diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/args.rs | 8 | ||||
-rw-r--r-- | src/config.rs | 4 | ||||
-rw-r--r-- | src/file_upload.rs | 5 | ||||
-rw-r--r-- | src/renderer.rs | 2 |
4 files changed, 10 insertions, 9 deletions
diff --git a/src/args.rs b/src/args.rs index 6c6d6e0..56c834c 100644 --- a/src/args.rs +++ b/src/args.rs @@ -111,9 +111,11 @@ pub struct CliArgs { #[clap(short = 'u', long = "upload-files")] pub file_upload: bool, - /// Restrict upload directories - #[clap(long = "restrict-upload-dir", requires = "file-upload", value_hint = ValueHint::FilePath)] - pub restrict_upload_dir: Vec<PathBuf>, + /// Allowed upload directories (together with -u) + /// + /// If this is set, uploads are only allowed into the provided directories. + #[clap(long, requires = "file-upload", value_hint = ValueHint::FilePath)] + pub allowed_upload_dir: Vec<PathBuf>, /// Enable creating directories #[clap(short = 'U', long = "mkdir", requires = "file-upload")] diff --git a/src/config.rs b/src/config.rs index 3b5c1d7..bf67595 100644 --- a/src/config.rs +++ b/src/config.rs @@ -88,7 +88,7 @@ pub struct MiniserveConfig { pub file_upload: bool, /// Restrict file upload dirs - pub restrict_upload_dir: Vec<PathBuf>, + pub allowed_upload_dir: Vec<PathBuf>, /// HTML accept attribute value pub uploadable_media_type: Option<String>, @@ -251,7 +251,7 @@ impl MiniserveConfig { show_qrcode: args.qrcode, mkdir_enabled: args.mkdir_enabled, file_upload: args.file_upload, - restrict_upload_dir: args.restrict_upload_dir, + allowed_upload_dir: args.allowed_upload_dir, uploadable_media_type, tar_enabled: args.enable_tar, tar_gz_enabled: args.enable_tar_gz, diff --git a/src/file_upload.rs b/src/file_upload.rs index e5f6173..231999f 100644 --- a/src/file_upload.rs +++ b/src/file_upload.rs @@ -173,9 +173,8 @@ pub async fn upload_file( // Disallow paths outside of restricted directories - // TODO: Probably not the most rust-ic style... - let upload_allowed = conf.restrict_upload_dir.is_empty() || - conf.restrict_upload_dir.iter().any(|s| upload_path.starts_with(s)); + let upload_allowed = conf.allowed_upload_dir.is_empty() || + conf.allowed_upload_dir.iter().any(|s| upload_path.starts_with(s)); if !(upload_allowed) { return Err(ContextualError::InvalidPathError("Not allowed to upload to this path".to_string())); diff --git a/src/renderer.rs b/src/renderer.rs index 0ee26af..107f0a4 100644 --- a/src/renderer.rs +++ b/src/renderer.rs @@ -40,7 +40,7 @@ pub fn page( let title_path = breadcrumbs_to_path_string(breadcrumbs); - let upload_allowed = conf.restrict_upload_dir.is_empty() || conf.restrict_upload_dir.iter().any( + let upload_allowed = conf.allowed_upload_dir.is_empty() || conf.allowed_upload_dir.iter().any( |x| encoded_dir.starts_with(&format!("/{}", x.display())) ); html! { |