Roxen.git / server / modules / filesystems / filesystem.pike

version» Context lines:

Roxen.git/server/modules/filesystems/filesystem.pike:1:   // This is a roxen module. (c) Informationsv√§varna AB 1996.      // This is a virtual "file-system".   // It will be located somewhere in the name-space of the server.   // Also inherited by some of the other filesystems.    - string cvs_version= "$Id: filesystem.pike,v 1.14 1997/05/25 11:00:53 grubba Exp $"; + string cvs_version= "$Id: filesystem.pike,v 1.15 1997/06/10 19:08:01 grubba Exp $";      #include <module.h>   #include <roxen.h>   #include <stat.h>      #if DEBUG_LEVEL > 20   # ifndef FILESYSTEM_DEBUG   # define FILESYSTEM_DEBUG   # endif   #endif
Roxen.git/server/modules/filesystems/filesystem.pike:80:    defvar("check_auth", 1, "Require authentication for modification",    TYPE_FLAG,    "Only allow authenticated users to use methods other than "    "GET and POST. If unset, this filesystem will be a _very_ "    "public one (anyone can edit files located on it)");       defvar("stat_cache", 1, "Cache the results of stat(2)",    TYPE_FLAG,    "This can speed up the retrieval of files up to 60/70% if you"    " use NFS, but it does use some memory."); +  +  defvar("access_as_user", 0, "Access file as the logged in user", +  TYPE_FLAG, +  "EXPERIMENTAL. Access file as the logged in user.<br>\n" +  "This is useful for eg named-ftp.");   }         mixed *register_module()   {    return ({    MODULE_LOCATION,    "Filesystem",    ("This is a virtual filesystem, use it to make files available to "+    "the users of your WWW-server. If you want to serve any 'normal' "
Roxen.git/server/modules/filesystems/filesystem.pike:252:    return 0;    redirects++;    return http_redirect(id->not_query[..sizeof(id->not_query)-2], id);    }       if(!id->misc->internal_get && QUERY(.files)    && (tmp = (id->not_query/"/")[-1])    && tmp[0] == '.')    return 0;    +  object privs; +  +  if (((int)id->misc->uid) && ((int)id->misc->gid) && +  (QUERY(access_as_user))) { +  privs=((program)"privs")("Getting file", (int)id->misc->uid, +  (int)id->misc->gid ); +  } +     o = open( f, "r" );    -  +  privs = 0; +     if(!o)    {    errors++;    report_error("Open of " + f + " failed. Permission denied.\n");    return http_low_answer(403, "<h2>File exists, but access forbidden "    "by user</h2>");    }       id->realfile = f;    accesses++;
Roxen.git/server/modules/filesystems/filesystem.pike:286:    return 0;    }       if(QUERY(check_auth) && (!id->auth || !id->auth[0]))    return http_auth_required("foo",    "<h1>Permission to 'PUT' files denied</h1>");    puts++;       object privs;    -  if(id->misc->uid) +  if (((int)id->misc->uid) && ((int)id->misc->gid)) {    privs=((program)"privs")("Saving file", (int)id->misc->uid,    (int)id->misc->gid ); -  +  }       rm( f );    mkdirhier( f );    object to = open(f, "wc");    -  +  privs = 0; +     if(!to)    {    id->misc->error_code = 403;    return 0;    }       putting[id->my_fd]=id->misc->len;    if(id->data && strlen(id->data))    {    putting[id->my_fd] -= strlen(id->data);
Roxen.git/server/modules/filesystems/filesystem.pike:328:    {    id->misc->error_code = 405;    return 0;    }    if(QUERY(check_auth) && !id->misc->auth_ok)    return http_low_answer(403, "<h1>Permission to DELETE file denied</h1>");       report_error("DELETING the file "+f+"\n");    accesses++;    -  if(id->misc->uid) -  privs=((program)"privs")("Saving file", id->misc->uid, id->misc->gid ); +  if (((int)id->misc->uid) && ((int)id->misc->gid)) { +  privs=((program)"privs")("Deleting file", id->misc->uid, id->misc->gid ); +  }       if(!rm(f))    {    id->misc->error_code = 405;    return 0;    }    deletes++;    return http_low_answer(200,(f+" DELETED from the server"));       default: