Files
wehub-resource-sync e0e362d700
SDK Tests / SDK CI (push) Blocked by required conditions
SDK Tests / changes (push) Successful in 2m29s
Real E2E Tests / changes (push) Successful in 2m29s
SDK Tests / Python SDK Tests (sandbox) (push) Waiting to run
SDK Tests / CLI Quality (push) Waiting to run
SDK Tests / CLI Tests (push) Waiting to run
SDK Tests / Python SDK Quality (code-interpreter) (push) Waiting to run
SDK Tests / Python SDK Quality (sandbox) (push) Waiting to run
SDK Tests / Python SDK Tests (code-interpreter) (push) Waiting to run
SDK Tests / JavaScript SDK Quality And Tests (code-interpreter) (push) Waiting to run
SDK Tests / JavaScript SDK Quality And Tests (sandbox) (push) Waiting to run
SDK Tests / Kotlin SDK Quality And Tests (sandbox) (push) Waiting to run
SDK Tests / Kotlin SDK Quality And Tests (code-interpreter) (push) Waiting to run
SDK Tests / C# SDK Quality And Tests (code-interpreter) (push) Waiting to run
SDK Tests / C# SDK Quality And Tests (sandbox) (push) Waiting to run
SDK Tests / Go SDK Quality And Tests (push) Waiting to run
Deploy Docs Pages / build (push) Has been cancelled
Deploy Docs Pages / deploy (push) Has been cancelled
Real E2E Tests / JavaScript E2E (docker bridge) (push) Has been cancelled
Real E2E Tests / Python E2E (docker bridge) (push) Has been cancelled
Real E2E Tests / Java E2E (docker bridge) (push) Has been cancelled
Real E2E Tests / C# E2E (docker bridge) (push) Has been cancelled
Real E2E Tests / Go E2E (docker bridge) (push) Has been cancelled
Real E2E Tests / Real E2E CI (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:39:33 +08:00

564 lines
14 KiB
Go

// Copyright 2026 Alibaba Group Holding Ltd.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package controller
import (
"bufio"
"bytes"
"errors"
"fmt"
"io"
"net/http"
"os"
"path/filepath"
"strconv"
"strings"
"github.com/alibaba/opensandbox/execd/pkg/log"
"github.com/alibaba/opensandbox/execd/pkg/runtime"
"github.com/alibaba/opensandbox/execd/pkg/vfs"
"github.com/alibaba/opensandbox/execd/pkg/web/model"
)
func (c *IsolatedSessionController) getMergedView() (vfs.FS, error) {
if isolatedRunner == nil || !isolatedRunner.Available() {
c.RespondError(http.StatusServiceUnavailable, model.ErrorCodeServiceUnavailable, "isolation unavailable")
return nil, fmt.Errorf("isolation unavailable")
}
sessionID := c.ctx.Param("sessionId")
mv, err := isolatedRunner.GetMergedView(sessionID)
if err != nil {
if errors.Is(err, runtime.ErrContextNotFound) {
c.RespondError(http.StatusNotFound, model.ErrorCodeSessionNotFound, "session not found")
return nil, err
}
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return nil, err
}
if mv == nil {
c.RespondError(http.StatusNotFound, model.ErrorCodeSessionNotFound, "session not found")
return nil, fmt.Errorf("no merged view")
}
return mv, nil
}
func (c *IsolatedSessionController) GetFilesInfo() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
paths := c.ctx.QueryArray("path")
if len(paths) == 0 {
c.RespondSuccess(make(map[string]model.FileInfo))
return
}
resp := make(map[string]model.FileInfo)
for _, filePath := range paths {
cleaned := filepath.Clean(filePath)
info, err := mv.Stat(cleaned)
if err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
} else {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
}
return
}
resp[filePath] = buildIsolatedFileInfo(filePath, info)
}
c.RespondSuccess(resp)
}
func (c *IsolatedSessionController) SearchFiles() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
path := c.ctx.Query("path")
if path == "" {
c.RespondError(http.StatusBadRequest, model.ErrorCodeMissingQuery, "missing query parameter 'path'")
return
}
pattern := c.ctx.Query("pattern")
if pattern == "" {
pattern = "**"
}
results, err := mv.Search(path, pattern)
if err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
files := make([]model.FileInfo, 0, len(results))
for _, rel := range results {
info, err := mv.Stat(rel)
if err != nil {
continue
}
files = append(files, buildIsolatedFileInfo(rel, info))
}
