Skip to content

Commit

Permalink
Add a UserDetail::read_only method
Browse files Browse the repository at this point in the history
If it returns True, then the storage backend should not allow any
destructive operations.

Implement this method in the cap-ftpd example for unftp-sbe-fs.
  • Loading branch information
asomers committed Mar 18, 2024
1 parent 02900d2 commit a665885
Show file tree
Hide file tree
Showing 3 changed files with 44 additions and 9 deletions.
19 changes: 15 additions & 4 deletions crates/unftp-sbe-fs/examples/cap-ftpd-worker.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ mod auth {
pub struct User {
username: String,
home: Option<PathBuf>,
read_only: bool
}

#[derive(Deserialize, Clone, Debug)]
Expand All @@ -40,20 +41,25 @@ mod auth {
username: String,
password: Option<String>,
home: Option<PathBuf>,
#[serde(default)]
read_only: bool
},
}

#[derive(Clone, Debug)]
struct UserCreds {
pub password: Option<String>,
pub home: Option<PathBuf>,
pub read_only: bool
}

impl User {
fn new(username: &str, home: &Option<PathBuf>) -> Self {
fn new(username: &str, home: &Option<PathBuf>, read_only: bool) -> Self
{
User {
username: username.to_owned(),
home: home.clone(),
read_only
}
}
}
Expand All @@ -65,6 +71,10 @@ mod auth {
Some(p) => Some(p.as_path()),
}
}

fn read_only(&self) -> bool {
self.read_only
}
}

impl fmt::Display for User {
Expand Down Expand Up @@ -99,7 +109,8 @@ mod auth {

fn list_entry_to_map_entry(user_info: Credentials) -> Result<(String, UserCreds), Box<dyn std::error::Error>> {
let map_entry = match user_info {
Credentials::Plaintext { username, password, home } => (username.clone(), UserCreds { password, home }),
Credentials::Plaintext { username, password, home, read_only} =>
(username.clone(), UserCreds { password, home, read_only}),
};
Ok(map_entry)
}
Expand All @@ -125,7 +136,7 @@ mod auth {
let pass_check_result = match &creds.password {
Some(ref given_password) => {
if Self::check_password(given_password, &actual_creds.password).is_ok() {
Some(Ok(User::new(username, &actual_creds.home)))
Some(Ok(User::new(username, &actual_creds.home, actual_creds.read_only)))
} else {
Some(Err(AuthenticationError::BadPassword))
}
Expand All @@ -137,7 +148,7 @@ mod auth {
None => Err(AuthenticationError::BadPassword),
Some(pass_res) => {
if pass_res.is_ok() {
Ok(User::new(username, &actual_creds.home))
Ok(User::new(username, &actual_creds.home, actual_creds.read_only))
} else {
pass_res
}
Expand Down
29 changes: 24 additions & 5 deletions crates/unftp-sbe-fs/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -153,12 +153,15 @@ impl<User: UserDetail> StorageBackend<User> for Filesystem {

async fn put<P: AsRef<Path> + Send, R: tokio::io::AsyncRead + Send + Sync + 'static + Unpin>(
&self,
_user: &User,
user: &User,
bytes: R,
path: P,
start_pos: u64,
) -> Result<u64> {
// TODO: Add permission checks
if user.read_only() {
return Err(Error::new(ErrorKind::PermissionDenied, "Write access denied"));
}

let path = strip_prefixes(path.as_ref());
let mut oo = cap_std::fs::OpenOptions::new();
Expand All @@ -176,31 +179,47 @@ impl<User: UserDetail> StorageBackend<User> for Filesystem {
}

#[tracing_attributes::instrument]
async fn del<P: AsRef<Path> + Send + Debug>(&self, _user: &User, path: P) -> Result<()> {
async fn del<P: AsRef<Path> + Send + Debug>(&self, user: &User, path: P) -> Result<()> {
if user.read_only() {
return Err(Error::new(ErrorKind::PermissionDenied, "Write access denied"));
}

let path = strip_prefixes(path.as_ref());
cap_fs::remove_file(self.root_fd.clone(), path)
.await
.map_err(|error: std::io::Error| error.into())
}

#[tracing_attributes::instrument]
async fn rmd<P: AsRef<Path> + Send + Debug>(&self, _user: &User, path: P) -> Result<()> {
async fn rmd<P: AsRef<Path> + Send + Debug>(&self, user: &User, path: P) -> Result<()> {
if user.read_only() {
return Err(Error::new(ErrorKind::PermissionDenied, "Write access denied"));
}

let path = strip_prefixes(path.as_ref());
cap_fs::remove_dir(self.root_fd.clone(), path)
.await
.map_err(|error: std::io::Error| error.into())
}

#[tracing_attributes::instrument]
async fn mkd<P: AsRef<Path> + Send + Debug>(&self, _user: &User, path: P) -> Result<()> {
async fn mkd<P: AsRef<Path> + Send + Debug>(&self, user: &User, path: P) -> Result<()> {
if user.read_only() {
return Err(Error::new(ErrorKind::PermissionDenied, "Write access denied"));
}

let path = strip_prefixes(path.as_ref());
cap_fs::create_dir(self.root_fd.clone(), path)
.await
.map_err(|error: std::io::Error| error.into())
}

#[tracing_attributes::instrument]
async fn rename<P: AsRef<Path> + Send + Debug>(&self, _user: &User, from: P, to: P) -> Result<()> {
async fn rename<P: AsRef<Path> + Send + Debug>(&self, user: &User, from: P, to: P) -> Result<()> {
if user.read_only() {
return Err(Error::new(ErrorKind::PermissionDenied, "Write access denied"));
}

let from = from.as_ref().strip_prefix("/").unwrap_or(from.as_ref());
let to = to.as_ref().strip_prefix("/").unwrap_or(to.as_ref());

Expand Down
5 changes: 5 additions & 0 deletions src/auth/user.rs
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,11 @@ pub trait UserDetail: Send + Sync + Display + Debug {
fn home(&self) -> Option<&Path> {
None
}

/// Should the user have read-only access, regardless of the Unix file permissions?
fn read_only(&self) -> bool {
false
}
}

/// DefaultUser is a default implementation of the `UserDetail` trait that doesn't hold any user
Expand Down

0 comments on commit a665885

Please sign in to comment.