9001
diff --git a/‎README.md
Lines changed: 5 additions & 1 deletion b/‎README.md
Lines changed: 5 additions & 1 deletion
diff --git a/‎copyparty/authsrv.py
Lines changed: 50 additions & 6 deletions b/‎copyparty/authsrv.py
Lines changed: 50 additions & 6 deletions
diff --git a/‎copyparty/httpcli.py
Lines changed: 39 additions & 8 deletions b/‎copyparty/httpcli.py
Lines changed: 39 additions & 8 deletions
diff --git a/‎copyparty/svchub.py
Lines changed: 33 additions & 7 deletions b/‎copyparty/svchub.py
Lines changed: 33 additions & 7 deletions
diff --git a/‎copyparty/up2k.py
Lines changed: 2 additions & 2 deletions b/‎copyparty/up2k.py
Lines changed: 2 additions & 2 deletions
@@ -750,7 +750,9 @@ you can move files across browser tabs (cut in one tab, paste in another)
 
 share a file or folder by creating a temporary link
 
-when enabled in the server settings (`--shr`), click the bottom-right `share` button to share the folder you're currently in, or select a file first to share only that file
+when enabled in the server settings (`--shr`), click the bottom-right `share` button to share the folder you're currently in, or alternatively:
+* select a folder first to share that folder instead
+* select one or more files to share only those files
 
 this feature was made with [identity providers](#identity-providers) in mind -- configure your reverseproxy to skip the IdP's access-control for a given URL prefix and use that to safely share specific files/folders sans the usual auth checks
 
@@ -775,6 +777,8 @@ specify `--shr /foobar` to enable this feature; a toplevel virtual folder named
 
 users can delete their own shares in the controlpanel, and a list of privileged users (`--shr-adm`) are allowed to see and/or delet any share on the server
 
+**security note:** using this feature does not mean that you can skip the [accounts and volumes](#accounts-and-volumes) section -- you still need to restrict access to volumes that you do not intend to share with unauthenticated users! it is not sufficient to use rules in the reverseproxy to restrict access to just the `/share` folder.
+
 
 ## batch rename
 
 
@@ -35,6 +35,7 @@
     odfusion,
     relchk,
     statdir,
+    ub64enc,
     uncyg,
     undot,
     unhumanize,
@@ -344,6 +345,7 @@ def __init__(
         self.dbv: Optional[VFS] = None  # closest full/non-jump parent
         self.lim: Optional[Lim] = None  # upload limits; only set for dbv
         self.shr_src: Optional[tuple[VFS, str]] = None  # source vfs+rem of a share
+        self.shr_files: set[str] = set()  # filenames to include from shr_src
         self.aread: dict[str, list[str]] = {}
         self.awrite: dict[str, list[str]] = {}
         self.amove: dict[str, list[str]] = {}
@@ -369,6 +371,7 @@ def __init__(
             self.all_vps = []
 
         self.get_dbv = self._get_dbv
+        self.ls = self._ls
 
     def __repr__(self) -> str:
         return "VFS(%s)" % (
@@ -565,7 +568,26 @@ def dcanonical(self, rem: str) -> str:
         ad, fn = os.path.split(ap)
         return os.path.join(absreal(ad), fn)
 
-    def ls(
+    def _ls_nope(
+        self, *a, **ka
+    ) -> tuple[str, list[tuple[str, os.stat_result]], dict[str, "VFS"]]:
+        raise Pebkac(500, "nope.avi")
+
+    def _ls_shr(
+        self,
+        rem: str,
+        uname: str,
+        scandir: bool,
+        permsets: list[list[bool]],
+        lstat: bool = False,
+    ) -> tuple[str, list[tuple[str, os.stat_result]], dict[str, "VFS"]]:
+        """replaces _ls for certain shares (single-file, or file selection)"""
+        vn, rem = self.shr_src  # type: ignore
+        abspath, real, _ = vn.ls(rem, "\n", scandir, permsets, lstat)
+        real = [x for x in real if os.path.basename(x[0]) in self.shr_files]
+        return abspath, real, {}
+
+    def _ls(
         self,
         rem: str,
         uname: str,
@@ -1512,9 +1534,10 @@ def _reload(self, verbosity: int = 9) -> None:
             db_path = self.args.shr_db
             db = sqlite3.connect(db_path)
             cur = db.cursor()
+            cur2 = db.cursor()
             now = time.time()
             for row in cur.execute("select * from sh"):
-                s_k, s_pw, s_vp, s_pr, s_st, s_un, s_t0, s_t1 = row
+                s_k, s_pw, s_vp, s_pr, s_nf, s_un, s_t0, s_t1 = row
                 if s_t1 and s_t1 < now:
                     continue
 
