tokidoki/storage/filesystem.go

package storage

import (
	"crypto/sha1"
	"encoding/base64"
	"fmt"
	"io"
	"os"
	"path"
	"path/filepath"
	"regexp"
	"strings"

	"github.com/rs/zerolog/log"

	"github.com/emersion/go-webdav"
	"github.com/emersion/go-webdav/caldav"
	"github.com/emersion/go-webdav/carddav"
)

type filesystemBackend struct {
	webdav.UserPrincipalBackend
	path          string
	caldavPrefix  string
	carddavPrefix string
}

var (
	validFilenameRegex  = regexp.MustCompile(`^[A-Za-z0-9][A-Za-z0-9_-]+(.[a-zA-Z]+)?$`)
	defaultResourceName = "default"
)

func NewFilesystem(fsPath, caldavPrefix, carddavPrefix string, userPrincipalBackend webdav.UserPrincipalBackend) (caldav.Backend, carddav.Backend, error) {
	info, err := os.Stat(fsPath)
	if err != nil {
		return nil, nil, fmt.Errorf("failed to create filesystem backend: %s", err.Error())
	}
	if !info.IsDir() {
		return nil, nil, fmt.Errorf("base path for filesystem backend must be a directory")
	}
	backend := &filesystemBackend{
		UserPrincipalBackend: userPrincipalBackend,
		path:                 fsPath,
		caldavPrefix:         caldavPrefix,
		carddavPrefix:        carddavPrefix,
	}
	return backend, backend, nil
}

func ensureLocalDir(path string) error {
	if _, err := os.Stat(path); os.IsNotExist(err) {
		err = os.MkdirAll(path, 0755)
		if err != nil {
			return fmt.Errorf("error creating '%s': %s", path, err.Error())
		}
	}
	return nil
}

func (b *filesystemBackend) localDir(homeSetPath string, components ...string) (string, error) {
	c := append([]string{b.path}, homeSetPath)
	c = append(c, components...)
	localPath := filepath.Join(c...)
	if err := ensureLocalDir(localPath); err != nil {
		return "", err
	}
	return localPath, nil
}

// don't use this directly, use localCalDAVPath or localCardDAVPath instead.
// note that homesetpath is expected to end in /
func (b *filesystemBackend) safeLocalPath(homeSetPath string, urlPath string) (string, error) {
	localPath := filepath.Join(b.path, homeSetPath)
	if err := ensureLocalDir(localPath); err != nil {
		return "", err
	}

	if urlPath == "" {
		return localPath, nil
	}

	// We are mapping to local filesystem path, so be conservative about what to accept
	if strings.HasSuffix(urlPath, "/") {
		urlPath = path.Clean(urlPath) + "/"
	} else {
		urlPath = path.Clean(urlPath)
	}
	if !strings.HasPrefix(urlPath, homeSetPath) {
		err := fmt.Errorf("access to resource outside of home set: %s", urlPath)
		return "", webdav.NewHTTPError(403, err)
	}
	urlPath = strings.TrimPrefix(urlPath, homeSetPath)

	// only accept simple file names for now
	dir, file := path.Split(urlPath)
	if file != "" && !validFilenameRegex.MatchString(file) {
		log.Debug().Str("file", file).Msg("file name does not match regex")
		err := fmt.Errorf("invalid file name: %s", file)
		return "", webdav.NewHTTPError(400, err)
	}

	return filepath.Join(localPath, dir, file), nil
}

func etagForFile(path string) (string, error) {
	f, err := os.Open(path)
	if err != nil {
		return "", err
	}
	defer f.Close()

	h := sha1.New()
	if _, err := io.Copy(h, f); err != nil {
		return "", err
	}
	csum := h.Sum(nil)

	return base64.StdEncoding.EncodeToString(csum[:]), nil
}
Add stub for filesystem storage backend References: https://todo.sr.ht/~sircmpwn/tokidoki/2 2022-02-22 11:14:19 +00:00			`package storage`

