aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_http_file_share.lua
Commit message (Collapse)AuthorAgeFilesLines
* mod_http_file_share: return 401 instead of 403 if authentication failedJonas Schäfer2021-10-191-1/+1
| | | | | | | This is as per the HTTP standards [1]. Thankfully, the REQUIRED www-authenticate header is already generated by the code. [1]: https://datatracker.ietf.org/doc/html/rfc7235#section-3.1
* mod_http_file_share: Fix measuring how long periodic task takeKim Alvefur2021-09-141-2/+6
|
* mod_http_file_share: Measure current total usageKim Alvefur2021-09-121-0/+7
| | | | | In order to allow monitoring. Especially as there's not much in the way of hard numbers on how much space gets used.
* mod_http_file_share: Fix traceback in global quota debug logging (thanks Martin)Kim Alvefur2021-09-121-2/+4
| | | | | Error in util.human.units.format because of B(nil) when the global quota is unset.
* mod_http_file_share: Add optional global quota on total storage usageKim Alvefur2021-09-121-3/+55
| | | | | | | | | | | | | | | Before, maximum storage usage (assuming all users upload as much as they could) would depend on the quota, retention period and number of users. Since number of users can vary, this makes it hard to know how much storage will be needed. Adding a limit to the total overall storage use solves this, making it simple to set it to some number based on what storage is actually available. Summary job run less often than the prune job since it touches the entire archive; and started before the prune job since it's needed before the first upload.
* mod_http_file_share: Update comment about x-frame-optionsKim Alvefur2021-06-201-1/+1
| | | | | | | | | X-Frame-Options was replaced by the Content-Security-Policy 'frame-ancestors' directive, but Internet Explorer does not support that part of CSP. Since it's just one line it doesn't hurt to keep until some future spring cleaning event :)
* mod_http_file_share: Build list of measuring buckets for configured size limitKim Alvefur2021-06-081-1/+7
| | | | | Creates buckets up to the configured size limit or 1TB, whichever is smaller, e.g. {1K, 4K, 16K, ... 4M, 16M}
* mod_http_file_share: Handle out of bounds Range requestKim Alvefur2021-05-171-3/+8
| | | | | | | Turns out you can seek past the end of the file without getting an error. Also rejects empty range instead of sending the whole file.
* mod_http_file_share: Support download resumption via Range requestsKim Alvefur2021-05-161-0/+20
| | | | | | | | Only a starting point is supported due to the way response:send_file() sends everything it gets from the provided file handle but does not have any way to specify how much to read. This matches what Conversations appears to be doing.
* mod_http_file_share: Include expiry time of the upload itself in tokenKim Alvefur2021-04-051-0/+1
| | | | | | Lets an external upload service know this so it can do expiry itself. Could possibly have been calculated based on the token expiry or issuance time, explicit > implicit.
* mod_http_file_share: Include time of issuance in auth tokenKim Alvefur2021-04-051-1/+3
| | | | | In case an external upload service wants to have the original creation time, or calculate the token expiry itself.
* mod_http_file_share: Group related properties for readabilityKim Alvefur2021-04-051-2/+6
|
* mod_http_file_share: Log error opening file for writingKim Alvefur2021-04-051-2/+3
| | | | util.error.coerce() doesn't work well with iolib
* mod_http_file_share: Fix logging of error opening fileKim Alvefur2021-04-051-1/+1
| | | | It's annoying that Lua interpolates the filename into the error message.
* mod_http_file_share: Include storage in prune time measurementKim Alvefur2021-03-311-1/+1
| | | | Maybe the original idea was that you would measure storage separately?
* mod_http_file_share: Add internal command to check files consistencyKim Alvefur2021-03-281-0/+18
| | | | | | Background: Found a few files in my store that did not match the size recorded in the slot, so I needed a way to check which which those were. As it was a bit too much to type into the shell I added it here instead.
* mod_http_file_share: Fix reporting of missing filesKim Alvefur2021-03-281-2/+5
| | | | | | | This just gave an unhelpful 500 error. It would be nice to have some wrapper code that could untangle the embedded filename in the io libs errors.
* mod_http_file_share: Report number of items in caches to statsmanagerKim Alvefur2021-03-281-0/+8
| | | | | | This is neat, O(1) reporting, why don't we do this everywhere? Gives you an idea of how much stuff is in the caches, which may help inform decisions on whether the size is appropriate.
* mod_http_file_share: Skip removal of nothingKim Alvefur2021-02-261-5/+9
| | | | | In case none of the expired files could be deleted then it's a waste of an API call to try to remove any of the metadata at all.
* mod_http_file_share: Remove correct entries when not all expired files were ↵Kim Alvefur2021-02-251-10/+20
| | | | | | | | | | | | | | | | | | | | | | | deleted If any of the expired files could not be deleted then we should not forget about that, we should complain loudly and try again. The code got this backwards and would have removed only the entries referring to still existing files. Test procedure: 1. Upload a file 2. chown root:root http_file_share/ 3. In uploads.list, decrease 'when' enough to ensure expiry 4. Reload mod_http_file_share 5. Should see an error in the logs about failure to delete the file 6. Should see that the metadata in uploads.list is still there 7. chown http_file_share/ back to the previous owner 8. Reload mod_http_file_share 9. Should see logs about successful removal of expired file 10. Should see that the metadata in uploads.list is gone 11. Should see that the file was deleted
* mod_http_file_share: Fix traceback on missing file-typeKim Alvefur2021-02-241-1/+4
| | | | attempt to index a nil value (local 'filetype') casued by the :gsub call
* mod_http_file_share: Allow credentials via CORS (needed for auth token)Kim Alvefur2021-02-231-0/+3
|
* mod_http_file_share: Return a message from the base URLKim Alvefur2021-02-211-0/+9
|
* mod_http_file_share: Prevent attempt to upload again after completionKim Alvefur2021-02-131-0/+9
|
* mod_http_file_share: Support sending 100 ContinueKim Alvefur2021-02-131-0/+3
| | | | | E.g. curl will ask for this when sending large uploads. Removes a delay while it waits for an error or go-agead.
* mod_http_file_share: Collect cache hit/miss statistics for downloadsKim Alvefur2021-02-021-1/+5
|
* mod_http_file_share: Measure how long it takes to prune expired filesKim Alvefur2021-02-021-0/+3
|
* mod_http_file_share: Collect statistics of files uploadedKim Alvefur2021-02-021-0/+3
|
* mod_http_file_share: Reorder argumentsKim Alvefur2021-01-311-2/+2
| | | | | 'filetype' is optional, so having it last seems sensible. 'slot' is pretty important, so moving it earlier seems sensible.
* mod_http_file_share: Update cached value while it is reasonably freshKim Alvefur2021-01-311-5/+10
| | | | | This should ensure that cache entries until the oldest file that counted to the last 24h becomes older than 24h.
* mod_http_file_share: Cache quotas to avoid hitting storageKim Alvefur2021-01-311-2/+12
|
* mod_http_file_share: Split out some variables for later reuseKim Alvefur2021-01-311-1/+3
|
* mod_http_file_share: Add support for daily upload quotas.Kim Alvefur2021-01-311-0/+19
| | | | | Daily instead of total quotas, should be more efficient to calculate. Still O(n), but a smaller n. Less affected by total retention period.
* mod_http_file_share: Add missing semicolonKim Alvefur2021-01-311-1/+1
| | | | | Last comma or semicolon isn't required but makes the diffs nicer once you add another item after it.
* mod_http_file_share: Clarify log messageKim Alvefur2021-01-301-1/+1
| | | | | No expired ... what? Could be inferred from the module logging it, but better to be explicit.
* mod_http_file_share: Indicate missing token via WWW-Authenticate headerKim Alvefur2021-01-291-0/+1
|
* mod_http_file_share: Clarify message about missing Authorization headerKim Alvefur2021-01-291-1/+1
|
* mod_http_file_share: Allow started uploads to complete after token expiredKim Alvefur2021-01-281-1/+1
| | | | | | | Otherwise uploads taking longer than 5 minutes would be rejected on completion, and that's probably annoying. Thanks jonas’
* mod_http_file_share: Serve configurable set of safe mime types inline ↵Kim Alvefur2021-01-281-1/+8
| | | | | | (thanks jonas’) Otherwise people complain about browser 'Save as' dialog.
* mod_http_file_share: Cache file metadataKim Alvefur2021-01-281-9/+38
| | | | | | | | For faster access by avoiding archive ID. No benchmarks were harmed in the making of this commit. ... no benchmarks were performed at all.
* mod_http_file_share: Extract all file properties into variables earlierKim Alvefur2021-01-281-4/+12
| | | | | A step towards adding caching, which will unpack into the same variables.
* mod_http_file_share: Fix the obligatory misplaced closing bracket (thanks ↵Kim Alvefur2021-01-271-1/+1
| | | | scansion)
* mod_http_file_share: Insert pauses to avoid blocknig for long periodsKim Alvefur2021-01-271-0/+8
| | | | Similar to the mod_mam cleanup job
* mod_http_file_share: Add support for removing old files (default 2 weeks)Kim Alvefur2021-01-271-1/+59
|
* mod_http_file_share: More security headersKim Alvefur2021-01-271-2/+4
|
* mod_http_file_share: Strip authorization type prefix a bit earlierKim Alvefur2021-01-271-2/+5
|
* mod_http_file_share: Factor out function for generating full filenameKim Alvefur2021-01-271-2/+6
|
* mod_http_file_share: Use '.bin' file extensionKim Alvefur2021-01-271-2/+3
| | | | | Distinct from '.dat' used by datamanager / internal stortage for Lua object storage so that they can't easily be loaded by accident that way.
* mod_http_file_share: Validate file size early in HTTP PUT requestKim Alvefur2021-01-271-0/+5
|
* mod_http_file_share: Move Authorization type stringKim Alvefur2021-01-271-2/+2
| | | | It belongs with the header more than the token itself