Home Explore Help
Register Sign In
Apq
/
sftpgo
mirror of https://github.com/drakkan/sftpgo.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 51c15de892
Branches Tags
sftpgo
/
httpd
/
webadmin.go

webadmin.go 62 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002 
  1. package httpd
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"fmt"
    6. 

  6. 	"html/template"
    7. 

  7. 	"io"
    8. 

  8. 	"net/http"
    9. 

  9. 	"net/url"
    10. 

  10. 	"os"
    11. 

  11. 	"path/filepath"
    12. 

  12. 	"strconv"
    13. 

  13. 	"strings"
    14. 

  14. 	"time"
    15. 

  15. 

  16. 	"github.com/go-chi/render"
    17. 

  17. 	"github.com/sftpgo/sdk"
    18. 

  18. 	sdkkms "github.com/sftpgo/sdk/kms"
    19. 

  19. 

  20. 	"github.com/drakkan/sftpgo/v2/common"
    21. 

  21. 	"github.com/drakkan/sftpgo/v2/dataprovider"
    22. 

  22. 	"github.com/drakkan/sftpgo/v2/kms"
    23. 

  23. 	"github.com/drakkan/sftpgo/v2/mfa"
    24. 

  24. 	"github.com/drakkan/sftpgo/v2/smtp"
    25. 

  25. 	"github.com/drakkan/sftpgo/v2/util"
    26. 

  26. 	"github.com/drakkan/sftpgo/v2/version"
    27. 

  27. 	"github.com/drakkan/sftpgo/v2/vfs"
    28. 

  28. )
    29. 

  29. 

  30. type userPageMode int
    31. 

  31. 

  32. const (
    33. 

  33. 	userPageModeAdd userPageMode = iota + 1
    34. 

  34. 	userPageModeUpdate
    35. 

  35. 	userPageModeTemplate
    36. 

  36. )
    37. 

  37. 

  38. type folderPageMode int
    39. 

  39. 

  40. const (
    41. 

  41. 	folderPageModeAdd folderPageMode = iota + 1
    42. 

  42. 	folderPageModeUpdate
    43. 

  43. 	folderPageModeTemplate
    44. 

  44. )
    45. 

  45. 

  46. const (
    47. 

  47. 	templateAdminDir     = "webadmin"
    48. 

  48. 	templateBase         = "base.html"
    49. 

  49. 	templateBaseLogin    = "baselogin.html"
    50. 

  50. 	templateFsConfig     = "fsconfig.html"
    51. 

  51. 	templateUsers        = "users.html"
    52. 

  52. 	templateUser         = "user.html"
    53. 

  53. 	templateAdmins       = "admins.html"
    54. 

  54. 	templateAdmin        = "admin.html"
    55. 

  55. 	templateConnections  = "connections.html"
    56. 

  56. 	templateFolders      = "folders.html"
    57. 

  57. 	templateFolder       = "folder.html"
    58. 

  58. 	templateMessage      = "message.html"
    59. 

  59. 	templateStatus       = "status.html"
    60. 

  60. 	templateLogin        = "login.html"
    61. 

  61. 	templateDefender     = "defender.html"
    62. 

  62. 	templateProfile      = "profile.html"
    63. 

  63. 	templateChangePwd    = "changepassword.html"
    64. 

  64. 	templateMaintenance  = "maintenance.html"
    65. 

  65. 	templateMFA          = "mfa.html"
    66. 

  66. 	templateSetup        = "adminsetup.html"
    67. 

  67. 	pageUsersTitle       = "Users"
    68. 

  68. 	pageAdminsTitle      = "Admins"
    69. 

  69. 	pageConnectionsTitle = "Connections"
    70. 

  70. 	pageStatusTitle      = "Status"
    71. 

  71. 	pageFoldersTitle     = "Folders"
    72. 

  72. 	pageProfileTitle     = "My profile"
    73. 

  73. 	pageChangePwdTitle   = "Change password"
    74. 

  74. 	pageMaintenanceTitle = "Maintenance"
    75. 

  75. 	pageDefenderTitle    = "Defender"
    76. 

  76. 	pageForgotPwdTitle   = "SFTPGo Admin - Forgot password"
    77. 

  77. 	pageResetPwdTitle    = "SFTPGo Admin - Reset password"
    78. 

  78. 	pageSetupTitle       = "Create first admin user"
    79. 

  79. 	defaultQueryLimit    = 500
    80. 

  80. )
    81. 

  81. 

  82. var (
    83. 

  83. 	adminTemplates = make(map[string]*template.Template)
    84. 

  84. )
    85. 

  85. 

  86. type basePage struct {
    87. 

  87. 	Title              string
    88. 

  88. 	CurrentURL         string
    89. 

  89. 	UsersURL           string
    90. 

  90. 	UserURL            string
    91. 

  91. 	UserTemplateURL    string
    92. 

  92. 	AdminsURL          string
    93. 

  93. 	AdminURL           string
    94. 

  94. 	QuotaScanURL       string
    95. 

  95. 	ConnectionsURL     string
    96. 

  96. 	FoldersURL         string
    97. 

  97. 	FolderURL          string
    98. 

  98. 	FolderTemplateURL  string
    99. 

  99. 	DefenderURL        string
    100. 

  100. 	LogoutURL          string
    101. 

  101. 	ProfileURL         string
    102. 

  102. 	ChangePwdURL       string
    103. 

  103. 	MFAURL             string
    104. 

  104. 	FolderQuotaScanURL string
    105. 

  105. 	StatusURL          string
    106. 

  106. 	MaintenanceURL     string
    107. 

  107. 	StaticURL          string
    108. 

  108. 	UsersTitle         string
    109. 

  109. 	AdminsTitle        string
    110. 

  110. 	ConnectionsTitle   string
    111. 

  111. 	FoldersTitle       string
    112. 

  112. 	StatusTitle        string
    113. 

  113. 	MaintenanceTitle   string
    114. 

  114. 	DefenderTitle      string
    115. 

  115. 	Version            string
    116. 

  116. 	CSRFToken          string
    117. 

  117. 	HasDefender        bool
    118. 

  118. 	LoggedAdmin        *dataprovider.Admin
    119. 

  119. }
    120. 

  120. 

  121. type usersPage struct {
    122. 

  122. 	basePage
    123. 

  123. 	Users []dataprovider.User
    124. 

  124. }
    125. 

  125. 

  126. type adminsPage struct {
    127. 

  127. 	basePage
    128. 

  128. 	Admins []dataprovider.Admin
    129. 

  129. }
    130. 

  130. 

  131. type foldersPage struct {
    132. 

  132. 	basePage
    133. 

  133. 	Folders []vfs.BaseVirtualFolder
    134. 

  134. }
    135. 

  135. 

  136. type connectionsPage struct {
    137. 

  137. 	basePage
    138. 

  138. 	Connections []*common.ConnectionStatus
    139. 

  139. }
    140. 

  140. 

  141. type statusPage struct {
    142. 

  142. 	basePage
    143. 

  143. 	Status ServicesStatus
    144. 

  144. }
    145. 

  145. 

  146. type fsWrapper struct {
    147. 

  147. 	vfs.Filesystem
    148. 

  148. 	IsUserPage      bool
    149. 

  149. 	HasUsersBaseDir bool
    150. 

  150. 	DirPath         string
    151. 

  151. }
    152. 

  152. 

  153. type userPage struct {
    154. 

  154. 	basePage
    155. 

  155. 	User              *dataprovider.User
    156. 

  156. 	RootPerms         []string
    157. 

  157. 	Error             string
    158. 

  158. 	ValidPerms        []string
    159. 

  159. 	ValidLoginMethods []string
    160. 

  160. 	ValidProtocols    []string
    161. 

  161. 	WebClientOptions  []string
    162. 

  162. 	RootDirPerms      []string
    163. 

  163. 	RedactedSecret    string
    164. 

  164. 	Mode              userPageMode
    165. 

  165. 	VirtualFolders    []vfs.BaseVirtualFolder
    166. 

  166. 	CanImpersonate    bool
    167. 

  167. 	FsWrapper         fsWrapper
    168. 

  168. }
    169. 

  169. 

  170. type adminPage struct {
    171. 

  171. 	basePage
    172. 

  172. 	Admin *dataprovider.Admin
    173. 

  173. 	Error string
    174. 

  174. 	IsAdd bool
    175. 

  175. }
    176. 

  176. 

  177. type profilePage struct {
    178. 

  178. 	basePage
    179. 

  179. 	Error           string
    180. 

  180. 	AllowAPIKeyAuth bool
    181. 

  181. 	Email           string
    182. 

  182. 	Description     string
    183. 

  183. }
    184. 

  184. 

  185. type changePasswordPage struct {
    186. 

  186. 	basePage
    187. 

  187. 	Error string
    188. 

  188. }
    189. 

  189. 

  190. type mfaPage struct {
    191. 

  191. 	basePage
    192. 

  192. 	TOTPConfigs     []string
    193. 

  193. 	TOTPConfig      dataprovider.AdminTOTPConfig
    194. 

  194. 	GenerateTOTPURL string
    195. 

  195. 	ValidateTOTPURL string
    196. 

  196. 	SaveTOTPURL     string
    197. 

  197. 	RecCodesURL     string
    198. 

  198. }
    199. 

  199. 

  200. type maintenancePage struct {
    201. 

  201. 	basePage
    202. 

  202. 	BackupPath  string
    203. 

  203. 	RestorePath string
    204. 

  204. 	Error       string
    205. 

  205. }
    206. 

  206. 

  207. type defenderHostsPage struct {
    208. 

  208. 	basePage
    209. 

  209. 	DefenderHostsURL string
    210. 

  210. }
    211. 

  211. 

  212. type setupPage struct {
    213. 

  213. 	basePage
    214. 

  214. 	Username string
    215. 

  215. 	Error    string
    216. 

  216. }
    217. 

  217. 

  218. type folderPage struct {
    219. 

  219. 	basePage
    220. 

  220. 	Folder    vfs.BaseVirtualFolder
    221. 

  221. 	Error     string
    222. 

  222. 	Mode      folderPageMode
    223. 

  223. 	FsWrapper fsWrapper
    224. 

  224. }
    225. 

  225. 

  226. type messagePage struct {
    227. 

  227. 	basePage
    228. 

  228. 	Error   string
    229. 

  229. 	Success string
    230. 

  230. }
    231. 

  231. 

  232. type userTemplateFields struct {
    233. 

  233. 	Username  string
    234. 

  234. 	Password  string
    235. 

  235. 	PublicKey string
    236. 

  236. }
    237. 

  237. 

  238. func loadAdminTemplates(templatesPath string) {
    239. 

  239. 	usersPaths := []string{
    240. 

  240. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    241. 

  241. 		filepath.Join(templatesPath, templateAdminDir, templateUsers),
    242. 

  242. 	}
    243. 

  243. 	userPaths := []string{
    244. 

  244. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    245. 

  245. 		filepath.Join(templatesPath, templateAdminDir, templateFsConfig),
    246. 

  246. 		filepath.Join(templatesPath, templateAdminDir, templateUser),
    247. 

  247. 	}
    248. 

  248. 	adminsPaths := []string{
    249. 

  249. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    250. 

  250. 		filepath.Join(templatesPath, templateAdminDir, templateAdmins),
    251. 

  251. 	}
    252. 

  252. 	adminPaths := []string{
    253. 

  253. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    254. 

  254. 		filepath.Join(templatesPath, templateAdminDir, templateAdmin),
    255. 

  255. 	}
    256. 

  256. 	profilePaths := []string{
    257. 

  257. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    258. 

  258. 		filepath.Join(templatesPath, templateAdminDir, templateProfile),
    259. 

  259. 	}
    260. 

  260. 	changePwdPaths := []string{
    261. 

  261. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    262. 

  262. 		filepath.Join(templatesPath, templateAdminDir, templateChangePwd),
    263. 

  263. 	}
    264. 

  264. 	connectionsPaths := []string{
    265. 

  265. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    266. 

  266. 		filepath.Join(templatesPath, templateAdminDir, templateConnections),
    267. 

  267. 	}
    268. 

  268. 	messagePaths := []string{
    269. 

  269. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    270. 

  270. 		filepath.Join(templatesPath, templateAdminDir, templateMessage),
    271. 

  271. 	}
    272. 

  272. 	foldersPaths := []string{
    273. 

  273. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    274. 

  274. 		filepath.Join(templatesPath, templateAdminDir, templateFolders),
    275. 

  275. 	}
    276. 

  276. 	folderPaths := []string{
    277. 

  277. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    278. 

  278. 		filepath.Join(templatesPath, templateAdminDir, templateFsConfig),
    279. 

  279. 		filepath.Join(templatesPath, templateAdminDir, templateFolder),
    280. 

  280. 	}
    281. 

  281. 	statusPaths := []string{
    282. 

  282. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    283. 

  283. 		filepath.Join(templatesPath, templateAdminDir, templateStatus),
    284. 

  284. 	}
    285. 

  285. 	loginPaths := []string{
    286. 

  286. 		filepath.Join(templatesPath, templateAdminDir, templateBaseLogin),
    287. 

  287. 		filepath.Join(templatesPath, templateAdminDir, templateLogin),
    288. 

  288. 	}
    289. 

  289. 	maintenancePaths := []string{
    290. 

  290. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    291. 

  291. 		filepath.Join(templatesPath, templateAdminDir, templateMaintenance),
    292. 

  292. 	}
    293. 

  293. 	defenderPaths := []string{
    294. 

  294. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    295. 

  295. 		filepath.Join(templatesPath, templateAdminDir, templateDefender),
    296. 

  296. 	}
    297. 

  297. 	mfaPaths := []string{
    298. 

  298. 		filepath.Join(templatesPath, templateAdminDir, templateBase),
    299. 

  299. 		filepath.Join(templatesPath, templateAdminDir, templateMFA),
    300. 

  300. 	}
    301. 

  301. 	twoFactorPaths := []string{
    302. 

  302. 		filepath.Join(templatesPath, templateAdminDir, templateBaseLogin),
    303. 

  303. 		filepath.Join(templatesPath, templateAdminDir, templateTwoFactor),
    304. 

  304. 	}
    305. 

  305. 	twoFactorRecoveryPaths := []string{
    306. 

  306. 		filepath.Join(templatesPath, templateAdminDir, templateBaseLogin),
    307. 

  307. 		filepath.Join(templatesPath, templateAdminDir, templateTwoFactorRecovery),
    308. 

  308. 	}
    309. 

  309. 	setupPaths := []string{
    310. 

  310. 		filepath.Join(templatesPath, templateAdminDir, templateBaseLogin),
    311. 

  311. 		filepath.Join(templatesPath, templateAdminDir, templateSetup),
    312. 

  312. 	}
    313. 

  313. 	forgotPwdPaths := []string{
    314. 

  314. 		filepath.Join(templatesPath, templateCommonDir, templateForgotPassword),
    315. 

  315. 	}
    316. 

  316. 	resetPwdPaths := []string{
    317. 

  317. 		filepath.Join(templatesPath, templateCommonDir, templateResetPassword),
    318. 

  318. 	}
    319. 

  319. 

  320. 	fsBaseTpl := template.New("fsBaseTemplate").Funcs(template.FuncMap{
    321. 

  321. 		"ListFSProviders": func() []sdk.FilesystemProvider {
    322. 

  322. 			return []sdk.FilesystemProvider{sdk.LocalFilesystemProvider, sdk.CryptedFilesystemProvider,
    323. 

  323. 				sdk.S3FilesystemProvider, sdk.GCSFilesystemProvider,
    324. 

  324. 				sdk.AzureBlobFilesystemProvider, sdk.SFTPFilesystemProvider,
    325. 

  325. 			}
    326. 

  326. 		},
    327. 

  327. 	})
    328. 

  328. 	usersTmpl := util.LoadTemplate(nil, usersPaths...)
    329. 

  329. 	userTmpl := util.LoadTemplate(fsBaseTpl, userPaths...)
    330. 

  330. 	adminsTmpl := util.LoadTemplate(nil, adminsPaths...)
    331. 

  331. 	adminTmpl := util.LoadTemplate(nil, adminPaths...)
    332. 

  332. 	connectionsTmpl := util.LoadTemplate(nil, connectionsPaths...)
    333. 

  333. 	messageTmpl := util.LoadTemplate(nil, messagePaths...)
    334. 

  334. 	foldersTmpl := util.LoadTemplate(nil, foldersPaths...)
    335. 

  335. 	folderTmpl := util.LoadTemplate(fsBaseTpl, folderPaths...)
    336. 

  336. 	statusTmpl := util.LoadTemplate(nil, statusPaths...)
    337. 

  337. 	loginTmpl := util.LoadTemplate(nil, loginPaths...)
    338. 

  338. 	profileTmpl := util.LoadTemplate(nil, profilePaths...)
    339. 

  339. 	changePwdTmpl := util.LoadTemplate(nil, changePwdPaths...)
    340. 

  340. 	maintenanceTmpl := util.LoadTemplate(nil, maintenancePaths...)
    341. 

  341. 	defenderTmpl := util.LoadTemplate(nil, defenderPaths...)
    342. 

  342. 	mfaTmpl := util.LoadTemplate(nil, mfaPaths...)
    343. 

  343. 	twoFactorTmpl := util.LoadTemplate(nil, twoFactorPaths...)
    344. 

  344. 	twoFactorRecoveryTmpl := util.LoadTemplate(nil, twoFactorRecoveryPaths...)
    345. 

  345. 	setupTmpl := util.LoadTemplate(nil, setupPaths...)
    346. 

  346. 	forgotPwdTmpl := util.LoadTemplate(nil, forgotPwdPaths...)
    347. 

  347. 	resetPwdTmpl := util.LoadTemplate(nil, resetPwdPaths...)
    348. 

  348. 

  349. 	adminTemplates[templateUsers] = usersTmpl
    350. 

  350. 	adminTemplates[templateUser] = userTmpl
    351. 

  351. 	adminTemplates[templateAdmins] = adminsTmpl
    352. 

  352. 	adminTemplates[templateAdmin] = adminTmpl
    353. 

  353. 	adminTemplates[templateConnections] = connectionsTmpl
    354. 

  354. 	adminTemplates[templateMessage] = messageTmpl
    355. 

  355. 	adminTemplates[templateFolders] = foldersTmpl
    356. 

  356. 	adminTemplates[templateFolder] = folderTmpl
    357. 

  357. 	adminTemplates[templateStatus] = statusTmpl
    358. 

  358. 	adminTemplates[templateLogin] = loginTmpl
    359. 

  359. 	adminTemplates[templateProfile] = profileTmpl
    360. 

  360. 	adminTemplates[templateChangePwd] = changePwdTmpl
    361. 

  361. 	adminTemplates[templateMaintenance] = maintenanceTmpl
    362. 

  362. 	adminTemplates[templateDefender] = defenderTmpl
    363. 

  363. 	adminTemplates[templateMFA] = mfaTmpl
    364. 

  364. 	adminTemplates[templateTwoFactor] = twoFactorTmpl
    365. 

  365. 	adminTemplates[templateTwoFactorRecovery] = twoFactorRecoveryTmpl
    366. 

  366. 	adminTemplates[templateSetup] = setupTmpl
    367. 

  367. 	adminTemplates[templateForgotPassword] = forgotPwdTmpl
    368. 

  368. 	adminTemplates[templateResetPassword] = resetPwdTmpl
    369. 

  369. }
    370. 

  370. 

  371. func getBasePageData(title, currentURL string, r *http.Request) basePage {
    372. 

  372. 	var csrfToken string
    373. 

  373. 	if currentURL != "" {
    374. 

  374. 		csrfToken = createCSRFToken()
    375. 

  375. 	}
    376. 

  376. 	return basePage{
    377. 

  377. 		Title:              title,
    378. 

  378. 		CurrentURL:         currentURL,
    379. 

  379. 		UsersURL:           webUsersPath,
    380. 

  380. 		UserURL:            webUserPath,
    381. 

  381. 		UserTemplateURL:    webTemplateUser,
    382. 

  382. 		AdminsURL:          webAdminsPath,
    383. 

  383. 		AdminURL:           webAdminPath,
    384. 

  384. 		FoldersURL:         webFoldersPath,
    385. 

  385. 		FolderURL:          webFolderPath,
    386. 

  386. 		FolderTemplateURL:  webTemplateFolder,
    387. 

  387. 		DefenderURL:        webDefenderPath,
    388. 

  388. 		LogoutURL:          webLogoutPath,
    389. 

  389. 		ProfileURL:         webAdminProfilePath,
    390. 

  390. 		ChangePwdURL:       webChangeAdminPwdPath,
    391. 

  391. 		MFAURL:             webAdminMFAPath,
    392. 

  392. 		QuotaScanURL:       webQuotaScanPath,
    393. 

  393. 		ConnectionsURL:     webConnectionsPath,
    394. 

  394. 		StatusURL:          webStatusPath,
    395. 

  395. 		FolderQuotaScanURL: webScanVFolderPath,
    396. 

  396. 		MaintenanceURL:     webMaintenancePath,
    397. 

  397. 		StaticURL:          webStaticFilesPath,
    398. 

  398. 		UsersTitle:         pageUsersTitle,
    399. 

  399. 		AdminsTitle:        pageAdminsTitle,
    400. 

  400. 		ConnectionsTitle:   pageConnectionsTitle,
    401. 

  401. 		FoldersTitle:       pageFoldersTitle,
    402. 

  402. 		StatusTitle:        pageStatusTitle,
    403. 

  403. 		MaintenanceTitle:   pageMaintenanceTitle,
    404. 

  404. 		DefenderTitle:      pageDefenderTitle,
    405. 

  405. 		Version:            version.GetAsString(),
    406. 

  406. 		LoggedAdmin:        getAdminFromToken(r),
    407. 

  407. 		HasDefender:        common.Config.DefenderConfig.Enabled,
    408. 

  408. 		CSRFToken:          csrfToken,
    409. 

  409. 	}
    410. 

  410. }
    411. 

  411. 

  412. func renderAdminTemplate(w http.ResponseWriter, tmplName string, data interface{}) {
    413. 

  413. 	err := adminTemplates[tmplName].ExecuteTemplate(w, tmplName, data)
    414. 

  414. 	if err != nil {
    415. 

  415. 		http.Error(w, err.Error(), http.StatusInternalServerError)
    416. 

  416. 	}
    417. 

  417. }
    418. 

  418. 

  419. func renderMessagePage(w http.ResponseWriter, r *http.Request, title, body string, statusCode int, err error, message string) {
    420. 

  420. 	var errorString string
    421. 

  421. 	if body != "" {
    422. 

  422. 		errorString = body + " "
    423. 

  423. 	}
    424. 

  424. 	if err != nil {
    425. 

  425. 		errorString += err.Error()
    426. 

  426. 	}
    427. 

  427. 	data := messagePage{
    428. 

  428. 		basePage: getBasePageData(title, "", r),
    429. 

  429. 		Error:    errorString,
    430. 

  430. 		Success:  message,
    431. 

  431. 	}
    432. 

  432. 	w.WriteHeader(statusCode)
    433. 

  433. 	renderAdminTemplate(w, templateMessage, data)
    434. 

  434. }
    435. 

  435. 

  436. func renderInternalServerErrorPage(w http.ResponseWriter, r *http.Request, err error) {
    437. 

  437. 	renderMessagePage(w, r, page500Title, page500Body, http.StatusInternalServerError, err, "")
    438. 

  438. }
    439. 

  439. 

  440. func renderBadRequestPage(w http.ResponseWriter, r *http.Request, err error) {
    441. 

  441. 	renderMessagePage(w, r, page400Title, "", http.StatusBadRequest, err, "")
    442. 

  442. }
    443. 

  443. 

  444. func renderForbiddenPage(w http.ResponseWriter, r *http.Request, body string) {
    445. 

  445. 	renderMessagePage(w, r, page403Title, "", http.StatusForbidden, nil, body)
    446. 

  446. }
    447. 

  447. 

  448. func renderNotFoundPage(w http.ResponseWriter, r *http.Request, err error) {
    449. 

  449. 	renderMessagePage(w, r, page404Title, page404Body, http.StatusNotFound, err, "")
    450. 

  450. }
    451. 

  451. 

  452. func renderForgotPwdPage(w http.ResponseWriter, error string) {
    453. 

  453. 	data := forgotPwdPage{
    454. 

  454. 		CurrentURL: webAdminForgotPwdPath,
    455. 

  455. 		Error:      error,
    456. 

  456. 		CSRFToken:  createCSRFToken(),
    457. 

  457. 		StaticURL:  webStaticFilesPath,
    458. 

  458. 		Title:      pageForgotPwdTitle,
    459. 

  459. 	}
    460. 

  460. 	renderAdminTemplate(w, templateForgotPassword, data)
    461. 

  461. }
    462. 

  462. 

  463. func renderResetPwdPage(w http.ResponseWriter, error string) {
    464. 

  464. 	data := resetPwdPage{
    465. 

  465. 		CurrentURL: webAdminResetPwdPath,
    466. 

  466. 		Error:      error,
    467. 

  467. 		CSRFToken:  createCSRFToken(),
    468. 

  468. 		StaticURL:  webStaticFilesPath,
    469. 

  469. 		Title:      pageResetPwdTitle,
    470. 

  470. 	}
    471. 

  471. 	renderAdminTemplate(w, templateResetPassword, data)
    472. 

  472. }
    473. 

  473. 

  474. func renderTwoFactorPage(w http.ResponseWriter, error string) {
    475. 

  475. 	data := twoFactorPage{
    476. 

  476. 		CurrentURL:  webAdminTwoFactorPath,
    477. 

  477. 		Version:     version.Get().Version,
    478. 

  478. 		Error:       error,
    479. 

  479. 		CSRFToken:   createCSRFToken(),
    480. 

  480. 		StaticURL:   webStaticFilesPath,
    481. 

  481. 		RecoveryURL: webAdminTwoFactorRecoveryPath,
    482. 

  482. 	}
    483. 

  483. 	renderAdminTemplate(w, templateTwoFactor, data)
    484. 

  484. }
    485. 

  485. 

  486. func renderTwoFactorRecoveryPage(w http.ResponseWriter, error string) {
    487. 

  487. 	data := twoFactorPage{
    488. 

  488. 		CurrentURL: webAdminTwoFactorRecoveryPath,
    489. 

  489. 		Version:    version.Get().Version,
    490. 

  490. 		Error:      error,
    491. 

  491. 		CSRFToken:  createCSRFToken(),
    492. 

  492. 		StaticURL:  webStaticFilesPath,
    493. 

  493. 	}
    494. 

  494. 	renderAdminTemplate(w, templateTwoFactorRecovery, data)
    495. 

  495. }
    496. 

  496. 

  497. func renderMFAPage(w http.ResponseWriter, r *http.Request) {
    498. 

  498. 	data := mfaPage{
    499. 

  499. 		basePage:        getBasePageData(pageMFATitle, webAdminMFAPath, r),
    500. 

  500. 		TOTPConfigs:     mfa.GetAvailableTOTPConfigNames(),
    501. 

  501. 		GenerateTOTPURL: webAdminTOTPGeneratePath,
    502. 

  502. 		ValidateTOTPURL: webAdminTOTPValidatePath,
    503. 

  503. 		SaveTOTPURL:     webAdminTOTPSavePath,
    504. 

  504. 		RecCodesURL:     webAdminRecoveryCodesPath,
    505. 

  505. 	}
    506. 

  506. 	admin, err := dataprovider.AdminExists(data.LoggedAdmin.Username)
    507. 

  507. 	if err != nil {
    508. 

  508. 		renderInternalServerErrorPage(w, r, err)
    509. 

  509. 		return
    510. 

  510. 	}
    511. 

  511. 	data.TOTPConfig = admin.Filters.TOTPConfig
    512. 

  512. 	renderAdminTemplate(w, templateMFA, data)
    513. 

  513. }
    514. 

  514. 

  515. func renderProfilePage(w http.ResponseWriter, r *http.Request, error string) {
    516. 

  516. 	data := profilePage{
    517. 

  517. 		basePage: getBasePageData(pageProfileTitle, webAdminProfilePath, r),
    518. 

  518. 		Error:    error,
    519. 

  519. 	}
    520. 

  520. 	admin, err := dataprovider.AdminExists(data.LoggedAdmin.Username)
    521. 

  521. 	if err != nil {
    522. 

  522. 		renderInternalServerErrorPage(w, r, err)
    523. 

  523. 		return
    524. 

  524. 	}
    525. 

  525. 	data.AllowAPIKeyAuth = admin.Filters.AllowAPIKeyAuth
    526. 

  526. 	data.Email = admin.Email
    527. 

  527. 	data.Description = admin.Description
    528. 

  528. 

  529. 	renderAdminTemplate(w, templateProfile, data)
    530. 

  530. }
    531. 

  531. 

  532. func renderChangePasswordPage(w http.ResponseWriter, r *http.Request, error string) {
    533. 

  533. 	data := changePasswordPage{
    534. 

  534. 		basePage: getBasePageData(pageChangePwdTitle, webChangeAdminPwdPath, r),
    535. 

  535. 		Error:    error,
    536. 

  536. 	}
    537. 

  537. 

  538. 	renderAdminTemplate(w, templateChangePwd, data)
    539. 

  539. }
    540. 

  540. 

  541. func renderMaintenancePage(w http.ResponseWriter, r *http.Request, error string) {
    542. 

  542. 	data := maintenancePage{
    543. 

  543. 		basePage:    getBasePageData(pageMaintenanceTitle, webMaintenancePath, r),
    544. 

  544. 		BackupPath:  webBackupPath,
    545. 

  545. 		RestorePath: webRestorePath,
    546. 

  546. 		Error:       error,
    547. 

  547. 	}
    548. 

  548. 

  549. 	renderAdminTemplate(w, templateMaintenance, data)
    550. 

  550. }
    551. 

  551. 

  552. func renderAdminSetupPage(w http.ResponseWriter, r *http.Request, username, error string) {
    553. 

  553. 	data := setupPage{
    554. 

  554. 		basePage: getBasePageData(pageSetupTitle, webAdminSetupPath, r),
    555. 

  555. 		Username: username,
    556. 

  556. 		Error:    error,
    557. 

  557. 	}
    558. 

  558. 

  559. 	renderAdminTemplate(w, templateSetup, data)
    560. 

  560. }
    561. 

  561. 

  562. func renderAddUpdateAdminPage(w http.ResponseWriter, r *http.Request, admin *dataprovider.Admin,
    563. 

  563. 	error string, isAdd bool) {
    564. 

  564. 	currentURL := webAdminPath
    565. 

  565. 	title := "Add a new admin"
    566. 

  566. 	if !isAdd {
    567. 

  567. 		currentURL = fmt.Sprintf("%v/%v", webAdminPath, url.PathEscape(admin.Username))
    568. 

  568. 		title = "Update admin"
    569. 

  569. 	}
    570. 

  570. 	data := adminPage{
    571. 

  571. 		basePage: getBasePageData(title, currentURL, r),
    572. 

  572. 		Admin:    admin,
    573. 

  573. 		Error:    error,
    574. 

  574. 		IsAdd:    isAdd,
    575. 

  575. 	}
    576. 

  576. 

  577. 	renderAdminTemplate(w, templateAdmin, data)
    578. 

  578. }
    579. 

  579. 

  580. func renderUserPage(w http.ResponseWriter, r *http.Request, user *dataprovider.User, mode userPageMode, error string) {
    581. 

  581. 	folders, err := getWebVirtualFolders(w, r, defaultQueryLimit)
    582. 

  582. 	if err != nil {
    583. 

  583. 		return
    584. 

  584. 	}
    585. 

  585. 	user.SetEmptySecretsIfNil()
    586. 

  586. 	var title, currentURL string
    587. 

  587. 	switch mode {
    588. 

  588. 	case userPageModeAdd:
    589. 

  589. 		title = "Add a new user"
    590. 

  590. 		currentURL = webUserPath
    591. 

  591. 	case userPageModeUpdate:
    592. 

  592. 		title = "Update user"
    593. 

  593. 		currentURL = fmt.Sprintf("%v/%v", webUserPath, url.PathEscape(user.Username))
    594. 

  594. 	case userPageModeTemplate:
    595. 

  595. 		title = "User template"
    596. 

  596. 		currentURL = webTemplateUser
    597. 

  597. 	}
    598. 

  598. 	if user.Password != "" && user.IsPasswordHashed() && mode == userPageModeUpdate {
    599. 

  599. 		user.Password = redactedSecret
    600. 

  600. 	}
    601. 

  601. 	user.FsConfig.RedactedSecret = redactedSecret
    602. 

  602. 	data := userPage{
    603. 

  603. 		basePage:          getBasePageData(title, currentURL, r),
    604. 

  604. 		Mode:              mode,
    605. 

  605. 		Error:             error,
    606. 

  606. 		User:              user,
    607. 

  607. 		ValidPerms:        dataprovider.ValidPerms,
    608. 

  608. 		ValidLoginMethods: dataprovider.ValidLoginMethods,
    609. 

  609. 		ValidProtocols:    dataprovider.ValidProtocols,
    610. 

  610. 		WebClientOptions:  sdk.WebClientOptions,
    611. 

  611. 		RootDirPerms:      user.GetPermissionsForPath("/"),
    612. 

  612. 		VirtualFolders:    folders,
    613. 

  613. 		CanImpersonate:    os.Getuid() == 0,
    614. 

  614. 		FsWrapper: fsWrapper{
    615. 

  615. 			Filesystem:      user.FsConfig,
    616. 

  616. 			IsUserPage:      true,
    617. 

  617. 			HasUsersBaseDir: dataprovider.HasUsersBaseDir(),
    618. 

  618. 			DirPath:         user.HomeDir,
    619. 

  619. 		},
    620. 

  620. 	}
    621. 

  621. 	renderAdminTemplate(w, templateUser, data)
    622. 

  622. }
    623. 

  623. 

  624. func renderFolderPage(w http.ResponseWriter, r *http.Request, folder vfs.BaseVirtualFolder, mode folderPageMode, error string) {
    625. 

  625. 	var title, currentURL string
    626. 

  626. 	switch mode {
    627. 

  627. 	case folderPageModeAdd:
    628. 

  628. 		title = "Add a new folder"
    629. 

  629. 		currentURL = webFolderPath
    630. 

  630. 	case folderPageModeUpdate:
    631. 

  631. 		title = "Update folder"
    632. 

  632. 		currentURL = fmt.Sprintf("%v/%v", webFolderPath, url.PathEscape(folder.Name))
    633. 

  633. 	case folderPageModeTemplate:
    634. 

  634. 		title = "Folder template"
    635. 

  635. 		currentURL = webTemplateFolder
    636. 

  636. 	}
    637. 

  637. 	folder.FsConfig.RedactedSecret = redactedSecret
    638. 

  638. 	folder.FsConfig.SetEmptySecretsIfNil()
    639. 

  639. 

  640. 	data := folderPage{
    641. 

  641. 		basePage: getBasePageData(title, currentURL, r),
    642. 

  642. 		Error:    error,
    643. 

  643. 		Folder:   folder,
    644. 

  644. 		Mode:     mode,
    645. 

  645. 		FsWrapper: fsWrapper{
    646. 

  646. 			Filesystem:      folder.FsConfig,
    647. 

  647. 			IsUserPage:      false,
    648. 

  648. 			HasUsersBaseDir: false,
    649. 

  649. 			DirPath:         folder.MappedPath,
    650. 

  650. 		},
    651. 

  651. 	}
    652. 

  652. 	renderAdminTemplate(w, templateFolder, data)
    653. 

  653. }
    654. 

  654. 

  655. func getFoldersForTemplate(r *http.Request) []string {
    656. 

  656. 	var res []string
    657. 

  657. 	folderNames := r.Form["tpl_foldername"]
    658. 

  658. 	folders := make(map[string]bool)
    659. 

  659. 	for _, name := range folderNames {
    660. 

  660. 		name = strings.TrimSpace(name)
    661. 

  661. 		if name == "" {
    662. 

  662. 			continue
    663. 

  663. 		}
    664. 

  664. 		if _, ok := folders[name]; ok {
    665. 

  665. 			continue
    666. 

  666. 		}
    667. 

  667. 		folders[name] = true
    668. 

  668. 		res = append(res, name)
    669. 

  669. 	}
    670. 

  670. 	return res
    671. 

  671. }
    672. 

  672. 

  673. func getUsersForTemplate(r *http.Request) []userTemplateFields {
    674. 

  674. 	var res []userTemplateFields
    675. 

  675. 	tplUsernames := r.Form["tpl_username"]
    676. 

  676. 	tplPasswords := r.Form["tpl_password"]
    677. 

  677. 	tplPublicKeys := r.Form["tpl_public_keys"]
    678. 

  678. 

  679. 	users := make(map[string]bool)
    680. 

  680. 	for idx, username := range tplUsernames {
    681. 

  681. 		username = strings.TrimSpace(username)
    682. 

  682. 		password := ""
    683. 

  683. 		publicKey := ""
    684. 

  684. 		if len(tplPasswords) > idx {
    685. 

  685. 			password = strings.TrimSpace(tplPasswords[idx])
    686. 

  686. 		}
    687. 

  687. 		if len(tplPublicKeys) > idx {
    688. 

  688. 			publicKey = strings.TrimSpace(tplPublicKeys[idx])
    689. 

  689. 		}
    690. 

  690. 		if username == "" || (password == "" && publicKey == "") {
    691. 

  691. 			continue
    692. 

  692. 		}
    693. 

  693. 		if _, ok := users[username]; ok {
    694. 

  694. 			continue
    695. 

  695. 		}
    696. 

  696. 

  697. 		users[username] = true
    698. 

  698. 		res = append(res, userTemplateFields{
    699. 

  699. 			Username:  username,
    700. 

  700. 			Password:  password,
    701. 

  701. 			PublicKey: publicKey,
    702. 

  702. 		})
    703. 

  703. 	}
    704. 

  704. 

  705. 	return res
    706. 

  706. }
    707. 

  707. 

  708. func getVirtualFoldersFromPostFields(r *http.Request) []vfs.VirtualFolder {
    709. 

  709. 	var virtualFolders []vfs.VirtualFolder
    710. 

  710. 	folderPaths := r.Form["vfolder_path"]
    711. 

  711. 	folderNames := r.Form["vfolder_name"]
    712. 

  712. 	folderQuotaSizes := r.Form["vfolder_quota_size"]
    713. 

  713. 	folderQuotaFiles := r.Form["vfolder_quota_files"]
    714. 

  714. 	for idx, p := range folderPaths {
    715. 

  715. 		p = strings.TrimSpace(p)
    716. 

  716. 		name := ""
    717. 

  717. 		if len(folderNames) > idx {
    718. 

  718. 			name = folderNames[idx]
    719. 

  719. 		}
    720. 

  720. 		if p != "" && name != "" {
    721. 

  721. 			vfolder := vfs.VirtualFolder{
    722. 

  722. 				BaseVirtualFolder: vfs.BaseVirtualFolder{
    723. 

  723. 					Name: name,
    724. 

  724. 				},
    725. 

  725. 				VirtualPath: p,
    726. 

  726. 				QuotaFiles:  -1,
    727. 

  727. 				QuotaSize:   -1,
    728. 

  728. 			}
    729. 

  729. 			if len(folderQuotaSizes) > idx {
    730. 

  730. 				quotaSize, err := strconv.ParseInt(strings.TrimSpace(folderQuotaSizes[idx]), 10, 64)
    731. 

  731. 				if err == nil {
    732. 

  732. 					vfolder.QuotaSize = quotaSize
    733. 

  733. 				}
    734. 

  734. 			}
    735. 

  735. 			if len(folderQuotaFiles) > idx {
    736. 

  736. 				quotaFiles, err := strconv.Atoi(strings.TrimSpace(folderQuotaFiles[idx]))
    737. 

  737. 				if err == nil {
    738. 

  738. 					vfolder.QuotaFiles = quotaFiles
    739. 

  739. 				}
    740. 

  740. 			}
    741. 

  741. 			virtualFolders = append(virtualFolders, vfolder)
    742. 

  742. 		}
    743. 

  743. 	}
    744. 

  744. 

  745. 	return virtualFolders
    746. 

  746. }
    747. 

  747. 

  748. func getUserPermissionsFromPostFields(r *http.Request) map[string][]string {
    749. 

  749. 	permissions := make(map[string][]string)
    750. 

  750. 	permissions["/"] = r.Form["permissions"]
    751. 

  751. 

  752. 	for k := range r.Form {
    753. 

  753. 		if strings.HasPrefix(k, "sub_perm_path") {
    754. 

  754. 			p := strings.TrimSpace(r.Form.Get(k))
    755. 

  755. 			if p != "" {
    756. 

  756. 				idx := strings.TrimPrefix(k, "sub_perm_path")
    757. 

  757. 				permissions[p] = r.Form[fmt.Sprintf("sub_perm_permissions%v", idx)]
    758. 

  758. 			}
    759. 

  759. 		}
    760. 

  760. 	}
    761. 

  761. 

  762. 	return permissions
    763. 

  763. }
    764. 

  764. 

  765. func getBandwidthLimitsFromPostFields(r *http.Request) ([]sdk.BandwidthLimit, error) {
    766. 

  766. 	var result []sdk.BandwidthLimit
    767. 

  767. 

  768. 	for k := range r.Form {
    769. 

  769. 		if strings.HasPrefix(k, "bandwidth_limit_sources") {
    770. 

  770. 			sources := getSliceFromDelimitedValues(r.Form.Get(k), ",")
    771. 

  771. 			if len(sources) > 0 {
    772. 

  772. 				bwLimit := sdk.BandwidthLimit{
    773. 

  773. 					Sources: sources,
    774. 

  774. 				}
    775. 

  775. 				idx := strings.TrimPrefix(k, "bandwidth_limit_sources")
    776. 

  776. 				ul := r.Form.Get(fmt.Sprintf("upload_bandwidth_source%v", idx))
    777. 

  777. 				dl := r.Form.Get(fmt.Sprintf("download_bandwidth_source%v", idx))
    778. 

  778. 				if ul != "" {
    779. 

  779. 					bandwidthUL, err := strconv.ParseInt(ul, 10, 64)
    780. 

  780. 					if err != nil {
    781. 

  781. 						return result, fmt.Errorf("invalid upload_bandwidth_source%v %#v: %w", idx, ul, err)
    782. 

  782. 					}
    783. 

  783. 					bwLimit.UploadBandwidth = bandwidthUL
    784. 

  784. 				}
    785. 

  785. 				if dl != "" {
    786. 

  786. 					bandwidthDL, err := strconv.ParseInt(dl, 10, 64)
    787. 

  787. 					if err != nil {
    788. 

  788. 						return result, fmt.Errorf("invalid download_bandwidth_source%v %#v: %w", idx, ul, err)
    789. 

  789. 					}
    790. 

  790. 					bwLimit.DownloadBandwidth = bandwidthDL
    791. 

  791. 				}
    792. 

  792. 				result = append(result, bwLimit)
    793. 

  793. 			}
    794. 

  794. 		}
    795. 

  795. 	}
    796. 

  796. 

  797. 	return result, nil
    798. 

  798. }
    799. 

  799. 

  800. func getFilePatternsFromPostField(r *http.Request) []sdk.PatternsFilter {
    801. 

  801. 	var result []sdk.PatternsFilter
    802. 

  802. 

  803. 	allowedPatterns := make(map[string][]string)
    804. 

  804. 	deniedPatterns := make(map[string][]string)
    805. 

  805. 

  806. 	for k := range r.Form {
    807. 

  807. 		if strings.HasPrefix(k, "pattern_path") {
    808. 

  808. 			p := strings.TrimSpace(r.Form.Get(k))
    809. 

  809. 			idx := strings.TrimPrefix(k, "pattern_path")
    810. 

  810. 			filters := strings.TrimSpace(r.Form.Get(fmt.Sprintf("patterns%v", idx)))
    811. 

  811. 			filters = strings.ReplaceAll(filters, " ", "")
    812. 

  812. 			patternType := r.Form.Get(fmt.Sprintf("pattern_type%v", idx))
    813. 

  813. 			if p != "" && filters != "" {
    814. 

  814. 				if patternType == "allowed" {
    815. 

  815. 					allowedPatterns[p] = append(allowedPatterns[p], strings.Split(filters, ",")...)
    816. 

  816. 				} else {
    817. 

  817. 					deniedPatterns[p] = append(deniedPatterns[p], strings.Split(filters, ",")...)
    818. 

  818. 				}
    819. 

  819. 			}
    820. 

  820. 		}
    821. 

  821. 	}
    822. 

  822. 

  823. 	for dirAllowed, allowPatterns := range allowedPatterns {
    824. 

  824. 		filter := sdk.PatternsFilter{
    825. 

  825. 			Path:            dirAllowed,
    826. 

  826. 			AllowedPatterns: util.RemoveDuplicates(allowPatterns),
    827. 

  827. 		}
    828. 

  828. 		for dirDenied, denPatterns := range deniedPatterns {
    829. 

  829. 			if dirAllowed == dirDenied {
    830. 

  830. 				filter.DeniedPatterns = util.RemoveDuplicates(denPatterns)
    831. 

  831. 				break
    832. 

  832. 			}
    833. 

  833. 		}
    834. 

  834. 		result = append(result, filter)
    835. 

  835. 	}
    836. 

  836. 	for dirDenied, denPatterns := range deniedPatterns {
    837. 

  837. 		found := false
    838. 

  838. 		for _, res := range result {
    839. 

  839. 			if res.Path == dirDenied {
    840. 

  840. 				found = true
    841. 

  841. 				break
    842. 

  842. 			}
    843. 

  843. 		}
    844. 

  844. 		if !found {
    845. 

  845. 			result = append(result, sdk.PatternsFilter{
    846. 

  846. 				Path:           dirDenied,
    847. 

  847. 				DeniedPatterns: denPatterns,
    848. 

  848. 			})
    849. 

  849. 		}
    850. 

  850. 	}
    851. 

  851. 	return result
    852. 

  852. }
    853. 

  853. 

  854. func getFiltersFromUserPostFields(r *http.Request) (sdk.BaseUserFilters, error) {
    855. 

  855. 	var filters sdk.BaseUserFilters
    856. 

  856. 	bwLimits, err := getBandwidthLimitsFromPostFields(r)
    857. 

  857. 	if err != nil {
    858. 

  858. 		return filters, err
    859. 

  859. 	}
    860. 

  860. 	filters.BandwidthLimits = bwLimits
    861. 

  861. 	filters.AllowedIP = getSliceFromDelimitedValues(r.Form.Get("allowed_ip"), ",")
    862. 

  862. 	filters.DeniedIP = getSliceFromDelimitedValues(r.Form.Get("denied_ip"), ",")
    863. 

  863. 	filters.DeniedLoginMethods = r.Form["ssh_login_methods"]
    864. 

  864. 	filters.DeniedProtocols = r.Form["denied_protocols"]
    865. 

  865. 	filters.FilePatterns = getFilePatternsFromPostField(r)
    866. 

  866. 	filters.TLSUsername = sdk.TLSUsername(r.Form.Get("tls_username"))
    867. 

  867. 	filters.WebClient = r.Form["web_client_options"]
    868. 

  868. 	hooks := r.Form["hooks"]
    869. 

  869. 	if util.IsStringInSlice("external_auth_disabled", hooks) {
    870. 

  870. 		filters.Hooks.ExternalAuthDisabled = true
    871. 

  871. 	}
    872. 

  872. 	if util.IsStringInSlice("pre_login_disabled", hooks) {
    873. 

  873. 		filters.Hooks.PreLoginDisabled = true
    874. 

  874. 	}
    875. 

  875. 	if util.IsStringInSlice("check_password_disabled", hooks) {
    876. 

  876. 		filters.Hooks.CheckPasswordDisabled = true
    877. 

  877. 	}
    878. 

  878. 	filters.DisableFsChecks = len(r.Form.Get("disable_fs_checks")) > 0
    879. 

  879. 	filters.AllowAPIKeyAuth = len(r.Form.Get("allow_api_key_auth")) > 0
    880. 

  880. 	return filters, nil
    881. 

  881. }
    882. 

  882. 

  883. func getSecretFromFormField(r *http.Request, field string) *kms.Secret {
    884. 

  884. 	secret := kms.NewPlainSecret(r.Form.Get(field))
    885. 

  885. 	if strings.TrimSpace(secret.GetPayload()) == redactedSecret {
    886. 

  886. 		secret.SetStatus(sdkkms.SecretStatusRedacted)
    887. 

  887. 	}
    888. 

  888. 	if strings.TrimSpace(secret.GetPayload()) == "" {
    889. 

  889. 		secret.SetStatus("")
    890. 

  890. 	}
    891. 

  891. 	return secret
    892. 

  892. }
    893. 

  893. 

  894. func getS3Config(r *http.Request) (vfs.S3FsConfig, error) {
    895. 

  895. 	var err error
    896. 

  896. 	config := vfs.S3FsConfig{}
    897. 

  897. 	config.Bucket = r.Form.Get("s3_bucket")
    898. 

  898. 	config.Region = r.Form.Get("s3_region")
    899. 

  899. 	config.AccessKey = r.Form.Get("s3_access_key")
    900. 

  900. 	config.AccessSecret = getSecretFromFormField(r, "s3_access_secret")
    901. 

  901. 	config.Endpoint = r.Form.Get("s3_endpoint")
    902. 

  902. 	config.StorageClass = r.Form.Get("s3_storage_class")
    903. 

  903. 	config.ACL = r.Form.Get("s3_acl")
    904. 

  904. 	config.KeyPrefix = r.Form.Get("s3_key_prefix")
    905. 

  905. 	config.UploadPartSize, err = strconv.ParseInt(r.Form.Get("s3_upload_part_size"), 10, 64)
    906. 

  906. 	if err != nil {
    907. 

  907. 		return config, err
    908. 

  908. 	}
    909. 

  909. 	config.UploadConcurrency, err = strconv.Atoi(r.Form.Get("s3_upload_concurrency"))
    910. 

  910. 	if err != nil {
    911. 

  911. 		return config, err
    912. 

  912. 	}
    913. 

  913. 	config.DownloadPartSize, err = strconv.ParseInt(r.Form.Get("s3_download_part_size"), 10, 64)
    914. 

  914. 	if err != nil {
    915. 

  915. 		return config, err
    916. 

  916. 	}
    917. 

  917. 	config.DownloadConcurrency, err = strconv.Atoi(r.Form.Get("s3_download_concurrency"))
    918. 

  918. 	if err != nil {
    919. 

  919. 		return config, err
    920. 

  920. 	}
    921. 

  921. 	config.ForcePathStyle = r.Form.Get("s3_force_path_style") != ""
    922. 

  922. 	config.DownloadPartMaxTime, err = strconv.Atoi(r.Form.Get("s3_download_part_max_time"))
    923. 

  923. 	return config, err
    924. 

  924. }
    925. 

  925. 

  926. func getGCSConfig(r *http.Request) (vfs.GCSFsConfig, error) {
    927. 

  927. 	var err error
    928. 

  928. 	config := vfs.GCSFsConfig{}
    929. 

  929. 

  930. 	config.Bucket = r.Form.Get("gcs_bucket")
    931. 

  931. 	config.StorageClass = r.Form.Get("gcs_storage_class")
    932. 

  932. 	config.ACL = r.Form.Get("gcs_acl")
    933. 

  933. 	config.KeyPrefix = r.Form.Get("gcs_key_prefix")
    934. 

  934. 	autoCredentials := r.Form.Get("gcs_auto_credentials")
    935. 

  935. 	if autoCredentials != "" {
    936. 

  936. 		config.AutomaticCredentials = 1
    937. 

  937. 	} else {
    938. 

  938. 		config.AutomaticCredentials = 0
    939. 

  939. 	}
    940. 

  940. 	credentials, _, err := r.FormFile("gcs_credential_file")
    941. 

  941. 	if err == http.ErrMissingFile {
    942. 

  942. 		return config, nil
    943. 

  943. 	}
    944. 

  944. 	if err != nil {
    945. 

  945. 		return config, err
    946. 

  946. 	}
    947. 

  947. 	defer credentials.Close()
    948. 

  948. 	fileBytes, err := io.ReadAll(credentials)
    949. 

  949. 	if err != nil || len(fileBytes) == 0 {
    950. 

  950. 		if len(fileBytes) == 0 {
    951. 

  951. 			err = errors.New("credentials file size must be greater than 0")
    952. 

  952. 		}
    953. 

  953. 		return config, err
    954. 

  954. 	}
    955. 

  955. 	config.Credentials = kms.NewPlainSecret(string(fileBytes))
    956. 

  956. 	config.AutomaticCredentials = 0
    957. 

  957. 	return config, err
    958. 

  958. }
    959. 

  959. 

  960. func getSFTPConfig(r *http.Request) (vfs.SFTPFsConfig, error) {
    961. 

  961. 	var err error
    962. 

  962. 	config := vfs.SFTPFsConfig{}
    963. 

  963. 	config.Endpoint = r.Form.Get("sftp_endpoint")
    964. 

  964. 	config.Username = r.Form.Get("sftp_username")
    965. 

  965. 	config.Password = getSecretFromFormField(r, "sftp_password")
    966. 

  966. 	config.PrivateKey = getSecretFromFormField(r, "sftp_private_key")
    967. 

  967. 	fingerprintsFormValue := r.Form.Get("sftp_fingerprints")
    968. 

  968. 	config.Fingerprints = getSliceFromDelimitedValues(fingerprintsFormValue, "\n")
    969. 

  969. 	config.Prefix = r.Form.Get("sftp_prefix")
    970. 

  970. 	config.DisableCouncurrentReads = len(r.Form.Get("sftp_disable_concurrent_reads")) > 0
    971. 

  971. 	config.BufferSize, err = strconv.ParseInt(r.Form.Get("sftp_buffer_size"), 10, 64)
    972. 

  972. 	return config, err
    973. 

  973. }
    974. 

  974. 

  975. func getAzureConfig(r *http.Request) (vfs.AzBlobFsConfig, error) {
    976. 

  976. 	var err error
    977. 

  977. 	config := vfs.AzBlobFsConfig{}
    978. 

  978. 	config.Container = r.Form.Get("az_container")
    979. 

  979. 	config.AccountName = r.Form.Get("az_account_name")
    980. 

  980. 	config.AccountKey = getSecretFromFormField(r, "az_account_key")
    981. 

  981. 	config.SASURL = getSecretFromFormField(r, "az_sas_url")
    982. 

  982. 	config.Endpoint = r.Form.Get("az_endpoint")
    983. 

  983. 	config.KeyPrefix = r.Form.Get("az_key_prefix")
    984. 

  984. 	config.AccessTier = r.Form.Get("az_access_tier")
    985. 

  985. 	config.UseEmulator = len(r.Form.Get("az_use_emulator")) > 0
    986. 

  986. 	config.UploadPartSize, err = strconv.ParseInt(r.Form.Get("az_upload_part_size"), 10, 64)
    987. 

  987. 	if err != nil {
    988. 

  988. 		return config, err
    989. 

  989. 	}
    990. 

  990. 	config.UploadConcurrency, err = strconv.Atoi(r.Form.Get("az_upload_concurrency"))
    991. 

  991. 	return config, err
    992. 

  992. }
    993. 

  993. 

  994. func getFsConfigFromPostFields(r *http.Request) (vfs.Filesystem, error) {
    995. 

  995. 	var fs vfs.Filesystem
    996. 

  996. 	fs.Provider = sdk.GetProviderByName(r.Form.Get("fs_provider"))
    997. 

  997. 	switch fs.Provider {
    998. 

  998. 	case sdk.S3FilesystemProvider:
    999. 

  999. 		config, err := getS3Config(r)
    1000. 

  1000. 		if err != nil {
    1001. 

  1001. 			return fs, err
    1002. 

  1002. 		}
    1003. 

  1003. 		fs.S3Config = config
    1004. 

  1004. 	case sdk.AzureBlobFilesystemProvider:
    1005. 

  1005. 		config, err := getAzureConfig(r)
    1006. 

  1006. 		if err != nil {
    1007. 

  1007. 			return fs, err
    1008. 

  1008. 		}
    1009. 

  1009. 		fs.AzBlobConfig = config
    1010. 

  1010. 	case sdk.GCSFilesystemProvider:
    1011. 

  1011. 		config, err := getGCSConfig(r)
    1012. 

  1012. 		if err != nil {
    1013. 

  1013. 			return fs, err
    1014. 

  1014. 		}
    1015. 

  1015. 		fs.GCSConfig = config
    1016. 

  1016. 	case sdk.CryptedFilesystemProvider:
    1017. 

  1017. 		fs.CryptConfig.Passphrase = getSecretFromFormField(r, "crypt_passphrase")
    1018. 

  1018. 	case sdk.SFTPFilesystemProvider:
    1019. 

  1019. 		config, err := getSFTPConfig(r)
    1020. 

  1020. 		if err != nil {
    1021. 

  1021. 			return fs, err
    1022. 

  1022. 		}
    1023. 

  1023. 		fs.SFTPConfig = config
    1024. 

  1024. 	}
    1025. 

  1025. 	return fs, nil
    1026. 

  1026. }
    1027. 

  1027. 

  1028. func getAdminFromPostFields(r *http.Request) (dataprovider.Admin, error) {
    1029. 

  1029. 	var admin dataprovider.Admin
    1030. 

  1030. 	err := r.ParseForm()
    1031. 

  1031. 	if err != nil {
    1032. 

  1032. 		return admin, err
    1033. 

  1033. 	}
    1034. 

  1034. 	status, err := strconv.Atoi(r.Form.Get("status"))
    1035. 

  1035. 	if err != nil {
    1036. 

  1036. 		return admin, err
    1037. 

  1037. 	}
    1038. 

  1038. 	admin.Username = r.Form.Get("username")
    1039. 

  1039. 	admin.Password = r.Form.Get("password")
    1040. 

  1040. 	admin.Permissions = r.Form["permissions"]
    1041. 

  1041. 	admin.Email = r.Form.Get("email")
    1042. 

  1042. 	admin.Status = status
    1043. 

  1043. 	admin.Filters.AllowList = getSliceFromDelimitedValues(r.Form.Get("allowed_ip"), ",")
    1044. 

  1044. 	admin.Filters.AllowAPIKeyAuth = len(r.Form.Get("allow_api_key_auth")) > 0
    1045. 

  1045. 	admin.AdditionalInfo = r.Form.Get("additional_info")
    1046. 

  1046. 	admin.Description = r.Form.Get("description")
    1047. 

  1047. 	return admin, nil
    1048. 

  1048. }
    1049. 

  1049. 

  1050. func replacePlaceholders(field string, replacements map[string]string) string {
    1051. 

  1051. 	for k, v := range replacements {
    1052. 

  1052. 		field = strings.ReplaceAll(field, k, v)
    1053. 

  1053. 	}
    1054. 

  1054. 	return field
    1055. 

  1055. }
    1056. 

  1056. 

  1057. func getFolderFromTemplate(folder vfs.BaseVirtualFolder, name string) vfs.BaseVirtualFolder {
    1058. 

  1058. 	folder.Name = name
    1059. 

  1059. 	replacements := make(map[string]string)
    1060. 

  1060. 	replacements["%name%"] = folder.Name
    1061. 

  1061. 

  1062. 	folder.MappedPath = replacePlaceholders(folder.MappedPath, replacements)
    1063. 

  1063. 	folder.Description = replacePlaceholders(folder.Description, replacements)
    1064. 

  1064. 	switch folder.FsConfig.Provider {
    1065. 

  1065. 	case sdk.CryptedFilesystemProvider:
    1066. 

  1066. 		folder.FsConfig.CryptConfig = getCryptFsFromTemplate(folder.FsConfig.CryptConfig, replacements)
    1067. 

  1067. 	case sdk.S3FilesystemProvider:
    1068. 

  1068. 		folder.FsConfig.S3Config = getS3FsFromTemplate(folder.FsConfig.S3Config, replacements)
    1069. 

  1069. 	case sdk.GCSFilesystemProvider:
    1070. 

  1070. 		folder.FsConfig.GCSConfig = getGCSFsFromTemplate(folder.FsConfig.GCSConfig, replacements)
    1071. 

  1071. 	case sdk.AzureBlobFilesystemProvider:
    1072. 

  1072. 		folder.FsConfig.AzBlobConfig = getAzBlobFsFromTemplate(folder.FsConfig.AzBlobConfig, replacements)
    1073. 

  1073. 	case sdk.SFTPFilesystemProvider:
    1074. 

  1074. 		folder.FsConfig.SFTPConfig = getSFTPFsFromTemplate(folder.FsConfig.SFTPConfig, replacements)
    1075. 

  1075. 	}
    1076. 

  1076. 

  1077. 	return folder
    1078. 

  1078. }
    1079. 

  1079. 

  1080. func getCryptFsFromTemplate(fsConfig vfs.CryptFsConfig, replacements map[string]string) vfs.CryptFsConfig {
    1081. 

  1081. 	if fsConfig.Passphrase != nil {
    1082. 

  1082. 		if fsConfig.Passphrase.IsPlain() {
    1083. 

  1083. 			payload := replacePlaceholders(fsConfig.Passphrase.GetPayload(), replacements)
    1084. 

  1084. 			fsConfig.Passphrase = kms.NewPlainSecret(payload)
    1085. 

  1085. 		}
    1086. 

  1086. 	}
    1087. 

  1087. 	return fsConfig
    1088. 

  1088. }
    1089. 

  1089. 

  1090. func getS3FsFromTemplate(fsConfig vfs.S3FsConfig, replacements map[string]string) vfs.S3FsConfig {
    1091. 

  1091. 	fsConfig.KeyPrefix = replacePlaceholders(fsConfig.KeyPrefix, replacements)
    1092. 

  1092. 	fsConfig.AccessKey = replacePlaceholders(fsConfig.AccessKey, replacements)
    1093. 

  1093. 	if fsConfig.AccessSecret != nil && fsConfig.AccessSecret.IsPlain() {
    1094. 

  1094. 		payload := replacePlaceholders(fsConfig.AccessSecret.GetPayload(), replacements)
    1095. 

  1095. 		fsConfig.AccessSecret = kms.NewPlainSecret(payload)
    1096. 

  1096. 	}
    1097. 

  1097. 	return fsConfig
    1098. 

  1098. }
    1099. 

  1099. 

  1100. func getGCSFsFromTemplate(fsConfig vfs.GCSFsConfig, replacements map[string]string) vfs.GCSFsConfig {
    1101. 

  1101. 	fsConfig.KeyPrefix = replacePlaceholders(fsConfig.KeyPrefix, replacements)
    1102. 

  1102. 	return fsConfig
    1103. 

  1103. }
    1104. 

  1104. 

  1105. func getAzBlobFsFromTemplate(fsConfig vfs.AzBlobFsConfig, replacements map[string]string) vfs.AzBlobFsConfig {
    1106. 

  1106. 	fsConfig.KeyPrefix = replacePlaceholders(fsConfig.KeyPrefix, replacements)
    1107. 

  1107. 	fsConfig.AccountName = replacePlaceholders(fsConfig.AccountName, replacements)
    1108. 

  1108. 	if fsConfig.AccountKey != nil && fsConfig.AccountKey.IsPlain() {
    1109. 

  1109. 		payload := replacePlaceholders(fsConfig.AccountKey.GetPayload(), replacements)
    1110. 

  1110. 		fsConfig.AccountKey = kms.NewPlainSecret(payload)
    1111. 

  1111. 	}
    1112. 

  1112. 	return fsConfig
    1113. 

  1113. }
    1114. 

  1114. 

  1115. func getSFTPFsFromTemplate(fsConfig vfs.SFTPFsConfig, replacements map[string]string) vfs.SFTPFsConfig {
    1116. 

  1116. 	fsConfig.Prefix = replacePlaceholders(fsConfig.Prefix, replacements)
    1117. 

  1117. 	fsConfig.Username = replacePlaceholders(fsConfig.Username, replacements)
    1118. 

  1118. 	if fsConfig.Password != nil && fsConfig.Password.IsPlain() {
    1119. 

  1119. 		payload := replacePlaceholders(fsConfig.Password.GetPayload(), replacements)
    1120. 

  1120. 		fsConfig.Password = kms.NewPlainSecret(payload)
    1121. 

  1121. 	}
    1122. 

  1122. 	return fsConfig
    1123. 

  1123. }
    1124. 

  1124. 

  1125. func getUserFromTemplate(user dataprovider.User, template userTemplateFields) dataprovider.User {
    1126. 

  1126. 	user.Username = template.Username
    1127. 

  1127. 	user.Password = template.Password
    1128. 

  1128. 	user.PublicKeys = nil
    1129. 

  1129. 	if template.PublicKey != "" {
    1130. 

  1130. 		user.PublicKeys = append(user.PublicKeys, template.PublicKey)
    1131. 

  1131. 	}
    1132. 

  1132. 	replacements := make(map[string]string)
    1133. 

  1133. 	replacements["%username%"] = user.Username
    1134. 

  1134. 	user.Password = replacePlaceholders(user.Password, replacements)
    1135. 

  1135. 	replacements["%password%"] = user.Password
    1136. 

  1136. 

  1137. 	user.HomeDir = replacePlaceholders(user.HomeDir, replacements)
    1138. 

  1138. 	var vfolders []vfs.VirtualFolder
    1139. 

  1139. 	for _, vfolder := range user.VirtualFolders {
    1140. 

  1140. 		vfolder.Name = replacePlaceholders(vfolder.Name, replacements)
    1141. 

  1141. 		vfolder.VirtualPath = replacePlaceholders(vfolder.VirtualPath, replacements)
    1142. 

  1142. 		vfolders = append(vfolders, vfolder)
    1143. 

  1143. 	}
    1144. 

  1144. 	user.VirtualFolders = vfolders
    1145. 

  1145. 	user.Description = replacePlaceholders(user.Description, replacements)
    1146. 

  1146. 	user.AdditionalInfo = replacePlaceholders(user.AdditionalInfo, replacements)
    1147. 

  1147. 

  1148. 	switch user.FsConfig.Provider {
    1149. 

  1149. 	case sdk.CryptedFilesystemProvider:
    1150. 

  1150. 		user.FsConfig.CryptConfig = getCryptFsFromTemplate(user.FsConfig.CryptConfig, replacements)
    1151. 

  1151. 	case sdk.S3FilesystemProvider:
    1152. 

  1152. 		user.FsConfig.S3Config = getS3FsFromTemplate(user.FsConfig.S3Config, replacements)
    1153. 

  1153. 	case sdk.GCSFilesystemProvider:
    1154. 

  1154. 		user.FsConfig.GCSConfig = getGCSFsFromTemplate(user.FsConfig.GCSConfig, replacements)
    1155. 

  1155. 	case sdk.AzureBlobFilesystemProvider:
    1156. 

  1156. 		user.FsConfig.AzBlobConfig = getAzBlobFsFromTemplate(user.FsConfig.AzBlobConfig, replacements)
    1157. 

  1157. 	case sdk.SFTPFilesystemProvider:
    1158. 

  1158. 		user.FsConfig.SFTPConfig = getSFTPFsFromTemplate(user.FsConfig.SFTPConfig, replacements)
    1159. 

  1159. 	}
    1160. 

  1160. 

  1161. 	return user
    1162. 

  1162. }
    1163. 

  1163. 

  1164. func getUserFromPostFields(r *http.Request) (dataprovider.User, error) {
    1165. 

  1165. 	var user dataprovider.User
    1166. 

  1166. 	err := r.ParseMultipartForm(maxRequestSize)
    1167. 

  1167. 	if err != nil {
    1168. 

  1168. 		return user, err
    1169. 

  1169. 	}
    1170. 

  1170. 	defer r.MultipartForm.RemoveAll() //nolint:errcheck
    1171. 

  1171. 	uid, err := strconv.Atoi(r.Form.Get("uid"))
    1172. 

  1172. 	if err != nil {
    1173. 

  1173. 		return user, err
    1174. 

  1174. 	}
    1175. 

  1175. 	gid, err := strconv.Atoi(r.Form.Get("gid"))
    1176. 

  1176. 	if err != nil {
    1177. 

  1177. 		return user, err
    1178. 

  1178. 	}
    1179. 

  1179. 	maxSessions, err := strconv.Atoi(r.Form.Get("max_sessions"))
    1180. 

  1180. 	if err != nil {
    1181. 

  1181. 		return user, err
    1182. 

  1182. 	}
    1183. 

  1183. 	quotaSize, err := strconv.ParseInt(r.Form.Get("quota_size"), 10, 64)
    1184. 

  1184. 	if err != nil {
    1185. 

  1185. 		return user, err
    1186. 

  1186. 	}
    1187. 

  1187. 	quotaFiles, err := strconv.Atoi(r.Form.Get("quota_files"))
    1188. 

  1188. 	if err != nil {
    1189. 

  1189. 		return user, err
    1190. 

  1190. 	}
    1191. 

  1191. 	bandwidthUL, err := strconv.ParseInt(r.Form.Get("upload_bandwidth"), 10, 64)
    1192. 

  1192. 	if err != nil {
    1193. 

  1193. 		return user, err
    1194. 

  1194. 	}
    1195. 

  1195. 	bandwidthDL, err := strconv.ParseInt(r.Form.Get("download_bandwidth"), 10, 64)
    1196. 

  1196. 	if err != nil {
    1197. 

  1197. 		return user, err
    1198. 

  1198. 	}
    1199. 

  1199. 	status, err := strconv.Atoi(r.Form.Get("status"))
    1200. 

  1200. 	if err != nil {
    1201. 

  1201. 		return user, err
    1202. 

  1202. 	}
    1203. 

  1203. 	expirationDateMillis := int64(0)
    1204. 

  1204. 	expirationDateString := r.Form.Get("expiration_date")
    1205. 

  1205. 	if strings.TrimSpace(expirationDateString) != "" {
    1206. 

  1206. 		expirationDate, err := time.Parse(webDateTimeFormat, expirationDateString)
    1207. 

  1207. 		if err != nil {
    1208. 

  1208. 			return user, err
    1209. 

  1209. 		}
    1210. 

  1210. 		expirationDateMillis = util.GetTimeAsMsSinceEpoch(expirationDate)
    1211. 

  1211. 	}
    1212. 

  1212. 	fsConfig, err := getFsConfigFromPostFields(r)
    1213. 

  1213. 	if err != nil {
    1214. 

  1214. 		return user, err
    1215. 

  1215. 	}
    1216. 

  1216. 	filters, err := getFiltersFromUserPostFields(r)
    1217. 

  1217. 	if err != nil {
    1218. 

  1218. 		return user, err
    1219. 

  1219. 	}
    1220. 

  1220. 	user = dataprovider.User{
    1221. 

  1221. 		BaseUser: sdk.BaseUser{
    1222. 

  1222. 			Username:          r.Form.Get("username"),
    1223. 

  1223. 			Email:             r.Form.Get("email"),
    1224. 

  1224. 			Password:          r.Form.Get("password"),
    1225. 

  1225. 			PublicKeys:        r.Form["public_keys"],
    1226. 

  1226. 			HomeDir:           r.Form.Get("home_dir"),
    1227. 

  1227. 			UID:               uid,
    1228. 

  1228. 			GID:               gid,
    1229. 

  1229. 			Permissions:       getUserPermissionsFromPostFields(r),
    1230. 

  1230. 			MaxSessions:       maxSessions,
    1231. 

  1231. 			QuotaSize:         quotaSize,
    1232. 

  1232. 			QuotaFiles:        quotaFiles,
    1233. 

  1233. 			UploadBandwidth:   bandwidthUL,
    1234. 

  1234. 			DownloadBandwidth: bandwidthDL,
    1235. 

  1235. 			Status:            status,
    1236. 

  1236. 			ExpirationDate:    expirationDateMillis,
    1237. 

  1237. 			AdditionalInfo:    r.Form.Get("additional_info"),
    1238. 

  1238. 			Description:       r.Form.Get("description"),
    1239. 

  1239. 		},
    1240. 

  1240. 		Filters: dataprovider.UserFilters{
    1241. 

  1241. 			BaseUserFilters: filters,
    1242. 

  1242. 		},
    1243. 

  1243. 		VirtualFolders: getVirtualFoldersFromPostFields(r),
    1244. 

  1244. 		FsConfig:       fsConfig,
    1245. 

  1245. 	}
    1246. 

  1246. 	maxFileSize, err := strconv.ParseInt(r.Form.Get("max_upload_file_size"), 10, 64)
    1247. 

  1247. 	user.Filters.MaxUploadFileSize = maxFileSize
    1248. 

  1248. 	return user, err
    1249. 

  1249. }
    1250. 

  1250. 

  1251. func handleWebAdminForgotPwd(w http.ResponseWriter, r *http.Request) {
    1252. 

  1252. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1253. 

  1253. 	if !smtp.IsEnabled() {
    1254. 

  1254. 		renderNotFoundPage(w, r, errors.New("this page does not exist"))
    1255. 

  1255. 		return
    1256. 

  1256. 	}
    1257. 

  1257. 	renderForgotPwdPage(w, "")
    1258. 

  1258. }
    1259. 

  1259. 

  1260. func handleWebAdminForgotPwdPost(w http.ResponseWriter, r *http.Request) {
    1261. 

  1261. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1262. 

  1262. 	err := r.ParseForm()
    1263. 

  1263. 	if err != nil {
    1264. 

  1264. 		renderForgotPwdPage(w, err.Error())
    1265. 

  1265. 		return
    1266. 

  1266. 	}
    1267. 

  1267. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1268. 

  1268. 		renderForbiddenPage(w, r, err.Error())
    1269. 

  1269. 		return
    1270. 

  1270. 	}
    1271. 

  1271. 	username := r.Form.Get("username")
    1272. 

  1272. 	err = handleForgotPassword(r, username, true)
    1273. 

  1273. 	if err != nil {
    1274. 

  1274. 		if e, ok := err.(*util.ValidationError); ok {
    1275. 

  1275. 			renderForgotPwdPage(w, e.GetErrorString())
    1276. 

  1276. 			return
    1277. 

  1277. 		}
    1278. 

  1278. 		renderForgotPwdPage(w, err.Error())
    1279. 

  1279. 		return
    1280. 

  1280. 	}
    1281. 

  1281. 	http.Redirect(w, r, webAdminResetPwdPath, http.StatusFound)
    1282. 

  1282. }
    1283. 

  1283. 

  1284. func handleWebAdminPasswordReset(w http.ResponseWriter, r *http.Request) {
    1285. 

  1285. 	r.Body = http.MaxBytesReader(w, r.Body, maxLoginBodySize)
    1286. 

  1286. 	if !smtp.IsEnabled() {
    1287. 

  1287. 		renderNotFoundPage(w, r, errors.New("this page does not exist"))
    1288. 

  1288. 		return
    1289. 

  1289. 	}
    1290. 

  1290. 	renderResetPwdPage(w, "")
    1291. 

  1291. }
    1292. 

  1292. 

  1293. func handleWebAdminTwoFactor(w http.ResponseWriter, r *http.Request) {
    1294. 

  1294. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1295. 

  1295. 	renderTwoFactorPage(w, "")
    1296. 

  1296. }
    1297. 

  1297. 

  1298. func handleWebAdminTwoFactorRecovery(w http.ResponseWriter, r *http.Request) {
    1299. 

  1299. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1300. 

  1300. 	renderTwoFactorRecoveryPage(w, "")
    1301. 

  1301. }
    1302. 

  1302. 

  1303. func handleWebAdminMFA(w http.ResponseWriter, r *http.Request) {
    1304. 

  1304. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1305. 

  1305. 	renderMFAPage(w, r)
    1306. 

  1306. }
    1307. 

  1307. 

  1308. func handleWebAdminProfile(w http.ResponseWriter, r *http.Request) {
    1309. 

  1309. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1310. 

  1310. 	renderProfilePage(w, r, "")
    1311. 

  1311. }
    1312. 

  1312. 

  1313. func handleWebAdminChangePwd(w http.ResponseWriter, r *http.Request) {
    1314. 

  1314. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1315. 

  1315. 	renderChangePasswordPage(w, r, "")
    1316. 

  1316. }
    1317. 

  1317. 

  1318. func handleWebAdminChangePwdPost(w http.ResponseWriter, r *http.Request) {
    1319. 

  1319. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1320. 

  1320. 	err := r.ParseForm()
    1321. 

  1321. 	if err != nil {
    1322. 

  1322. 		renderChangePasswordPage(w, r, err.Error())
    1323. 

  1323. 		return
    1324. 

  1324. 	}
    1325. 

  1325. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1326. 

  1326. 		renderForbiddenPage(w, r, err.Error())
    1327. 

  1327. 		return
    1328. 

  1328. 	}
    1329. 

  1329. 	err = doChangeAdminPassword(r, r.Form.Get("current_password"), r.Form.Get("new_password1"),
    1330. 

  1330. 		r.Form.Get("new_password2"))
    1331. 

  1331. 	if err != nil {
    1332. 

  1332. 		renderChangePasswordPage(w, r, err.Error())
    1333. 

  1333. 		return
    1334. 

  1334. 	}
    1335. 

  1335. 	handleWebLogout(w, r)
    1336. 

  1336. }
    1337. 

  1337. 

  1338. func handleWebAdminProfilePost(w http.ResponseWriter, r *http.Request) {
    1339. 

  1339. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1340. 

  1340. 	err := r.ParseForm()
    1341. 

  1341. 	if err != nil {
    1342. 

  1342. 		renderProfilePage(w, r, err.Error())
    1343. 

  1343. 		return
    1344. 

  1344. 	}
    1345. 

  1345. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1346. 

  1346. 		renderForbiddenPage(w, r, err.Error())
    1347. 

  1347. 		return
    1348. 

  1348. 	}
    1349. 

  1349. 	claims, err := getTokenClaims(r)
    1350. 

  1350. 	if err != nil || claims.Username == "" {
    1351. 

  1351. 		renderProfilePage(w, r, "Invalid token claims")
    1352. 

  1352. 		return
    1353. 

  1353. 	}
    1354. 

  1354. 	admin, err := dataprovider.AdminExists(claims.Username)
    1355. 

  1355. 	if err != nil {
    1356. 

  1356. 		renderProfilePage(w, r, err.Error())
    1357. 

  1357. 		return
    1358. 

  1358. 	}
    1359. 

  1359. 	admin.Filters.AllowAPIKeyAuth = len(r.Form.Get("allow_api_key_auth")) > 0
    1360. 

  1360. 	admin.Email = r.Form.Get("email")
    1361. 

  1361. 	admin.Description = r.Form.Get("description")
    1362. 

  1362. 	err = dataprovider.UpdateAdmin(&admin, dataprovider.ActionExecutorSelf, util.GetIPFromRemoteAddress(r.RemoteAddr))
    1363. 

  1363. 	if err != nil {
    1364. 

  1364. 		renderProfilePage(w, r, err.Error())
    1365. 

  1365. 		return
    1366. 

  1366. 	}
    1367. 

  1367. 	renderMessagePage(w, r, "Profile updated", "", http.StatusOK, nil,
    1368. 

  1368. 		"Your profile has been successfully updated")
    1369. 

  1369. }
    1370. 

  1370. 

  1371. func handleWebLogout(w http.ResponseWriter, r *http.Request) {
    1372. 

  1372. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1373. 

  1373. 	c := jwtTokenClaims{}
    1374. 

  1374. 	c.removeCookie(w, r, webBaseAdminPath)
    1375. 

  1375. 

  1376. 	http.Redirect(w, r, webLoginPath, http.StatusFound)
    1377. 

  1377. }
    1378. 

  1378. 

  1379. func handleWebMaintenance(w http.ResponseWriter, r *http.Request) {
    1380. 

  1380. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1381. 

  1381. 	renderMaintenancePage(w, r, "")
    1382. 

  1382. }
    1383. 

  1383. 

  1384. func handleWebRestore(w http.ResponseWriter, r *http.Request) {
    1385. 

  1385. 	r.Body = http.MaxBytesReader(w, r.Body, MaxRestoreSize)
    1386. 

  1386. 	claims, err := getTokenClaims(r)
    1387. 

  1387. 	if err != nil || claims.Username == "" {
    1388. 

  1388. 		renderBadRequestPage(w, r, errors.New("invalid token claims"))
    1389. 

  1389. 		return
    1390. 

  1390. 	}
    1391. 

  1391. 	err = r.ParseMultipartForm(MaxRestoreSize)
    1392. 

  1392. 	if err != nil {
    1393. 

  1393. 		renderMaintenancePage(w, r, err.Error())
    1394. 

  1394. 		return
    1395. 

  1395. 	}
    1396. 

  1396. 	defer r.MultipartForm.RemoveAll() //nolint:errcheck
    1397. 

  1397. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1398. 

  1398. 		renderForbiddenPage(w, r, err.Error())
    1399. 

  1399. 		return
    1400. 

  1400. 	}
    1401. 

  1401. 	restoreMode, err := strconv.Atoi(r.Form.Get("mode"))
    1402. 

  1402. 	if err != nil {
    1403. 

  1403. 		renderMaintenancePage(w, r, err.Error())
    1404. 

  1404. 		return
    1405. 

  1405. 	}
    1406. 

  1406. 	scanQuota, err := strconv.Atoi(r.Form.Get("quota"))
    1407. 

  1407. 	if err != nil {
    1408. 

  1408. 		renderMaintenancePage(w, r, err.Error())
    1409. 

  1409. 		return
    1410. 

  1410. 	}
    1411. 

  1411. 	backupFile, _, err := r.FormFile("backup_file")
    1412. 

  1412. 	if err != nil {
    1413. 

  1413. 		renderMaintenancePage(w, r, err.Error())
    1414. 

  1414. 		return
    1415. 

  1415. 	}
    1416. 

  1416. 	defer backupFile.Close()
    1417. 

  1417. 

  1418. 	backupContent, err := io.ReadAll(backupFile)
    1419. 

  1419. 	if err != nil || len(backupContent) == 0 {
    1420. 

  1420. 		if len(backupContent) == 0 {
    1421. 

  1421. 			err = errors.New("backup file size must be greater than 0")
    1422. 

  1422. 		}
    1423. 

  1423. 		renderMaintenancePage(w, r, err.Error())
    1424. 

  1424. 		return
    1425. 

  1425. 	}
    1426. 

  1426. 

  1427. 	if err := restoreBackup(backupContent, "", scanQuota, restoreMode, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr)); err != nil {
    1428. 

  1428. 		renderMaintenancePage(w, r, err.Error())
    1429. 

  1429. 		return
    1430. 

  1430. 	}
    1431. 

  1431. 

  1432. 	renderMessagePage(w, r, "Data restored", "", http.StatusOK, nil, "Your backup was successfully restored")
    1433. 

  1433. }
    1434. 

  1434. 

  1435. func handleGetWebAdmins(w http.ResponseWriter, r *http.Request) {
    1436. 

  1436. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1437. 

  1437. 	limit := defaultQueryLimit
    1438. 

  1438. 	if _, ok := r.URL.Query()["qlimit"]; ok {
    1439. 

  1439. 		var err error
    1440. 

  1440. 		limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
    1441. 

  1441. 		if err != nil {
    1442. 

  1442. 			limit = defaultQueryLimit
    1443. 

  1443. 		}
    1444. 

  1444. 	}
    1445. 

  1445. 	admins := make([]dataprovider.Admin, 0, limit)
    1446. 

  1446. 	for {
    1447. 

  1447. 		a, err := dataprovider.GetAdmins(limit, len(admins), dataprovider.OrderASC)
    1448. 

  1448. 		if err != nil {
    1449. 

  1449. 			renderInternalServerErrorPage(w, r, err)
    1450. 

  1450. 			return
    1451. 

  1451. 		}
    1452. 

  1452. 		admins = append(admins, a...)
    1453. 

  1453. 		if len(a) < limit {
    1454. 

  1454. 			break
    1455. 

  1455. 		}
    1456. 

  1456. 	}
    1457. 

  1457. 	data := adminsPage{
    1458. 

  1458. 		basePage: getBasePageData(pageAdminsTitle, webAdminsPath, r),
    1459. 

  1459. 		Admins:   admins,
    1460. 

  1460. 	}
    1461. 

  1461. 	renderAdminTemplate(w, templateAdmins, data)
    1462. 

  1462. }
    1463. 

  1463. 

  1464. func handleWebAdminSetupGet(w http.ResponseWriter, r *http.Request) {
    1465. 

  1465. 	r.Body = http.MaxBytesReader(w, r.Body, maxLoginBodySize)
    1466. 

  1466. 	if dataprovider.HasAdmin() {
    1467. 

  1467. 		http.Redirect(w, r, webLoginPath, http.StatusFound)
    1468. 

  1468. 		return
    1469. 

  1469. 	}
    1470. 

  1470. 	renderAdminSetupPage(w, r, "", "")
    1471. 

  1471. }
    1472. 

  1472. 

  1473. func handleWebAddAdminGet(w http.ResponseWriter, r *http.Request) {
    1474. 

  1474. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1475. 

  1475. 	admin := &dataprovider.Admin{Status: 1}
    1476. 

  1476. 	renderAddUpdateAdminPage(w, r, admin, "", true)
    1477. 

  1477. }
    1478. 

  1478. 

  1479. func handleWebUpdateAdminGet(w http.ResponseWriter, r *http.Request) {
    1480. 

  1480. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1481. 

  1481. 	username := getURLParam(r, "username")
    1482. 

  1482. 	admin, err := dataprovider.AdminExists(username)
    1483. 

  1483. 	if err == nil {
    1484. 

  1484. 		renderAddUpdateAdminPage(w, r, &admin, "", false)
    1485. 

  1485. 	} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1486. 

  1486. 		renderNotFoundPage(w, r, err)
    1487. 

  1487. 	} else {
    1488. 

  1488. 		renderInternalServerErrorPage(w, r, err)
    1489. 

  1489. 	}
    1490. 

  1490. }
    1491. 

  1491. 

  1492. func handleWebAddAdminPost(w http.ResponseWriter, r *http.Request) {
    1493. 

  1493. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1494. 

  1494. 	claims, err := getTokenClaims(r)
    1495. 

  1495. 	if err != nil || claims.Username == "" {
    1496. 

  1496. 		renderBadRequestPage(w, r, errors.New("invalid token claims"))
    1497. 

  1497. 		return
    1498. 

  1498. 	}
    1499. 

  1499. 	admin, err := getAdminFromPostFields(r)
    1500. 

  1500. 	if err != nil {
    1501. 

  1501. 		renderAddUpdateAdminPage(w, r, &admin, err.Error(), true)
    1502. 

  1502. 		return
    1503. 

  1503. 	}
    1504. 

  1504. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1505. 

  1505. 		renderForbiddenPage(w, r, err.Error())
    1506. 

  1506. 		return
    1507. 

  1507. 	}
    1508. 

  1508. 	err = dataprovider.AddAdmin(&admin, claims.Username, util.GetIPFromRemoteAddress(r.Method))
    1509. 

  1509. 	if err != nil {
    1510. 

  1510. 		renderAddUpdateAdminPage(w, r, &admin, err.Error(), true)
    1511. 

  1511. 		return
    1512. 

  1512. 	}
    1513. 

  1513. 	http.Redirect(w, r, webAdminsPath, http.StatusSeeOther)
    1514. 

  1514. }
    1515. 

  1515. 

  1516. func handleWebUpdateAdminPost(w http.ResponseWriter, r *http.Request) {
    1517. 

  1517. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1518. 

  1518. 

  1519. 	username := getURLParam(r, "username")
    1520. 

  1520. 	admin, err := dataprovider.AdminExists(username)
    1521. 

  1521. 	if _, ok := err.(*util.RecordNotFoundError); ok {
    1522. 

  1522. 		renderNotFoundPage(w, r, err)
    1523. 

  1523. 		return
    1524. 

  1524. 	} else if err != nil {
    1525. 

  1525. 		renderInternalServerErrorPage(w, r, err)
    1526. 

  1526. 		return
    1527. 

  1527. 	}
    1528. 

  1528. 

  1529. 	updatedAdmin, err := getAdminFromPostFields(r)
    1530. 

  1530. 	if err != nil {
    1531. 

  1531. 		renderAddUpdateAdminPage(w, r, &updatedAdmin, err.Error(), false)
    1532. 

  1532. 		return
    1533. 

  1533. 	}
    1534. 

  1534. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1535. 

  1535. 		renderForbiddenPage(w, r, err.Error())
    1536. 

  1536. 		return
    1537. 

  1537. 	}
    1538. 

  1538. 	updatedAdmin.ID = admin.ID
    1539. 

  1539. 	updatedAdmin.Username = admin.Username
    1540. 

  1540. 	if updatedAdmin.Password == "" {
    1541. 

  1541. 		updatedAdmin.Password = admin.Password
    1542. 

  1542. 	}
    1543. 

  1543. 	updatedAdmin.Filters.TOTPConfig = admin.Filters.TOTPConfig
    1544. 

  1544. 	updatedAdmin.Filters.RecoveryCodes = admin.Filters.RecoveryCodes
    1545. 

  1545. 	claims, err := getTokenClaims(r)
    1546. 

  1546. 	if err != nil || claims.Username == "" {
    1547. 

  1547. 		renderAddUpdateAdminPage(w, r, &updatedAdmin, fmt.Sprintf("Invalid token claims: %v", err), false)
    1548. 

  1548. 		return
    1549. 

  1549. 	}
    1550. 

  1550. 	if username == claims.Username {
    1551. 

  1551. 		if claims.isCriticalPermRemoved(updatedAdmin.Permissions) {
    1552. 

  1552. 			renderAddUpdateAdminPage(w, r, &updatedAdmin, "You cannot remove these permissions to yourself", false)
    1553. 

  1553. 			return
    1554. 

  1554. 		}
    1555. 

  1555. 		if updatedAdmin.Status == 0 {
    1556. 

  1556. 			renderAddUpdateAdminPage(w, r, &updatedAdmin, "You cannot disable yourself", false)
    1557. 

  1557. 			return
    1558. 

  1558. 		}
    1559. 

  1559. 	}
    1560. 

  1560. 	err = dataprovider.UpdateAdmin(&updatedAdmin, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr))
    1561. 

  1561. 	if err != nil {
    1562. 

  1562. 		renderAddUpdateAdminPage(w, r, &admin, err.Error(), false)
    1563. 

  1563. 		return
    1564. 

  1564. 	}
    1565. 

  1565. 	http.Redirect(w, r, webAdminsPath, http.StatusSeeOther)
    1566. 

  1566. }
    1567. 

  1567. 

  1568. func handleWebDefenderPage(w http.ResponseWriter, r *http.Request) {
    1569. 

  1569. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1570. 

  1570. 	data := defenderHostsPage{
    1571. 

  1571. 		basePage:         getBasePageData(pageDefenderTitle, webDefenderPath, r),
    1572. 

  1572. 		DefenderHostsURL: webDefenderHostsPath,
    1573. 

  1573. 	}
    1574. 

  1574. 

  1575. 	renderAdminTemplate(w, templateDefender, data)
    1576. 

  1576. }
    1577. 

  1577. 

  1578. func handleGetWebUsers(w http.ResponseWriter, r *http.Request) {
    1579. 

  1579. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1580. 

  1580. 	limit := defaultQueryLimit
    1581. 

  1581. 	if _, ok := r.URL.Query()["qlimit"]; ok {
    1582. 

  1582. 		var err error
    1583. 

  1583. 		limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
    1584. 

  1584. 		if err != nil {
    1585. 

  1585. 			limit = defaultQueryLimit
    1586. 

  1586. 		}
    1587. 

  1587. 	}
    1588. 

  1588. 	users := make([]dataprovider.User, 0, limit)
    1589. 

  1589. 	for {
    1590. 

  1590. 		u, err := dataprovider.GetUsers(limit, len(users), dataprovider.OrderASC)
    1591. 

  1591. 		if err != nil {
    1592. 

  1592. 			renderInternalServerErrorPage(w, r, err)
    1593. 

  1593. 			return
    1594. 

  1594. 		}
    1595. 

  1595. 		users = append(users, u...)
    1596. 

  1596. 		if len(u) < limit {
    1597. 

  1597. 			break
    1598. 

  1598. 		}
    1599. 

  1599. 	}
    1600. 

  1600. 	data := usersPage{
    1601. 

  1601. 		basePage: getBasePageData(pageUsersTitle, webUsersPath, r),
    1602. 

  1602. 		Users:    users,
    1603. 

  1603. 	}
    1604. 

  1604. 	renderAdminTemplate(w, templateUsers, data)
    1605. 

  1605. }
    1606. 

  1606. 

  1607. func handleWebTemplateFolderGet(w http.ResponseWriter, r *http.Request) {
    1608. 

  1608. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1609. 

  1609. 	if r.URL.Query().Get("from") != "" {
    1610. 

  1610. 		name := r.URL.Query().Get("from")
    1611. 

  1611. 		folder, err := dataprovider.GetFolderByName(name)
    1612. 

  1612. 		if err == nil {
    1613. 

  1613. 			renderFolderPage(w, r, folder, folderPageModeTemplate, "")
    1614. 

  1614. 		} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1615. 

  1615. 			renderNotFoundPage(w, r, err)
    1616. 

  1616. 		} else {
    1617. 

  1617. 			renderInternalServerErrorPage(w, r, err)
    1618. 

  1618. 		}
    1619. 

  1619. 	} else {
    1620. 

  1620. 		folder := vfs.BaseVirtualFolder{}
    1621. 

  1621. 		renderFolderPage(w, r, folder, folderPageModeTemplate, "")
    1622. 

  1622. 	}
    1623. 

  1623. }
    1624. 

  1624. 

  1625. func handleWebTemplateFolderPost(w http.ResponseWriter, r *http.Request) {
    1626. 

  1626. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1627. 

  1627. 	templateFolder := vfs.BaseVirtualFolder{}
    1628. 

  1628. 	err := r.ParseMultipartForm(maxRequestSize)
    1629. 

  1629. 	if err != nil {
    1630. 

  1630. 		renderMessagePage(w, r, "Error parsing folders fields", "", http.StatusBadRequest, err, "")
    1631. 

  1631. 		return
    1632. 

  1632. 	}
    1633. 

  1633. 	defer r.MultipartForm.RemoveAll() //nolint:errcheck
    1634. 

  1634. 

  1635. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1636. 

  1636. 		renderForbiddenPage(w, r, err.Error())
    1637. 

  1637. 		return
    1638. 

  1638. 	}
    1639. 

  1639. 

  1640. 	templateFolder.MappedPath = r.Form.Get("mapped_path")
    1641. 

  1641. 	templateFolder.Description = r.Form.Get("description")
    1642. 

  1642. 	fsConfig, err := getFsConfigFromPostFields(r)
    1643. 

  1643. 	if err != nil {
    1644. 

  1644. 		renderMessagePage(w, r, "Error parsing folders fields", "", http.StatusBadRequest, err, "")
    1645. 

  1645. 		return
    1646. 

  1646. 	}
    1647. 

  1647. 	templateFolder.FsConfig = fsConfig
    1648. 

  1648. 

  1649. 	var dump dataprovider.BackupData
    1650. 

  1650. 	dump.Version = dataprovider.DumpVersion
    1651. 

  1651. 

  1652. 	foldersFields := getFoldersForTemplate(r)
    1653. 

  1653. 	for _, tmpl := range foldersFields {
    1654. 

  1654. 		f := getFolderFromTemplate(templateFolder, tmpl)
    1655. 

  1655. 		if err := dataprovider.ValidateFolder(&f); err != nil {
    1656. 

  1656. 			renderMessagePage(w, r, fmt.Sprintf("Error validating folder %#v", f.Name), "", http.StatusBadRequest, err, "")
    1657. 

  1657. 			return
    1658. 

  1658. 		}
    1659. 

  1659. 		dump.Folders = append(dump.Folders, f)
    1660. 

  1660. 	}
    1661. 

  1661. 

  1662. 	if len(dump.Folders) == 0 {
    1663. 

  1663. 		renderMessagePage(w, r, "No folders to export", "No valid folders found, export is not possible", http.StatusBadRequest, nil, "")
    1664. 

  1664. 		return
    1665. 

  1665. 	}
    1666. 

  1666. 

  1667. 	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"sftpgo-%v-folders-from-template.json\"", len(dump.Folders)))
    1668. 

  1668. 	render.JSON(w, r, dump)
    1669. 

  1669. }
    1670. 

  1670. 

  1671. func handleWebTemplateUserGet(w http.ResponseWriter, r *http.Request) {
    1672. 

  1672. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1673. 

  1673. 	if r.URL.Query().Get("from") != "" {
    1674. 

  1674. 		username := r.URL.Query().Get("from")
    1675. 

  1675. 		user, err := dataprovider.UserExists(username)
    1676. 

  1676. 		if err == nil {
    1677. 

  1677. 			user.SetEmptySecrets()
    1678. 

  1678. 			user.Email = ""
    1679. 

  1679. 			user.Description = ""
    1680. 

  1680. 			renderUserPage(w, r, &user, userPageModeTemplate, "")
    1681. 

  1681. 		} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1682. 

  1682. 			renderNotFoundPage(w, r, err)
    1683. 

  1683. 		} else {
    1684. 

  1684. 			renderInternalServerErrorPage(w, r, err)
    1685. 

  1685. 		}
    1686. 

  1686. 	} else {
    1687. 

  1687. 		user := dataprovider.User{BaseUser: sdk.BaseUser{Status: 1}}
    1688. 

  1688. 		renderUserPage(w, r, &user, userPageModeTemplate, "")
    1689. 

  1689. 	}
    1690. 

  1690. }
    1691. 

  1691. 

  1692. func handleWebTemplateUserPost(w http.ResponseWriter, r *http.Request) {
    1693. 

  1693. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1694. 

  1694. 	templateUser, err := getUserFromPostFields(r)
    1695. 

  1695. 	if err != nil {
    1696. 

  1696. 		renderMessagePage(w, r, "Error parsing user fields", "", http.StatusBadRequest, err, "")
    1697. 

  1697. 		return
    1698. 

  1698. 	}
    1699. 

  1699. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1700. 

  1700. 		renderForbiddenPage(w, r, err.Error())
    1701. 

  1701. 		return
    1702. 

  1702. 	}
    1703. 

  1703. 

  1704. 	var dump dataprovider.BackupData
    1705. 

  1705. 	dump.Version = dataprovider.DumpVersion
    1706. 

  1706. 

  1707. 	userTmplFields := getUsersForTemplate(r)
    1708. 

  1708. 	for _, tmpl := range userTmplFields {
    1709. 

  1709. 		u := getUserFromTemplate(templateUser, tmpl)
    1710. 

  1710. 		if err := dataprovider.ValidateUser(&u); err != nil {
    1711. 

  1711. 			renderMessagePage(w, r, fmt.Sprintf("Error validating user %#v", u.Username), "", http.StatusBadRequest, err, "")
    1712. 

  1712. 			return
    1713. 

  1713. 		}
    1714. 

  1714. 		dump.Users = append(dump.Users, u)
    1715. 

  1715. 		for _, folder := range u.VirtualFolders {
    1716. 

  1716. 			if !dump.HasFolder(folder.Name) {
    1717. 

  1717. 				dump.Folders = append(dump.Folders, folder.BaseVirtualFolder)
    1718. 

  1718. 			}
    1719. 

  1719. 		}
    1720. 

  1720. 	}
    1721. 

  1721. 

  1722. 	if len(dump.Users) == 0 {
    1723. 

  1723. 		renderMessagePage(w, r, "No users to export", "No valid users found, export is not possible", http.StatusBadRequest, nil, "")
    1724. 

  1724. 		return
    1725. 

  1725. 	}
    1726. 

  1726. 

  1727. 	w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"sftpgo-%v-users-from-template.json\"", len(dump.Users)))
    1728. 

  1728. 	render.JSON(w, r, dump)
    1729. 

  1729. }
    1730. 

  1730. 

  1731. func handleWebAddUserGet(w http.ResponseWriter, r *http.Request) {
    1732. 

  1732. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1733. 

  1733. 	if r.URL.Query().Get("clone-from") != "" {
    1734. 

  1734. 		username := r.URL.Query().Get("clone-from")
    1735. 

  1735. 		user, err := dataprovider.UserExists(username)
    1736. 

  1736. 		if err == nil {
    1737. 

  1737. 			user.ID = 0
    1738. 

  1738. 			user.Username = ""
    1739. 

  1739. 			user.Password = ""
    1740. 

  1740. 			user.PublicKeys = nil
    1741. 

  1741. 			user.SetEmptySecrets()
    1742. 

  1742. 			renderUserPage(w, r, &user, userPageModeAdd, "")
    1743. 

  1743. 		} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1744. 

  1744. 			renderNotFoundPage(w, r, err)
    1745. 

  1745. 		} else {
    1746. 

  1746. 			renderInternalServerErrorPage(w, r, err)
    1747. 

  1747. 		}
    1748. 

  1748. 	} else {
    1749. 

  1749. 		user := dataprovider.User{BaseUser: sdk.BaseUser{
    1750. 

  1750. 			Status: 1,
    1751. 

  1751. 			Permissions: map[string][]string{
    1752. 

  1752. 				"/": {dataprovider.PermAny},
    1753. 

  1753. 			},
    1754. 

  1754. 		}}
    1755. 

  1755. 		renderUserPage(w, r, &user, userPageModeAdd, "")
    1756. 

  1756. 	}
    1757. 

  1757. }
    1758. 

  1758. 

  1759. func handleWebUpdateUserGet(w http.ResponseWriter, r *http.Request) {
    1760. 

  1760. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1761. 

  1761. 	username := getURLParam(r, "username")
    1762. 

  1762. 	user, err := dataprovider.UserExists(username)
    1763. 

  1763. 	if err == nil {
    1764. 