			`import (`
Use SHA1 streaming hash for Etag 2022-03-16 13:47:47 +00:00			`"crypto/sha1"`
storage/filesystem: implement more operations Everything except QueryAddressObjects is now functional, though not feature-complete. Simple operations work, e.g. via Evolution. 2022-02-24 11:54:30 +00:00			`"encoding/base64"`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`"fmt"`
Use SHA1 streaming hash for Etag 2022-03-16 13:47:47 +00:00			`"io"`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`"os"`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`"path"`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`"path/filepath"`
Harden mapping from request path to FS path Put strict checks in place to avoid authenticated users accessing files outside of their actual storage directory. These checks will need updating if multiple address books are to be supported. 2022-03-10 15:46:56 +00:00			`"regexp"`
Use NewHTTPError to return better errors That function is merged upstream, but the current version still depends on some stuff not yet merged into upstream go-webdav. 2022-05-03 16:00:07 +01:00			`"strings"`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00
Switch to a proper logging library Structured logs can be enabled with `-log.json`. 2022-12-01 11:00:42 +00:00			`"github.com/rs/zerolog/log"`

Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`"github.com/emersion/go-webdav"`
			`"github.com/emersion/go-webdav/caldav"`
Add stub for filesystem storage backend References: https://todo.sr.ht/~sircmpwn/tokidoki/2 2022-02-22 11:14:19 +00:00			`"github.com/emersion/go-webdav/carddav"`
			`)`

			`type filesystemBackend struct {`
storage/filesystem: simplify UserPrincipalBackend Use composition to expose UserPrincipalBackend in filesystemBackend. That way, no need to re-define the CurrentUserPrincipal method. 2022-05-24 11:39:27 +01:00			`webdav.UserPrincipalBackend`
			`path string`
			`caldavPrefix string`
			`carddavPrefix string`
Add stub for filesystem storage backend References: https://todo.sr.ht/~sircmpwn/tokidoki/2 2022-02-22 11:14:19 +00:00			`}`

Compile regex globally 2022-03-16 13:37:21 +00:00			`var (`
storage: break filesystem.go into multiple files 2022-12-01 10:06:15 +00:00			validFilenameRegex = regexp.MustCompile(`^[A-Za-z0-9][A-Za-z0-9_-]+(.[a-zA-Z]+)?$`)
			`defaultResourceName = "default"`
Compile regex globally 2022-03-16 13:37:21 +00:00			`)`
Add stub for filesystem storage backend References: https://todo.sr.ht/~sircmpwn/tokidoki/2 2022-02-22 11:14:19 +00:00
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`func NewFilesystem(fsPath, caldavPrefix, carddavPrefix string, userPrincipalBackend webdav.UserPrincipalBackend) (caldav.Backend, carddav.Backend, error) {`
			`info, err := os.Stat(fsPath)`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`if err != nil {`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`return nil, nil, fmt.Errorf("failed to create filesystem backend: %s", err.Error())`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`}`
			`if !info.IsDir() {`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`return nil, nil, fmt.Errorf("base path for filesystem backend must be a directory")`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`}`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`backend := &filesystemBackend{`
storage/filesystem: simplify UserPrincipalBackend Use composition to expose UserPrincipalBackend in filesystemBackend. That way, no need to re-define the CurrentUserPrincipal method. 2022-05-24 11:39:27 +01:00			`UserPrincipalBackend: userPrincipalBackend,`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`path: fsPath,`
			`caldavPrefix: caldavPrefix,`
			`carddavPrefix: carddavPrefix,`
			`}`
			`return backend, backend, nil`
			`}`

			`func ensureLocalDir(path string) error {`
			`if _, err := os.Stat(path); os.IsNotExist(err) {`
			`err = os.MkdirAll(path, 0755)`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`if err != nil {`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`return fmt.Errorf("error creating '%s': %s", path, err.Error())`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`}`
			`}`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`return nil`
Start simple filesystem storage backend 2022-02-22 17:24:17 +00:00			`}`

Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`func (b *filesystemBackend) localDir(homeSetPath string, components ...string) (string, error) {`
			`c := append([]string{b.path}, homeSetPath)`
			`c = append(c, components...)`
			`localPath := filepath.Join(c...)`
			`if err := ensureLocalDir(localPath); err != nil {`
			`return "", err`
			`}`
			`return localPath, nil`
			`}`

Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`// don't use this directly, use localCalDAVPath or localCardDAVPath instead.`
Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`// note that homesetpath is expected to end in /`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`func (b *filesystemBackend) safeLocalPath(homeSetPath string, urlPath string) (string, error) {`
Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`localPath := filepath.Join(b.path, homeSetPath)`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`if err := ensureLocalDir(localPath); err != nil {`
Harden mapping from request path to FS path Put strict checks in place to avoid authenticated users accessing files outside of their actual storage directory. These checks will need updating if multiple address books are to be supported. 2022-03-10 15:46:56 +00:00			`return "", err`
			`}`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00
			`if urlPath == "" {`
			`return localPath, nil`
			`}`

Harden mapping from request path to FS path Put strict checks in place to avoid authenticated users accessing files outside of their actual storage directory. These checks will need updating if multiple address books are to be supported. 2022-03-10 15:46:56 +00:00			`// We are mapping to local filesystem path, so be conservative about what to accept`
Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`if strings.HasSuffix(urlPath, "/") {`
			`urlPath = path.Clean(urlPath) + "/"`
			`} else {`
			`urlPath = path.Clean(urlPath)`
			`}`
			`if !strings.HasPrefix(urlPath, homeSetPath) {`
			`err := fmt.Errorf("access to resource outside of home set: %s", urlPath)`
			`return "", webdav.NewHTTPError(403, err)`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`}`
Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`urlPath = strings.TrimPrefix(urlPath, homeSetPath)`

Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`// only accept simple file names for now`
Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`dir, file := path.Split(urlPath)`
			`if file != "" && !validFilenameRegex.MatchString(file) {`
Switch to a proper logging library Structured logs can be enabled with `-log.json`. 2022-12-01 11:00:42 +00:00			`log.Debug().Str("file", file).Msg("file name does not match regex")`
Use NewHTTPError to return better errors That function is merged upstream, but the current version still depends on some stuff not yet merged into upstream go-webdav. 2022-05-03 16:00:07 +01:00			`err := fmt.Errorf("invalid file name: %s", file)`
			`return "", webdav.NewHTTPError(400, err)`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`}`

Initial multi-calendar/address book support Thanks to the latest version of go-webdav, this is now a thing. A lot of operations (like creating a calendar) are not yet supported. But the basics work fine. Note that multi-calendar means that different users can each have their own calenders. Resource sharing is not yet implemented either. Includes the adding of a lot of debug logs, as issues are otherwise pretty hard to figure out. The logging still needs to be made more consistent, and probably cleaned up a bit in some places. 2024-02-02 21:19:36 +00:00			`return filepath.Join(localPath, dir, file), nil`
Add CalDAV support, refactor The filesystem storage backend now implements the required functions to act as a basic CalDAV server. Some refactoring was done based on the go-webdav development: introduce a UserPrincipalBackend, a new function to serve the user principal URL, and more. See this PR for lots of details: https://github.com/emersion/go-webdav/pull/62 Also adds a simple facility for debug output. 2022-03-23 09:38:14 +00:00			`}`

storage/filesystem: implement more operations Everything except QueryAddressObjects is now functional, though not feature-complete. Simple operations work, e.g. via Evolution. 2022-02-24 11:54:30 +00:00			`func etagForFile(path string) (string, error) {`
Use SHA1 streaming hash for Etag 2022-03-16 13:47:47 +00:00			`f, err := os.Open(path)`
storage/filesystem: implement more operations Everything except QueryAddressObjects is now functional, though not feature-complete. Simple operations work, e.g. via Evolution. 2022-02-24 11:54:30 +00:00			`if err != nil {`
			`return "", err`
			`}`
Use SHA1 streaming hash for Etag 2022-03-16 13:47:47 +00:00			`defer f.Close()`

			`h := sha1.New()`
			`if _, err := io.Copy(h, f); err != nil {`
			`return "", err`
			`}`
			`csum := h.Sum(nil)`

storage/filesystem: implement more operations Everything except QueryAddressObjects is now functional, though not feature-complete. Simple operations work, e.g. via Evolution. 2022-02-24 11:54:30 +00:00			`return base64.StdEncoding.EncodeToString(csum[:]), nil`
			`}`