Commit 3cbf153f by cloud

Merge branch 'master' of ssh://giccero.cloud.ik.bme.hu/cloud

parents d9103dc8 d3cded80
...@@ -45,7 +45,7 @@ def neptun_POST(neptun): ...@@ -45,7 +45,7 @@ def neptun_POST(neptun):
#DOWNLOAD LINK GENERATOR #DOWNLOAD LINK GENERATOR
elif request.json['CMD'] == 'DOWNLOAD': elif request.json['CMD'] == 'DOWNLOAD':
dl_path = home_path+'/'+request.json['PATH'] dl_path = home_path+'/'+request.json['PATH']
dl_path = os.path.normpath(dl_path) dl_path = os.path.realpath(dl_path)
if not dl_path.startswith(home_path): if not dl_path.startswith(home_path):
abort(400, 'Invalid download path.') abort(400, 'Invalid download path.')
if( os.path.isfile(dl_path) ): if( os.path.isfile(dl_path) ):
...@@ -59,7 +59,7 @@ def neptun_POST(neptun): ...@@ -59,7 +59,7 @@ def neptun_POST(neptun):
#UPLOAD #UPLOAD
elif request.json['CMD'] == 'UPLOAD': elif request.json['CMD'] == 'UPLOAD':
up_path = home_path+'/'+request.json['PATH'] up_path = home_path+'/'+request.json['PATH']
up_path = os.path.normpath(up_path) up_path = os.path.realpath(up_path)
if not up_path.startswith(home_path): if not up_path.startswith(home_path):
abort(400, 'Invalid upload path.') abort(400, 'Invalid upload path.')
if os.path.exists(up_path) == True and os.path.isdir(up_path): if os.path.exists(up_path) == True and os.path.isdir(up_path):
...@@ -72,9 +72,11 @@ def neptun_POST(neptun): ...@@ -72,9 +72,11 @@ def neptun_POST(neptun):
elif request.json['CMD'] == 'MOVE': elif request.json['CMD'] == 'MOVE':
src_path = home_path+'/'+request.json['SOURCE'] src_path = home_path+'/'+request.json['SOURCE']
dst_path = home_path+'/'+request.json['DESTINATION'] dst_path = home_path+'/'+request.json['DESTINATION']
if not os.path.normpath(src_path).startswith(home_path): src_path = os.path.realpath(src_path)
dst_path = os.path.realpath(dst_path)
if not src_path.startswith(home_path):
abort(400, 'Invalid source path.') abort(400, 'Invalid source path.')
if not os.path.normpath(dst_path).startswith(home_path): if not dst_path.startswith(home_path):
abort(400, 'Invalid destination path.') abort(400, 'Invalid destination path.')
if os.path.exists(src_path) == True and os.path.exists(dst_path) == True and os.path.isdir(dst_path) == True: if os.path.exists(src_path) == True and os.path.exists(dst_path) == True and os.path.isdir(dst_path) == True:
shutil.move(src_path,dst_path) shutil.move(src_path,dst_path)
...@@ -85,7 +87,8 @@ def neptun_POST(neptun): ...@@ -85,7 +87,8 @@ def neptun_POST(neptun):
#RENAME #RENAME
elif request.json['CMD'] == 'RENAME': elif request.json['CMD'] == 'RENAME':
src_path = home_path+'/'+request.json['PATH'] src_path = home_path+'/'+request.json['PATH']
if not os.path.normpath(src_path).startswith(home_path): src_path = os.path.realpath(src_path)
if not src_path.startswith(home_path):
abort(400, 'Invalid source path.') abort(400, 'Invalid source path.')
dst_path = os.path.dirname(src_path)+'/'+request.json['NEW_NAME'] dst_path = os.path.dirname(src_path)+'/'+request.json['NEW_NAME']
if os.path.exists(src_path) == True: if os.path.exists(src_path) == True:
...@@ -96,7 +99,8 @@ def neptun_POST(neptun): ...@@ -96,7 +99,8 @@ def neptun_POST(neptun):
#NEW FOLDER #NEW FOLDER
elif request.json['CMD'] == 'NEW_FOLDER': elif request.json['CMD'] == 'NEW_FOLDER':
dir_path = home_path+'/'+request.json['PATH'] dir_path = home_path+'/'+request.json['PATH']
if not os.path.normpath(dir_path).startswith(home_path): dir_path = os.path.realpath(dir_path)
if not dir_path.startswith(home_path):
abort(400, 'Invalid directory path.') abort(400, 'Invalid directory path.')
if os.path.exists(dir_path) == True: if os.path.exists(dir_path) == True:
abort(400, "Directory already exist!") abort(400, "Directory already exist!")
