static char *
check_virtual_repo_permission (SeafRepoManager *mgr,
const char *repo_id,
const char *origin_repo_id,
const char *user,
GError **error)
{
char *owner = NULL, *orig_owner = NULL;
char *permission = NULL;
owner = seaf_repo_manager_get_repo_owner (mgr, repo_id);
if (!owner) {
seaf_warning ("Failed to get owner for virtual repo %.10s.\n", repo_id);
goto out;
}
/* If this virtual repo is not created by @user, it is shared by others. */
if (strcmp (user, owner) != 0) {
permission = check_repo_share_permission (mgr, repo_id, user);
goto out;
}
/* otherwise check @user's permission to the origin repo. */
permission = seaf_repo_manager_check_permission (mgr, origin_repo_id,
user, error);
out:
g_free (owner);
g_free (orig_owner);
return permission;
}
static void *
check_tx (void *vprocessor)
{
CcnetProcessor *processor = vprocessor;
USE_PRIV;
char *user = NULL;
char *repo_id = priv->repo_id;
if (!seaf_repo_manager_repo_exists (seaf->repo_mgr, repo_id)) {
priv->rsp_code = g_strdup(SC_BAD_REPO);
priv->rsp_msg = g_strdup(SS_BAD_REPO);
goto out;
}
if (decrypt_token (processor) < 0) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
user = seaf_repo_manager_get_email_by_token (
seaf->repo_mgr, repo_id, priv->token);
if (!user) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
if (priv->type == CHECK_TX_TYPE_UPLOAD &&
seaf_quota_manager_check_quota (seaf->quota_mgr, repo_id) < 0) {
priv->rsp_code = g_strdup(SC_QUOTA_FULL);
priv->rsp_msg = g_strdup(SS_QUOTA_FULL);
goto out;
}
char *perm = seaf_repo_manager_check_permission (seaf->repo_mgr,
repo_id, user, NULL);
if (!perm ||
(strcmp (perm, "r") == 0 && priv->type == CHECK_TX_TYPE_UPLOAD))
{
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
g_free (perm);
goto out;
}
g_free (perm);
get_branch_head (processor);
out:
g_free (user);
return vprocessor;
}
static void *
check_tx (void *vprocessor)
{
CcnetProcessor *processor = vprocessor;
USE_PRIV;
char *user = NULL;
char *repo_id = priv->repo_id;
if (!seaf_repo_manager_repo_exists (seaf->repo_mgr, repo_id)) {
priv->rsp_code = g_strdup(SC_BAD_REPO);
priv->rsp_msg = g_strdup(SS_BAD_REPO);
goto out;
}
if (decrypt_token (processor) < 0) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
user = seaf_repo_manager_get_email_by_token (
seaf->repo_mgr, repo_id, priv->token);
if (!user) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
if (priv->type == CHECK_TX_TYPE_UPLOAD &&
seaf_quota_manager_check_quota (seaf->quota_mgr, repo_id) < 0) {
priv->rsp_code = g_strdup(SC_QUOTA_FULL);
priv->rsp_msg = g_strdup(SS_QUOTA_FULL);
goto out;
}
char *perm = seaf_repo_manager_check_permission (seaf->repo_mgr,
repo_id, user, NULL);
if (!perm ||
(strcmp (perm, "r") == 0 && priv->type == CHECK_TX_TYPE_UPLOAD))
{
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
g_free (perm);
goto out;
}
g_free (perm);
/* Record the (token, email, <peer info>) information, <peer info> may
* include peer_id, peer_ip, peer_name, etc.