c.RespondSuccess(files)
}
func (c *IsolatedSessionController) DownloadFile() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
filePath := c.ctx.Query("path")
if filePath == "" {
c.RespondError(http.StatusBadRequest, model.ErrorCodeMissingQuery, "path is required")
return
}
rawOffset := c.ctx.Query("offset")
rawLimit := c.ctx.Query("limit")
hasLineParams := rawOffset != "" || rawLimit != ""
rangeHeader := c.ctx.GetHeader("Range")
if hasLineParams && rangeHeader != "" {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
"line-based reading (offset/limit) and byte range (Range header) are mutually exclusive")
return
}
f, err := mv.Open(filePath)
if err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
return
}
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
defer f.Close()
if hasLineParams {
c.serveIsolatedLineRange(f, rawOffset, rawLimit)
return
}
fileInfo, err := f.Stat()
if err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
c.ctx.Header("Content-Type", "application/octet-stream")
c.ctx.Header("Content-Disposition", formatContentDisposition(filepath.Base(filePath)))
c.ctx.Header("Content-Length", strconv.FormatInt(fileInfo.Size(), 10))
if rangeHeader != "" {
ranges, err := ParseRange(rangeHeader, fileInfo.Size())
if err != nil {
c.RespondError(http.StatusRequestedRangeNotSatisfiable, model.ErrorCodeUnknown)
return
}
if len(ranges) > 0 {
r := ranges[0]
c.ctx.Status(http.StatusPartialContent)
c.ctx.Header("Content-Range", fmt.Sprintf("bytes %d-%d/%d", r.start, r.start+r.length-1, fileInfo.Size()))
c.ctx.Header("Content-Length", strconv.FormatInt(r.length, 10))
_, _ = f.Seek(r.start, io.SeekStart)
_, _ = io.CopyN(c.ctx.Writer, f, r.length)
return
}
}
http.ServeContent(c.ctx.Writer, c.ctx.Request, filepath.Base(filePath), fileInfo.ModTime(), f)
}
func (c *IsolatedSessionController) serveIsolatedLineRange(file *os.File, rawOffset, rawLimit string) {
offset := int64(1)
if rawOffset != "" {
parsed, err := strconv.ParseInt(rawOffset, 10, 64)
if err != nil || parsed < 1 {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("invalid query parameter 'offset': %s", rawOffset))
return
}
offset = parsed
}
limit := int64(-1)
if rawLimit != "" {
parsed, err := strconv.ParseInt(rawLimit, 10, 64)
if err != nil || parsed < 1 {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("invalid query parameter 'limit': %s", rawLimit))
return
}
limit = parsed
}
c.ctx.Header("Content-Type", "text/plain; charset=utf-8")
c.ctx.Status(http.StatusOK)
reader := bufio.NewReader(file)
var lineNum int64
var written int64
for {
line, err := reader.ReadBytes('\n')
if len(line) > 0 {
line = bytes.TrimRight(line, "\r\n")
lineNum++
if lineNum >= offset {
if written > 0 {
_, _ = c.ctx.Writer.Write([]byte("\n"))
}
_, _ = c.ctx.Writer.Write(line)
written++
if limit >= 0 && written >= limit {
break
}
}
}
if err != nil {
break
}
}
}
func (c *IsolatedSessionController) UploadFile() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
metadataParts, fileParts, uerr := parseUploadForm(c.ctx)
if uerr != nil {
c.RespondError(uerr.status, uerr.code, uerr.message)
return
}
for i := range metadataParts {
meta, uerr := parseUploadMetadata(metadataParts[i])
if uerr != nil {
c.RespondError(uerr.status, uerr.code, uerr.message)
return
}
file, err := fileParts[i].Open()
if err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidFile, err.Error())
return
}
filePath := filepath.Clean(meta.Path)
dir := filepath.Dir(filePath)
if dir != "." && dir != "/" {
if err := mv.MkdirAll(dir, 0o755); err != nil {
log.Warn("isolated upload: mkdir %s: %v", dir, err)
}
}
perm := os.FileMode(0o644)
if meta.Permission.Mode != 0 {
mode, convErr := strconv.ParseUint(strconv.Itoa(meta.Permission.Mode), 8, 32)
if convErr == nil {
perm = os.FileMode(mode)
}
}
if _, err := mv.WriteFileReader(filePath, file, perm); err != nil {
file.Close()
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
file.Close()
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) RemoveFiles() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
