[# tag: ewok file manager page #] [! use File::Basename; use Data::Dumper; use Ewok::Config qw(:all); use Ewok::Authz qw(:common); use Ewok::Meta qw(getMeta setMeta); use Ewok::Util qw(ewokdir webfsdir dirCheck); use OF::Breadcrumbs qw(breadcrumbs); !] [- Execute({ inputfile => 'util.epl', import => 1 }); $debug = 0; $req = shift; $javascript = !exists $req->{pref}->{javascript} || $req->{pref}->{javascript}; $icons = $req->{pref}->{fm_icons}; $icons = 1 if ! defined $icons; if (exists $fdat{long}) { $long = $fdat{long}; if ($long != $req->{pref}->{fm_long_listing}) { # Save fm_long_listing in user preferences $req->{pref}->{fm_long_listing} = $long; setMeta($req->{pref}, $req->{user}, { type => 'user' }); } } else { $long = $req->{pref}->{fm_long_listing}; } @errors = (); # Support 'clip' and 'trash' pseudo-directories if ($web_dir =~ m!^/?(clip|trash)/?$!) { $clipboard = 1; $mode = 'view'; $trash = 1 if $1 eq 'trash'; $web_dir = $fdat{p} || '/'; $web_dir = "/$web_dir" if substr($web_dir,0,1) ne '/'; $wd = substr($web_dir, 0, -1); $wd = '/' if $wd eq ''; $web_url = $web_dir; $fs_dir = $EWOK_CLIPBOARD; $fs_dir .= '/' if (substr($fs_dir,-1) ne '/'); # Deny access if $fs_dir is not a directory if (! -d $fs_dir) { push @errors, "Error: directory '$wd' not found."; } } # Map web directories to their fs counterparts else { $clipboard = 0; ($web_dir, $fs_dir, $wd) = webfsdir($req, $fdat{p}, { errors => \@errors, } ); # Dereference $fs_dir if a (relative) link if (-l $fs_dir) { my $target = readlink($fs_dir); if ($target !~ m!\s*/!) { $target =~ s:^\s*(.*?)/?\s*$:$1/:; $fs_dir .= $target; $web_dir .= $target; $fs_dir =~ s:[^/]+/\.\./::g; # Remove foo/../ sequences $web_dir =~ s:[^/]+/\.\./::g; # Remove foo/../ sequences $wd = substr($web_dir,0,-1) if $web_dir ne '/'; } } if (! @errors) { # Get privileges on $fs_dir $authz = authzGetUserHash($req, $fs_dir); $viewPriv = defined $authz->{$VIEW_PRIV}; $editPriv = defined $authz->{$EDIT_PRIV}; $publPriv = defined $authz->{$PUBL_PRIV}; $authzPriv = defined $authz->{$AUTHZ_PRIV}; $tmplPriv = defined $authz->{$TMPL_PRIV}; $adminPriv = defined $authz->{$ADMIN_PRIV}; for my $p (($ADMIN_PRIV, $AUTHZ_PRIV, $PUBL_PRIV, $EDIT_PRIV, $VIEW_PRIV)) { if (defined $authz->{$p}) { $priv = $p; last; } } $priv .= " $TMPL_PRIV" if $tmplPriv && ! $adminPriv; # Load directory metadata and setup %disallow hash $dirmeta = getMeta($fs_dir, { type => 'dir' }); if ($dirmeta->{fm_disallow}) { %disallow = map { lc($_) => 1 } split /[, ] */, $dirmeta->{fm_disallow}; } # Deny access if the user doesn't have view privilege if (! $viewPriv || $disallow{view}) { push @errors, "Error: you do not have view privilege on directory '$wd'."; } # Deny access to ewok directories and metadata directories for non-admins elsif (! $adminPriv && ($fs_dir =~ m!^$EWOK_HOME/! || $fs_dir =~ m|/\.meta\b|)) { push @errors, "Error: you do not have privileges for directory '$wd'."; } else { # Check directory metadata for custom viewers and editors # if ($dirmeta->{viewers}) { # for my $item (split /\s*,\s*/, $dirmeta->{viewers}) { # my ($patt, $viewer) = split /\s*=>\s*/, $item; # $viewers{$patt} = $viewer; # } # } # if ($dirmeta->{editors}) { # for my $item (split /\s*,\s*/, $dirmeta->{editors}) { # my ($patt, $editor) = split /\s*=>\s*/, $item; # $editors{$patt} = $editor; # } # } # Setup web_url if this is a publishing target directory $web_url = Ewok::File::targetRewrite($req, $web_dir); # Set ewok fm 'mode' $mode = ewokdir($fs_dir); # Only allow view mode on metadata directories $mode = 'view' if $mode eq 'stage' && $fs_dir =~ m|/\.meta/?$|; # Use view mode if $mode set and no other privileges $mode = 'view' if $mode && ! $editPriv; $mode ||= 'none'; } } } if (! @errors) { # Deny access if $mode is still 'none' (unless this is the document root) if ($mode eq 'none') { if ($web_dir eq '/' && (@EWOK_TOP_DIRS_ADD || $adminPriv)) { $mode = 'view'; $add_only = 1; } else { push @errors, "Error: directory '$wd' is not an ewok directory."; } } } $req_rec->content_type("text/html"); $escmode = 3; -]
web_dir: [+ $web_dir +] fs_dir: [+ $fs_dir +] wd: [+ $wd +] priv: [+ $priv +] disallow: [+ join ',', keys %disallow +] authz: [+ Dumper($authz) +][$ endif $] [$ if (@errors) $] [- errors(\@errors) -] [$ else $]