  1764. 		renderUserPage(w, r, &user, userPageModeUpdate, "")
    1765. 

  1765. 	} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1766. 

  1766. 		renderNotFoundPage(w, r, err)
    1767. 

  1767. 	} else {
    1768. 

  1768. 		renderInternalServerErrorPage(w, r, err)
    1769. 

  1769. 	}
    1770. 

  1770. }
    1771. 

  1771. 

  1772. func handleWebAddUserPost(w http.ResponseWriter, r *http.Request) {
    1773. 

  1773. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1774. 

  1774. 	claims, err := getTokenClaims(r)
    1775. 

  1775. 	if err != nil || claims.Username == "" {
    1776. 

  1776. 		renderBadRequestPage(w, r, errors.New("invalid token claims"))
    1777. 

  1777. 		return
    1778. 

  1778. 	}
    1779. 

  1779. 	user, err := getUserFromPostFields(r)
    1780. 

  1780. 	if err != nil {
    1781. 

  1781. 		renderUserPage(w, r, &user, userPageModeAdd, err.Error())
    1782. 

  1782. 		return
    1783. 

  1783. 	}
    1784. 

  1784. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1785. 

  1785. 		renderForbiddenPage(w, r, err.Error())
    1786. 

  1786. 		return
    1787. 

  1787. 	}
    1788. 

  1788. 	err = dataprovider.AddUser(&user, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr))
    1789. 

  1789. 	if err == nil {
    1790. 

  1790. 		http.Redirect(w, r, webUsersPath, http.StatusSeeOther)
    1791. 

  1791. 	} else {
    1792. 

  1792. 		renderUserPage(w, r, &user, userPageModeAdd, err.Error())
    1793. 

  1793. 	}
    1794. 

  1794. }
    1795. 

  1795. 

  1796. func handleWebUpdateUserPost(w http.ResponseWriter, r *http.Request) {
    1797. 

  1797. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1798. 

  1798. 	claims, err := getTokenClaims(r)
    1799. 

  1799. 	if err != nil || claims.Username == "" {
    1800. 

  1800. 		renderBadRequestPage(w, r, errors.New("invalid token claims"))
    1801. 

  1801. 		return
    1802. 

  1802. 	}
    1803. 

  1803. 	username := getURLParam(r, "username")
    1804. 

  1804. 	user, err := dataprovider.UserExists(username)
    1805. 

  1805. 	if _, ok := err.(*util.RecordNotFoundError); ok {
    1806. 

  1806. 		renderNotFoundPage(w, r, err)
    1807. 

  1807. 		return
    1808. 

  1808. 	} else if err != nil {
    1809. 

  1809. 		renderInternalServerErrorPage(w, r, err)
    1810. 

  1810. 		return
    1811. 

  1811. 	}
    1812. 

  1812. 	updatedUser, err := getUserFromPostFields(r)
    1813. 

  1813. 	if err != nil {
    1814. 

  1814. 		renderUserPage(w, r, &user, userPageModeUpdate, err.Error())
    1815. 

  1815. 		return
    1816. 

  1816. 	}
    1817. 

  1817. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1818. 

  1818. 		renderForbiddenPage(w, r, err.Error())
    1819. 

  1819. 		return
    1820. 

  1820. 	}
    1821. 

  1821. 	updatedUser.ID = user.ID
    1822. 

  1822. 	updatedUser.Username = user.Username
    1823. 

  1823. 	updatedUser.Filters.RecoveryCodes = user.Filters.RecoveryCodes
    1824. 

  1824. 	updatedUser.Filters.TOTPConfig = user.Filters.TOTPConfig
    1825. 

  1825. 	updatedUser.SetEmptySecretsIfNil()
    1826. 

  1826. 	if updatedUser.Password == redactedSecret {
    1827. 

  1827. 		updatedUser.Password = user.Password
    1828. 

  1828. 	}
    1829. 

  1829. 	updateEncryptedSecrets(&updatedUser.FsConfig, user.FsConfig.S3Config.AccessSecret, user.FsConfig.AzBlobConfig.AccountKey,
    1830. 

  1830. 		user.FsConfig.AzBlobConfig.SASURL, user.FsConfig.GCSConfig.Credentials, user.FsConfig.CryptConfig.Passphrase,
    1831. 

  1831. 		user.FsConfig.SFTPConfig.Password, user.FsConfig.SFTPConfig.PrivateKey)
    1832. 

  1832. 

  1833. 	err = dataprovider.UpdateUser(&updatedUser, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr))
    1834. 

  1834. 	if err == nil {
    1835. 

  1835. 		if len(r.Form.Get("disconnect")) > 0 {
    1836. 

  1836. 			disconnectUser(user.Username)
    1837. 

  1837. 		}
    1838. 

  1838. 		http.Redirect(w, r, webUsersPath, http.StatusSeeOther)
    1839. 

  1839. 	} else {
    1840. 

  1840. 		renderUserPage(w, r, &user, userPageModeUpdate, err.Error())
    1841. 

  1841. 	}
    1842. 

  1842. }
    1843. 

  1843. 

  1844. func handleWebGetStatus(w http.ResponseWriter, r *http.Request) {
    1845. 

  1845. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1846. 

  1846. 	data := statusPage{
    1847. 

  1847. 		basePage: getBasePageData(pageStatusTitle, webStatusPath, r),
    1848. 

  1848. 		Status:   getServicesStatus(),
    1849. 

  1849. 	}
    1850. 

  1850. 	renderAdminTemplate(w, templateStatus, data)
    1851. 

  1851. }
    1852. 

  1852. 

  1853. func handleWebGetConnections(w http.ResponseWriter, r *http.Request) {
    1854. 

  1854. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1855. 

  1855. 	connectionStats := common.Connections.GetStats()
    1856. 

  1856. 	data := connectionsPage{
    1857. 

  1857. 		basePage:    getBasePageData(pageConnectionsTitle, webConnectionsPath, r),
    1858. 

  1858. 		Connections: connectionStats,
    1859. 

  1859. 	}
    1860. 

  1860. 	renderAdminTemplate(w, templateConnections, data)
    1861. 

  1861. }
    1862. 

  1862. 

  1863. func handleWebAddFolderGet(w http.ResponseWriter, r *http.Request) {
    1864. 

  1864. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1865. 

  1865. 	renderFolderPage(w, r, vfs.BaseVirtualFolder{}, folderPageModeAdd, "")
    1866. 

  1866. }
    1867. 

  1867. 

  1868. func handleWebAddFolderPost(w http.ResponseWriter, r *http.Request) {
    1869. 

  1869. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1870. 

  1870. 	folder := vfs.BaseVirtualFolder{}
    1871. 

  1871. 	err := r.ParseMultipartForm(maxRequestSize)
    1872. 

  1872. 	if err != nil {
    1873. 

  1873. 		renderFolderPage(w, r, folder, folderPageModeAdd, err.Error())
    1874. 

  1874. 		return
    1875. 

  1875. 	}
    1876. 

  1876. 	defer r.MultipartForm.RemoveAll() //nolint:errcheck
    1877. 

  1877. 

  1878. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1879. 

  1879. 		renderForbiddenPage(w, r, err.Error())
    1880. 

  1880. 		return
    1881. 

  1881. 	}
    1882. 

  1882. 	folder.MappedPath = r.Form.Get("mapped_path")
    1883. 

  1883. 	folder.Name = r.Form.Get("name")
    1884. 

  1884. 	folder.Description = r.Form.Get("description")
    1885. 

  1885. 	fsConfig, err := getFsConfigFromPostFields(r)
    1886. 

  1886. 	if err != nil {
    1887. 

  1887. 		renderFolderPage(w, r, folder, folderPageModeAdd, err.Error())
    1888. 

  1888. 		return
    1889. 

  1889. 	}
    1890. 

  1890. 	folder.FsConfig = fsConfig
    1891. 

  1891. 

  1892. 	err = dataprovider.AddFolder(&folder)
    1893. 

  1893. 	if err == nil {
    1894. 

  1894. 		http.Redirect(w, r, webFoldersPath, http.StatusSeeOther)
    1895. 

  1895. 	} else {
    1896. 

  1896. 		renderFolderPage(w, r, folder, folderPageModeAdd, err.Error())
    1897. 

  1897. 	}
    1898. 

  1898. }
    1899. 

  1899. 

  1900. func handleWebUpdateFolderGet(w http.ResponseWriter, r *http.Request) {
    1901. 

  1901. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1902. 

  1902. 	name := getURLParam(r, "name")
    1903. 

  1903. 	folder, err := dataprovider.GetFolderByName(name)
    1904. 

  1904. 	if err == nil {
    1905. 

  1905. 		renderFolderPage(w, r, folder, folderPageModeUpdate, "")
    1906. 

  1906. 	} else if _, ok := err.(*util.RecordNotFoundError); ok {
    1907. 

  1907. 		renderNotFoundPage(w, r, err)
    1908. 

  1908. 	} else {
    1909. 

  1909. 		renderInternalServerErrorPage(w, r, err)
    1910. 

  1910. 	}
    1911. 

  1911. }
    1912. 

  1912. 

  1913. func handleWebUpdateFolderPost(w http.ResponseWriter, r *http.Request) {
    1914. 

  1914. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1915. 

  1915. 	claims, err := getTokenClaims(r)
    1916. 

  1916. 	if err != nil || claims.Username == "" {
    1917. 

  1917. 		renderBadRequestPage(w, r, errors.New("invalid token claims"))
    1918. 

  1918. 		return
    1919. 

  1919. 	}
    1920. 

  1920. 	name := getURLParam(r, "name")
    1921. 

  1921. 	folder, err := dataprovider.GetFolderByName(name)
    1922. 

  1922. 	if _, ok := err.(*util.RecordNotFoundError); ok {
    1923. 

  1923. 		renderNotFoundPage(w, r, err)
    1924. 

  1924. 		return
    1925. 

  1925. 	} else if err != nil {
    1926. 

  1926. 		renderInternalServerErrorPage(w, r, err)
    1927. 

  1927. 		return
    1928. 

  1928. 	}
    1929. 

  1929. 

  1930. 	err = r.ParseMultipartForm(maxRequestSize)
    1931. 

  1931. 	if err != nil {
    1932. 

  1932. 		renderFolderPage(w, r, folder, folderPageModeUpdate, err.Error())
    1933. 

  1933. 		return
    1934. 

  1934. 	}
    1935. 

  1935. 	defer r.MultipartForm.RemoveAll() //nolint:errcheck
    1936. 

  1936. 

  1937. 	if err := verifyCSRFToken(r.Form.Get(csrfFormToken)); err != nil {
    1938. 

  1938. 		renderForbiddenPage(w, r, err.Error())
    1939. 

  1939. 		return
    1940. 

  1940. 	}
    1941. 

  1941. 	fsConfig, err := getFsConfigFromPostFields(r)
    1942. 

  1942. 	if err != nil {
    1943. 

  1943. 		renderFolderPage(w, r, folder, folderPageModeUpdate, err.Error())
    1944. 

  1944. 		return
    1945. 

  1945. 	}
    1946. 

  1946. 	updatedFolder := &vfs.BaseVirtualFolder{
    1947. 

  1947. 		MappedPath:  r.Form.Get("mapped_path"),
    1948. 

  1948. 		Description: r.Form.Get("description"),
    1949. 

  1949. 	}
    1950. 

  1950. 	updatedFolder.ID = folder.ID
    1951. 

  1951. 	updatedFolder.Name = folder.Name
    1952. 

  1952. 	updatedFolder.FsConfig = fsConfig
    1953. 

  1953. 	updatedFolder.FsConfig.SetEmptySecretsIfNil()
    1954. 

  1954. 	updateEncryptedSecrets(&updatedFolder.FsConfig, folder.FsConfig.S3Config.AccessSecret, folder.FsConfig.AzBlobConfig.AccountKey,
    1955. 

  1955. 		folder.FsConfig.AzBlobConfig.SASURL, folder.FsConfig.GCSConfig.Credentials, folder.FsConfig.CryptConfig.Passphrase,
    1956. 

  1956. 		folder.FsConfig.SFTPConfig.Password, folder.FsConfig.SFTPConfig.PrivateKey)
    1957. 

  1957. 

  1958. 	err = dataprovider.UpdateFolder(updatedFolder, folder.Users, claims.Username, util.GetIPFromRemoteAddress(r.RemoteAddr))
    1959. 

  1959. 	if err != nil {
    1960. 

  1960. 		renderFolderPage(w, r, folder, folderPageModeUpdate, err.Error())
    1961. 

  1961. 		return
    1962. 

  1962. 	}
    1963. 

  1963. 	http.Redirect(w, r, webFoldersPath, http.StatusSeeOther)
    1964. 

  1964. }
    1965. 

  1965. 

  1966. func getWebVirtualFolders(w http.ResponseWriter, r *http.Request, limit int) ([]vfs.BaseVirtualFolder, error) {
    1967. 

  1967. 	folders := make([]vfs.BaseVirtualFolder, 0, limit)
    1968. 

  1968. 	for {
    1969. 

  1969. 		f, err := dataprovider.GetFolders(limit, len(folders), dataprovider.OrderASC)
    1970. 

  1970. 		if err != nil {
    1971. 

  1971. 			renderInternalServerErrorPage(w, r, err)
    1972. 

  1972. 			return folders, err
    1973. 

  1973. 		}
    1974. 

  1974. 		folders = append(folders, f...)
    1975. 

  1975. 		if len(f) < limit {
    1976. 

  1976. 			break
    1977. 

  1977. 		}
    1978. 

  1978. 	}
    1979. 

  1979. 	return folders, nil
    1980. 

  1980. }
    1981. 

  1981. 

  1982. func handleWebGetFolders(w http.ResponseWriter, r *http.Request) {
    1983. 

  1983. 	r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
    1984. 

  1984. 	limit := defaultQueryLimit
    1985. 

  1985. 	if _, ok := r.URL.Query()["qlimit"]; ok {
    1986. 

  1986. 		var err error
    1987. 

  1987. 		limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
    1988. 

  1988. 		if err != nil {
    1989. 

  1989. 			limit = defaultQueryLimit
    1990. 

  1990. 		}
    1991. 

  1991. 	}
    1992. 

  1992. 	folders, err := getWebVirtualFolders(w, r, limit)
    1993. 

  1993. 	if err != nil {
    1994. 

  1994. 		return
    1995. 

  1995. 	}
    1996. 

  1996. 

  1997. 	data := foldersPage{
    1998. 

  1998. 		basePage: getBasePageData(pageFoldersTitle, webFoldersPath, r),
    1999. 

  1999. 		Folders:  folders,
    2000. 

  2000. 	}
    2001. 

  2001. 	renderAdminTemplate(w, templateFolders, data)
    2002. 

  2002. }
    2003.