*/
if (!seaf_repo_manager_token_peer_info_exists (seaf->repo_mgr, priv->token))
seaf_repo_manager_add_token_peer_info (seaf->repo_mgr,
priv->token,
processor->peer_id,
priv->peer_addr,
priv->peer_name,
(gint64)time(NULL));
else
seaf_repo_manager_update_token_peer_info (seaf->repo_mgr,
priv->token,
priv->peer_addr,
(gint64)time(NULL));
get_branch_head (processor);
out:
g_free (user);
return vprocessor;
}
GList *
seaf_repo_manager_list_dir_with_perm (SeafRepoManager *mgr,
const char *repo_id,
const char *dir_path,
const char *dir_id,
const char *user,
int offset,
int limit,
GError **error)
{
SeafRepo *repo;
char *perm = NULL;
SeafDir *dir;
SeafDirent *dent;
SeafileDirent *d;
GList *res = NULL;
GList *p;
if (!repo_id || !is_uuid_valid(repo_id) || dir_id == NULL || !user) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_DIR_ID, "Bad dir id");
return NULL;
}
perm = seaf_repo_manager_check_permission (mgr, repo_id, user, error);
if (!perm) {
if (*error == NULL)
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_ARGS, "Access denied");
return NULL;
}
repo = seaf_repo_manager_get_repo (seaf->repo_mgr, repo_id);
if (!repo) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_ARGS, "Bad repo id");
g_free (perm);
return NULL;
}
dir = seaf_fs_manager_get_seafdir (seaf->fs_mgr,
repo->store_id, repo->version, dir_id);
if (!dir) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_DIR_ID, "Bad dir id");
seaf_repo_unref (repo);
g_free (perm);
return NULL;
}
dir->entries = g_list_sort (dir->entries, comp_dirent_func);
if (offset < 0) {
offset = 0;
}
int index = 0;
for (p = dir->entries; p != NULL; p = p->next, index++) {
if (index < offset) {
continue;
}
if (limit > 0) {
if (index >= offset + limit)
break;
}
dent = p->data;
d = g_object_new (SEAFILE_TYPE_DIRENT,
"obj_id", dent->id,
"obj_name", dent->name,
"mode", dent->mode,
"version", dent->version,
"mtime", dent->mtime,
"size", dent->size,
"permission", perm,
NULL);
res = g_list_prepend (res, d);
}
seaf_dir_free (dir);
seaf_repo_unref (repo);
g_free (perm);
res = g_list_reverse (res);
return res;
}
static void *
check_tx (void *vprocessor)
{
CcnetProcessor *processor = vprocessor;
USE_PRIV;
char *user = NULL;
char *repo_id = priv->repo_id;
SeafRepo *repo = NULL;
repo = seaf_repo_manager_get_repo (seaf->repo_mgr, repo_id);
if (!repo) {
priv->rsp_code = g_strdup(SC_BAD_REPO);
priv->rsp_msg = g_strdup(SS_BAD_REPO);
goto out;
}
if (repo->version > 0 && priv->client_version < 6) {
seaf_warning ("Client protocol version is %d, "
"cannot sync version %d repo %s.\n",
priv->client_version, repo->version, repo_id);
priv->rsp_code = g_strdup(SC_PROTOCOL_MISMATCH);
priv->rsp_msg = g_strdup(SS_PROTOCOL_MISMATCH);
goto out;
}
if (decrypt_token (processor) < 0) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
user = seaf_repo_manager_get_email_by_token (
seaf->repo_mgr, repo_id, priv->token);
if (!user) {
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
goto out;
}
if (priv->type == CHECK_TX_TYPE_UPLOAD &&
seaf_quota_manager_check_quota (seaf->quota_mgr, repo_id) < 0) {
priv->rsp_code = g_strdup(SC_QUOTA_FULL);
priv->rsp_msg = g_strdup(SS_QUOTA_FULL);
goto out;
}
char *perm = seaf_repo_manager_check_permission (seaf->repo_mgr,
repo_id, user, NULL);
if (!perm ||
(strcmp (perm, "r") == 0 && priv->type == CHECK_TX_TYPE_UPLOAD))
{
priv->rsp_code = g_strdup(SC_ACCESS_DENIED);
priv->rsp_msg = g_strdup(SS_ACCESS_DENIED);
g_free (perm);
goto out;
}
g_free (perm);
/* Record the (token, email, <peer info>) information, <peer info> may
* include peer_id, peer_ip, peer_name, etc.
