Implementing guest upload / file requests

build/go-generate/minifyStaticContent.go

@@ -137,6 +137,6 @@ func fileExists(filename string) bool {
 // Auto-generated content below, do not modify
 // Version codes can be changed in updateVersionNumbers.go
 
-const jsAdminVersion = 13
+const jsAdminVersion = 14
 const jsE2EVersion = 8
 const cssMainVersion = 5

build/go-generate/updateVersionNumbers.go

@@ -11,7 +11,7 @@ import (
 	"strings"
 )
 
-const versionJsAdmin = 13
+const versionJsAdmin = 14
 const versionJsDropzone = 5
 const versionJsE2EAdmin = 8
 const versionCssMain = 5

internal/configuration/Configuration.go

@@ -94,6 +94,7 @@ func Load() {
 	serverSettings.MinLengthPassword = Environment.MinLengthPassword
 	serverSettings.LengthId = Environment.LengthId
 	serverSettings.LengthHotlinkId = Environment.LengthHotlinkId
+	serverSettings.AllowGuestUploadsByDefault = Environment.PermRequestGrantedByDefault
 	helper.CreateDir(serverSettings.DataDir)
 	filesystem.Init(serverSettings.DataDir)
 	logging.Init(Environment.DataDir)

internal/configuration/database/provider/redis/Redis.go

@@ -3,6 +3,7 @@ package redis
 import (
 	"errors"
 	"fmt"
+	"github.com/forceu/gokapi/internal/environment"
 	"github.com/forceu/gokapi/internal/helper"
 	"github.com/forceu/gokapi/internal/models"
 	redigo "github.com/gomodule/redigo/redis"
@@ -19,7 +20,7 @@ type DatabaseProvider struct {
 }
 
 // DatabaseSchemeVersion contains the version number to be expected from the current database. If lower, an upgrade will be performed
-const DatabaseSchemeVersion = 5
+const DatabaseSchemeVersion = 6
 
 // New returns an instance
 func New(dbConfig models.DbConnection) (DatabaseProvider, error) {
@@ -99,6 +100,20 @@ func (p DatabaseProvider) Upgrade(currentDbVersion int) {
 		osExit(1)
 		return
 	}
+	// pre multi-user
+	if currentDbVersion < 6 {
+		if environment.New().PermRequestGrantedByDefault {
+			for _, user := range p.GetAllUsers() {
+				user.GrantPermission(models.UserPermGuestUploads)
+				p.SaveUser(user, false)
+			}
+		}
+		for _, apiKey := range p.GetAllApiKeys() {
+			if apiKey.IsSystemKey {
+				p.DeleteApiKey(apiKey.Id)
+			}
+		}
+	}
 }
 
 const keyDbVersion = "dbversion"

internal/configuration/database/provider/sqlite/Sqlite.go

@@ -4,6 +4,7 @@ import (
 	"database/sql"
 	"errors"
 	"fmt"
+	"github.com/forceu/gokapi/internal/environment"
 	"os"
 	"path/filepath"
 
@@ -19,7 +20,7 @@ type DatabaseProvider struct {
 }
 
 // DatabaseSchemeVersion contains the version number to be expected from the current database. If lower, an upgrade will be performed
-const DatabaseSchemeVersion = 10
+const DatabaseSchemeVersion = 11
 
 // New returns an instance
 func New(dbConfig models.DbConnection) (DatabaseProvider, error) {
@@ -39,6 +40,20 @@ func (p DatabaseProvider) Upgrade(currentDbVersion int) {
 		osExit(1)
 		return
 	}
+	// pre multi-user
+	if currentDbVersion < 11 {
+		if environment.New().PermRequestGrantedByDefault {
+			for _, user := range p.GetAllUsers() {
+				user.GrantPermission(models.UserPermGuestUploads)
+				p.SaveUser(user, false)
+			}
+		}
+		for _, apiKey := range p.GetAllApiKeys() {
+			if apiKey.IsSystemKey {
+				p.DeleteApiKey(apiKey.Id)
+			}
+		}
+	}
 }
 
 // GetDbVersion gets the version number of the database

internal/environment/Environment.go

@@ -16,27 +16,28 @@ const DefaultPort = 53842
 
 // Environment is a struct containing available env variables
 type Environment struct {
-	ConfigDir          string `env:"CONFIG_DIR" envDefault:"config"`
-	ConfigFile         string `env:"CONFIG_FILE" envDefault:"config.json"`
-	ConfigPath         string
-	DataDir            string `env:"DATA_DIR" envDefault:"data"`
-	ChunkSizeMB        int    `env:"CHUNK_SIZE_MB" envDefault:"45"`
-	LengthId           int    `env:"LENGTH_ID" envDefault:"15"`
-	LengthHotlinkId    int    `env:"LENGTH_HOTLINK_ID" envDefault:"40"`
-	MaxFileSize        int    `env:"MAX_FILESIZE" envDefault:"102400"` // 102400==100GB
-	MaxMemory          int    `env:"MAX_MEMORY_UPLOAD" envDefault:"50"`
-	MaxParallelUploads int    `env:"MAX_PARALLEL_UPLOADS" envDefault:"3"`
-	WebserverPort      int    `env:"PORT" envDefault:"53842"`
-	MinLengthPassword  int    `env:"MIN_LENGTH_PASSWORD" envDefault:"8"`
-	DisableCorsCheck   bool   `env:"DISABLE_CORS_CHECK" envDefault:"false"`
-	LogToStdout        bool   `env:"LOG_STDOUT" envDefault:"false"`
-	HotlinkVideos      bool   `env:"ENABLE_HOTLINK_VIDEOS" envDefault:"false"`
-	AwsBucket          string `env:"AWS_BUCKET"`
-	AwsRegion          string `env:"AWS_REGION"`
-	AwsKeyId           string `env:"AWS_KEY"`
-	AwsKeySecret       string `env:"AWS_KEY_SECRET"`
-	AwsEndpoint        string `env:"AWS_ENDPOINT"`
-	ActiveDeprecations []deprecation.Deprecation
+	ConfigDir                   string `env:"CONFIG_DIR" envDefault:"config"`
+	ConfigFile                  string `env:"CONFIG_FILE" envDefault:"config.json"`
+	ConfigPath                  string
+	DataDir                     string `env:"DATA_DIR" envDefault:"data"`
+	ChunkSizeMB                 int    `env:"CHUNK_SIZE_MB" envDefault:"45"`
+	LengthId                    int    `env:"LENGTH_ID" envDefault:"15"`
+	LengthHotlinkId             int    `env:"LENGTH_HOTLINK_ID" envDefault:"40"`
+	MaxFileSize                 int    `env:"MAX_FILESIZE" envDefault:"102400"` // 102400==100GB
+	MaxMemory                   int    `env:"MAX_MEMORY_UPLOAD" envDefault:"50"`
+	MaxParallelUploads          int    `env:"MAX_PARALLEL_UPLOADS" envDefault:"3"`
+	WebserverPort               int    `env:"PORT" envDefault:"53842"`
+	MinLengthPassword           int    `env:"MIN_LENGTH_PASSWORD" envDefault:"8"`
+	DisableCorsCheck            bool   `env:"DISABLE_CORS_CHECK" envDefault:"false"`
+	LogToStdout                 bool   `env:"LOG_STDOUT" envDefault:"false"`
+	HotlinkVideos               bool   `env:"ENABLE_HOTLINK_VIDEOS" envDefault:"false"`
+	PermRequestGrantedByDefault bool   `env:"ALLOW_GUEST_UPLOADS_BY_DEFAULT" envDefault:"false"`
+	AwsBucket                   string `env:"AWS_BUCKET"`
+	AwsRegion                   string `env:"AWS_REGION"`
+	AwsKeyId                    string `env:"AWS_KEY"`
+	AwsKeySecret                string `env:"AWS_KEY_SECRET"`
+	AwsEndpoint                 string `env:"AWS_ENDPOINT"`
+	ActiveDeprecations          []deprecation.Deprecation
 }
 
 // New parses the env variables

internal/models/ApiKey.go

@@ -21,17 +21,19 @@ const (
 	ApiPermManageUsers
 	// ApiPermManageLogs is the permission required for managing the log file
 	ApiPermManageLogs
+	// ApiManageFileRequests is the permission required for creating and managing file requests
+	ApiManageFileRequests
 )
 
 // ApiPermNone means no permission granted
 const ApiPermNone ApiPermission = 0
 
 // ApiPermAll means all permission granted
-const ApiPermAll ApiPermission = 255
+const ApiPermAll ApiPermission = 511
 
 // ApiPermDefault means all permission granted, except ApiPermApiMod, ApiPermManageUsers, ApiPermManageLogs and ApiPermReplace
 // This is the default for new API keys that are created from the UI
-const ApiPermDefault = ApiPermAll - ApiPermApiMod - ApiPermManageUsers - ApiPermReplace - ApiPermManageLogs
+const ApiPermDefault = ApiPermAll - ApiPermApiMod - ApiPermManageUsers - ApiPermReplace - ApiPermManageLogs - ApiManageFileRequests
 
