From 3eb3488c624a29fe620c28440ecd8edc742fdd9b Mon Sep 17 00:00:00 2001
From: Filipp Lepalaan <f@230.to>
Date: Mon, 2 Jun 2014 21:06:17 +0300
Subject: Initial commit

---
 server.rb | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 75 insertions(+)
 create mode 100755 server.rb

(limited to 'server.rb')

diff --git a/server.rb b/server.rb
new file mode 100755
index 0000000..d4c25cf
--- /dev/null
+++ b/server.rb
@@ -0,0 +1,75 @@
+#! /usr/bin/env ruby -w
+
+require "logger"
+require "digest"
+require "sqlite3"
+require "sinatra"
+require "netaddr"
+
+ALLOW_USERS = {:filipp => '1234', :user1 => '1234'}
+ALLOW_UPLOADS_FROM = NetAddr::CIDR.create("10.11.0.0/24")
+ALLOW_DOWNLOADS_FROM = NetAddr::CIDR.create("0.0.0.0/0")
+
+log = Logger.new(STDOUT)
+log.level = Logger::DEBUG
+db = SQLite3::Database.new("dropship.db")
+
+class Shipment
+    def upload
+    end
+    def download
+    end
+end
+
+
+get '/get/:hash' do |h|
+    unless ALLOW_DOWNLOADS_FROM.contains?(request.ip)
+        status 403
+        return "You are not allowed to download from here"
+    end
+    found = false
+    db.results_as_hash = true
+    db.execute( "SELECT * FROM uploads WHERE hash = ?", [h] ) do |row|
+        found = true
+        send_file "uploads/#{row['hash']}.data", :type => :pdf, :filename => row['filename']
+        db.execute( "INSERT INTO downloads (hash, ts) VALUES (?, DATETIME())", [h] )
+    end
+    unless found
+        status 404
+        return "The requested file was not found on this server."
+    end
+end
+
+post '/upload' do
+    unless ALLOW_UPLOADS_FROM.contains?(request.ip)
+        status 403
+        return "You are not allowed to upload here"
+    end
+
+    fd = params['file'][:tempfile].read
+    hash = Digest::SHA256.new.update(fd).to_s
+    path = "uploads/#{hash}.data"
+
+    if File.exists? path
+        return "This file has already been uploaded"
+    end
+
+    File.open(path, "w") do |f|
+        f.write(fd)
+    end
+
+    db.execute("INSERT INTO uploads (sender, hash, filename, ts) VALUES (?, ?, ?, DATETIME())",
+        [request.ip, hash, params['file'][:filename]])
+
+    return "The file was successfully uploaded!"
+end
+
+get '/' do
+    unless ALLOW_DOWNLOADS_FROM.contains?(request.ip)
+        status 403
+        return "You are not allowed to browse here"
+    end
+    db.results_as_hash = true
+    @files = db.execute("SELECT * FROM uploads")
+    erb :index
+end
-- 
cgit v1.2.3