diff --git a/delete.go b/delete.go new file mode 100644 index 0000000..0b7e17b --- /dev/null +++ b/delete.go @@ -0,0 +1,48 @@ +package main + +import ( + "net/http" + "os" + "path" + + "github.com/zenazn/goji/web" +) + +func deleteHandler(c web.C, w http.ResponseWriter, r *http.Request) { + requestKey := r.Header.Get("X-Delete-Key") + + filename := c.URLParams["name"] + filePath := path.Join(Config.filesDir, filename) + metaPath := path.Join(Config.metaDir, filename) + + // Ensure requested file actually exists + if _, readErr := os.Stat(filePath); os.IsNotExist(readErr) { + notFoundHandler(c, w, r) // 404 - file doesn't exist + return + } + + // Ensure delete key is correct + deleteKey, err := metadataGetDeleteKey(filename) + + if err != nil { + unauthorizedHandler(c, w, r) // 401 - no metadata available + return + } + + if deleteKey == requestKey { + fileDelErr := os.Remove(filePath) + metaDelErr := os.Remove(metaPath) + + if (fileDelErr != nil) || (metaDelErr != nil) { + oopsHandler(c, w, r) // 500 - can't delete something + return + } + + notFoundHandler(c, w, r) // 404 - file deleted + return + + } else { + unauthorizedHandler(c, w, r) // 401 - wrong delete key + return + } +} diff --git a/fileserve.go b/fileserve.go index 0507e83..542f4a8 100644 --- a/fileserve.go +++ b/fileserve.go @@ -12,7 +12,7 @@ func fileServeHandler(c web.C, w http.ResponseWriter, r *http.Request) { fileName := c.URLParams["name"] filePath := path.Join(Config.filesDir, fileName) - if isFileExpired(fileName) { + if !fileExistsAndNotExpired(fileName) { notFoundHandler(c, w, r) return } diff --git a/meta.go b/meta.go index 60b8a1c..e0ed2d8 100644 --- a/meta.go +++ b/meta.go @@ -30,7 +30,7 @@ func metadataWrite(filename string, upload *Upload) error { // Return list of strings from a filename's metadata source func metadataRead(filename string) ([]string, error) { - file, err := os.Create(path.Join(Config.metaDir, filename)) + file, err := os.Open(path.Join(Config.metaDir, filename)) if err != nil { return nil, err diff --git a/pages.go b/pages.go index e76f2d4..2d7f128 100644 --- a/pages.go +++ b/pages.go @@ -23,8 +23,17 @@ func notFoundHandler(c web.C, w http.ResponseWriter, r *http.Request) { } func oopsHandler(c web.C, w http.ResponseWriter, r *http.Request) { + w.WriteHeader(500) err := Templates["oops.html"].ExecuteWriter(pongo2.Context{}, w) if err != nil { oopsHandler(c, w, r) } } + +func unauthorizedHandler(c web.C, w http.ResponseWriter, r *http.Request) { + w.WriteHeader(401) + err := Templates["401.html"].ExecuteWriter(pongo2.Context{}, w) + if err != nil { + http.Error(w, err.Error(), http.StatusInternalServerError) + } +} diff --git a/server.go b/server.go index 14659ed..efd4c83 100644 --- a/server.go +++ b/server.go @@ -67,6 +67,7 @@ func setup() { // Routing setup nameRe := regexp.MustCompile(`^/(?P[a-z0-9-\.]+)$`) selifRe := regexp.MustCompile(`^/selif/(?P[a-z0-9-\.]+)$`) + selifIndexRe := regexp.MustCompile(`^/selif/$`) goji.Get("/", indexHandler) @@ -74,12 +75,14 @@ func setup() { goji.Post("/upload/", uploadPostHandler) goji.Put("/upload", uploadPutHandler) goji.Put("/upload/:name", uploadPutHandler) + goji.Delete("/:name", deleteHandler) staticBox := rice.MustFindBox("static") goji.Get("/static/*", http.StripPrefix("/static/", http.FileServer(staticBox.HTTPBox()))) goji.Get(nameRe, fileDisplayHandler) goji.Get(selifRe, fileServeHandler) + goji.Get(selifIndexRe, unauthorizedHandler) goji.NotFound(notFoundHandler) } diff --git a/templates.go b/templates.go index 6682a43..3a6ffdb 100644 --- a/templates.go +++ b/templates.go @@ -45,6 +45,7 @@ func populateTemplatesMap(tSet *pongo2.TemplateSet, tMap map[string]*pongo2.Temp templates := [...]string{ "index.html", "404.html", + "401.html", "oops.html", "display/audio.html", diff --git a/templates/401.html b/templates/401.html new file mode 100644 index 0000000..d643b62 --- /dev/null +++ b/templates/401.html @@ -0,0 +1,5 @@ +{% extends "base.html" %} + +{% block content %} +401 Unauthorized +{% endblock %}