1 files changed, 164 insertions, 0 deletions
diff --git a/Filer.py b/Filer.py
new file mode 100755
index 0000000..b7defd8
--- /dev/null
+++ b/Filer.py
@@ -0,0 +1,164 @@
+#!venv/bin/python
+import os
+import hashlib
+import base64
+import time
+from shutil import rmtree
+from flask import Flask, render_template, jsonify, request, redirect, send_from_directory
+from flask_dropzone import Dropzone
+from argparse import ArgumentParser
+from werkzeug.utils import secure_filename
+app = Flask(__name__)
+app.config['SECRET_KEY'] = 'Silence is golden. Gerd Eist.'
+#app.jinja_env.trim_blocks = True
+#app.jinja_env.lstrip_blocks = True
+app.config['PREFERRED_URL_SCHEME'] = 'https'
+app.config['DROPZONE_SERVE_LOCAL'] = True
+app.config['DROPZONE_MAX_FILE_SIZE'] = 128
+app.config['DROPZONE_UPLOAD_MULTIPLE'] = True
+app.config['DROPZONE_PARALLEL_UPLOADS'] = 10
+app.config['DROPZONE_ALLOWED_FILE_CUSTOM'] = True
+app.config['DROPZONE_ALLOWED_FILE_TYPE'] = ''
+app.config['DROPZONE_DEFAULT_MESSAGE'] = 'Ziehe die Dateien hier hin, um sie hochzuladen oder klicken Sie zur Auswahl.'
+dropzone = Dropzone(app)
+basedir = 'Daten'
+#### ADMIN FACING DIRECTORY LISTS ####
+####
+####
+@app.route("/admin", methods=['GET'])
+def admin():
+    url_root = request.url_root.replace('http://', 'https://', 1)
+    users = os.listdir(os.path.join(basedir, 'Mandanten'))
+    return render_template('admin.html', users = users, tree = make_tree(basedir, 'Public'), url_root = url_root)
+@app.route("/admin/Dokumente/<user>", methods=['GET'])
+def admin_dokumente(user):
+    return render_template('mandant.html', admin = 'admin/', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
+@app.route("/admin/del-user/<user>", methods=['POST'])
+def admin_deluser(user):
+    method = request.form.get('_method', 'POST')
+    if method == 'DELETE':
+        rmtree(os.path.join(basedir, 'Dokumente', secure_filename(user)))
+        os.unlink(os.path.join(basedir, 'Mandanten', secure_filename(user)))
+    return redirect('/admin')
+@app.route("/admin/new-user", methods=['POST'])
+def admin_newuser():
+    password = request.form.get('password', '')
+    user = request.form.get('user', '')
+    if not password or not user:
+        return "Username or password missing", 400
+    directory = secure_filename(user)
+    salt = os.urandom(4)
+    sha = hashlib.sha1(password.encode('utf-8'))
+    sha.update(salt)
+    digest_salt_b64 = base64.b64encode(sha.digest()+ salt)
+    tagged_digest_salt = '{{SSHA}}{}'.format(digest_salt_b64.decode('ascii'))
+    try:
+        if not os.path.exists(os.path.join(basedir, 'Dokumente', directory)):
+            os.mkdir(os.path.join(basedir, 'Dokumente', directory))
+        with open(os.path.join(basedir, 'Mandanten', directory), 'w+', encoding='utf-8') as htpasswd:
+            htpasswd.write("{}:{}\n".format(user, tagged_digest_salt))
+    except OSError as error:
+        return "Couldn't create user scope", 500
+    return redirect('/admin')
+#### USER FACING DIRECTORY LIST ####
+####
+####
+@app.route("/Dokumente/<user>", methods=['GET'])
+def mandant(user):
+    return render_template('mandant.html', admin = '', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
+#### UPLOAD FILE ROUTES ####
+####
+####
+@app.route('/Dokumente/<user>', methods=['POST'])
+@app.route('/admin/Dokumente/<user>', methods=['POST'])
+def upload_mandant(user):
+    for key, f in request.files.items():
+        if key.startswith('file'):
+            username = secure_filename(user)
+            filename = secure_filename(f.filename)
+            f.save(os.path.join(basedir, 'Dokumente', username, filename))
+    return 'upload template'
+@app.route('/admin', methods=['POST'])
+def upload_admin():
