remove filetransfer.

2024-07-24 14:40:50 +12:00 · 2024-04-20 11:08:17 +02:00
parent e26e4d2004
commit 5c683fb1b8
19 changed files with 5 additions and 988 deletions
--- a/server/internal/http/http.go
+++ b/server/internal/http/http.go
@ -3,12 +3,9 @@ package http
 import (
 	"context"
 	"encoding/json"
-	"fmt"
 	"image/jpeg"
-	"io"
 	"net/http"
 	"os"
-	"regexp"
 	"strconv"

 	"github.com/go-chi/chi/v5"
@ -21,8 +18,6 @@ import (
 	"m1k1o/neko/internal/types"
 )

-const FILE_UPLOAD_BUF_SIZE = 65000
-
 type Server struct {
 	logger zerolog.Logger
 	router *chi.Mux
@ -118,89 +113,6 @@ func New(conf *config.Server, webSocketHandler types.WebSocketHandler, desktop t
 		}
 	})

-	// allow downloading and uploading files
-	if webSocketHandler.FileTransferEnabled() {
-		router.Get("/file", func(w http.ResponseWriter, r *http.Request) {
-			password := r.URL.Query().Get("pwd")
-			isAuthorized, err := webSocketHandler.CanTransferFiles(password)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusForbidden)
-				return
-			}
-
-			if !isAuthorized {
-				http.Error(w, "bad authorization", http.StatusUnauthorized)
-				return
-			}
-
-			filename := r.URL.Query().Get("filename")
-			badChars, _ := regexp.MatchString(`(?m)\.\.(?:\/|$)`, filename)
-			if filename == "" || badChars {
-				http.Error(w, "bad filename", http.StatusBadRequest)
-				return
-			}
-
-			filePath := webSocketHandler.FileTransferPath(filename)
-			f, err := os.Open(filePath)
-			if err != nil {
-				http.Error(w, "not found or unable to open", http.StatusNotFound)
-				return
-			}
-			defer f.Close()
-
-			w.Header().Set("Content-Type", "application/octet-stream")
-			w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=%q", filename))
-			io.Copy(w, f)
-		})
-
-		router.Post("/file", func(w http.ResponseWriter, r *http.Request) {
-			password := r.URL.Query().Get("pwd")
-			isAuthorized, err := webSocketHandler.CanTransferFiles(password)
-			if err != nil {
-				http.Error(w, err.Error(), http.StatusForbidden)
-				return
-			}
-
-			if !isAuthorized {
-				http.Error(w, "bad authorization", http.StatusUnauthorized)
-				return
-			}
-
-			err = r.ParseMultipartForm(32 << 20)
-			if err != nil || r.MultipartForm == nil {
-				logger.Warn().Err(err).Msg("failed to parse multipart form")
-				http.Error(w, "error parsing form", http.StatusBadRequest)
-				return
-			}
-
-			for _, formheader := range r.MultipartForm.File["files"] {
-				filePath := webSocketHandler.FileTransferPath(formheader.Filename)
-
-				formfile, err := formheader.Open()
-				if err != nil {
-					logger.Warn().Err(err).Msg("failed to open formdata file")
-					http.Error(w, "error writing file", http.StatusInternalServerError)
-					return
-				}
-				defer formfile.Close()
-
-				f, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE, 0644)
-				if err != nil {
-					http.Error(w, "unable to open file for writing", http.StatusInternalServerError)
-					return
-				}
-				defer f.Close()
-
-				io.Copy(f, formfile)
-			}
-
-			err = r.MultipartForm.RemoveAll()
-			if err != nil {
-				logger.Warn().Err(err).Msg("failed to remove multipart form")
-			}
-		})
-	}
-
 	router.Get("/health", func(w http.ResponseWriter, r *http.Request) {
 		_, _ = w.Write([]byte("true"))
 	})