HandleResolvePath resolves the existing portion of an absolute path through any symlinks and returns the resulting path. Missing trailing components are preserved so callers can validate future writes against the real target.
(rw http.ResponseWriter, r *http.Request)
| 18 | // any symlinks and returns the resulting path. Missing trailing components are |
| 19 | // preserved so callers can validate future writes against the real target. |
| 20 | func (api *API) HandleResolvePath(rw http.ResponseWriter, r *http.Request) { |
| 21 | ctx := r.Context() |
| 22 | |
| 23 | query := r.URL.Query() |
| 24 | parser := httpapi.NewQueryParamParser().RequiredNotEmpty("path") |
| 25 | path := parser.String(query, "", "path") |
| 26 | parser.ErrorExcessParams(query) |
| 27 | if len(parser.Errors) > 0 { |
| 28 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 29 | Message: "Query parameters have invalid values.", |
| 30 | Validations: parser.Errors, |
| 31 | }) |
| 32 | return |
| 33 | } |
| 34 | |
| 35 | resolved, err := api.resolvePath(path) |
| 36 | if err != nil { |
| 37 | status := http.StatusInternalServerError |
| 38 | switch { |
| 39 | case !filepath.IsAbs(path): |
| 40 | status = http.StatusBadRequest |
| 41 | case errors.Is(err, os.ErrPermission): |
| 42 | status = http.StatusForbidden |
| 43 | } |
| 44 | httpapi.Write(ctx, rw, status, codersdk.Response{Message: err.Error()}) |
| 45 | return |
| 46 | } |
| 47 | |
| 48 | httpapi.Write(ctx, rw, http.StatusOK, workspacesdk.ResolvePathResponse{ |
| 49 | ResolvedPath: resolved, |
| 50 | }) |
| 51 | } |
| 52 | |
| 53 | // resolvePath resolves any symlinks in the existing portion of path while |
| 54 | // preserving missing trailing components. |
nothing calls this directly
no test coverage detected