...@@ -106,7 +110,8 @@ def neptun_POST(neptun): ...@@ -106,7 +110,8 @@ def neptun_POST(neptun):
#REMOVE #REMOVE
elif request.json['CMD'] == 'REMOVE': elif request.json['CMD'] == 'REMOVE':
remove_path = home_path+'/'+request.json['PATH'] remove_path = home_path+'/'+request.json['PATH']
if not os.path.normpath(remove_path).startswith(home_path): remove_path = os.path.realpath(remove_path)
if not remove_path.startswith(home_path):
abort(400, 'Invalid path.') abort(400, 'Invalid path.')
if os.path.exists(remove_path) != True: if os.path.exists(remove_path) != True:
abort(404, "Path not found!") abort(404, "Path not found!")
...@@ -187,7 +192,7 @@ def upload(hash_num): ...@@ -187,7 +192,7 @@ def upload(hash_num):
if os.path.exists(up_path): if os.path.exists(up_path):
abort(400, 'File already exists') abort(400, 'File already exists')
#Check if upload path valid #Check if upload path valid
if not os.path.normpath(up_path).startswith('/home'): if not up_path.startswith('/home'):
abort(400, 'Invalid path.') abort(400, 'Invalid path.')
os.remove(ROOT_WWW_FOLDER+'/'+hash_num) os.remove(ROOT_WWW_FOLDER+'/'+hash_num)
#Get the real upload path #Get the real upload path
...@@ -205,7 +210,7 @@ def upload(hash_num): ...@@ -205,7 +210,7 @@ def upload(hash_num):
datalength += len(chunk) datalength += len(chunk)
f.close() f.close()
os.chown(up_path,getpwnam(username).pw_uid,getpwnam(username).pw_gid) os.chown(up_path,getpwnam(username).pw_uid,getpwnam(username).pw_gid)
os.chmod(up_path,0744) os.chmod(up_path,0644)
return 'Upload finished: '+file_name+' - '+str(datalength)+' Byte' return 'Upload finished: '+file_name+' - '+str(datalength)+' Byte'
...@@ -245,7 +250,7 @@ def updateSSHAuthorizedKeys(username,key_list): ...@@ -245,7 +250,7 @@ def updateSSHAuthorizedKeys(username,key_list):
def list_directory(home,path): def list_directory(home,path):
#Check for path breakout #Check for path breakout
if not os.path.normpath(path).startswith(home): if not os.path.realpath(path).startswith(home):
abort(400, 'Invalid path.') abort(400, 'Invalid path.')
#Check if path exist #Check if path exist
if os.path.exists(path) != True: if os.path.exists(path) != True:
......
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
<link href='http://fonts.googleapis.com/css?family=Metrophobic' rel='stylesheet' type='text/css'> <link href='http://fonts.googleapis.com/css?family=Metrophobic' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="../../one/static/style.css"> <link rel="stylesheet" href="../../one/static/style.css">
<link rel="icon" type="image/png" href="one/static/favicon.png"> <link rel="icon" type="image/png" href="one/static/favicon.png">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script src="http://code.jquery.com/jquery.min.js"></script> <script src="http://code.jquery.com/jquery.min.js"></script>
<script type="text/javascript"> <script type="text/javascript">
$(function(){ $(function(){
......
...@@ -6,6 +6,30 @@ ...@@ -6,6 +6,30 @@
<title>{% block title %}IK Cloud{% endblock %}</title> <title>{% block title %}IK Cloud{% endblock %}</title>
<link rel="stylesheet" href="/static/style.css" /> <link rel="stylesheet" href="/static/style.css" />
<link rel="icon" type="image/png" href="/static/favicon.png" /> <link rel="icon" type="image/png" href="/static/favicon.png" />
<link rel="icon" type="image/png" href="one/static/favicon.png">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<script src="http://code.jquery.com/jquery.min.js"></script>
<script type="text/javascript">
$(function(){
$('.wm').click(function(){
if($(this).children('.details').is(':hidden')){
$(this).children('.details')
.css('height',0)
.css('padding','0px 5px')
.show()
.animate({height:160,paddingTop:15,paddingBottom:15},700);
} else {
var that=this;
$(this).children('.details')
.css('height',130)
.css('padding','15px 5px')
.animate({height:0,paddingTop:0,paddingBottom:0},700,function(){
$(that).children('.details').hide();
});
}
})
})
</script>
{{ form.media }} {{ form.media }}
{% block js %}{% endblock %} {% block js %}{% endblock %}
......
