diff --git a/server/controllers/down.go b/server/controllers/down.go index 2c1888a8..878f8f2c 100644 --- a/server/controllers/down.go +++ b/server/controllers/down.go @@ -2,6 +2,7 @@ package controllers import ( "github.com/Xhofe/alist/alidrive" + "github.com/Xhofe/alist/conf" "github.com/Xhofe/alist/server/models" "github.com/Xhofe/alist/utils" "github.com/gin-gonic/gin" @@ -14,8 +15,12 @@ type DownReq struct { Password string `form:"pw"` } -// handle download request +// Down handle download request func Down(c *gin.Context) { + if !conf.Conf.Server.Download { + c.JSON(200,MetaResponse(403,"not allowed download and preview")) + return + } filePath := c.Param("path")[1:] var down DownReq if err := c.ShouldBindQuery(&down); err != nil { diff --git a/server/controllers/offie_preview.go b/server/controllers/offie_preview.go index ae5676c1..b0095d00 100644 --- a/server/controllers/offie_preview.go +++ b/server/controllers/offie_preview.go @@ -2,6 +2,7 @@ package controllers import ( "github.com/Xhofe/alist/alidrive" + "github.com/Xhofe/alist/conf" "github.com/Xhofe/alist/utils" "github.com/gin-gonic/gin" log "github.com/sirupsen/logrus" @@ -13,6 +14,10 @@ type OfficePreviewReq struct { // handle office_preview request func OfficePreview(c *gin.Context) { + if !conf.Conf.Server.Download { + c.JSON(200,MetaResponse(403,"not allowed download and preview")) + return + } drive := utils.GetDriveByName(c.Param("drive")) if drive == nil { c.JSON(200, MetaResponse(400, "drive isn't exist.")) diff --git a/server/controllers/video_preview.go b/server/controllers/video_preview.go index 42e0d479..07fc1a1a 100644 --- a/server/controllers/video_preview.go +++ b/server/controllers/video_preview.go @@ -2,6 +2,7 @@ package controllers import ( "github.com/Xhofe/alist/alidrive" + "github.com/Xhofe/alist/conf" "github.com/Xhofe/alist/utils" "github.com/gin-gonic/gin" log "github.com/sirupsen/logrus" @@ -13,6 +14,10 @@ type VideoPreviewReq struct { // VideoPreview handle video_preview request func VideoPreview(c *gin.Context) { + if !conf.Conf.Server.Download { + c.JSON(200,MetaResponse(403,"not allowed download and preview")) + return + } drive := utils.GetDriveByName(c.Param("drive")) if drive == nil { c.JSON(200, MetaResponse(400, "drive isn't exist.")) @@ -33,6 +38,10 @@ func VideoPreview(c *gin.Context) { } func VideoPreviewPlayInfo(c *gin.Context) { + if !conf.Conf.Server.Download { + c.JSON(200,MetaResponse(403,"not allowed download and preview")) + return + } drive := utils.GetDriveByName(c.Param("drive")) if drive == nil { c.JSON(200, MetaResponse(400, "drive isn't exist.")) diff --git a/server/router.go b/server/router.go index be1a834d..d597e14e 100644 --- a/server/router.go +++ b/server/router.go @@ -8,7 +8,7 @@ import ( log "github.com/sirupsen/logrus" ) -// init router +// InitRouter init router func InitRouter(engine *gin.Engine) { log.Infof("初始化路由...") engine.Use(CorsHandler()) @@ -16,11 +16,11 @@ func InitRouter(engine *gin.Engine) { engine.NoRoute(func(c *gin.Context) { c.File(conf.Conf.Server.Static + "/index.html") }) - InitApiRouter(engine, conf.Conf.Server.Download) + InitApiRouter(engine) } -// init api router -func InitApiRouter(engine *gin.Engine, download bool) { +// InitApiRouter init api router +func InitApiRouter(engine *gin.Engine) { apiV2 := engine.Group("/api") { apiV2.GET("/info", controllers.Info) @@ -29,9 +29,7 @@ func InitApiRouter(engine *gin.Engine, download bool) { apiV2.POST("/local_search", controllers.LocalSearch) apiV2.POST("/global_search", controllers.GlobalSearch) apiV2.POST("/rebuild", controllers.RebuildTree) - } - if download { apiV2.POST("/office_preview/:drive", controllers.OfficePreview) apiV2.POST("/video_preview/:drive", controllers.VideoPreview) apiV2.POST("/video_preview_play_info/:drive", controllers.VideoPreviewPlayInfo)