 // ApiKey contains data of a single api key
 type ApiKey struct {
@@ -45,8 +47,8 @@ type ApiKey struct {
 	UserId       int           `json:"UserId" redis:"UserId"`
 }
 
-// ApiPermission contains zero or more permissions as an uint8 format
-type ApiPermission uint8
+// ApiPermission contains zero or more permissions as an uint16 format
+type ApiPermission uint16
 
 // GetReadableDate returns the date as YYYY-MM-DD HH:MM:SS
 func (key *ApiKey) GetReadableDate() string {
@@ -119,7 +121,12 @@ func (key *ApiKey) HasPermissionManageLogs() bool {
 	return key.HasPermission(ApiPermManageLogs)
 }
 
-// ApiKeyOutput is the output that is used after a new key is created
+// HasPermissionManageFileRequests returns true if ApiManageFileRequests is granted
+func (key *ApiKey) HasPermissionManageFileRequests() bool {
+	return key.HasPermission(ApiManageFileRequests)
+}
+
+// ApiKeyOutput is the output used after a new key is created
 type ApiKeyOutput struct {
 	Result   string
 	Id       string

internal/models/Configuration.go

@@ -27,6 +27,7 @@ type Configuration struct {
 	PicturesAlwaysLocal bool                 `json:"PicturesAlwaysLocal"`
 	SaveIp              bool                 `json:"SaveIp"`
 	IncludeFilename     bool                 `json:"IncludeFilename"`
+	AllowGuestUploadsByDefault bool          `json:"-"`
 }
 
 // Encryption hold information about the encryption used on this file

internal/models/User.go

@@ -45,7 +45,7 @@ func (u *User) GetReadableUserLevel() string {
 	}
 }
 
-// ToJson returns the user as a JSon object
+// ToJson returns the user as a JSON object
 func (u *User) ToJson() string {
 	result, err := json.Marshal(u)
 	helper.Check(err)
@@ -61,7 +61,7 @@ const UserLevelAdmin UserRank = 1
 // UserLevelUser indicates that this user has only basic permissions by default
 const UserLevelUser UserRank = 2
 
-// UserRank indicates the rank that is assigned to the user
+// UserRank indicates the rank assigned to the user
 type UserRank uint8
 
 // IsSuperAdmin returns true if the user has the Rank UserLevelSuperAdmin
@@ -75,9 +75,9 @@ func (u *User) IsSameUser(userId int) bool {
 }
 
 const (
-	// UserPermReplaceUploads allows to replace uploads
+	// UserPermReplaceUploads allows replacing uploads
 	UserPermReplaceUploads UserPermission = 1 << iota
-	// UserPermListOtherUploads allows to also list uploads by other users
+	// UserPermListOtherUploads allows also listing uploads by other users
 	UserPermListOtherUploads
 	// UserPermEditOtherUploads allows editing of uploads by other users
 	UserPermEditOtherUploads
@@ -91,13 +91,15 @@ const (
 	UserPermManageApiKeys
 	// UserPermManageUsers allows creating and editing of users, including granting and revoking permissions
 	UserPermManageUsers
+	// UserPermGuestUploads allows creating file requests
+	UserPermGuestUploads
 )
 
 // UserPermissionNone means that the user has no permissions
 const UserPermissionNone UserPermission = 0
 
 // UserPermissionAll means that the user has all permissions
-const UserPermissionAll UserPermission = 255
+const UserPermissionAll UserPermission = 511
 
 // GrantPermission grants one or more permissions
 func (u *User) GrantPermission(permission UserPermission) {
@@ -156,3 +158,8 @@ func (u *User) HasPermissionManageApi() bool {
 func (u *User) HasPermissionManageUsers() bool {
 	return u.HasPermission(UserPermManageUsers)
 }
+
+// HasPermissionCreateFileRequests returns true if the user has the permission UserPermGuestUploads
+func (u *User) HasPermissionCreateFileRequests() bool {
+	return u.HasPermission(UserPermGuestUploads)
+}

internal/webserver/api/Api.go

@@ -10,6 +10,7 @@ import (
 	"github.com/forceu/gokapi/internal/logging"
 	"github.com/forceu/gokapi/internal/models"
 	"github.com/forceu/gokapi/internal/storage"
+	"github.com/forceu/gokapi/internal/webserver/authentication/users"
 	"github.com/forceu/gokapi/internal/webserver/fileupload"
 	"io"
 	"net/http"
@@ -19,7 +20,6 @@ import (
 