+    for key, f in request.files.items():
+        if key.startswith('file'):
+            filename = secure_filename(f.filename)
+            f.save(os.path.join(basedir, 'Public', filename))
+    return 'upload template'
+#### DELETE FILE ROUTES ####
+####
+####
+@app.route('/Dokumente/<user>/<path:filename>', methods=['POST'])
+def delete_file_mandant(user, filename):
+    method = request.form.get('_method', 'POST')
+    if method == 'DELETE':
+        os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
+    return redirect('/Dokumente/'+user)
+@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['POST'])
+def delete_file_mandant_admin(user, filename):
+    method = request.form.get('_method', 'POST')
+    if method == 'DELETE':
+        os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
+    return redirect('/admin/Dokumente/'+user)
+@app.route('/admin/Public/<path:filename>', methods=['POST'])
+def delete_file_admin(filename):
+    method = request.form.get('_method', 'POST')
+    if method == 'DELETE':
+        os.unlink(os.path.join(basedir, 'Public', secure_filename(filename)))
+    return redirect('/admin')
+#### SERVE FILES RULES ####
+####
+####
+@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['GET'])
+@app.route('/Dokumente/<user>/<path:filename>', methods=['GET'])
+def custom_static(user, filename):
+    return send_from_directory(os.path.join(basedir, 'Dokumente'), os.path.join(user, filename))
+@app.route('/Public/<path:filename>')
+def custom_static_public(filename):
+    return send_from_directory(os.path.join(basedir, 'Public'), filename)
+def make_tree(rel, path):
+    tree = dict(name=path, download=os.path.basename(path), children=[])
+    try: lst = os.listdir(os.path.join(rel,path))
+    except OSError:
+        pass #ignore errors
+    else:
+        for name in lst:
+            fn = os.path.join(path, name)
+            if os.path.isdir(os.path.join(rel,fn)):
+                tree['children'].append(make_tree(rel, fn))
+            else:
+                ttl = 10 -  int((time.time() - os.path.getmtime(os.path.join(rel,fn))) / (24*3600))
+                tree['children'].append(dict(name=fn, download=name, ttl = ttl))
+    return tree
+if __name__ == "__main__":
+    parser = ArgumentParser(description="Filer")
+    parser.add_argument("-H", "--host", help="Hostname of the Flask app " + "[default %s]" % "127.0.0.1", default="127.0.0.1")
+    parser.add_argument("-P", "--port", help="Port for the Flask app " + "[default %s]" % "5000", default="5000")
+    args = parser.parse_args()
+    app.run(host=args.host, port=int(args.port))

diff --git a/Filer.py b/Filer.py new file mode 100755 index 0000000..b7defd8 --- /dev/null +++ b/Filer.py
@@ -0,0 +1,164 @@
	1	#!venv/bin/python
	2
	3	import os
	4	import hashlib
	5	import base64
	6	import time
	7	from shutil import rmtree
	8
	9	from flask import Flask, render_template, jsonify, request, redirect, send_from_directory
	10	from flask_dropzone import Dropzone
	11	from argparse import ArgumentParser
	12	from werkzeug.utils import secure_filename
	13
	14	app = Flask(__name__)
	15	app.config['SECRET_KEY'] = 'Silence is golden. Gerd Eist.'
	16	#app.jinja_env.trim_blocks = True
	17	#app.jinja_env.lstrip_blocks = True
	18
	19	app.config['PREFERRED_URL_SCHEME'] = 'https'
	20	app.config['DROPZONE_SERVE_LOCAL'] = True
	21	app.config['DROPZONE_MAX_FILE_SIZE'] = 128
	22	app.config['DROPZONE_UPLOAD_MULTIPLE'] = True
	23	app.config['DROPZONE_PARALLEL_UPLOADS'] = 10
	24
	25	app.config['DROPZONE_ALLOWED_FILE_CUSTOM'] = True
	26	app.config['DROPZONE_ALLOWED_FILE_TYPE'] = ''
	27
	28	app.config['DROPZONE_DEFAULT_MESSAGE'] = 'Ziehe die Dateien hier hin, um sie hochzuladen oder klicken Sie zur Auswahl.'
	29
	30	dropzone = Dropzone(app)
	31
	32	basedir = 'Daten'
	33
	34	#### ADMIN FACING DIRECTORY LISTS ####
	35	####
	36	####
	37	@app.route("/admin", methods=['GET'])
	38	def admin():
	39	url_root = request.url_root.replace('http://', 'https://', 1)
	40	users = os.listdir(os.path.join(basedir, 'Mandanten'))
	41	return render_template('admin.html', users = users, tree = make_tree(basedir, 'Public'), url_root = url_root)
	42
	43	@app.route("/admin/Dokumente/<user>", methods=['GET'])
	44	def admin_dokumente(user):
	45	return render_template('mandant.html', admin = 'admin/', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
	46
	47	@app.route("/admin/del-user/<user>", methods=['POST'])
	48	def admin_deluser(user):
	49	method = request.form.get('_method', 'POST')
	50	if method == 'DELETE':
	51	rmtree(os.path.join(basedir, 'Dokumente', secure_filename(user)))
	52	os.unlink(os.path.join(basedir, 'Mandanten', secure_filename(user)))
	53	return redirect('/admin')
	54
	55	@app.route("/admin/new-user", methods=['POST'])
	56	def admin_newuser():
	57	password = request.form.get('password', '')
	58	user = request.form.get('user', '')
	59	if not password or not user:
	60	return "Username or password missing", 400
	61	directory = secure_filename(user)
	62
	63	salt = os.urandom(4)
	64	sha = hashlib.sha1(password.encode('utf-8'))
	65	sha.update(salt)
	66
	67	digest_salt_b64 = base64.b64encode(sha.digest()+ salt)
	68	tagged_digest_salt = '{{SSHA}}{}'.format(digest_salt_b64.decode('ascii'))
	69
	70	try:
	71	if not os.path.exists(os.path.join(basedir, 'Dokumente', directory)):
	72	os.mkdir(os.path.join(basedir, 'Dokumente', directory))
	73	with open(os.path.join(basedir, 'Mandanten', directory), 'w+', encoding='utf-8') as htpasswd:
	74	htpasswd.write("{}:{}\n".format(user, tagged_digest_salt))
	75	except OSError as error:
	76	return "Couldn't create user scope", 500
	77	return redirect('/admin')
	78
	79	#### USER FACING DIRECTORY LIST ####
	80	####
	81	####
	82	@app.route("/Dokumente/<user>", methods=['GET'])
	83	def mandant(user):
	84	return render_template('mandant.html', admin = '', user = user, tree = make_tree(basedir, os.path.join('Dokumente', user)))
	85
	86	#### UPLOAD FILE ROUTES ####
	87	####
	88	####
	89	@app.route('/Dokumente/<user>', methods=['POST'])
	90	@app.route('/admin/Dokumente/<user>', methods=['POST'])
	91	def upload_mandant(user):
	92	for key, f in request.files.items():
	93	if key.startswith('file'):
	94	username = secure_filename(user)
	95	filename = secure_filename(f.filename)
	96	f.save(os.path.join(basedir, 'Dokumente', username, filename))
	97	return 'upload template'
	98
	99	@app.route('/admin', methods=['POST'])
	100	def upload_admin():
	101	for key, f in request.files.items():
	102	if key.startswith('file'):
	103	filename = secure_filename(f.filename)
	104	f.save(os.path.join(basedir, 'Public', filename))
	105	return 'upload template'
	106
	107	#### DELETE FILE ROUTES ####
	108	####
	109	####
	110	@app.route('/Dokumente/<user>/<path:filename>', methods=['POST'])
	111	def delete_file_mandant(user, filename):
	112	method = request.form.get('_method', 'POST')
	113	if method == 'DELETE':
	114	os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
	115	return redirect('/Dokumente/'+user)
	116
	117	@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['POST'])
	118	def delete_file_mandant_admin(user, filename):
	119	method = request.form.get('_method', 'POST')
	120	if method == 'DELETE':
	121	os.unlink(os.path.join(basedir, 'Dokumente', secure_filename(user), secure_filename(filename)))
	122	return redirect('/admin/Dokumente/'+user)
	123
	124	@app.route('/admin/Public/<path:filename>', methods=['POST'])
	125	def delete_file_admin(filename):
	126	method = request.form.get('_method', 'POST')
	127	if method == 'DELETE':
	128	os.unlink(os.path.join(basedir, 'Public', secure_filename(filename)))
	129	return redirect('/admin')
	130
	131	#### SERVE FILES RULES ####
	132	####
	133	####
	134	@app.route('/admin/Dokumente/<user>/<path:filename>', methods=['GET'])
	135	@app.route('/Dokumente/<user>/<path:filename>', methods=['GET'])
	136	def custom_static(user, filename):
	137	return send_from_directory(os.path.join(basedir, 'Dokumente'), os.path.join(user, filename))
	138
	139	@app.route('/Public/<path:filename>')
	140	def custom_static_public(filename):
	141	return send_from_directory(os.path.join(basedir, 'Public'), filename)
	142
	143	def make_tree(rel, path):
	144	tree = dict(name=path, download=os.path.basename(path), children=[])
	145	try: lst = os.listdir(os.path.join(rel,path))
	146	except OSError:
	147	pass #ignore errors
	148	else:
	149	for name in lst:
	150	fn = os.path.join(path, name)
	151	if os.path.isdir(os.path.join(rel,fn)):
	152	tree['children'].append(make_tree(rel, fn))
	153	else:
	154	ttl = 10 - int((time.time() - os.path.getmtime(os.path.join(rel,fn))) / (24*3600))
	155	tree['children'].append(dict(name=fn, download=name, ttl = ttl))
	156	return tree
	157
	158	if __name__ == "__main__":
	159	parser = ArgumentParser(description="Filer")
	160	parser.add_argument("-H", "--host", help="Hostname of the Flask app " + "[default %s]" % "127.0.0.1", default="127.0.0.1")
	161	parser.add_argument("-P", "--port", help="Port for the Flask app " + "[default %s]" % "5000", default="5000")
	162	args = parser.parse_args()
	163
	164	app.run(host=args.host, port=int(args.port))