From 91774c4068675fb1b5c56a25f46d61f4c7c41207 Mon Sep 17 00:00:00 2001 From: Michael Mayer Date: Mon, 31 Oct 2022 15:01:48 +0100 Subject: [PATCH] Security: Create new files without execution permission #2809 Signed-off-by: Michael Mayer --- internal/api/config_options.go | 4 +-- internal/api/share_preview.go | 2 +- internal/commands/backup.go | 4 +-- internal/config/config.go | 4 +-- internal/config/config_filepaths.go | 46 ++++++++++++------------ internal/config/config_raw.go | 4 +-- internal/config/test.go | 2 +- internal/customize/settings.go | 2 +- internal/customize/testdata/settings.yml | 2 +- internal/entity/album_yaml.go | 4 +-- internal/entity/photo_yaml.go | 4 +-- internal/hub/config.go | 6 ++-- internal/photoprism/convert_jpeg.go | 2 +- internal/photoprism/convert_json.go | 2 +- internal/photoprism/import_worker.go | 2 +- internal/photoprism/mediafile.go | 6 ++-- internal/photoprism/mediafile_test.go | 6 ++-- internal/remote/webdav/webdav.go | 8 ++--- internal/server/routes_webdav.go | 4 +-- internal/thumb/create.go | 2 +- pkg/fs/cache.go | 2 +- pkg/fs/case.go | 2 +- pkg/fs/copy.go | 4 +-- pkg/fs/fs.go | 6 ++-- pkg/fs/mode.go | 8 +++++ pkg/fs/move.go | 2 +- pkg/fs/name.go | 2 +- pkg/fs/resolve_test.go | 2 +- pkg/fs/symlink.go | 2 +- 29 files changed, 77 insertions(+), 69 deletions(-) create mode 100644 pkg/fs/mode.go diff --git a/internal/api/config_options.go b/internal/api/config_options.go index 1617e9c3f..3422d5291 100644 --- a/internal/api/config_options.go +++ b/internal/api/config_options.go @@ -91,14 +91,14 @@ func SaveConfigOptions(router *gin.RouterGroup) { } // Make sure directory exists. - if err := os.MkdirAll(filepath.Dir(fileName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(fileName), fs.ModeDir); err != nil { log.Errorf("config: failed creating config path %s (%s)", filepath.Dir(fileName), err) c.AbortWithStatusJSON(http.StatusInternalServerError, err) return } // Write YAML data to file. - if err := os.WriteFile(fileName, yamlData, os.ModePerm); err != nil { + if err := os.WriteFile(fileName, yamlData, fs.ModeFile); err != nil { log.Errorf("config: failed writing values to %s (%s)", clean.Log(fileName), err) c.AbortWithStatusJSON(http.StatusInternalServerError, err) return diff --git a/internal/api/share_preview.go b/internal/api/share_preview.go index 419311062..f69765c19 100644 --- a/internal/api/share_preview.go +++ b/internal/api/share_preview.go @@ -42,7 +42,7 @@ func SharePreview(router *gin.RouterGroup) { thumbPath := path.Join(conf.ThumbCachePath(), "share") - if err := os.MkdirAll(thumbPath, os.ModePerm); err != nil { + if err := os.MkdirAll(thumbPath, fs.ModeDir); err != nil { log.Error(err) c.Redirect(http.StatusTemporaryRedirect, conf.SitePreview()) return diff --git a/internal/commands/backup.go b/internal/commands/backup.go index 625ff0315..6075d94f0 100644 --- a/internal/commands/backup.go +++ b/internal/commands/backup.go @@ -110,7 +110,7 @@ func backupAction(ctx *cli.Context) error { // Create backup directory if not exists. if dir := filepath.Dir(indexFileName); dir != "." { - if err := os.MkdirAll(dir, os.ModePerm); err != nil { + if err := os.MkdirAll(dir, fs.ModeDir); err != nil { return err } } @@ -162,7 +162,7 @@ func backupAction(ctx *cli.Context) error { fmt.Println(out.String()) } else { // Write output to file. - if err := os.WriteFile(indexFileName, []byte(out.String()), os.ModePerm); err != nil { + if err := os.WriteFile(indexFileName, []byte(out.String()), fs.ModeFile); err != nil { return err } } diff --git a/internal/config/config.go b/internal/config/config.go index 73291c7cd..42e25d22a 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -284,11 +284,11 @@ func (c *Config) initSerial() (err error) { storageName := filepath.Join(c.StoragePath(), serialName) backupName := filepath.Join(c.BackupPath(), serialName) - if err = os.WriteFile(storageName, []byte(c.serial), os.ModePerm); err != nil { + if err = os.WriteFile(storageName, []byte(c.serial), fs.ModeFile); err != nil { return fmt.Errorf("could not create %s: %s", storageName, err) } - if err = os.WriteFile(backupName, []byte(c.serial), os.ModePerm); err != nil { + if err = os.WriteFile(backupName, []byte(c.serial), fs.ModeFile); err != nil { return fmt.Errorf("could not create %s: %s", backupName, err) } diff --git a/internal/config/config_filepaths.go b/internal/config/config_filepaths.go index 78df64967..801c9ece1 100644 --- a/internal/config/config_filepaths.go +++ b/internal/config/config_filepaths.go @@ -79,109 +79,109 @@ func (c *Config) CreateDirectories() error { if c.AssetsPath() == "" { return notFoundError("assets") - } else if err := os.MkdirAll(c.AssetsPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.AssetsPath(), fs.ModeDir); err != nil { return createError(c.AssetsPath(), err) } if c.StoragePath() == "" { return notFoundError("storage") - } else if err := os.MkdirAll(c.StoragePath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.StoragePath(), fs.ModeDir); err != nil { return createError(c.StoragePath(), err) } if c.UsersPath() == "" { return notFoundError("users") - } else if err := os.MkdirAll(c.UsersPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.UsersPath(), fs.ModeDir); err != nil { return createError(c.UsersPath(), err) } if c.CmdCachePath() == "" { return notFoundError("cmd cache") - } else if err := os.MkdirAll(c.CmdCachePath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.CmdCachePath(), fs.ModeDir); err != nil { return createError(c.CmdCachePath(), err) } if c.BackupPath() == "" { return notFoundError("backup") - } else if err := os.MkdirAll(c.BackupPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.BackupPath(), fs.ModeDir); err != nil { return createError(c.BackupPath(), err) } if c.OriginalsPath() == "" { return notFoundError("originals") - } else if err := os.MkdirAll(c.OriginalsPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.OriginalsPath(), fs.ModeDir); err != nil { return createError(c.OriginalsPath(), err) } if c.ImportPath() == "" { return notFoundError("import") - } else if err := os.MkdirAll(c.ImportPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.ImportPath(), fs.ModeDir); err != nil { return createError(c.ImportPath(), err) } if filepath.IsAbs(c.SidecarPath()) { - if err := os.MkdirAll(c.SidecarPath(), os.ModePerm); err != nil { + if err := os.MkdirAll(c.SidecarPath(), fs.ModeDir); err != nil { return createError(c.SidecarPath(), err) } } if c.CachePath() == "" { return notFoundError("cache") - } else if err := os.MkdirAll(c.CachePath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.CachePath(), fs.ModeDir); err != nil { return createError(c.CachePath(), err) } if c.ThumbCachePath() == "" { return notFoundError("thumbs") - } else if err := os.MkdirAll(c.ThumbCachePath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.ThumbCachePath(), fs.ModeDir); err != nil { return createError(c.ThumbCachePath(), err) } if c.ConfigPath() == "" { return notFoundError("config") - } else if err := os.MkdirAll(c.ConfigPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.ConfigPath(), fs.ModeDir); err != nil { return createError(c.ConfigPath(), err) } if c.CertificatesPath() == "" { return notFoundError("certificates") - } else if err := os.MkdirAll(c.CertificatesPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.CertificatesPath(), fs.ModeDir); err != nil { return