 const lengthPublicId = 35
 const lengthApiKey = 30
-const minLengthUser = 2
 
 // Process parses the request and executes the API call or returns an error message to the sender
 func Process(w http.ResponseWriter, r *http.Request) {
@@ -214,6 +214,11 @@ func apiModifyApiKey(w http.ResponseWriter, r requestParser, user models.User) {
 			sendError(w, http.StatusUnauthorized, "Insufficient user permission for owner to set this API permission")
 			return
 		}
+	case models.ApiManageFileRequests:
+		if !apiKeyOwner.HasPermissionCreateFileRequests() {
+			sendError(w, http.StatusUnauthorized, "Insufficient user permission for owner to set this API permission")
+			return
+		}
 	default:
 		// do nothing
 	}
@@ -269,24 +274,16 @@ func apiCreateUser(w http.ResponseWriter, r requestParser, user models.User) {
 	if !ok {
 		panic("invalid parameter passed")
 	}
-	if len(request.Username) < minLengthUser {
-		sendError(w, http.StatusBadRequest, "Invalid username provided.")
-		return
-	}
-	_, ok = database.GetUserByName(request.Username)
-	if ok {
-		sendError(w, http.StatusConflict, "User already exists.")
-		return
-	}
-	newUser := models.User{
-		Name:      request.Username,
-		UserLevel: models.UserLevelUser,
-	}
-	database.SaveUser(newUser, true)
-	newUser, ok = database.GetUserByName(request.Username)
-	if !ok {
-		sendError(w, http.StatusInternalServerError, "Could not save user")
-		return
+	newUser, err := users.Create(request.Username)
+	if err != nil {
+		switch {
+		case errors.Is(err, users.ErrorNameToShort):
+			sendError(w, http.StatusBadRequest, "Invalid username provided.")
+		case errors.Is(err, users.ErrorUserExists):
+			sendError(w, http.StatusConflict, "User already exists.")
+		default:
+			sendError(w, http.StatusInternalServerError, err.Error())
+		}
 	}
 	logging.LogUserCreation(newUser, user)
 	_, _ = w.Write([]byte(newUser.ToJson()))
@@ -676,6 +673,8 @@ func updateApiKeyPermsOnUserPermChange(userId int, userPerm models.UserPermissio
 		affectedPermission = models.ApiPermReplace
 	case models.UserPermManageLogs:
 		affectedPermission = models.ApiPermManageLogs
+	case models.UserPermGuestUploads:
+		affectedPermission = models.ApiManageFileRequests
 	default:
 		return
 	}

internal/webserver/api/routing.go

@@ -340,6 +340,8 @@ func (p *paramAuthModify) ProcessParameter(_ *http.Request) error {
 		p.Permission = models.ApiPermManageUsers
 	case "PERM_MANAGE_LOGS":
 		p.Permission = models.ApiPermManageLogs
+	case "PERM_MANAGE_FILE_REQUESTS":
+		p.Permission = models.ApiManageFileRequests
 	default:
 		return errors.New("invalid permission")
 	}
@@ -422,6 +424,8 @@ func (p *paramUserModify) ProcessParameter(_ *http.Request) error {
 		p.Permission = models.UserPermManageApiKeys
 	case "PERM_USERS":
 		p.Permission = models.UserPermManageUsers
+	case "PERM_GUEST_UPLOAD":
+		p.Permission = models.UserPermGuestUploads
 	default:
 		return errors.New("invalid permission")
 	}

internal/webserver/authentication/users/Users.go

@@ -0,0 +1,36 @@
+package users
+
+import (
+	"errors"
+	"github.com/forceu/gokapi/internal/configuration"
+	"github.com/forceu/gokapi/internal/configuration/database"
+	"github.com/forceu/gokapi/internal/models"
+)
+
+const minLengthUser = 2
+
+var ErrorNameToShort = errors.New("username too short")
+var ErrorUserExists = errors.New("user already exists")
+
+func Create(name string) (models.User, error) {
+	if len(name) < minLengthUser {
+		return models.User{}, ErrorNameToShort
+	}
+	_, ok := database.GetUserByName(name)
+	if ok {
+		return models.User{}, ErrorUserExists
+	}
+	newUser := models.User{
+		Name:      name,
+		UserLevel: models.UserLevelUser,
+	}
+	if configuration.Get().AllowGuestUploadsByDefault {
+		newUser.GrantPermission(models.UserPermGuestUploads)
+	}
+	database.SaveUser(newUser, true)
+	newUser, ok = database.GetUserByName(name)
+	if !ok {
+		return models.User{}, errors.New("user could not be created")
+	}
+	return newUser, nil
+}