VFS shall delete file after upload

See issue #40

Jenkinsfile

@@ -1,13 +1,5 @@
-def remote = [:]
-remote.name = 'workstation'
-remote.host = 'workstation'
-remote.user = 'dany'
-remote.identityFile = '/var/jenkins_home/.ssh/id_rsa'
-remote.allowAnyHosts = true
-remote.agent = false
-remote.logLevel = 'INFO'
 pipeline{
-  agent { node{ label'master' }}
+  agent { node{ label'workstation' }}
   options {
     // Limit build history with buildDiscarder option:
     // daysToKeepStr: history is only kept up to this many days.
@@ -28,15 +20,13 @@ pipeline{
   {
     stage('Build') {
       steps {
-        sshCommand remote: remote, command: '''
+        sh'''
-            set -e
+          cd $WORKSPACE
-            export WORKSPACE=$(realpath "./jenkins/workspace/antd-web-apps")
+          [ -d build ] && rm -rf build
-            cd $WORKSPACE
+          mkdir -p build/opt/www/htdocs
-            [ -d build ] && rm -rf build
+          export BUILDDIR="$WORKSPACE/build/opt/www/htdocs"
-            mkdir -p build/opt/www/htdocs
+          make
-            export BUILDDIR="$WORKSPACE/build/opt/www/htdocs"
+        '''
-            make
-          '''
         script {
             // only useful for any master branch
             //if (env.BRANCH_NAME =~ /^master/) {

blog/views/default/layout.ls

@@ -152,7 +152,14 @@
             </div>
         </div>
 <div id = "bottom">
-        Powered by antd server, (c) 2017 - <?=os.date("*t").year?> Dany LE
+        Powered by antd server, (c) 2017 - <?=os.date("*t").year?> Dany LE.
+        <?lua
+        if not HEADER.mobile then
+        ?>
+        This site does not use cookie, but some third-party contents (e.g. Youtube, Twitter) may do.
+        <?lua
+        end
+        ?>
     </div>
 </body>
 </html>

info/controllers/IndexController.lua

@@ -57,9 +57,7 @@ function IndexController:pdf(...)
     print(cmd)
     local r = os.execute(cmd)
     if r then
-        local mime = std.mimeOf(tmp_file)
+        std.sendFile(tmp_file)
-        std.header(mime)
-        std.f(tmp_file)
         return false
     else
         return self:error("Sorry.Problem generate PDF file")

os/controllers/SystemController.lua

@@ -109,20 +109,55 @@ function SystemController:apigateway(...)
     end
     local exec_with_user_priv = function(data)
         local uid = ulib.uid(SESSION.user)
+        -- disable unused modules
+        package.loaded["silk.Router"] = nil
+        package.loaded["silk.BaseController"] = nil
+        package.loaded["silk.DBHelper"] = nil
+        package.loaded["silk.Template"] = nil
+        package.loaded["silk.api"] = nil
+        package.loaded["silk.Logger"] = nil
+        package.loaded["silk.BaseModel"] = nil
+        package.loaded["silk.BaseObject"] = nil
+        package.loaded["os.controllers.SystemController"] = nil
+        -- user only allowed to load module in the following paths
+        package.path = __api__.apiroot.."/?.lua;"..WWW_ROOT .. '/libs/?.lua'
         if not ulib.setgid(uid.gid) or not ulib.setuid(uid.id) then
             echo("Cannot set permission to execute the code")
             return
         end
         local r, e
         e = "{'error': 'Unknow function'}"
+        -- set env var
+        local home = ulib.home_dir(uid.id)
+        ulib.setenv("USER", SESSION.user, 1)
+        ulib.setenv("LOGNAME", SESSION.user, 1)
+        if home then
+            ulib.setenv("HOME", home, 1)
+            ulib.setenv("PWD", home,1)
+            local paths = ""
+            if ulib.exists(home.."/bin") then
+                paths = home.."/bin:"
+            end
+            if ulib.exists(home.."/.local/bin") then
+                paths = paths..home.."/.local/bin:"
+            end
+            local envar = ulib.getenv("PATH")
+            if envar then
+                paths = paths..envar
+            end
+            ulib.setenv("PATH", paths,1)
+        end
+        -- run the code as user
         if data.code then
             r, e = load(data.code)
             if r then
                 local status, result = pcall(r)
-                if (status) then
+                if result then
-                    echo(JSON.encode(result))
+                    if (status) then
-                else
+                        echo(JSON.encode(result))
-                    echo(result)
+                    else
+                        echo(result)
+                    end
                 end
             else
                 echo(e)
@@ -148,12 +183,13 @@ function SystemController:apigateway(...)
     end
 
     if (is_auth()) then
-        local pid = ulib.fork()
+        local pid = ulib.fork()--std.pfork(HTTP_REQUEST.id)
         if (pid == -1) then
             echo("{'error':'Cannot create process'}")
         elseif pid > 0 then -- parent
             -- wait for the child exit or websocket exit
             ulib.waitpid(pid, 0)
+            --ulib.kill(pid)
             print("Parent exit")
         else -- child
             if use_ws then
@@ -168,7 +204,7 @@ function SystemController:apigateway(...)
                             std.ws.close(1012)
                         elseif header.opcode == std.ws.CLOSE then
                             print("Connection closed")
-                            std.ws.close(1000)
+                            -- std.ws.close(1000)
                         elseif header.opcode == std.ws.TEXT then
                             -- read the file
                             local data = std.ws.read(header)
@@ -177,7 +213,7 @@ function SystemController:apigateway(...)
                                 exec_with_user_priv(data)
                                 std.ws.close(1011)
                             else
-                                echo("Error: Invalid  request")
+                                print("Error: Invalid  request")
                                 std.ws.close(1011)
                             end
                         end

