diff --git a/server/WebApi.cpp b/server/WebApi.cpp index b2c6bfdc..fd27dc13 100755 --- a/server/WebApi.cpp +++ b/server/WebApi.cpp @@ -2379,7 +2379,7 @@ void installWebApi() { // 校验secret成功,文件下载鉴权成功 file_invoker("", "", 0); } catch (...) { - bool flag = NOTICE_EMIT(BroadcastHttpAccessArgs, Broadcast::kBroadcastHttpAccess, allArgs.parser, file_path, false, file_invoker, sender); + bool flag = NOTICE_EMIT(BroadcastHttpAccessArgs, Broadcast::kBroadcastHttpAccess, allArgs.parser, allArgs.parser.url(), file_path, false, file_invoker, sender); if (!flag) { // 文件下载鉴权事件无人监听,不允许下载 [AUTO-TRANSLATED:5e02f0ce] // No one is listening to the file download authentication event, download is not allowed diff --git a/server/WebHook.cpp b/server/WebHook.cpp index 7e6c19eb..5ecdc9fe 100755 --- a/server/WebHook.cpp +++ b/server/WebHook.cpp @@ -783,7 +783,7 @@ void installWebHook() { // The purpose of tracking users is to cache the last authentication result, reduce the number of authentication times, and improve performance NoticeCenter::Instance().addListener(&web_hook_tag, Broadcast::kBroadcastHttpAccess, [](BroadcastHttpAccessArgs) { #if defined(ENABLE_PYTHON) - if (PythonInvoker::Instance().on_http_access(parser, path, is_dir, invoker, sender)) { + if (PythonInvoker::Instance().on_http_access(parser, path, file_path, is_dir, invoker, sender)) { return; } #endif @@ -806,6 +806,7 @@ void installWebHook() { body["port"] = sender.get_peer_port(); body["id"] = sender.getIdentifier(); body["path"] = path; + body["file_path"] = file_path; body["is_dir"] = is_dir; body["params"] = parser.params(); for (auto &pr : parser.getHeader()) { diff --git a/server/pyinvoker.cpp b/server/pyinvoker.cpp index 451bd3c8..23348e90 100644 --- a/server/pyinvoker.cpp +++ b/server/pyinvoker.cpp @@ -692,7 +692,7 @@ bool PythonInvoker::on_http_access(BroadcastHttpAccessArgs) const { if (!_on_http_access) { return false; } - return _on_http_access(to_python_ref(parser), path, is_dir, to_python(invoker), to_python(sender)).cast(); + return _on_http_access(to_python_ref(parser), path, file_path, is_dir, to_python(invoker), to_python(sender)).cast(); } bool PythonInvoker::on_rtp_server_timeout(BroadcastRtpServerTimeoutArgs) const { diff --git a/src/Common/config.h b/src/Common/config.h index 646628fa..4ee4c76e 100644 --- a/src/Common/config.h +++ b/src/Common/config.h @@ -60,7 +60,7 @@ extern const std::string kBroadcastHttpRequest; // 在http文件服务器中,收到http访问文件或目录的广播,通过该事件控制访问http目录的权限 [AUTO-TRANSLATED:2de426b4] // In the http file server, broadcast for receiving http access to files or directories. Control access permissions to the http directory through this event. extern const std::string kBroadcastHttpAccess; -#define BroadcastHttpAccessArgs const Parser &parser, const std::string &path, const bool &is_dir, const HttpSession::HttpAccessPathInvoker &invoker, toolkit::SockInfo &sender +#define BroadcastHttpAccessArgs const Parser &parser, const std::string &path, const std::string &file_path, const bool &is_dir, const HttpSession::HttpAccessPathInvoker &invoker, toolkit::SockInfo &sender // 在http文件服务器中,收到http访问文件或目录前的广播,通过该事件可以控制http url到文件路径的映射 [AUTO-TRANSLATED:0294d0c5] // In the http file server, broadcast before receiving http access to files or directories. Control the mapping from http url to file path through this event. diff --git a/src/Http/HttpFileManager.cpp b/src/Http/HttpFileManager.cpp index 3247eb12..a659cadf 100644 --- a/src/Http/HttpFileManager.cpp +++ b/src/Http/HttpFileManager.cpp @@ -338,7 +338,7 @@ static std::string getUidFromParams(const string ¶ms) { * [AUTO-TRANSLATED:dfc0f15f] */ -static void canAccessPath(Session &sender, const Parser &parser, const MediaInfo &media_info, bool is_dir, +static void canAccessPath(Session &sender, const Parser &parser, const MediaInfo &media_info, const std::string &file_path, bool is_dir, const function &callback) { // 获取用户唯一id [AUTO-TRANSLATED:5b1cf4bf] // Get the user's unique id @@ -443,7 +443,7 @@ static void canAccessPath(Session &sender, const Parser &parser, const MediaInfo // 事件未被拦截,则认为是http下载请求 [AUTO-TRANSLATED:7d449ccc] // The event was not intercepted, it is considered an http download request - bool flag = NOTICE_EMIT(BroadcastHttpAccessArgs, Broadcast::kBroadcastHttpAccess, parser, path, is_dir, accessPathInvoker, sender); + bool flag = NOTICE_EMIT(BroadcastHttpAccessArgs, Broadcast::kBroadcastHttpAccess, parser, path, file_path, is_dir, accessPathInvoker, sender); if (!flag) { // 此事件无人监听,我们默认都有权限访问 [AUTO-TRANSLATED:e1524c0f] // No one is listening to this event, we assume that everyone has permission to access it by default @@ -510,7 +510,7 @@ static void accessFile(Session &sender, const Parser &parser, const MediaInfo &m weak_ptr weakSession = static_pointer_cast(sender.shared_from_this()); // 判断是否有权限访问该文件 [AUTO-TRANSLATED:b7f595f5] // Determine whether you have permission to access this file - canAccessPath(sender, parser, media_info, false, [cb, file_path, parser, is_hls, media_info, weakSession](const string &err_msg, const HttpServerCookie::Ptr &cookie) { + canAccessPath(sender, parser, media_info, file_path, false, [cb, file_path, parser, is_hls, media_info, weakSession](const string &err_msg, const HttpServerCookie::Ptr &cookie) { auto strongSession = weakSession.lock(); if (!strongSession) { // http客户端已经断开,不需要回复 [AUTO-TRANSLATED:9a252e21] @@ -717,7 +717,7 @@ void HttpFileManager::onAccessPath(Session &sender, Parser &parser, const HttpFi } // 判断是否有权限访问该目录 [AUTO-TRANSLATED:963d02a6] // Determine if there is permission to access this directory - canAccessPath(sender, parser, media_info, true, [strMenu, cb](const string &err_msg, const HttpServerCookie::Ptr &cookie) mutable{ + canAccessPath(sender, parser, media_info, file_path, true, [strMenu, cb](const string &err_msg, const HttpServerCookie::Ptr &cookie) mutable{ if (!err_msg.empty()) { strMenu = err_msg; }