Daniel Legt
cb026d4fd1
- Replace legacy salted password hashing with bcrypt and store hash alg - Accept existing bcrypt hashes while keeping legacy verification fallback - Validate box IDs and use SafeChildPath for box/file operations to prevent traversal - Refactor download flow to share zip writer logic and correctly handle one-time deletes and optional renew-on-download only after a successful zip writefeat(security): use bcrypt hashes and safe paths for boxes - Replace legacy salted password hashing with bcrypt and store hash alg - Accept existing bcrypt hashes while keeping legacy verification fallback - Validate box IDs and use SafeChildPath for box/file operations to prevent traversal - Refactor download flow to share zip writer logic and correctly handle one-time deletes and optional renew-on-download only after a successful zip write
85 lines
2.5 KiB
Go
85 lines
2.5 KiB
Go
package models
|
|
|
|
import "time"
|
|
|
|
const (
|
|
FileStatusFailed = "failed"
|
|
FileStatusReady = "complete"
|
|
FileStatusWait = "pending"
|
|
FileStatusWork = "uploading"
|
|
)
|
|
|
|
const (
|
|
ThumbnailStatusFailed = "failed"
|
|
ThumbnailStatusProcessing = "processing"
|
|
ThumbnailStatusReady = "ready"
|
|
ThumbnailStatusUnsupported = "unsupported"
|
|
)
|
|
|
|
type RetentionOption struct {
|
|
Key string `json:"key"`
|
|
Label string `json:"label"`
|
|
Seconds int64 `json:"seconds"`
|
|
}
|
|
|
|
type BoxFile struct {
|
|
ID string `json:"id"`
|
|
Name string `json:"name"`
|
|
Size int64 `json:"size"`
|
|
SizeLabel string `json:"size_label"`
|
|
MimeType string `json:"mime_type"`
|
|
Status string `json:"status"`
|
|
StatusLabel string `json:"status_label"`
|
|
Title string `json:"title"`
|
|
IconPath string `json:"icon_path"`
|
|
ThumbnailPath *string `json:"thumbnail_path"`
|
|
ThumbnailStatus string `json:"thumbnail_status,omitempty"`
|
|
ThumbnailURL string `json:"-"`
|
|
DownloadPath string `json:"download_path"`
|
|
UploadPath string `json:"upload_path"`
|
|
IsComplete bool `json:"is_complete"`
|
|
}
|
|
|
|
type BoxManifest struct {
|
|
Files []BoxFile `json:"files"`
|
|
CreatedAt time.Time `json:"created_at"`
|
|
ExpiresAt time.Time `json:"expires_at"`
|
|
RetentionKey string `json:"retention_key"`
|
|
RetentionLabel string `json:"retention_label"`
|
|
RetentionSecs int64 `json:"retention_seconds"`
|
|
PasswordSalt string `json:"password_salt,omitempty"`
|
|
PasswordHash string `json:"password_hash,omitempty"`
|
|
PasswordHashAlg string `json:"password_hash_alg,omitempty"`
|
|
AuthToken string `json:"auth_token,omitempty"`
|
|
DisableZip bool `json:"disable_zip,omitempty"`
|
|
OneTimeDownload bool `json:"one_time_download,omitempty"`
|
|
}
|
|
|
|
type BoxSummary struct {
|
|
ID string
|
|
FileCount int
|
|
TotalSize int64
|
|
TotalSizeLabel string
|
|
CreatedAt time.Time
|
|
ExpiresAt time.Time
|
|
Expired bool
|
|
OneTimeDownload bool
|
|
PasswordProtected bool
|
|
}
|
|
|
|
type CreateBoxRequest struct {
|
|
Files []CreateBoxFileRequest `json:"files"`
|
|
RetentionKey string `json:"retention_key"`
|
|
Password string `json:"password"`
|
|
AllowZip *bool `json:"allow_zip"`
|
|
}
|
|
|
|
type CreateBoxFileRequest struct {
|
|
Name string `json:"name"`
|
|
Size int64 `json:"size"`
|
|
}
|
|
|
|
type UpdateFileStatusRequest struct {
|
|
Status string `json:"status"`
|
|
}
|