@@ -1523,7 +1546,10 @@ def _reload(self, verbosity: int = 9) -> None:
                     self.log(t % (s_pr, s_k, s_un, s_vp))
 
                 if s_pw:
-                    sun = "s_%s" % (s_k,)
+                    # gotta reuse the "account" for all shares with this pw,
+                    # so do a light scramble as this appears in the web-ui
+                    zs = ub64enc(hashlib.sha512(s_pw.encode("utf-8")).digest())[4:16]
+                    sun = "s_%s" % (zs.decode("utf-8"),)
                     acct[sun] = s_pw
                 else:
                     sun = "*"
@@ -1545,6 +1571,7 @@ def _reload(self, verbosity: int = 9) -> None:
             for vol in shv.nodes.values():
                 vfs.all_vols[vol.vpath] = vol
                 vol.get_dbv = vol._get_share_src
+                vol.ls = vol._ls_nope
 
         zss = set(acct)
         zss.update(self.idp_accs)
@@ -2054,6 +2081,9 @@ def _reload(self, verbosity: int = 9) -> None:
             if not self.warn_anonwrite or verbosity < 5:
                 break
 
+            if enshare and (zv.vpath == shr or zv.vpath.startswith(shrs)):
+                continue
+
             t += '\n\033[36m"/{}"  \033[33m{}\033[0m'.format(zv.vpath, zv.realpath)
             for txt, attr in [
                 ["  read", "uread"],
@@ -2160,10 +2190,9 @@ def _reload(self, verbosity: int = 9) -> None:
                 if x != shr and not x.startswith(shrs)
             }
 
-            assert cur  # type: ignore
-            assert shv  # type: ignore
+            assert db and cur and cur2 and shv  # type: ignore
             for row in cur.execute("select * from sh"):
-                s_k, s_pw, s_vp, s_pr, s_st, s_un, s_t0, s_t1 = row
+                s_k, s_pw, s_vp, s_pr, s_nf, s_un, s_t0, s_t1 = row
                 shn = shv.nodes.get(s_k, None)
                 if not shn:
                     continue
@@ -2178,6 +2207,17 @@ def _reload(self, verbosity: int = 9) -> None:
                     shv.nodes.pop(s_k)
                     continue
 
+                fns = []
+                if s_nf:
+                    q = "select vp from sf where k = ?"
+                    for (s_fn,) in cur2.execute(q, (s_k,)):
+                        fns.append(s_fn)
+
+                    shn.shr_files = set(fns)
+                    shn.ls = shn._ls_shr
+                else:
+                    shn.ls = shn._ls
+
                 shn.shr_src = (s_vfs, s_rem)
                 shn.realpath = s_vfs.canonical(s_rem)
 
@@ -2197,6 +2237,10 @@ def _reload(self, verbosity: int = 9) -> None:
                     # hide subvolume
                     vn.nodes[zs] = VFS(self.log_func, "", "", AXS(), {})
 
+            cur2.close()
+            cur.close()
+            db.close()
+
     def chpw(self, broker: Optional["BrokerCli"], uname, pw) -> tuple[bool, str]:
         if not self.args.chpw:
             return False, "feature disabled in server config"
 
@@ -4347,11 +4347,31 @@ def handle_share(self, req: dict[str, str]) -> bool:
             self.log("handle_share: " + json.dumps(req, indent=4))
 
         skey = req["k"]
-        vp = req["vp"].strip("/")
+        vps = req["vp"]
+        fns = []
+        if len(vps) == 1:
+            vp = vps[0]
+            if not vp.endswith("/"):
+                vp, zs = vp.rsplit("/", 1)
+                fns = [zs]
+        else:
+            for zs in vps:
+                if zs.endswith("/"):
+                    t = "you cannot select more than one folder, or mix flies and folders in one selection"
+                    raise Pebkac(400, t)
+            vp = vps[0].rsplit("/", 1)[0]
+            for zs in vps:
+                vp2, fn = zs.rsplit("/", 1)
+                fns.append(fn)
+                if vp != vp2:
+                    t = "mismatching base paths in selection:\n  [%s]\n  [%s]"
+                    raise Pebkac(400, t % (vp, vp2))
+
+        vp = vp.strip("/")
         if self.is_vproxied and (vp == self.args.R or vp.startswith(self.args.RS)):
             vp = vp[len(self.args.RS) :]
 
-        m = re.search(r"([^0-9a-zA-Z_\.-]|\.\.|^\.)", skey)
+        m = re.search(r"([^0-9a-zA-Z_-])", skey)
         if m:
             raise Pebkac(400, "sharekey has illegal character [%s]" % (m[1],))
 
@@ -4378,9 +4398,13 @@ def handle_share(self, req: dict[str, str]) -> bool:
         except:
             raise Pebkac(400, "you dont have all the perms you tried to grant")
 
