feat(serverHandler): increase access restriction

Author: marjune163

src/serverHandler/aliasHandler.go

@@ -109,6 +109,13 @@ func (h *aliasHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		defer file.Close()
 	}
 
+	if !data.AllowAccess {
+		if !h.postMiddleware(w, r, data, fsPath) {
+			h.accessRestricted(w, data.Status)
+		}
+		return
+	}
+
 	if data.NeedAuth {
 		h.notifyAuth(w, r)
 
@@ -125,13 +132,6 @@ func (h *aliasHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	if !data.AllowAccess {
-		if !h.postMiddleware(w, r, data, fsPath) {
-			h.accessRestricted(w, data.Status)
-		}
-		return
-	}
-
 	if data.NeedDirSlashRedirect {
 		h.redirectWithSlashSuffix(w, r, data.prefixReqPath)
 		return
@@ -169,7 +169,7 @@ func (h *aliasHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 
 	// final process
 	item := data.Item
-	if data.WantJson {
+	if data.wantJson {
 		h.json(w, r, data)
 	} else if shouldServeAsContent(file, item) {
 		h.content(w, r, data)

src/serverHandler/middleware.go

@@ -24,7 +24,7 @@ func (h *aliasHandler) postMiddleware(w http.ResponseWriter, r *http.Request, da
 		RestrictAccess: data.RestrictAccess,
 		AllowAccess:    data.AllowAccess,
 
-		WantJson: data.WantJson,
+		WantJson: data.wantJson,
 
 		Status: data.Status,
 

src/serverHandler/mutate.go

@@ -28,7 +28,7 @@ func (h *aliasHandler) mutate(w http.ResponseWriter, r *http.Request, data *resp
 		}
 	}
 
-	if data.WantJson {
+	if data.wantJson {
 		header := w.Header()
 		header.Set("Content-Type", "application/json; charset=utf-8")
 		header.Set("Cache-Control", "public, max-age=0")

src/serverHandler/responseData.go

@@ -29,6 +29,7 @@ type responseData struct {
 	prefixReqPath  string
 	rawReqPath     string
 	handlerReqPath string
+	wantJson       bool
 
 	NeedAuth     bool
 	forceAuth    bool
@@ -46,7 +47,6 @@ type responseData struct {
 	IsMkdir        bool
 	IsDelete       bool
 	IsMutate       bool
-	WantJson       bool
 
 	CanUpload    bool
 	CanMkdir     bool
@@ -413,12 +413,12 @@ func (h *aliasHandler) getResponseData(r *http.Request) (data *responseData, fsP
 
 	subItemPrefix := getSubItemPrefix(currDirRelPath, rawReqPath, tailSlash)
 
-	canUpload := h.getCanUpload(item, rawReqPath, reqFsPath)
-	canMkdir := h.getCanMkdir(item, rawReqPath, reqFsPath)
-	canDelete := h.getCanDelete(item, rawReqPath, reqFsPath)
+	canUpload := authSuccess && h.getCanUpload(item, rawReqPath, reqFsPath)
+	canMkdir := authSuccess && h.getCanMkdir(item, rawReqPath, reqFsPath)
+	canDelete := authSuccess && h.getCanDelete(item, rawReqPath, reqFsPath)
 	hasDeletable := canDelete && len(subItems) > len(aliasSubItems)
-	canArchive := h.getCanArchive(subItems, rawReqPath, reqFsPath)
-	canCors := h.getCanCors(rawReqPath, reqFsPath)
+	canArchive := authSuccess && h.getCanArchive(subItems, rawReqPath, reqFsPath)
+	canCors := authSuccess && h.getCanCors(rawReqPath, reqFsPath)
 	loginAvail := len(authUserName) == 0 && h.users.Len() > 0
 
 	context := pathContext{
@@ -432,6 +432,7 @@ func (h *aliasHandler) getResponseData(r *http.Request) (data *responseData, fsP
 		prefixReqPath:  prefixReqPath,
 		rawReqPath:     rawReqPath,
 		handlerReqPath: reqPath,
+		wantJson:       wantJson,
 
 		NeedAuth:     needAuth,
 		forceAuth:    forceAuth,
@@ -449,7 +450,6 @@ func (h *aliasHandler) getResponseData(r *http.Request) (data *responseData, fsP
 		IsMkdir:        isMkdir,
 		IsDelete:       isDelete,
 		IsMutate:       isMutate,
-		WantJson:       wantJson,
 
 		CanUpload:    canUpload,
 		CanMkdir:     canMkdir,