From a66af38ef2ffb0cdbbf99e1b7b6dbe53d2b8c10f Mon Sep 17 00:00:00 2001
From: midoks <midoks@163.com>
Date: Sat, 16 Feb 2019 20:40:58 +0800
Subject: [PATCH] update

---
 class/core/files_api.py   | 80 +++++++++++++++++++++++++++++++++++++--
 route/static/app/files.js | 29 +++++++-------
 2 files changed, 89 insertions(+), 20 deletions(-)

diff --git a/class/core/files_api.py b/class/core/files_api.py
index 45a16a24f..86149b401 100755
--- a/class/core/files_api.py
+++ b/class/core/files_api.py
@@ -16,8 +16,10 @@ from flask import make_response
 
 class files_api:
 
+    rPath = None
+
     def __init__(self):
-        pass
+        self.rPath = public.getRootDir() + '/recycle_bin/'
 
     ##### ----- start ----- ###
     def getBodyApi(self):
@@ -132,7 +134,7 @@ class files_api:
         return public.returnJson(True, '已将下载任务添加到队列!')
 
     def getRecycleBinApi(self):
-        rPath = public.getRootDir() + '/Recycle_bin/'
+        rPath = self.rPath
         if not os.path.exists(rPath):
             os.system('mkdir -p ' + rPath)
         data = {}
@@ -144,7 +146,7 @@ class files_api:
             try:
                 tmp = {}
                 fname = rPath + file
-                tmp1 = file.split('_bt_')
+                tmp1 = file.split('_mw_')
                 tmp2 = tmp1[len(tmp1) - 1].split('_t_')
                 tmp['rname'] = file
                 tmp['dname'] = file.replace('_mw_', '/').split('_t_')[0]
@@ -182,6 +184,42 @@ class files_api:
             public.writeLog('文件管理', '已开启回收站功能!')
             return public.returnJson(True, '已开启回收站功能!')
 
+    def reRecycleBinApi(self):
+        rPath = self.rPath
+        path = request.form.get('path', '').encode('utf-8')
+        dFile = path.replace('_mw_', '/').split('_t_')[0]
+        try:
+            import shutil
+            shutil.move(rPath + path, dFile)
+            msg = public.getInfo('移动文件[{1}]到回收站成功!', (dFile,))
+            public.writeLog('文件管理', msg)
+            return public.returnJson(True, '恢复成功!')
+        except Exception as e:
+            msg = public.getInfo('从回收站恢复[{1}]失败!', (dFile,))
+            public.writeLog('文件管理', msg)
+            return public.returnJson(False, '恢复失败!')
+
+    def delRecycleBinApi(self):
+        rPath = self.rPath
+        path = request.form.get('path', '').encode('utf-8')
+        empty = request.form.get('empty', '').encode('utf-8')
+        dFile = path.split('_t_')[0]
+
+        if not self.checkDir(path):
+            return public.returnJson(False, '敏感目录,请不要花样作死!')
+
+        os.system('which chattr && chattr -R -i ' + rPath + path)
+        if os.path.isdir(rPath + path):
+            import shutil
+            shutil.rmtree(rPath + path)
+        else:
+            os.remove(rPath + path)
+
+        tfile = path.replace('_mw_', '/').split('_t_')[0]
+        msg = public.getInfo('已彻底从回收站删除{1}!', (tfile,))
+        public.writeLog('文件管理', msg)
+        return public.returnJson(True, msg)
+
     def deleteDirApi(self):
         path = request.form.get('path', '').encode('utf-8')
         if not os.path.exists(path):
@@ -202,6 +240,40 @@ class files_api:
 
     ##### ----- end ----- ###
 
+    # 检查敏感目录
+    def checkDir(self, path):
+        path = path.replace('//', '/')
+        if path[-1:] == '/':
+            path = path[:-1]
+
+        nDirs = ('',
+                 '/',
+                 '/*',
+                 '/www',
+                 '/root',
+                 '/boot',
+                 '/bin',
+                 '/etc',
+                 '/home',
+                 '/dev',
+                 '/sbin',
+                 '/var',
+                 '/usr',
+                 '/tmp',
+                 '/sys',
+                 '/proc',
+                 '/media',
+                 '/mnt',
+                 '/opt',
+                 '/lib',
+                 '/srv',
+                 '/selinux',
+                 '/www/server',
+                 '/www/server/data',
+                 public.getRootDir())
+
+        return not path in nDirs
+
     def checkFileName(self, filename):
         # 检测文件名
         nots = ['\\', '&', '*', '|', ';']
@@ -223,7 +295,7 @@ class files_api:
 