-        ap = vfs.canonical(rem)
-        st = bos.stat(ap)
-        ist = 2 if stat.S_ISDIR(st.st_mode) else 1
+        ap, reals, _ = vfs.ls(
+            rem, self.uname, not self.args.no_scandir, [[s_rd, s_wr, s_mv, s_del]]
+        )
+        rfns = set([x[0] for x in reals])
+        for fn in fns:
+            if fn not in rfns:
+                raise Pebkac(400, "selected file not found on disk: [%s]" % (fn,))
 
         pw = req.get("pw") or ""
         now = int(time.time())
@@ -4390,18 +4414,25 @@ def handle_share(self, req: dict[str, str]) -> bool:
         pr = "".join(zc for zc, zb in zip("rwmd", (s_rd, s_wr, s_mv, s_del)) if zb)
 
         q = "insert into sh values (?,?,?,?,?,?,?,?)"
-        cur.execute(q, (skey, pw, vp, pr, ist, self.uname, now, exp))
-        cur.connection.commit()
+        cur.execute(q, (skey, pw, vp, pr, len(fns), self.uname, now, exp))
+
+        q = "insert into sf values (?,?)"
+        for fn in fns:
+            cur.execute(q, (skey, fn))
 
+        cur.connection.commit()
         self.conn.hsrv.broker.ask("_reload_blocking", False, False).get()
         self.conn.hsrv.broker.ask("up2k.wake_rescanner").get()
 
-        surl = "%s://%s%s%s%s" % (
+        fn = quotep(fns[0]) if len(fns) == 1 else ""
+
+        surl = "created share: %s://%s%s%s%s/%s" % (
             "https" if self.is_https else "http",
             self.host,
             self.args.SR,
             self.args.shr,
             skey,
+            fn,
         )
         self.loud_reply(surl, status=201)
         return True
 
@@ -377,16 +377,17 @@ def setup_share_db(self) -> None:
         import sqlite3
 
         al.shr = al.shr.strip("/")
-        if "/" in al.shr:
+        if "/" in al.shr or not al.shr:
             t = "config error: --shr must be the name of a virtual toplevel directory to put shares inside"
             self.log("root", t, 1)
             raise Exception(t)
 
         al.shr = "/%s/" % (al.shr,)
 
         create = True
+        modified = False
         db_path = self.args.shr_db
-        self.log("root", "initializing shares-db %s" % (db_path,))
+        self.log("root", "opening shares-db %s" % (db_path,))
         for n in range(2):
             try:
                 db = sqlite3.connect(db_path)
@@ -412,18 +413,43 @@ def setup_share_db(self) -> None:
                     pass
                 os.unlink(db_path)
 
+        sch1 = [
+            r"create table kv (k text, v int)",
+            r"create table sh (k text, pw text, vp text, pr text, st int, un text, t0 int, t1 int)",
+            # sharekey, password, src, perms, numFiles, owner, created, expires
+        ]
+        sch2 = [
+            r"create table sf (k text, vp text)",
+            r"create index sf_k on sf(k)",
+            r"create index sh_k on sh(k)",
+            r"create index sh_t1 on sh(t1)",
+        ]
+
         assert db  # type: ignore
         assert cur  # type: ignore
         if create:
+            dver = 2
+            modified = True
+            for cmd in sch1 + sch2:
+                cur.execute(cmd)
+            self.log("root", "created new shares-db")
+        else:
+            (dver,) = cur.execute("select v from kv where k = 'sver'").fetchall()[0]
+
+        if dver == 1:
+            modified = True
+            for cmd in sch2:
+                cur.execute(cmd)
+            cur.execute("update sh set st = 0")
+            self.log("root", "shares-db schema upgrade ok")
+
+        if modified:
             for cmd in [
-                # sharekey, password, src, perms, type, owner, created, expires
-                r"create table sh (k text, pw text, vp text, pr text, st int, un text, t0 int, t1 int)",
-                r"create table kv (k text, v int)",
-                r"insert into kv values ('sver', {})".format(1),
+                r"delete from kv where k = 'sver'",
+                r"insert into kv values ('sver', %d)" % (2,),
             ]:
                 cur.execute(cmd)
             db.commit()
-            self.log("root", "created new shares-db")
 
         cur.close()
         db.close()
 
@@ -580,8 +580,8 @@ def _check_shares(self) -> float:
         rm = [x[0] for x in cur.execute(q, (now,))]
         if rm:
             self.log("forgetting expired shares %s" % (rm,))
-            q = "delete from sh where k=?"
-            cur.executemany(q, [(x,) for x in rm])
+            cur.executemany("delete from sh where k=?", [(x,) for x in rm])
+            cur.executemany("delete from sf where k=?", [(x,) for x in rm])
             db.commit()
             Daemon(self.hub._reload_blocking, "sharedrop", (False, False))