search

mholt / caddy-webdav

WebDAV handler module for Caddy
Apache License 2.0
198 stars 22 forks source link

Excuse me, how to set different permissions under multiple users? #27

Closed underlaw closed 2 years ago

underlaw commented 2 years ago

For example, user 1 has read, write, edit and delete permission, while user 2 has only read permission.

mholt commented 2 years ago

Depends on how you're authenticating users and such. What is your config / what have you tried so far?

underlaw commented 2 years ago

thx

:2333 { encode gzip basicauth { underlaw JDJhJDE0JDI1OUJCR3VndzBWUWtSU3ZsdVJXUGVrLzlsV0M2N3AuN2taRmkvY2ZnMlVIR1VtZnE4bjN5 test JDJhJDE0JDI1OUJCR3VndzBWUWtSU3ZsdVJXUGVrLzlsV0M2N3AuN2taRmkvY2ZnMlVIR1VtZnE4bjN5 } root * /mnt/sda1/movie

route { rewrite /webdav /webdav/ webdav /webdav/* { prefix /webdav } file_server browse } }

underlaw has read, write, edit and delete permission; test has only read permission.

how to do? thx

mholt commented 2 years ago

You could probably use something like:

@forbidWrite {
    vars http.auth.user.id test
    not method GET HEAD OPTIONS PROPFIND
}
handle @forbidWrite {
    respond "Not allowed" 403
}
handle {
    # everything else
}
underlaw commented 2 years ago

Are you talking about setting different shared folders for different users? This is different from what I want. I want the same shared folder, but different users have different permissions. Thank you

underlaw commented 2 years ago

I mean: the shared folder is /mnt/sda1/movie, undelaw has read-write permission, and test only has read permission.

mholt commented 2 years ago

No, that's disallowing writes for the user named test.

With further questions, please try asking on our forums! https://caddy.community

SoSolife commented 1 year ago

No, that's disallowing writes for the user named test.

With further questions, please try asking on our forums! https://caddy.community

But it also disallow read files from server on applications that support webdav when test remove method PROPFIND. And it retains method PROPFIND, test can delete files from server. Just want to share friends with accounts and not to modify files on server.

arichiardi commented 11 months ago

Came here to say thank you @mholt - this is the only solution that works here - I can see files but not modify them.

EDIT: ah well, adding a second user actually has got the same behavior as guest. I cannot read/write. It is a pity cause this seems the only way to do this, I'll have to ask on the forum.

with this conf:

:8080 {
    rewrite /dav /dav/

        # Thank you mholt for this solution:
        #   https://github.com/mholt/caddy-webdav/issues/27
    @noGuestsWrite {
        vars http.auth.user.id guest
        not method GET HEAD OPTIONS PROPFIND
    }
    handle @noGuestsWrite {
        respond 403
    }
    handle {
        basicauth /dav/media {
            guest <XYZ>
        }

        webdav /dav/* {
            root /srv/http/dav/All
            prefix /dav/media
        }
        file_server
    }
}