing attack."
|
# upload_disable_reason="File uploads were disabled because of an ongoing attack."
|
||||||
|
|
||||||
# If you want to restrict the uploads
|
|
||||||
# To only the people who have a password,
|
|
||||||
# uncomment this field
|
|
||||||
# upload_pass=super_secret_pass
|
|
||||||
|
|
||||||
# Timeout for deleting a user uploaded file
|
# Timeout for deleting a user uploaded file
|
||||||
file_del_timeout=1800
|
file_del_timeout=1800
|
||||||
|
|
||||||
|
|
|
@ -111,10 +111,6 @@ paths:
|
||||||
type: string
|
type: string
|
||||||
example: binary file data
|
example: binary file data
|
||||||
description: binary file data
|
description: binary file data
|
||||||
instance_pass:
|
|
||||||
type: string
|
|
||||||
example: super_secret_pass
|
|
||||||
description: Instance-specific password needed to upload files
|
|
||||||
metadata:
|
metadata:
|
||||||
type: object
|
type: object
|
||||||
description: file info
|
description: file info
|
||||||
|
|
|
@ -22,10 +22,6 @@ pub struct FilesPolicy {
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub upload_disable_reason: Option<String>,
|
pub upload_disable_reason: Option<String>,
|
||||||
|
|
||||||
/// Upload password
|
|
||||||
#[serde(default)]
|
|
||||||
pub upload_pass: Option<String>,
|
|
||||||
|
|
||||||
/// Default time for file to be deleted
|
/// Default time for file to be deleted
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub file_del_timeout: usize,
|
pub file_del_timeout: usize,
|
||||||
|
@ -46,7 +42,6 @@ impl Default for FilesPolicy {
|
||||||
allow_custom_names: true,
|
allow_custom_names: true,
|
||||||
allow_pass_protection: true,
|
allow_pass_protection: true,
|
||||||
upload_disable_reason: None,
|
upload_disable_reason: None,
|
||||||
upload_pass: None,
|
|
||||||
file_del_timeout: 1800,
|
file_del_timeout: 1800,
|
||||||
type_whitelist: None,
|
type_whitelist: None,
|
||||||
type_blacklist: None,
|
type_blacklist: None,
|
||||||
|
|
|
@ -61,7 +61,6 @@ impl FormElement {
|
||||||
struct UploadFormData {
|
struct UploadFormData {
|
||||||
filename: Option<String>,
|
filename: Option<String>,
|
||||||
password: Option<String>,
|
password: Option<String>,
|
||||||
instancepass: Option<String>,
|
|
||||||
lookup_kind: LookupKind,
|
lookup_kind: LookupKind,
|
||||||
delmode: DeleteMode,
|
delmode: DeleteMode,
|
||||||
file: Vec<u8>,
|
file: Vec<u8>,
|
||||||
|
@ -74,7 +73,6 @@ impl Default for UploadFormData {
|
||||||
UploadFormData {
|
UploadFormData {
|
||||||
filename: None,
|
filename: None,
|
||||||
password: None,
|
password: None,
|
||||||
instancepass: None,
|
|
||||||
lookup_kind: LookupKind::ByHash,
|
lookup_kind: LookupKind::ByHash,
|
||||||
delmode: DeleteMode::Time,
|
delmode: DeleteMode::Time,
|
||||||
file: vec![],
|
file: vec![],
|
||||||
|
@ -129,16 +127,6 @@ impl UploadFormData {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
match data.get("instancepass") {
|
|
||||||
Some(val) => {
|
|
||||||
let val = val.data.clone();
|
|
||||||
if let Ok(pass) = String::from_utf8(val) {
|
|
||||||
out.instancepass = Some(pass);
|
|
||||||
}
|
|
||||||
},
|
|
||||||
None => ()
|
|
||||||
};
|
|
||||||
|
|
||||||
let file = data.get("file")?;
|
let file = data.get("file")?;
|
||||||
out.file = file.data.clone();
|
out.file = file.data.clone();
|
||||||
out.mime = file.mime.clone();
|
out.mime = file.mime.clone();
|
||||||
|
@ -213,47 +201,6 @@ pub async fn upload(form: FormData, ip: Option<IpAddr>, state: SharedState) -> R
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
if let Some(upload_pass) = state.config.files.upload_pass.clone() {
|
|
||||||
|
|
||||||
if let Some(pass) = formdata.instancepass {
|
|
||||||
if upload_pass != pass {
|
|
||||||
let error = ErrorPage {
|
|
||||||
env: state.env.clone(),
|
|
||||||
conf: state.config.clone(),
|
|
||||||
error_text: "Password is invalid".into(),
|
|
||||||
link: Some("/".into()),
|
|
||||||
link_text: Some("Go back".into())
|
|
||||||
};
|
|
||||||
|
|
||||||
return Ok(
|
|
||||||
Box::new(
|
|
||||||
html(
|
|
||||||
error.render()
|
|
||||||
.map_err(|x| HttpReject::AskamaError(x))?
