Merge pull request src-d#153 from camathieu/1.2-rc2

1.2-RC1 Fixes

Author: bodji

server/metadataBackend/bolt/bolt.go

@@ -610,7 +610,7 @@ func (bmb *MetadataBackend) GetUploadsToRemove(ctx *juliet.Context) (ids []strin
 			}
 
 			// Extract upload id from key ( 16 last bytes )
-			ids = append(ids, string(k[8:]))
+			ids = append(ids, string(k[10:]))
 		}
 
 		return nil

server/middleware/upload.go

@@ -81,11 +81,29 @@ func Upload(ctx *juliet.Context, next http.Handler) http.Handler {
 
 		forbidden := func() {
 			resp.Header().Set("WWW-Authenticate", "Basic realm=\"plik\"")
+
+			// Shouldn't redirect here to let the browser ask for credentials and retry
+			ctx.Set("redirect", false)
+
 			common.Fail(ctx, req, resp, "Please provide valid credentials to access this upload", 401)
 		}
 
+		// Check upload token
+		uploadToken := req.Header.Get("X-UploadToken")
+		if uploadToken != "" && uploadToken == upload.UploadToken {
+			upload.IsAdmin = true
+		} else {
+			// Check if upload belongs to user
+			if common.Config.Authentication && upload.User != "" {
+				user := common.GetUser(ctx)
+				if user != nil && user.ID == upload.User {
+					upload.IsAdmin = true
+				}
+			}
+		}
+
 		// Handle basic auth if upload is password protected
-		if upload.ProtectedByPassword {
+		if upload.ProtectedByPassword && !upload.IsAdmin {
 			if req.Header.Get("Authorization") == "" {
 				log.Warning("Missing Authorization header")
 				forbidden()
@@ -120,20 +138,6 @@ func Upload(ctx *juliet.Context, next http.Handler) http.Handler {
 			}
 		}
 
-		// Check upload token
-		uploadToken := req.Header.Get("X-UploadToken")
-		if uploadToken != "" && uploadToken == upload.UploadToken {
-			upload.IsAdmin = true
-		} else {
-			// Check if upload belongs to user
-			if common.Config.Authentication && upload.User != "" {
-				user := common.GetUser(ctx)
-				if user != nil && user.ID == upload.User {
-					upload.IsAdmin = true
-				}
-			}
-		}
-
 		next.ServeHTTP(resp, req)
 	})
 }

server/plikd.cfg

@@ -7,7 +7,7 @@
 # Global params
 #
 
-LogLevel            = "DEBUG"        # Other levels : DEBUG, INFO, WARNING, CRITICAL, FATAL
+LogLevel            = "INFO"        # Other levels : DEBUG, INFO, WARNING, CRITICAL, FATAL
 ListenPort          = 8080
 ListenAddress       = "0.0.0.0"
 MaxFileSize         = 10737418240   # 10GB
@@ -49,6 +49,11 @@ StreamMode          = true          # Enable stream mode
 ##
 #   Data backend is for storing raw files
 #
+#   Example using File :
+#
+#   [DataBackendConfig]
+#       Directory = "files"
+#
 #   Example using OpenStack Swift :
 #
 #   [DataBackendConfig]
@@ -58,6 +63,12 @@ StreamMode          = true          # Enable stream mode
 #       Container = "plik"
 #       Password = "#######"
 #
+#   Example using SeaweedFS :
+#
+#   [DataBackendConfig]
+#       MasterURL = "http://127.0.0.1:9333"
+#       ReplicationPattern = "000"
+#
 
 [DataBackendConfig]
 Directory = "files"
@@ -67,6 +78,16 @@ Directory = "files"
 ##
 #   Metadata backend is for storing upload information (file names, size, md5, statuses,...)
 #
+#   Example using BoltDB :
+#
+#   [MetadataBackendConfig]
+#       Path = "plik.db"
+#
+#   Example using File (deprecated) :
+#
+#   [MetadataBackendConfig]
+#       Directory = "files"
+#
 #   Example using MongoDB :
 #
 #   [MetadataBackendConfig]
@@ -79,7 +100,7 @@ Directory = "files"
 #
 
 [MetadataBackendConfig]
-Directory = "files"
+Path = "plik.db"
 
 
 ####