createError(c.CertificatesPath(), err) } if c.TempPath() == "" { return notFoundError("temp") - } else if err := os.MkdirAll(c.TempPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.TempPath(), fs.ModeDir); err != nil { return createError(c.TempPath(), err) } if c.AlbumsPath() == "" { return notFoundError("albums") - } else if err := os.MkdirAll(c.AlbumsPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.AlbumsPath(), fs.ModeDir); err != nil { return createError(c.AlbumsPath(), err) } if c.TensorFlowModelPath() == "" { return notFoundError("tensorflow model") - } else if err := os.MkdirAll(c.TensorFlowModelPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.TensorFlowModelPath(), fs.ModeDir); err != nil { return createError(c.TensorFlowModelPath(), err) } if c.BuildPath() == "" { return notFoundError("build") - } else if err := os.MkdirAll(c.BuildPath(), os.ModePerm); err != nil { + } else if err := os.MkdirAll(c.BuildPath(), fs.ModeDir); err != nil { return createError(c.BuildPath(), err) } if filepath.Dir(c.PIDFilename()) == "" { return notFoundError("pid file") - } else if err := os.MkdirAll(filepath.Dir(c.PIDFilename()), os.ModePerm); err != nil { + } else if err := os.MkdirAll(filepath.Dir(c.PIDFilename()), fs.ModeDir); err != nil { return createError(filepath.Dir(c.PIDFilename()), err) } if filepath.Dir(c.LogFilename()) == "" { return notFoundError("log file") - } else if err := os.MkdirAll(filepath.Dir(c.LogFilename()), os.ModePerm); err != nil { + } else if err := os.MkdirAll(filepath.Dir(c.LogFilename()), fs.ModeDir); err != nil { return createError(filepath.Dir(c.LogFilename()), err) } @@ -323,7 +323,7 @@ func (c *Config) UserPath(userUid string) string { dir := filepath.Join(c.UsersPath(), userUid) - if err := os.MkdirAll(dir, os.ModePerm); err != nil { + if err := os.MkdirAll(dir, fs.ModeDir); err != nil { return "" } @@ -338,7 +338,7 @@ func (c *Config) UserUploadPath(userUid, token string) (string, error) { dir := filepath.Join(c.UserPath(userUid), "upload", clean.Token(token)) - if err := os.MkdirAll(dir, os.ModePerm); err != nil { + if err := os.MkdirAll(dir, fs.ModeDir); err != nil { return "", err } @@ -377,7 +377,7 @@ func (c *Config) tempPath() string { if c.options.TempPath != "" { if dir := fs.Abs(c.options.TempPath); dir == "" { // Ignore. - } else if err := os.MkdirAll(dir, os.ModePerm); err != nil { + } else if err := os.MkdirAll(dir, fs.ModeDir); err != nil { // Ignore. } else if fs.PathWritable(dir) { return dir @@ -387,7 +387,7 @@ func (c *Config) tempPath() string { // Find alternative temp path based on storage serial checksum. if dir := filepath.Join(osTempDir, "photoprism_"+c.SerialChecksum()); dir == "" { // Ignore. - } else if err := os.MkdirAll(dir, os.ModePerm); err != nil { + } else if err := os.MkdirAll(dir, fs.ModeDir); err != nil { // Ignore. } else if fs.PathWritable(dir) { return dir @@ -396,7 +396,7 @@ func (c *Config) tempPath() string { // Find alternative temp path based on built-in TempDir() function. if dir, err := ioutil.TempDir(osTempDir, "photoprism_"); err != nil || dir == "" { // Ignore. - } else if err = os.MkdirAll(dir, os.ModePerm); err != nil { + } else if err = os.MkdirAll(dir, fs.ModeDir); err != nil { // Ignore. } else if fs.PathWritable(dir) { return dir diff --git a/internal/config/config_raw.go b/internal/config/config_raw.go index ad241bb73..8a1f60334 100644 --- a/internal/config/config_raw.go +++ b/internal/config/config_raw.go @@ -42,7 +42,7 @@ func (c *Config) CreateDarktableCachePath() (string, error) { if cachePath == "" { return "", nil - } else if err := os.MkdirAll(cachePath, os.ModePerm); err != nil { + } else if err := os.MkdirAll(cachePath, fs.ModeDir); err != nil { return cachePath, err } else { c.options.DarktableCachePath = cachePath @@ -57,7 +57,7 @@ func (c *Config) CreateDarktableConfigPath() (string, error) { if configPath == "" { return "", nil - } else if err := os.MkdirAll(configPath, os.ModePerm); err != nil { + } else if err := os.MkdirAll(configPath, fs.ModeDir); err != nil { return configPath, err } else { c.options.DarktableConfigPath = configPath diff --git a/internal/config/test.go b/internal/config/test.go index afcb50102..91716560c 100644 --- a/internal/config/test.go +++ b/internal/config/test.go @@ -165,7 +165,7 @@ func NewTestConfig(pkg string) *Config { s := customize.NewSettings(c.DefaultTheme(), c.DefaultLocale()) - if err := os.MkdirAll(c.ConfigPath(), os.ModePerm); err != nil { + if err := os.MkdirAll(c.ConfigPath(), fs.ModeDir); err != nil { log.Fatalf("config: %s", err.Error()) } diff --git a/internal/customize/settings.go b/internal/customize/settings.go index e88154a6c..d2518fa3a 100644 --- a/internal/customize/settings.go +++ b/internal/customize/settings.go @@ -154,7 +154,7 @@ func (s *Settings) Save(fileName string) error { s.Propagate() - if err := os.WriteFile(fileName, data, os.ModePerm); err != nil { + if err := os.WriteFile(fileName, data, fs.ModeFile); err != nil { return err } diff --git a/internal/customize/testdata/settings.yml b/internal/customize/testdata/settings.yml index 0df759fc8..5e6d69edb 100755 --- a/internal/customize/testdata/settings.yml +++ b/internal/customize/testdata/settings.yml @@ -8,7 +8,7 @@ Search: BatchSize: 0 Maps: Animate: 0 - Style: streets + Style: "" Features: Account: true Advanced: false diff --git a/internal/entity/album_yaml.go b/internal/entity/album_yaml.go index 63b47a455..ab43a31da 100644 --- a/internal/entity/album_yaml.go +++ b/internal/entity/album_yaml.go @@ -30,7 +30,7 @@ func (m *Album) SaveAsYaml(fileName string) error { } // Make sure directory exists. - if err := os.MkdirAll(filepath.Dir(fileName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(fileName), fs.ModeDir); err != nil { return err } @@ -38,7 +38,7 @@ func (m *Album) SaveAsYaml(fileName string) error { defer albumYamlMutex.Unlock() // Write YAML data to file. - if err := os.WriteFile(fileName, data, os.ModePerm); err != nil { + if err := os.WriteFile(fileName, data, fs.ModeFile); err != nil { return err } diff --git a/internal/entity/photo_yaml.go b/internal/entity/photo_yaml.go index aed175183..223bcb9a9 100644 --- a/internal/entity/photo_yaml.go +++ b/internal/entity/photo_yaml.go @@ -34,7 +34,7 @@ func (m *Photo) SaveAsYaml(fileName string) error { } // Make sure directory exists. - if err := os.MkdirAll(filepath.Dir(fileName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(fileName), fs.ModeDir); err != nil { return err } @@ -42,7 +42,7 @@ func (m *Photo) SaveAsYaml(fileName string) error { defer photoYamlMutex.Unlock() // Write YAML data to file. - if err := os.WriteFile(fileName, data, os.ModePerm); err != nil { + if err := os.WriteFile(fileName, data, fs.ModeFile); err != nil { return err } diff --git a/internal/hub/config.go b/internal/hub/config.go index e63f83b32..911a43639 100644 --- a/internal/hub/config.go +++ b/internal/hub/config.go @@ -153,7 +153,7 @@ func (c *Config) Resync(token string) (err error) { mutex.Lock() defer mutex.Unlock() - if err := os.MkdirAll(filepath.Dir(c.FileName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(c.FileName), fs.ModeDir); err != nil { return err } @@ -275,11 +275,11 @@ func (c *Config) Save() error { c.Propagate() - if err := os.MkdirAll(filepath.Dir(c.FileName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(c.FileName), fs.ModeDir); err != nil { return err } - if err := os.WriteFile(c.FileName, data, os.ModePerm); err != nil { + if err := os.WriteFile(c.FileName, data, fs.ModeFile); err != nil { return err } diff --git a/internal/photoprism/convert_jpeg.go b/internal/photoprism/convert_jpeg.go index 42879d03d..679ff92ae 100644 --- a/internal/photoprism/convert_jpeg.go +++ b/internal/photoprism/convert_jpeg.go @@ -133,7 +133,7 @@ func (c *Convert) ToJpeg(f *MediaFile, force bool) (*MediaFile, error) { break } else if res := out.Bytes(); len(res) < 512 || !mimetype.Detect(res).Is(fs.MimeTypeJpeg) { continue - } else if err = os.WriteFile(jpegName, res, os.ModePerm); err != nil { + } else if err = os.WriteFile(jpegName, res, fs.ModeFile); err != nil { log.Tracef("convert: %s (%s)", err, filepath.Base(cmd.Path)) continue } else { diff --git a/internal/photoprism/convert_json.go b/internal/photoprism/convert_json.go index ceb945a72..b710fe349 100644 --- a/internal/photoprism/convert_json.go +++ b/internal/photoprism/convert_json.go @@ -52,7 +52,7 @@ func (c *Convert) ToJson(f *MediaFile) (jsonName string, err error) { } // Write output to file. - if err := os.WriteFile(jsonName, []byte(out.String()), os.ModePerm); err != nil { + if err := os.WriteFile(jsonName, []byte(out.String()), fs.ModeFile); err != nil { return "", err } diff --git a/internal/photoprism/import_worker.go b/internal/photoprism/import_worker.go index 93b196e30..dda1a3636 100644 --- a/internal/photoprism/import_worker.go +++ b/internal/photoprism/import_worker.go @@ -70,7 +70,7 @@ func ImportWorker(jobs <-chan ImportJob) { if fs.PathExists(destDir) { // Do nothing. - } else if err := os.MkdirAll(destDir, os.ModePerm); err != nil { + } else if err := os.MkdirAll(destDir, fs.ModeDir); err != nil { log.Errorf("import: failed creating folder for %s (%s)", clean.Log(f.BaseName()), err.Error()) } else { destDirRel := fs.RelName(destDir, imp.originalsPath()) diff --git a/internal/photoprism/mediafile.go b/internal/photoprism/mediafile.go index f9c844913..a3d22a6fb 100644 --- a/internal/photoprism/mediafile.go +++ b/internal/photoprism/mediafile.go @@ -641,7 +641,7 @@ func (m *MediaFile) HasSameName(f *MediaFile) bool { // Move file to a new destination with the filename provided in parameter. func (m *MediaFile) Move(dest string) error { - if err := os.MkdirAll(filepath.Dir(dest), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(dest), fs.ModeDir); err != nil { return err } @@ -668,7 +668,7 @@ func (m *MediaFile) Move(dest string) error { // Copy a MediaFile to another file by destinationFilename. func (m *MediaFile) Copy(dest string) error { - if err := os.MkdirAll(filepath.Dir(dest), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(dest), fs.ModeDir); err != nil { return err } @@ -684,7 +684,7 @@ func (m *MediaFile) Copy(dest string) error { defer thisFile.Close() - destFile, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, os.ModePerm) + destFile, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, fs.ModeFile) if err != nil { log.Error(err.Error()) diff --git a/internal/photoprism/mediafile_test.go b/internal/photoprism/mediafile_test.go index c38d0e252..5e4fd1594 100644 --- a/internal/photoprism/mediafile_test.go +++ b/internal/photoprism/mediafile_test.go @@ -970,7 +970,7 @@ func TestMediaFile_Move(t *testing.T) { origName := tmpPath + "/original.jpg" destName := tmpPath + "/destination.jpg" - if err := os.MkdirAll(tmpPath, os.ModePerm); err != nil { + if err := os.MkdirAll(tmpPath, fs.ModeDir); err != nil { t.Fatal(err) } @@ -1006,7 +1006,7 @@ func TestMediaFile_Copy(t *testing.T) { tmpPath := conf.CachePath() + "/_tmp/TestMediaFile_Copy" - if err := os.MkdirAll(tmpPath, os.ModePerm); err != nil { + if err := os.MkdirAll(tmpPath, fs.ModeDir); err != nil { t.Fatal(err) } @@ -2359,7 +2359,7 @@ func TestMediaFile_RenameSidecarFiles(t *testing.T) { t.Fatal(err) } - if err := os.MkdirAll(filepath.Join(conf.SidecarPath(), "foo"), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Join(conf.SidecarPath(), "foo"), fs.ModeDir); err != nil { t.Fatal(err) } diff --git a/internal/remote/webdav/webdav.go b/internal/remote/webdav/webdav.go index 822c30aa0..217477460 100644 --- a/internal/remote/webdav/webdav.go +++ b/internal/remote/webdav/webdav.go @@ -193,7 +193,7 @@ func (c Client) Download(from, to string, force bool) (err error) { if err != nil { // Create local storage path. - if err := os.MkdirAll(dir, os.ModePerm); err != nil { + if err := os.MkdirAll(dir, fs.ModeDir); err != nil { return fmt.Errorf("webdav: cannot create folder %s (%s)", clean.Log(dir), err) } } else if !dirInfo.IsDir() { @@ -212,7 +212,7 @@ func (c Client) Download(from, to string, force bool) (err error) { } // Write data to file and return. - return os.WriteFile(to, bytes, os.ModePerm) + return os.WriteFile(to, bytes, fs.ModeFile) } // DownloadDir downloads all files from a remote to a local directory. @@ -261,7 +261,7 @@ func (c Client) CreateDir(dir string) error { return nil } - return c.client.MkdirAll(dir, os.ModePerm) + return c.client.MkdirAll(dir, fs.ModeDir) } // Upload uploads a single file to the remote server. @@ -282,7 +282,7 @@ func (c Client) Upload(from, to string) (err error) { _ = file.Close() }(file) - return c.client.WriteStream(to, file, os.ModePerm) + return c.client.WriteStream(to, file, fs.ModeFile) } // Delete deletes a single file or directory on a remote server. diff --git a/internal/server/routes_webdav.go b/internal/server/routes_webdav.go index 64dfa550c..65a02399c 100644 --- a/internal/server/routes_webdav.go +++ b/internal/server/routes_webdav.go @@ -129,13 +129,13 @@ func MarkUploadAsFavorite(fileName string) { } // Make sure directory exists. - if err := os.MkdirAll(filepath.Dir(yamlName), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(yamlName), fs.ModeDir); err != nil { log.Errorf("webdav: %s", err.Error()) return } // Write YAML data to file. - if err := os.WriteFile(yamlName, []byte("Favorite: true\n"), os.ModePerm); err != nil { + if err := os.WriteFile(yamlName, []byte("Favorite: true\n"), fs.ModeFile); err != nil { log.Errorf("webdav: %s", err.Error()) return } diff --git a/internal/thumb/create.go b/internal/thumb/create.go index c52643b6c..5c1a3dc6b 100644 --- a/internal/thumb/create.go +++ b/internal/thumb/create.go @@ -45,7 +45,7 @@ func FileName(hash, thumbPath string, width, height int, opts ...ResampleOption) suffix := Suffix(width, height, opts...) p := path.Join(thumbPath, hash[0:1], hash[1:2], hash[2:3]) - if err := os.MkdirAll(p, os.ModePerm); err != nil { + if err := os.MkdirAll(p, fs.ModeDir); err != nil { return "", err } diff --git a/pkg/fs/cache.go b/pkg/fs/cache.go index fdf970b67..03cc8f334 100644 --- a/pkg/fs/cache.go +++ b/pkg/fs/cache.go @@ -19,7 +19,7 @@ func CachePath(basePath, fileHash, namespace string, create bool) (cachePath str cachePath = path.Join(basePath, namespace, fileHash[0:1], fileHash[1:2], fileHash[2:3]) if create { - if err := os.MkdirAll(cachePath, os.ModePerm); err != nil { + if err := os.MkdirAll(cachePath, ModeDir); err != nil { return "", err } } diff --git a/pkg/fs/case.go b/pkg/fs/case.go index 55db04917..4c4f1d6cb 100644 --- a/pkg/fs/case.go +++ b/pkg/fs/case.go @@ -10,7 +10,7 @@ import ( func CaseInsensitive(storagePath string) (result bool, err error) { tmpName := filepath.Join(storagePath, ".caseTest.tmp") - if err = os.WriteFile(tmpName, []byte("{}"), os.ModePerm); err != nil { + if err = os.WriteFile(tmpName, []byte("{}"), ModeFile); err != nil { return false, fmt.Errorf("%s not writable", filepath.Base(storagePath)) } diff --git a/pkg/fs/copy.go b/pkg/fs/copy.go index 4804d2e8a..a5ae4b379 100644 --- a/pkg/fs/copy.go +++ b/pkg/fs/copy.go @@ -15,7 +15,7 @@ func Copy(src, dest string) (err error) { } }() - if err := os.MkdirAll(filepath.Dir(dest), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(dest), ModeDir); err != nil { return err } @@ -27,7 +27,7 @@ func Copy(src, dest string) (err error) { defer thisFile.Close() - destFile, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, os.ModePerm) + destFile, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, ModeFile) if err != nil { return err diff --git a/pkg/fs/fs.go b/pkg/fs/fs.go index 0294e8735..db0b8466f 100644 --- a/pkg/fs/fs.go +++ b/pkg/fs/fs.go @@ -147,7 +147,7 @@ func copyToFile(f *zip.File, dest string) (fileName string, err error) { if f.FileInfo().IsDir() { // Make Folder - return fileName, os.MkdirAll(fileName, os.ModePerm) + return fileName, os.MkdirAll(fileName, ModeDir) } // Make File @@ -157,7 +157,7 @@ func copyToFile(f *zip.File, dest string) (fileName string, err error) { fdir = fileName[:lastIndex] } - err = os.MkdirAll(fdir, os.ModePerm) + err = os.MkdirAll(fdir, ModeDir) if err != nil { return fileName, err } @@ -179,7 +179,7 @@ func copyToFile(f *zip.File, dest string) (fileName string, err error) { // Download downloads a file from a URL. func Download(filepath string, url string) error { - os.MkdirAll("/tmp/photoprism", os.ModePerm) + os.MkdirAll("/tmp/photoprism", ModeDir) // Create the file out, err := os.Create(filepath) diff --git a/pkg/fs/mode.go b/pkg/fs/mode.go new file mode 100644 index 000000000..c1765f163 --- /dev/null +++ b/pkg/fs/mode.go @@ -0,0 +1,8 @@ +package fs + +import "os" + +var ( + ModeDir os.FileMode = 0o777 + ModeFile os.FileMode = 0o666 +) diff --git a/pkg/fs/move.go b/pkg/fs/move.go index 7f9f00b52..52256bf19 100644 --- a/pkg/fs/move.go +++ b/pkg/fs/move.go @@ -14,7 +14,7 @@ func Move(src, dest string) (err error) { } }() - if err := os.MkdirAll(filepath.Dir(dest), os.ModePerm); err != nil { + if err := os.MkdirAll(filepath.Dir(dest), ModeDir); err != nil { return err } diff --git a/pkg/fs/name.go b/pkg/fs/name.go index a22579e1a..6213bd5a0 100644 --- a/pkg/fs/name.go +++ b/pkg/fs/name.go @@ -21,7 +21,7 @@ func FileName(fileName, dirName, baseDir, fileExt string) string { } } - if err := os.MkdirAll(dirName, os.ModePerm); err != nil { + if err := os.MkdirAll(dirName, ModeDir); err != nil { fmt.Println(err.Error()) return "" } diff --git a/pkg/fs/resolve_test.go b/pkg/fs/resolve_test.go index e9b37c6ab..cf6bd4394 100644 --- a/pkg/fs/resolve_test.go +++ b/pkg/fs/resolve_test.go @@ -23,7 +23,7 @@ func TestResolve(t *testing.T) { }(linkName, targetName) // Create empty test target file. - if targetFile, err := os.OpenFile(targetName, os.O_RDONLY|os.O_CREATE, os.ModePerm); err != nil { + if targetFile, err := os.OpenFile(targetName, os.O_RDONLY|os.O_CREATE, ModeFile); err != nil { t.Fatal(err) } else if err = targetFile.Close(); err != nil { t.Fatal(err) diff --git a/pkg/fs/symlink.go b/pkg/fs/symlink.go index 4d8ad4418..6098ba4e6 100644 --- a/pkg/fs/symlink.go +++ b/pkg/fs/symlink.go @@ -19,7 +19,7 @@ func SymlinksSupported(storagePath string) (bool, error) { }(linkName, targetName) // Create empty test target file. - if targetFile, err := os.OpenFile(targetName, os.O_RDONLY|os.O_CREATE, os.ModePerm); err != nil { + if targetFile, err := os.OpenFile(targetName, os.O_RDONLY|os.O_CREATE, ModeFile); err != nil { return false, err } else if err = targetFile.Close(); err != nil { return false, err