Name: "tranNotifyDeleteUser",
},
tranAgreed: {
+ Access: accessAlwaysAllow,
Name: "tranAgreed",
Handler: HandleTranAgreed,
},
tranChatSend: {
+ Access: accessSendChat,
+ DenyMsg: "You are not allowed to participate in chat.",
Handler: HandleChatSend,
Name: "tranChatSend",
RequiredFields: []requiredField{
Handler: HandleDelNewsArt,
},
tranDelNewsItem: {
+ Access: accessAlwaysAllow, // Granular access enforced inside the handler
// Has multiple access flags: News Delete Folder (37) or News Delete Category (35)
// TODO: Implement inside the handler
Name: "tranDelNewsItem",
Handler: HandleDelNewsItem,
},
tranDeleteFile: {
+ Access: accessAlwaysAllow, // Granular access enforced inside the handler
Name: "tranDeleteFile",
Handler: HandleDeleteFile,
},
tranDeleteUser: {
+ Access: accessDeleteUser,
+ DenyMsg: "You are not allowed to delete accounts.",
Name: "tranDeleteUser",
Handler: HandleDeleteUser,
},
Handler: HandleGetClientConnInfoText,
},
tranGetFileInfo: {
+ Access: accessAlwaysAllow,
Name: "tranGetFileInfo",
Handler: HandleGetFileInfo,
},
tranGetFileNameList: {
+ Access: accessAlwaysAllow,
Name: "tranGetFileNameList",
Handler: HandleGetFileNameList,
},
Handler: HandleGetNewsCatNameList,
},
tranGetUser: {
+ Access: accessOpenUser,
DenyMsg: "You are not allowed to view accounts.",
Name: "tranGetUser",
Handler: HandleGetUser,
},
tranGetUserNameList: {
+ Access: accessAlwaysAllow,
Name: "tranHandleGetUserNameList",
Handler: HandleGetUserNameList,
},
Handler: HandleInviteToChat,
},
tranJoinChat: {
+ Access: accessAlwaysAllow,
Name: "tranJoinChat",
Handler: HandleJoinChat,
},
tranKeepAlive: {
+ Access: accessAlwaysAllow,
Name: "tranKeepAlive",
Handler: HandleKeepAlive,
},
tranLeaveChat: {
+ Access: accessAlwaysAllow,
Name: "tranJoinChat",
Handler: HandleLeaveChat,
},
Handler: HandlePostNewsArt,
},
tranRejectChatInvite: {
+ Access: accessAlwaysAllow,
Name: "tranRejectChatInvite",
Handler: HandleRejectChatInvite,
},
},
},
tranSetChatSubject: {
+ Access: accessAlwaysAllow,
Name: "tranSetChatSubject",
Handler: HandleSetChatSubject,
},
tranMakeFileAlias: {
+ Access: accessAlwaysAllow,
Name: "tranMakeFileAlias",
Handler: HandleMakeAlias,
RequiredFields: []requiredField{
},
},
tranSetClientUserInfo: {
+ Access: accessAlwaysAllow,
Name: "tranSetClientUserInfo",
Handler: HandleSetClientUserInfo,
},
tranSetFileInfo: {
+ Access: accessAlwaysAllow,
Name: "tranSetFileInfo",
Handler: HandleSetFileInfo,
},
Handler: HandleSetUser,
},
tranUploadFile: {
+ Access: accessAlwaysAllow,
Name: "tranUploadFile",
Handler: HandleUploadFile,
},
tranUploadFldr: {
+ Access: accessAlwaysAllow,
Name: "tranUploadFldr",
Handler: HandleUploadFolder,
},
NewField(fieldFileType, ffo.FlatFileInformationFork.TypeSignature),
NewField(fieldFileCreateDate, ffo.FlatFileInformationFork.CreateDate),
NewField(fieldFileModifyDate, ffo.FlatFileInformationFork.ModifyDate),
- NewField(fieldFileSize, ffo.FlatFileDataForkHeader.DataSize),
+ NewField(fieldFileSize, ffo.FlatFileDataForkHeader.DataSize[:]),
))
return res, err
}
delName := pathStrs[len(pathStrs)-1]
if len(pathStrs) > 1 {
- for _, path := range pathStrs[0 : len(pathStrs)-1] {
- cats = cats[path].SubCats
+ for _, fp := range pathStrs[0 : len(pathStrs)-1] {
+ cats = cats[fp].SubCats
}
}
NewField(fieldRefNum, transactionRef),
NewField(fieldWaitingCount, []byte{0x00, 0x00}), // TODO: Implement waiting count
NewField(fieldTransferSize, ffo.TransferSize()),
- NewField(fieldFileSize, ffo.FlatFileDataForkHeader.DataSize),
+ NewField(fieldFileSize, ffo.FlatFileDataForkHeader.DataSize[:]),
))
return res, err
transactionRef := cc.Server.NewTransactionRef()
data := binary.BigEndian.Uint32(transactionRef)
+ var fp FilePath
+ if t.GetField(fieldFilePath).Data != nil {
+ if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
+ return res, err
+ }
+ }
+
+ // Handle special cases for Upload and Drop Box folders
+ if !authorize(cc.Account.Access, accessUploadAnywhere) {
+ if !fp.IsUploadDir() && !fp.IsDropbox() {
+ res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the folder \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(t.GetField(fieldFileName).Data))))
+ return res, err
+ }
+ }
+
fileTransfer := &FileTransfer{
FileName: t.GetField(fieldFileName).Data,
FilePath: t.GetField(fieldFilePath).Data,
return res, err
}
+// HandleUploadFile
+// Special cases:
+// * If the target directory contains "uploads" (case insensitive)
func HandleUploadFile(cc *ClientConn, t *Transaction) (res []Transaction, err error) {
- // TODO: add permission handing for upload folders and drop boxes
if !authorize(cc.Account.Access, accessUploadFile) {
res = append(res, cc.NewErrReply(t, "You are not allowed to upload files."))
return res, err
fileName := t.GetField(fieldFileName).Data
filePath := t.GetField(fieldFilePath).Data
+ var fp FilePath
+ if filePath != nil {
+ if err = fp.UnmarshalBinary(filePath); err != nil {
+ return res, err
+ }
+ }
+
+ // Handle special cases for Upload and Drop Box folders
+ if !authorize(cc.Account.Access, accessUploadAnywhere) {
+ if !fp.IsUploadDir() && !fp.IsDropbox() {
+ res = append(res, cc.NewErrReply(t, fmt.Sprintf("Cannot accept upload of the file \"%v\" because you are only allowed to upload to the \"Uploads\" folder.", string(fileName))))
+ return res, err
+ }
+ }
+
transactionRef := cc.Server.NewTransactionRef()
data := binary.BigEndian.Uint32(transactionRef)
return res, err
}
+ var fp FilePath
+ if t.GetField(fieldFilePath).Data != nil {
+ if err = fp.UnmarshalBinary(t.GetField(fieldFilePath).Data); err != nil {
+ return res, err
+ }
+ }
+
+ // Handle special case for drop box folders
+ if fp.IsDropbox() && !authorize(cc.Account.Access, accessViewDropBoxes) {
+ res = append(res, cc.NewReply(t))
+ return res, err
+ }
+
fileNames, err := getFileNameList(fullPath)
if err != nil {
return res, err
git.r.bdr.sh / rbdr / mobius / blobdiff