chore (plg_backend_tmp): align with plg_authenticate_local

server/plugin/plg_backend_tmp/index.go

@@ -2,7 +2,6 @@ package plg_backend_tmp
 
 import (
 	"encoding/base64"
-	"fmt"
 	. "github.com/mickael-kerjean/filestash/server/common"
 	"io"
 	"os"
@@ -30,7 +29,9 @@ func init() {
 	os.RemoveAll(FILESTASH_DIRECTORY)
 }
 
-type TmpStorage struct{}
+type TmpStorage struct {
+	userID string
+}
 
 func (this TmpStorage) Init(params map[string]string, app *App) (IBackend, error) {
 	if len(params["userID"]) == 0 {
@@ -38,19 +39,16 @@ func (this TmpStorage) Init(params map[string]string, app *App) (IBackend, error
 	} else if regexp.MustCompile(`^[a-zA-Z0-9]*$`).MatchString(params["userID"]) == false {
 		return nil, ErrAuthenticationFailed
 	}
-	p := filepath.Join(FILESTASH_DIRECTORY, params["userID"])
+	this.userID = params["userID"]
-	if strings.HasSuffix(p, "/") == false {
+	root, err := this.fullpath("/")
-		p = fmt.Sprintf("%s/", p)
+	if err != nil {
-	}
-	if err := this.VerifyPath(p); err != nil {
 		return nil, ErrAuthenticationFailed
 	}
 	if c := ChrootCache.Get(params); c == nil {
-		ChrootCache.Set(params, p)
+		ChrootCache.Set(params, root)
 	}
-	os.MkdirAll(p, 0755)
+	os.MkdirAll(root, 0755)
-	params["path"] = p
+	return &this, nil
-	return &TmpStorage{}, nil
 }
 
 func (this TmpStorage) LoginForm() Form {
@@ -71,7 +69,8 @@ func (this TmpStorage) LoginForm() Form {
 }
 
 func (this TmpStorage) Ls(path string) ([]os.FileInfo, error) {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return nil, err
 	}
 	f, err := SafeOsOpenFile(path, os.O_RDONLY, os.ModePerm)
@@ -82,7 +81,8 @@ func (this TmpStorage) Ls(path string) ([]os.FileInfo, error) {
 }
 
 func (this TmpStorage) Cat(path string) (io.ReadCloser, error) {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return nil, err
 	}
 	reader, err := SafeOsOpenFile(path, os.O_RDONLY, os.ModePerm)
@@ -104,30 +104,36 @@ func (this TmpStorage) Cat(path string) (io.ReadCloser, error) {
 }
 
 func (this TmpStorage) Mkdir(path string) error {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return err
 	}
 	return SafeOsMkdir(path, 0755)
 }
 
 func (this TmpStorage) Rm(path string) error {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return err
 	}
 	return SafeOsRemoveAll(path)
 }
 
 func (this TmpStorage) Mv(from, to string) error {
-	if err := this.VerifyPath(from); err != nil {
+	from, err := this.fullpath(from)
+	if err != nil {
 		return err
-	} else if err = this.VerifyPath(to); err != nil {
+	}
+	to, err = this.fullpath(to)
+	if err != nil {
 		return err
 	}
 	return SafeOsRename(from, to)
 }
 
 func (this TmpStorage) Save(path string, content io.Reader) error {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return err
 	}
 	f, err := SafeOsOpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.ModePerm)
@@ -139,7 +145,8 @@ func (this TmpStorage) Save(path string, content io.Reader) error {
 }
 
 func (this TmpStorage) Touch(path string) error {
-	if err := this.VerifyPath(path); err != nil {
+	path, err := this.fullpath(path)
+	if err != nil {
 		return err
 	}
 	f, err := SafeOsOpenFile(path, os.O_WRONLY|os.O_CREATE, os.ModePerm)
@@ -153,10 +160,11 @@ func (this TmpStorage) Touch(path string) error {
 	return f.Close()
 }
 
-func (this TmpStorage) VerifyPath(path string) error {
+func (this TmpStorage) fullpath(path string) (string, error) {
+	path = filepath.Join(FILESTASH_DIRECTORY, this.userID, path)
 	if strings.HasPrefix(path, FILESTASH_DIRECTORY) == false {
 		Log.Warning("plg_backend_tmp::chroot attempt to circumvent chroot via path[%s]", path)
-		return ErrPermissionDenied
+		return "", ErrPermissionDenied
 	}
-	return nil
+	return path, nil
 }