web admin: allow both allowed and denied extensions/patterns for a dir

this fix a regression introduced in the previous commit
2025-12-07 14:50:55 +03:00 · 2020-11-16 19:21:50 +01:00
parent a6355e298e
commit e3eca424f1
7 changed files with 110 additions and 49 deletions
--- a/httpd/web.go
+++ b/httpd/web.go
@@ -6,6 +6,7 @@ import (
 	"html/template"
 	"io/ioutil"
 	"net/http"
+	"path"
 	"path/filepath"
 	"strconv"
 	"strings"
@@ -314,7 +315,7 @@ func getListFromPostFields(value string) map[string][]string {
 			dirExts := strings.Split(cleaned, "::")
 			if len(dirExts) > 1 {
 				dir := dirExts[0]
-				dir = strings.TrimSpace(dir)
+				dir = path.Clean(strings.TrimSpace(dir))
 				exts := []string{}
 				for _, e := range strings.Split(dirExts[1], ",") {
 					cleanedExt := strings.TrimSpace(e)
@@ -328,6 +329,7 @@ func getListFromPostFields(value string) map[string][]string {
 					} else {
 						result[dir] = exts
 					}
+					result[dir] = utils.RemoveDuplicates(result[dir])
 				}
 			}
 		}
@@ -335,39 +337,75 @@ func getListFromPostFields(value string) map[string][]string {
 	return result
 }

-func getFilePatternsFromPostField(value string, extesionsType int) []dataprovider.PatternsFilter {
+func getFilePatternsFromPostField(valueAllowed, valuesDenied string) []dataprovider.PatternsFilter {
 	var result []dataprovider.PatternsFilter
-	for dir, values := range getListFromPostFields(value) {
+	allowedPatterns := getListFromPostFields(valueAllowed)
+	deniedPatterns := getListFromPostFields(valuesDenied)
+
+	for dirAllowed, allowPatterns := range allowedPatterns {
 		filter := dataprovider.PatternsFilter{
-			Path: dir,
+			Path:            dirAllowed,
+			AllowedPatterns: allowPatterns,
 		}
-		if extesionsType == 1 {
-			filter.AllowedPatterns = values
-			filter.DeniedPatterns = []string{}
-		} else {
-			filter.DeniedPatterns = values
-			filter.AllowedPatterns = []string{}
+		for dirDenied, denPatterns := range deniedPatterns {
+			if dirAllowed == dirDenied {
+				filter.DeniedPatterns = denPatterns
+				break
+			}
 		}
 		result = append(result, filter)
 	}
+	for dirDenied, denPatterns := range deniedPatterns {
+		found := false
+		for _, res := range result {
+			if res.Path == dirDenied {
+				found = true
+				break
+			}
+		}
+		if !found {
+			result = append(result, dataprovider.PatternsFilter{
+				Path:           dirDenied,
+				DeniedPatterns: denPatterns,
+			})
+		}
+	}
 	return result
 }

-func getFileExtensionsFromPostField(value string, extesionsType int) []dataprovider.ExtensionsFilter {
+func getFileExtensionsFromPostField(valueAllowed, valuesDenied string) []dataprovider.ExtensionsFilter {
 	var result []dataprovider.ExtensionsFilter
-	for dir, values := range getListFromPostFields(value) {
+	allowedExtensions := getListFromPostFields(valueAllowed)
+	deniedExtensions := getListFromPostFields(valuesDenied)
+
+	for dirAllowed, allowedExts := range allowedExtensions {
 		filter := dataprovider.ExtensionsFilter{
-			Path: dir,
+			Path:              dirAllowed,
+			AllowedExtensions: allowedExts,
 		}
-		if extesionsType == 1 {
-			filter.AllowedExtensions = values
-			filter.DeniedExtensions = []string{}
-		} else {
-			filter.DeniedExtensions = values
-			filter.AllowedExtensions = []string{}
+		for dirDenied, deniedExts := range deniedExtensions {
+			if dirAllowed == dirDenied {
+				filter.DeniedExtensions = deniedExts
+				break
+			}
 		}
 		result = append(result, filter)
 	}
+	for dirDenied, deniedExts := range deniedExtensions {
+		found := false
+		for _, res := range result {
+			if res.Path == dirDenied {
+				found = true
+				break
+			}
+		}
+		if !found {
+			result = append(result, dataprovider.ExtensionsFilter{
+				Path:             dirDenied,
+				DeniedExtensions: deniedExts,
+			})
+		}
+	}
 	return result
 }

@@ -377,19 +415,8 @@ func getFiltersFromUserPostFields(r *http.Request) dataprovider.UserFilters {
 	filters.DeniedIP = getSliceFromDelimitedValues(r.Form.Get("denied_ip"), ",")
 	filters.DeniedLoginMethods = r.Form["ssh_login_methods"]
 	filters.DeniedProtocols = r.Form["denied_protocols"]
-	allowedExtensions := getFileExtensionsFromPostField(r.Form.Get("allowed_extensions"), 1)
-	deniedExtensions := getFileExtensionsFromPostField(r.Form.Get("denied_extensions"), 2)
-	extensions := []dataprovider.ExtensionsFilter{}
-	extensions = append(extensions, allowedExtensions...)
-	extensions = append(extensions, deniedExtensions...)
-	filters.FileExtensions = extensions
-	allowedPatterns := getFilePatternsFromPostField(r.Form.Get("allowed_patterns"), 1)
-	deniedPatterns := getFilePatternsFromPostField(r.Form.Get("denied_patterns"), 2)
-	patterns := []dataprovider.PatternsFilter{}
-	patterns = append(patterns, allowedPatterns...)
-	patterns = append(patterns, deniedPatterns...)
-	filters.FilePatterns = patterns
-
+	filters.FileExtensions = getFileExtensionsFromPostField(r.Form.Get("allowed_extensions"), r.Form.Get("denied_extensions"))
+	filters.FilePatterns = getFilePatternsFromPostField(r.Form.Get("allowed_patterns"), r.Form.Get("denied_patterns"))
 	return filters
 }