fix: better path detection
This commit is contained in:
+14
-3
@@ -2,10 +2,12 @@ import os
|
||||
import io
|
||||
import tarfile
|
||||
import shutil
|
||||
import re
|
||||
|
||||
|
||||
class DataDir:
|
||||
HOST_FILE = ".host"
|
||||
PATH_REGEX = re.compile(r"^[\w-]+$")
|
||||
|
||||
def __init__(self, root_path: str):
|
||||
self.root_path = root_path
|
||||
@@ -13,20 +15,28 @@ class DataDir:
|
||||
def list_paths(self) -> list[str]:
|
||||
paths: list[str] = []
|
||||
for path in os.listdir(self.root_path):
|
||||
if os.path.isdir(os.path.join(self.root_path, path)):
|
||||
if self.__valid_path(path):
|
||||
paths += [path]
|
||||
return paths
|
||||
|
||||
def __valid_path(self, path: str, exists: bool = True) -> bool:
|
||||
return (
|
||||
not exists or os.path.isdir(os.path.join(self.root_path, path))
|
||||
) and self.PATH_REGEX.match(path) is not None
|
||||
|
||||
def set_host(self, path: str, host: str):
|
||||
if self.__valid_path(path):
|
||||
path_host = os.path.join(self.root_path, path, self.HOST_FILE)
|
||||
with open(path_host, mode="w") as host_file:
|
||||
host_file.write(host)
|
||||
|
||||
def has_index(self, path: str):
|
||||
if self.__valid_path(path):
|
||||
path_index = os.path.join(self.root_path, path, "index.html")
|
||||
return os.path.exists(path_index) and os.path.isfile(path_index)
|
||||
|
||||
def get_host(self, path: str):
|
||||
if self.__valid_path(path):
|
||||
path_host = os.path.join(self.root_path, path, self.HOST_FILE)
|
||||
if os.path.exists(path_host) and os.path.isfile(path_host):
|
||||
try:
|
||||
@@ -37,6 +47,7 @@ class DataDir:
|
||||
return None
|
||||
|
||||
def extract_tar_bytes(self, path: str, tar_bytes: io.BytesIO):
|
||||
if self.__valid_path(path, exists=False):
|
||||
target_path = os.path.join(self.root_path, path)
|
||||
with tarfile.open(fileobj=tar_bytes) as tar_file:
|
||||
if os.path.exists(target_path):
|
||||
@@ -44,9 +55,9 @@ class DataDir:
|
||||
tar_file.extractall(target_path)
|
||||
|
||||
def remove(self, path: str):
|
||||
if self.__valid_path(path):
|
||||
target_path = os.path.join(self.root_path, path)
|
||||
shutil.rmtree(target_path)
|
||||
|
||||
def exists(self, path: str):
|
||||
target_path = os.path.join(self.root_path, path)
|
||||
return os.path.exists(target_path) and os.path.isdir(target_path)
|
||||
return self.__valid_path(path)
|
||||
|
||||
+9
-2
@@ -12,6 +12,7 @@ class StaplerRequestHandler(http.server.SimpleHTTPRequestHandler):
|
||||
protocol_version = "HTTP/2.0"
|
||||
server_version = "StaplerServer/" + project.get_version()
|
||||
CERTBOT_CHALLENGE_PATH = "/.well-known/acme-challenge"
|
||||
PATH_REGEX = re.compile(r"^\/([\w-]+)\/")
|
||||
|
||||
def __init__(
|
||||
self, *args, params: params.Parameters, registry: registry.Registry, **kwargs
|
||||
@@ -34,6 +35,8 @@ class StaplerRequestHandler(http.server.SimpleHTTPRequestHandler):
|
||||
if (page := self.registry.get_from_host(self.get_host())) is not None:
|
||||
path = f"/{page.path}" + path
|
||||
path = super().translate_path(path)
|
||||
if self.get_subpath(match_full=False) is None: # not a valid path
|
||||
return ""
|
||||
if os.path.basename(path).startswith("."): # hidden files
|
||||
return ""
|
||||
return path
|
||||
@@ -83,8 +86,12 @@ class StaplerRequestHandler(http.server.SimpleHTTPRequestHandler):
|
||||
)
|
||||
self.registry.remove(sub_path)
|
||||
|
||||
def get_subpath(self) -> str | None:
|
||||
if (match := re.match(r"^\/([\w-]+)\/$", self.path)) is not None:
|
||||
def get_subpath(self, match_full: bool = True) -> str | None:
|
||||
if match_full:
|
||||
match = self.PATH_REGEX.fullmatch(self.path)
|
||||
else:
|
||||
match = self.PATH_REGEX.match(self.path)
|
||||
if match is not None:
|
||||
return match.group(1)
|
||||
return None
|
||||
|
||||
|
||||
Reference in New Issue
Block a user