Commit Graph

18 Commits

Author SHA1 Message Date
Conrad Hoffmann
4765adc1a3 Use NewHTTPError to return better errors
That function is merged upstream, but the current version still depends
on some stuff not yet merged into upstream go-webdav.
2022-05-06 09:16:17 +02:00
Conrad Hoffmann
001917295d Add CalDAV support, refactor
The filesystem storage backend now implements the required functions to
act as a basic CalDAV server. Some refactoring was done based on the
go-webdav development: introduce a UserPrincipalBackend, a new function
to serve the user principal URL, and more. See this PR for lots of
details: https://github.com/emersion/go-webdav/pull/62

Also adds a simple facility for debug output.
2022-05-03 16:06:47 +02:00
Conrad Hoffmann
5728f1ee27 Make sure clients cannot overwrite address book
Tighten the regex for valid resources and change the name of the default
address book file so that it is not covered by that regex. This will
prohibit clients from accidentally or maliciously PUTing to that file.
2022-03-16 15:15:01 +01:00
Conrad Hoffmann
f4a3598191 Use simpler os.Create for writing files 2022-03-16 15:11:06 +01:00
Conrad Hoffmann
29bf819ab1 Avoid empty array allocations 2022-03-16 15:08:42 +01:00
Conrad Hoffmann
e5db18e289 Remove stat call from happy path
Just try to read the file, use it if it works. Only if the file does
not exist, create default address book and try again.
2022-03-16 15:02:18 +01:00
Conrad Hoffmann
86359a5e11 Avoid using pointers for card.Card
It's just a map, Go will do the right thing.
2022-03-16 14:51:26 +01:00
Conrad Hoffmann
e069bc0e9b Use SHA1 streaming hash for Etag 2022-03-16 14:47:47 +01:00
Conrad Hoffmann
b3277148d7 Compile regex globally 2022-03-16 14:47:11 +01:00
Conrad Hoffmann
78bd2a9b84 Keep context keys private
Instead, offer type safe accessors, as documented here:

https://pkg.go.dev/context#Context
2022-03-16 14:33:47 +01:00
Conrad Hoffmann
07c19a6f6c Use base64 encoded user name as their base dir
This is safe in all circumstance and leaves it up to the auth backend to
use whatever name they like for authentication.
2022-03-10 17:56:58 +01:00
Conrad Hoffmann
04be038c05 Implement UID conflict check in PutAddressObject 2022-03-10 17:56:58 +01:00
Conrad Hoffmann
1d50d6dad8 Harden mapping from request path to FS path
Put strict checks in place to avoid authenticated users accessing files
outside of their actual storage directory. These checks will need
updating if multiple address books are to be supported.
2022-03-10 16:46:56 +01:00
Conrad Hoffmann
18a9f9bf77 Implement query and property filters
The property filters are also used for other operations.
2022-03-01 11:51:34 +01:00
Conrad Hoffmann
8c8d96c2bc Fix conflation of URL and storage path
The path returned must of course be the external URL path, not the
internal storage path.
2022-02-28 19:48:49 +01:00
Conrad Hoffmann
8b46585109 storage/filesystem: implement more operations
Everything except QueryAddressObjects is now functional, though not
feature-complete. Simple operations work, e.g. via Evolution.
2022-02-24 12:54:30 +01:00
Conrad Hoffmann
d917938a29 Start simple filesystem storage backend 2022-02-23 21:09:20 +01:00
Conrad Hoffmann
2b6220c1ea Add stub for filesystem storage backend
References: https://todo.sr.ht/~sircmpwn/tokidoki/2
2022-02-22 12:18:07 +01:00