*/
if (!seaf_repo_manager_token_peer_info_exists (seaf->repo_mgr, priv->token))
seaf_repo_manager_add_token_peer_info (seaf->repo_mgr,
priv->token,
processor->peer_id,
priv->peer_addr,
priv->peer_name,
(gint64)time(NULL));
else
seaf_repo_manager_update_token_peer_info (seaf->repo_mgr,
priv->token,
priv->peer_addr,
(gint64)time(NULL));
get_branch_head (processor);
/* Fill information for sending events. */
priv->user = g_strdup(user);
if (repo->virtual_info) {
memcpy (priv->orig_repo_id, repo->virtual_info->origin_repo_id, 36);
priv->orig_path = g_strdup(repo->virtual_info->path);
} else
memcpy (priv->orig_repo_id, repo_id, 36);
out:
seaf_repo_unref (repo);
g_free (user);
return vprocessor;
}
GList *
seaf_repo_manager_list_dir_with_perm (SeafRepoManager *mgr,
const char *repo_id,
const char *dir_path,
const char *dir_id,
const char *user,
int offset,
int limit,
GError **error)
{
SeafRepo *repo;
char *perm = NULL;
SeafDir *dir;
SeafDirent *dent;
SeafileDirent *d;
GList *res = NULL;
GList *p;
if (!repo_id || !is_uuid_valid(repo_id) || dir_id == NULL || !user) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_DIR_ID, "Bad dir id");
return NULL;
}
perm = seaf_repo_manager_check_permission (mgr, repo_id, user, error);
if (!perm) {
if (*error == NULL)
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_ARGS, "Access denied");
return NULL;
}
repo = seaf_repo_manager_get_repo (seaf->repo_mgr, repo_id);
if (!repo) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_ARGS, "Bad repo id");
g_free (perm);
return NULL;
}
dir = seaf_fs_manager_get_seafdir (seaf->fs_mgr,
repo->store_id, repo->version, dir_id);
if (!dir) {
g_set_error (error, SEAFILE_DOMAIN, SEAF_ERR_BAD_DIR_ID, "Bad dir id");
seaf_repo_unref (repo);
g_free (perm);
return NULL;
}
dir->entries = g_list_sort (dir->entries, comp_dirent_func);
if (offset < 0) {
offset = 0;
}
int index = 0;
gboolean is_shared;
char *cur_path;
GHashTable *shared_sub_dirs = NULL;
if (!repo->virtual_info) {
char *repo_owner = seaf_repo_manager_get_repo_owner (seaf->repo_mgr, repo_id);
if (repo_owner && strcmp (user, repo_owner) == 0) {
shared_sub_dirs = seaf_share_manager_get_shared_sub_dirs (seaf->share_mgr,
repo->store_id,
dir_path);
}
g_free (repo_owner);
}
for (p = dir->entries; p != NULL; p = p->next, index++) {
if (index < offset) {
continue;
}
if (limit > 0) {
if (index >= offset + limit)
break;
}
dent = p->data;
d = g_object_new (SEAFILE_TYPE_DIRENT,
"obj_id", dent->id,
"obj_name", dent->name,
"mode", dent->mode,
"version", dent->version,
"mtime", dent->mtime,
"size", dent->size,
"permission", perm,
NULL);
if (shared_sub_dirs && S_ISDIR(dent->mode)) {
if (strcmp (dir_path, "/") == 0) {
cur_path = g_strconcat (dir_path, dent->name, NULL);
} else {
cur_path = g_strconcat (dir_path, "/", dent->name, NULL);
}
is_shared = g_hash_table_lookup (shared_sub_dirs, cur_path) ? TRUE : FALSE;
g_free (cur_path);
g_object_set (d, "is_shared", is_shared, NULL);
}
res = g_list_prepend (res, d);
}
if (shared_sub_dirs)
g_hash_table_destroy (shared_sub_dirs);
seaf_dir_free (dir);
seaf_repo_unref (repo);
g_free (perm);
if (res)
res = g_list_reverse (res);
return res;
}