     # 移动到回收站
     def mvRecycleBin(self, path):
-        rPath = public.getRootDir() + '/recycle_bin/'
+        rPath = self.rPath
         if not os.path.exists(rPath):
             os.system('mkdir -p ' + rPath)
 
diff --git a/route/static/app/files.js b/route/static/app/files.js
index 266e51eb7..c3b1322a1 100755
--- a/route/static/app/files.js
+++ b/route/static/app/files.js
@@ -31,7 +31,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.dirs[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.dirs[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -48,7 +48,7 @@ function recycleBin(type){
 								<td>-</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -65,7 +65,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.files[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -85,7 +85,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.dirs[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.dirs[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.dirs[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -106,7 +106,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.files[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -127,7 +127,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.files[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -150,7 +150,7 @@ function recycleBin(type){
 								<td>'+toSize(rdata.files[i].size)+'</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -171,7 +171,7 @@ function recycleBin(type){
 								<td>-</td>\
 								<td>'+getLocalTime(rdata.files[i].time)+'</td>\
 								<td style="text-align: right;">\
-									<a class="btlink" href="javascript:;" onclick="ReRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
+									<a class="btlink" href="javascript:;" onclick="reRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_re+'</a>\
 									 | <a class="btlink" href="javascript:;" onclick="delRecycleBin(\'' + rdata.files[i].rname.replace(/'/,"\\'") + '\',this)">'+lan.files.recycle_bin_del+'</a>\
 								</td>\
 							</tr>'
@@ -265,11 +265,11 @@ function reisImage(fileName){
 function reRecycleBin(path,obj){
 	layer.confirm(lan.files.recycle_bin_re_msg,{title:lan.files.recycle_bin_re_title,closeBtn:2,icon:3},function(){
 		var loadT = layer.msg(lan.files.recycle_bin_re_the,{icon:16,time:0,shade: [0.3, '#000']});
-		$.post('/files?action=Re_recycleBin','path='+encodeURIComponent(path),function(rdata){
+		$.post('/files/re_recycle_bin','path='+encodeURIComponent(path),function(rdata){
 			layer.close(loadT);
 			layer.msg(rdata.msg,{icon:rdata.status?1:5});
 			$(obj).parents('tr').remove();
-		});
+		},'json');
 	});
 }
 
@@ -277,11 +277,11 @@ function reRecycleBin(path,obj){
 function delRecycleBin(path,obj){
 	layer.confirm(lan.files.recycle_bin_del_msg,{title:lan.files.recycle_bin_del_title,closeBtn:2,icon:3},function(){
 		var loadT = layer.msg(lan.files.recycle_bin_del_the,{icon:16,time:0,shade: [0.3, '#000']});
-		$.post('/files?action=Del_Recycle_bin','path='+encodeURIComponent(path),function(rdata){
+		$.post('/files/del_recycle_bin','path='+encodeURIComponent(path),function(rdata){
 			layer.close(loadT);
 			layer.msg(rdata.msg,{icon:rdata.status?1:5});
 			$(obj).parents('tr').remove();
-		});
+		},'json');
 	});
 }
 
@@ -302,7 +302,6 @@ function closeRecycleBin(){
 
 
 //回收站开关
-//Set_Recycle_bin
 function setRecycleBin(db){
 	var loadT = layer.msg('正在处理,请稍候...',{icon:16,time:0,shade: [0.3, '#000']});
 	var data = {}
@@ -315,8 +314,6 @@ function setRecycleBin(db){
 	},'json');
 }
 
-
-
 //取数据
 function getFiles(Path) {
 	console.log(Path);
@@ -523,7 +520,7 @@ function getFiles(Path) {
 				$(this).prop("checked", false);
 				$(this).parents("tr").removeClass("ui-selected");
 			}
-			showSeclect()
+			showSeclect();
 		});
 
 		$("#setBox").click(function() {