github.com/cloudreve/Cloudreve/v3@v3.0.0-20240224133659-3edb00a6484c/middleware/share.go (about) 1 package middleware 2 3 import ( 4 "fmt" 5 6 model "github.com/cloudreve/Cloudreve/v3/models" 7 "github.com/cloudreve/Cloudreve/v3/pkg/serializer" 8 "github.com/cloudreve/Cloudreve/v3/pkg/util" 9 "github.com/gin-gonic/gin" 10 ) 11 12 // ShareOwner 检查当前登录用户是否为分享所有者 13 func ShareOwner() gin.HandlerFunc { 14 return func(c *gin.Context) { 15 var user *model.User 16 if userCtx, ok := c.Get("user"); ok { 17 user = userCtx.(*model.User) 18 } else { 19 c.JSON(200, serializer.Err(serializer.CodeCheckLogin, "", nil)) 20 c.Abort() 21 return 22 } 23 24 if share, ok := c.Get("share"); ok { 25 if share.(*model.Share).Creator().ID != user.ID { 26 c.JSON(200, serializer.Err(serializer.CodeShareLinkNotFound, "", nil)) 27 c.Abort() 28 return 29 } 30 } 31 32 c.Next() 33 } 34 } 35 36 // ShareAvailable 检查分享是否可用 37 func ShareAvailable() gin.HandlerFunc { 38 return func(c *gin.Context) { 39 var user *model.User 40 if userCtx, ok := c.Get("user"); ok { 41 user = userCtx.(*model.User) 42 } else { 43 user = model.NewAnonymousUser() 44 } 45 46 share := model.GetShareByHashID(c.Param("id")) 47 48 if share == nil || !share.IsAvailable() { 49 c.JSON(200, serializer.Err(serializer.CodeShareLinkNotFound, "", nil)) 50 c.Abort() 51 return 52 } 53 54 c.Set("user", user) 55 c.Set("share", share) 56 c.Next() 57 } 58 } 59 60 // ShareCanPreview 检查分享是否可被预览 61 func ShareCanPreview() gin.HandlerFunc { 62 return func(c *gin.Context) { 63 if share, ok := c.Get("share"); ok { 64 if share.(*model.Share).PreviewEnabled { 65 c.Next() 66 return 67 } 68 c.JSON(200, serializer.Err(serializer.CodeDisabledSharePreview, "", 69 nil)) 70 c.Abort() 71 return 72 } 73 c.Abort() 74 } 75 } 76 77 // CheckShareUnlocked 检查分享是否已解锁 78 func CheckShareUnlocked() gin.HandlerFunc { 79 return func(c *gin.Context) { 80 if shareCtx, ok := c.Get("share"); ok { 81 share := shareCtx.(*model.Share) 82 // 分享是否已解锁 83 if share.Password != "" { 84 sessionKey := fmt.Sprintf("share_unlock_%d", share.ID) 85 unlocked := util.GetSession(c, sessionKey) != nil 86 if !unlocked { 87 c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, 88 "", nil)) 89 c.Abort() 90 return 91 } 92 } 93 94 c.Next() 95 return 96 } 97 c.Abort() 98 } 99 } 100 101 // BeforeShareDownload 分享被下载前的检查 102 func BeforeShareDownload() gin.HandlerFunc { 103 return func(c *gin.Context) { 104 if shareCtx, ok := c.Get("share"); ok { 105 if userCtx, ok := c.Get("user"); ok { 106 share := shareCtx.(*model.Share) 107 user := userCtx.(*model.User) 108 109 // 检查用户是否可以下载此分享的文件 110 err := share.CanBeDownloadBy(user) 111 if err != nil { 112 c.JSON(200, serializer.Err(serializer.CodeGroupNotAllowed, err.Error(), 113 nil)) 114 c.Abort() 115 return 116 } 117 118 // 对积分、下载次数进行更新 119 err = share.DownloadBy(user, c) 120 if err != nil { 121 c.JSON(200, serializer.Err(serializer.CodeGroupNotAllowed, err.Error(), 122 nil)) 123 c.Abort() 124 return 125 } 126 127 c.Next() 128 return 129 } 130 } 131 c.Abort() 132 } 133 }