...@@ -26,27 +26,91 @@ ...@@ -26,27 +26,91 @@
{% endfor %} {% endfor %}
</div> </div>
<div class="boxes"> <div class="boxes">
<div class="contentblock">
<h2>Adattár</h2>
<div class="content"> <div class="contentblock">
<ul> <h2>
<li>a.out <span class="file-size">4K</span> <span class="file-age">(5 perce)</span> <a href="" class="file-download">Letöltés</a></li> Adattár
<li>a.out <span class="file-size">4K</span> <span class="file-age">(5 perce)</span> <a href="" class="file-download">Letöltés</a></li> </h2>
<li class="file-details">Tovább</li> <div class="content">
<li class="file-upload">Fájl feltöltése</li> <ul class="file-list">
</ul> <li class="wm">
</div> <div class="summary">
</div> <div class="name filetype-c">hello.c</div>
<div class="contentblock" id="state"> <div class="actions">
<h2>A cluster állapota</h2> <a href="#"><img src="/static/icons/pencil.png" alt="rename" /></a>
<div class="content"> <a href="#"><img src="/static/icons/minus-circle.png" alt="delete" /></a>
<p> <a href="#"><img src="/static/icons/download-cloud.png" alt="download" /></a>
<a href="http://cloud.ik.bme.hu/"> </div>
<img src="/stat/cpu.png" alt="aktuális terhelés" /> <div class="info">1 Kb</div>
<img src="/stat/ram.png" alt="aktuális memóriafoglaltság" /> <div class="clear"></div>
</a> </div>
</p> <div class="details">
</div> <h3>Részletek</h3>
</div> <ul>
<li>Létrehozva: <span class="value">2012.12.29. 23:12</span></li>
<li>Módosítva: <span class="value">2012.12.29. 23:12</span></li>
<li>Hozzáférés: <span class="value">2012.12.29. 23:12</span></li>
<li>Típus: <span class="value">text/plain</span></li>
</ul>
</div>
</li>
<li class="wm">
<div class="summary">
<div class="name filetype-image">suna.jpg</div>
<div class="actions">
<a href="#"><img src="/static/icons/pencil.png" alt="rename" /></a>
<a href="#"><img src="/static/icons/minus-circle.png" alt="delete" /></a>
<a href="#"><img src="/static/icons/download-cloud.png" alt="download" /></a>
</div>
<div class="info">1 Kb</div>
<div class="clear"></div>
</div>
<div class="details">
<h3>Részletek</h3>
<ul>
<li>Létrehozva: <span class="value">2012.12.29. 23:12</span></li>
<li>Módosítva: <span class="value">2012.12.29. 23:12</span></li>
<li>Hozzáférés: <span class="value">2012.12.29. 23:12</span></li>
<li>Típus: <span class="value">image/jpg</span></li>
</ul>
</div>
</li>
<li class="wm">
<div class="summary">
<div class="name filetype-folder">poresz</div>
<div class="actions">
<a href="#"><img src="/static/icons/pencil.png" alt="rename" /></a>
<a href="#"><img src="/static/icons/minus-circle.png" alt="delete" /></a>
</div>
<div class="info">katalógus</div>
<div class="clear"></div>
</div>
<div class="details">
<h3>Részletek</h3>
<ul>
<li>Létrehozva: <span class="value">2012.12.29. 23:12</span></li>
<li>Módosítva: <span class="value">2012.12.29. 23:12</span></li>
<li>Hozzáférés: <span class="value">2012.12.29. 23:12</span></li>
<li>Fájlok: <span class="value">666 db</span></li>
</ul>
</div>
</li>
<li class="file-details wm">
<div class="summary">
<div class="name filetype-more">Mutasd a régebbi fájlokat!</div>
<div class="clear"></div>
</div>
</li>
<li class="file-upload wm">
<div class="summary">
<div class="name filetype-up">Fájlfeltöltés</div>
<div class="clear"></div>
</div>
</li>
</ul>
</div>
</div>
</div> </div>
{% endblock %} {% endblock %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment