You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
cloudreve/middleware/share.go

133 lines
3.0 KiB

package middleware
import (
"fmt"
model "github.com/HFO4/cloudreve/models"
"github.com/HFO4/cloudreve/pkg/serializer"
"github.com/HFO4/cloudreve/pkg/util"
"github.com/gin-gonic/gin"
)
// ShareOwner 检查当前登录用户是否为分享所有者
func ShareOwner() gin.HandlerFunc {
return func(c *gin.Context) {
var user *model.User
if userCtx, ok := c.Get("user"); ok {
user = userCtx.(*model.User)
} else {
c.JSON(200, serializer.Err(serializer.CodeCheckLogin, "请先登录", nil))
c.Abort()
return
}
if share, ok := c.Get("share"); ok {
if share.(*model.Share).Creator().ID != user.ID {
c.JSON(200, serializer.Err(serializer.CodeNotFound, "分享不存在", nil))
c.Abort()
return
}
}
c.Next()
}
}
// ShareAvailable 检查分享是否可用
func ShareAvailable() gin.HandlerFunc {
return func(c *gin.Context) {
var user *model.User
if userCtx, ok := c.Get("user"); ok {
user = userCtx.(*model.User)
} else {
user = model.NewAnonymousUser()
}
share := model.GetShareByHashID(c.Param("id"))
if share == nil || !share.IsAvailable() {
c.JSON(200, serializer.Err(serializer.CodeNotFound, "分享不存在或已失效", nil))
c.Abort()
return
}
c.Set("user", user)
c.Set("share", share)
c.Next()
}
}
// ShareCanPreview 检查分享是否可被预览
func ShareCanPreview() gin.HandlerFunc {
return func(c *gin.Context) {
if share, ok := c.Get("share"); ok {
if share.(*model.Share).PreviewEnabled {
c.Next()
return
}
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, "此分享无法预览",
nil))
c.Abort()
return
}
c.Abort()
}
}
// CheckShareUnlocked 检查分享是否已解锁
func CheckShareUnlocked() gin.HandlerFunc {
return func(c *gin.Context) {
if shareCtx, ok := c.Get("share"); ok {
share := shareCtx.(*model.Share)
// 分享是否已解锁
if share.Password != "" {
sessionKey := fmt.Sprintf("share_unlock_%d", share.ID)
unlocked := util.GetSession(c, sessionKey) != nil
if !unlocked {
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr,
"无权访问此分享", nil))
c.Abort()
return
}
}
c.Next()
return
}
c.Abort()
}
}
// BeforeShareDownload 分享被下载前的检查
func BeforeShareDownload() gin.HandlerFunc {
return func(c *gin.Context) {
if shareCtx, ok := c.Get("share"); ok {
if userCtx, ok := c.Get("user"); ok {
share := shareCtx.(*model.Share)
user := userCtx.(*model.User)
// 检查用户是否可以下载此分享的文件
err := share.CanBeDownloadBy(user)
if err != nil {
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, err.Error(),
nil))
c.Abort()
return
}
// 对积分、下载次数进行更新
err = share.DownloadBy(user, c)
if err != nil {
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, err.Error(),
nil))
c.Abort()
return
}
c.Next()
return
}
}
c.Abort()
}
}