1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
//
// rhimportd
//
// The Radio Helsinki Rivendell Import Daemon
//
//
// Copyright (C) 2015-2016 Christian Pointner <equinox@helsinki.at>
//
// This file is part of rhimportd.
//
// rhimportd is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// any later version.
//
// rhimportd is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with rhimportd. If not, see <http://www.gnu.org/licenses/>.
//
package main
import (
"bytes"
"encoding/json"
"fmt"
"io"
"io/ioutil"
"mime/multipart"
"net/http"
"code.helsinki.at/rhrd-go/rddb"
"code.helsinki.at/rhrd-go/rhimport"
)
type webUploadResponseData struct {
ResponseCode int `json:"RESPONSE_CODE"`
ErrorString string `json:"ERROR_STRING"`
}
func webUploadErrorResponse(w http.ResponseWriter, code int, errStr string) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(code)
encoder := json.NewEncoder(w)
respdata := webUploadResponseData{code, errStr}
encoder.Encode(respdata)
}
func webUploadSuccessResponse(w http.ResponseWriter) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusOK)
encoder := json.NewEncoder(w)
respdata := webUploadResponseData{http.StatusOK, "success"}
encoder.Encode(respdata)
}
const (
webUploadMaxRequestSize = (2 << 30) - 1 // 2GB, (2 << 30) overflows int on 32-bit systems therefore we use 2GB - 1 Byte
)
func webUploadParseForm(w http.ResponseWriter, r *http.Request) (username, sessionid, srcfile string, src *multipart.Part, ok bool) {
mpr, err := r.MultipartReader()
if err != nil {
rhl.Printf("WebUploadHandler: error while parsing multipart-form: %v", err)
webUploadErrorResponse(w, http.StatusBadRequest, err.Error())
return
}
for {
p, err := mpr.NextPart()
if err != nil {
rhl.Printf("WebUploadHandler: error while parsing multipart-form: %v", err)
webUploadErrorResponse(w, http.StatusBadRequest, err.Error())
return
}
var dstfield *string
switch p.FormName() {
case "LOGIN_NAME":
dstfield = &username
case "SESSION_ID":
dstfield = &sessionid
case "FILENAME":
srcfile = p.FileName()
src = p
ok = true
return
default:
rhl.Printf("WebUploadHandler: unknown form field: '%s'", p.FormName())
webUploadErrorResponse(w, http.StatusBadRequest, fmt.Sprintf("unknown field %s", p.FormName()))
return
}
var buf bytes.Buffer
if _, err := io.CopyN(&buf, p, 1<<10); err != nil && err != io.EOF { // 1kB should be enough
rhl.Printf("WebUploadHandler: error while extracting form field: %v", err)
webUploadErrorResponse(w, http.StatusBadRequest, err.Error())
return
}
*dstfield = buf.String()
p.Close()
}
}
func webUploadHandler(conf *rhimport.Config, db *rddb.DBChan, sessions *rhimport.SessionStoreChan, trusted bool, w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
http.Redirect(w, r, "/static/upload-form.html", http.StatusTemporaryRedirect)
return
}
if r.Method != "POST" {
rhl.Printf("WebUploadHandler: got invalid request method")
webUploadErrorResponse(w, http.StatusMethodNotAllowed, "only POST and GET method are allowed")
return
}
// This is from: stackoverflow.com/questions/26392196
if r.ContentLength > webUploadMaxRequestSize {
rhl.Printf("WebUploadHandler: request is too large: %d > %d", r.ContentLength, webUploadMaxRequestSize)
webUploadErrorResponse(w, http.StatusExpectationFailed, "request too large")
return
}
r.Body = http.MaxBytesReader(w, r.Body, webUploadMaxRequestSize)
username, sessionid, srcfile, src, ok := webUploadParseForm(w, r)
if !ok {
return
}
if username == "" {
webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME")
return
}
if sessionid == "" {
webUploadErrorResponse(w, http.StatusBadRequest, "missing field SESSION_ID")
return
}
// TODO: get session->attachmentChan from store -> 401 if not found
// TODO: take session -> 403 if already taken
// TODO: fetch file (src) in chunks and send it to attachmentChan && check for canceled
rhl.Printf("WebUploadHandler: fetching file from '%s' (%v)", srcfile, src)
io.Copy(ioutil.Discard, src)
webUploadSuccessResponse(w)
}
|