|
|
||||||
)
|
|
||||||
)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
let error = ErrorPage {
|
|
||||||
env: state.env.clone(),
|
|
||||||
conf: state.config.clone(),
|
|
||||||
error_text: "Password is not available".into(),
|
|
||||||
link: Some("/".into()),
|
|
||||||
link_text: Some("Go back".into())
|
|
||||||
};
|
|
||||||
|
|
||||||
return Ok(
|
|
||||||
Box::new(
|
|
||||||
html(
|
|
||||||
error.render()
|
|
||||||
.map_err(|x| HttpReject::AskamaError(x))?
|
|
||||||
)
|
|
||||||
)
|
|
||||||
)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
let file = File::create(
|
let file = File::create(
|
||||||
formdata.file,
|
formdata.file,
|
||||||
formdata.mime,
|
formdata.mime,
|
||||||
|
|
|
@ -20,8 +20,4 @@
|
||||||
|
|
||||||
.alert.danger .alert-title {
|
.alert.danger .alert-title {
|
||||||
background: #602020;
|
background: #602020;
|
||||||
}
|
|
||||||
|
|
||||||
.alert.blue .alert-title {
|
|
||||||
background: #203050;
|
|
||||||
}
|
}
|
|
@ -9,31 +9,6 @@
|
||||||
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
{% block scripts %}
|
|
||||||
|
|
||||||
{%- if conf.files.upload_pass.is_some() -%}
|
|
||||||
|
|
||||||
{#- Script to disable button when password is not entered -#}
|
|
||||||
{#- -#}<script>
|
|
||||||
{#- -#} (
|
|
||||||
{#- -#} ()=>{
|
|
||||||
{#- -#} const pass_inp=document.getElementById("instancepass");
|
|
||||||
{#- -#} const submit=document.getElementById("bfile-upload-submit");
|
|
||||||
{#- -#} submit.setAttribute('disabled',true);
|
|
||||||
{#- -#}
|
|
||||||
{#- -#} pass_inp.onchange=()=>{
|
|
||||||
{#- -#} if(pass_inp.value.length==0)
|
|
||||||
{#- -#} submit.setAttribute('disabled',true);
|
|
||||||
{#- -#} else submit.removeAttribute('disabled')
|
|
||||||
{#- -#} }
|
|
||||||
{#- -#} }
|
|
||||||
{#- -#} )()
|
|
||||||
{#- -#}</script>
|
|
||||||
|
|
||||||
{%- endif -%}
|
|
||||||
|
|
||||||
{% endblock %}
|
|
||||||
|
|
||||||
{% block body %}
|
{% block body %}
|
||||||
|
|
||||||
<div style="max-width:95vw;width:fit-content;margin:0 auto">
|
<div style="max-width:95vw;width:fit-content;margin:0 auto">
|
||||||
|
@ -139,24 +114,6 @@
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
{%- else -%}
|
{%- else -%}
|
||||||
|
|
||||||
{%- if let Some(pass) = conf.files.upload_pass -%}
|
|
||||||
<div class="alert blue">
|
|
||||||
<h1 class="alert-title">
|
|
||||||
Upload password
|
|
||||||
</h1>
|
|
||||||
<div class="alert-text">
|
|
||||||
<p>This instance requires a password to upload a file.</p>
|
|
||||||
<p>
|
|
||||||
<label>
|
|
||||||
Password:
|
|
||||||
<input type="password" name="instancepass" id="instancepass">
|
|
||||||
</label>
|
|
||||||
</p>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
{%- endif -%}
|
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
<input type="file" name="file" id="bfile-formupload-file" style="display: none" />
|
<input type="file" name="file" id="bfile-formupload-file" style="display: none" />
|
||||||
<label for="bfile-formupload-file">
|
<label for="bfile-formupload-file">
|
||||||
|
@ -185,7 +142,7 @@
|
||||||
</label>
|
</label>
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<button class='btn btn-fill' id="bfile-upload-submit">
|
<button class='btn btn-fill'>
|
||||||
Upload!
|
Upload!
|
||||||
</button>
|
</button>
|
||||||
</p>
|
</p>
|
||||||
|
|
Loading…
Reference in New Issue