os/controllers/UserController.lua

@@ -43,7 +43,8 @@ function UserController:login(...)
         local request = JSON.decodeString(REQUEST.json)
         local r = ulib.auth(request.username,request.password)
         if r == true then
-            local cookie = {sessionid=std.sha1(request.username..request.password)} -- iotos_user = request.username
+            local salt = utils.generate_salt(20)
+            local cookie = {sessionid=std.sha1(request.username..request.password..salt)} -- iotos_user = request.username
             local db = sysdb();
             if db == nil then return fail("Cannot setup session") end
             local cond = {exp= {["="] = { sessionid = cookie.sessionid }}}

os/controllers/VFSController.lua

@@ -186,7 +186,7 @@ end
 function VFSController:upload(...)
     auth_or_die("User unauthorized. Please login")
     local vfs = require("vfs")
-    if REQUEST then
+    if REQUEST and REQUEST.path then
         local r, m = require("vfs").upload(REQUEST.path)
         if r then
             result(r)
@@ -195,7 +195,7 @@ function VFSController:upload(...)
             fail(m)
         end
     else
-        fail("Query not found")
+        fail("Invalid query")
     end
     return false
 end

os/libs/common.lua

@@ -1,5 +1,5 @@
 require("sqlite")
-local TUNNEL_KEYCHAIN = "/opt/www/tmp/channels/antunnel_keychain"
+local TUNNEL_KEYCHAIN = __api__.tmpdir.."/channels/antunnel_keychain"
 function fail(msg)
 	std.custom_header("Connection","close")
 	std.json()

os/libs/packages.lua

@@ -3,8 +3,11 @@ local vfs = require("vfs")
 local uid = ulib.uid(SESSION.user)
 
 packages._cache = function(y)
-	local p = vfs.ospath(y)
+	local p = vfs.ospath(y).."/packages.cache"
-	local f = io.open(p.."/packages.json", "w")
+	if y:find("^os:/") then
+		p = __api__.tmpdir.."/packages.cache"
+	end
+	local f = io.open(p, "w")
 	local has_cache = false
 	local i = 1
 	local meta = {}
@@ -28,7 +31,7 @@ packages._cache = function(y)
 		f:write(table.concat(meta, ","))
 		f:close()
 		if has_cache == false then
-			ulib.delete(p.."/packages.json");
+			ulib.delete(p);
 		end
 	end
 end
@@ -40,7 +43,10 @@ packages.list = function(paths)
 	local first = true
 	--std.f(__ROOT__.."/system/packages.json")
 	for k,v in pairs(paths) do
-		local osp = vfs.ospath(v.."/packages.json")
+		local osp = vfs.ospath(v.."/packages.cache")
+		if v:find("^os:/") then
+			osp = __api__.tmpdir.."/packages.cache"
+		end
 		if  ulib.exists(osp) == false then
 			packages._cache(v)
 		end
@@ -116,4 +122,4 @@ packages.init = function(paths)
 	end
 end
 
-return packages 
+return packages 

os/libs/vfs.lua

@@ -3,16 +3,16 @@ local vfs = {}
 
 vfs.ospath = function(path)
 	local user = SESSION.user
-	local prefix = string.match(path, "%a+://")
+	local prefix = string.match(path, "%a+:/")
 	if(prefix ~= nil) then
 		local suffix = string.gsub(path,prefix,"")
-		if prefix == "home://" then
+		if prefix == "home:/" then
 			return string.format(VFS_HOME,user)..'/'..suffix 
-		elseif prefix == "desktop://" then
+		elseif prefix == "desktop:/" then
 			return string.format(VFS_HOME,user).."/.desktop/"..suffix
-		elseif prefix == "shared://" then
+		elseif prefix == "shared:/" then
 			return require("shared").ospath(std.trim(suffix,"/")) 
-		elseif prefix == "os://" then
+		elseif prefix == "os:/" then
 			return WWW_ROOT.."/"..suffix
 		else
 			return nil
@@ -150,7 +150,14 @@ vfs.upload = function(path)
 		local index = 0
 		while(REQUEST["upload-"..index..".tmp"] ~= nil) do
 			local file = m.."/"..REQUEST["upload-"..index..".file"]
-			ulib.move(REQUEST["upload-"..index..".tmp"], file)
+			local ret = ulib.move(REQUEST["upload-"..index..".tmp"], file)
+			if not ret then
+				ret = ulib.send_file(REQUEST["upload-"..index..".tmp"], file)
+				ulib.delete(REQUEST["upload-"..index..".tmp"])
+			end
+			if not ret then
+			    return false, "Unable to copy file"
+			end
 			ulib.chown(file, uid.id, uid.gid)
 			index = index + 1
 		end