diff options
| author | Filipp Lepalaan <f@230.to> | 2014-06-02 21:06:17 +0300 |
|---|---|---|
| committer | Filipp Lepalaan <f@230.to> | 2014-06-02 21:06:17 +0300 |
| commit | 3eb3488c624a29fe620c28440ecd8edc742fdd9b (patch) | |
| tree | 5ac7fc43009504930579842a812d003029f3f002 /server.rb | |
| download | dropship.wiki-3eb3488c624a29fe620c28440ecd8edc742fdd9b.tar.gz dropship.wiki-3eb3488c624a29fe620c28440ecd8edc742fdd9b.tar.bz2 dropship.wiki-3eb3488c624a29fe620c28440ecd8edc742fdd9b.zip | |
Diffstat (limited to 'server.rb')
| -rwxr-xr-x | server.rb | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/server.rb b/server.rb new file mode 100755 index 0000000..d4c25cf --- /dev/null +++ b/server.rb @@ -0,0 +1,75 @@ +#! /usr/bin/env ruby -w + +require "logger" +require "digest" +require "sqlite3" +require "sinatra" +require "netaddr" + +ALLOW_USERS = {:filipp => '1234', :user1 => '1234'} +ALLOW_UPLOADS_FROM = NetAddr::CIDR.create("10.11.0.0/24") +ALLOW_DOWNLOADS_FROM = NetAddr::CIDR.create("0.0.0.0/0") + +log = Logger.new(STDOUT) +log.level = Logger::DEBUG +db = SQLite3::Database.new("dropship.db") + +class Shipment + def upload + end + def download + end +end + + +get '/get/:hash' do |h| + unless ALLOW_DOWNLOADS_FROM.contains?(request.ip) + status 403 + return "You are not allowed to download from here" + end + found = false + db.results_as_hash = true + db.execute( "SELECT * FROM uploads WHERE hash = ?", [h] ) do |row| + found = true + send_file "uploads/#{row['hash']}.data", :type => :pdf, :filename => row['filename'] + db.execute( "INSERT INTO downloads (hash, ts) VALUES (?, DATETIME())", [h] ) + end + unless found + status 404 + return "The requested file was not found on this server." + end +end + +post '/upload' do + unless ALLOW_UPLOADS_FROM.contains?(request.ip) + status 403 + return "You are not allowed to upload here" + end + + fd = params['file'][:tempfile].read + hash = Digest::SHA256.new.update(fd).to_s + path = "uploads/#{hash}.data" + + if File.exists? path + return "This file has already been uploaded" + end + + File.open(path, "w") do |f| + f.write(fd) + end + + db.execute("INSERT INTO uploads (sender, hash, filename, ts) VALUES (?, ?, ?, DATETIME())", + [request.ip, hash, params['file'][:filename]]) + + return "The file was successfully uploaded!" +end + +get '/' do + unless ALLOW_DOWNLOADS_FROM.contains?(request.ip) + status 403 + return "You are not allowed to browse here" + end + db.results_as_hash = true + @files = db.execute("SELECT * FROM uploads") + erb :index +end |