paths := c.ctx.QueryArray("path")
for _, p := range paths {
if err := mv.Remove(p); err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) RenameFiles() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
var request []model.RenameFileItem
if err := c.bindJSON(&request); err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("error parsing request, MAYBE invalid body format. %v", err))
return
}
for _, item := range request {
if err := mv.Rename(item.Src, item.Dest); err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
} else {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
}
return
}
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) ChmodFiles() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
var request map[string]model.Permission
if err := c.bindJSON(&request); err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("error parsing request, MAYBE invalid body format. %v", err))
return
}
for file, item := range request {
if item.Mode != 0 {
mode, err := strconv.ParseUint(strconv.Itoa(item.Mode), 8, 32)
if err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("invalid mode for %s: %v", file, err))
return
}
if err := mv.Chmod(file, os.FileMode(mode)); err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
}
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) ReplaceContent() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
verbose := c.ctx.Query("verbose") == "true"
var request map[string]model.ReplaceFileContentItem
if err := c.bindJSON(&request); err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("error parsing request, MAYBE invalid body format. %v", err))
return
}
var results map[string]model.ReplaceFileContentResult
if verbose {
results = make(map[string]model.ReplaceFileContentResult)
}
for file, item := range request {
if item.Old == "" {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest, "old content must not be empty")
return
}
data, err := mv.ReadFile(file)
if err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
} else {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
}
return
}
contentStr := string(data)
if verbose {
results[file] = model.ReplaceFileContentResult{
ReplacedCount: strings.Count(contentStr, item.Old),
}
}
newContent := strings.ReplaceAll(contentStr, item.Old, item.New)
origInfo, _ := mv.Stat(file)
perm := os.FileMode(0o644)
if origInfo != nil {
perm = origInfo.Mode().Perm()
}
if err := mv.WriteFile(file, []byte(newContent), perm); err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
}
if verbose {
c.RespondSuccess(results)
} else {
c.RespondSuccess(nil)
}
}
func (c *IsolatedSessionController) MakeDirs() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
var request map[string]model.Permission
if err := c.bindJSON(&request); err != nil {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("error parsing request, MAYBE invalid body format. %v", err))
return
}
for dir, perm := range request {
mode := os.FileMode(0o755)
if perm.Mode != 0 {
parsed, err := strconv.ParseUint(strconv.Itoa(perm.Mode), 8, 32)
if err == nil {
mode = os.FileMode(parsed)
}
}
if err := mv.MkdirAll(dir, mode); err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
} else {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
}
return
}
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) RemoveDirs() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
paths := c.ctx.QueryArray("path")
for _, p := range paths {
if err := mv.RemoveAll(p); err != nil {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
return
}
}
c.RespondSuccess(nil)
}
func (c *IsolatedSessionController) ListDirectory() {
mv, _ := c.getMergedView()
if mv == nil {
return
}
path := c.ctx.Query("path")
if path == "" {
c.RespondError(http.StatusBadRequest, model.ErrorCodeMissingQuery, "missing query parameter 'path'")
return
}
depth := 1
if rawDepth := c.ctx.Query("depth"); rawDepth != "" {
parsedDepth, err := strconv.Atoi(rawDepth)
if err != nil || parsedDepth < 0 {
c.RespondError(http.StatusBadRequest, model.ErrorCodeInvalidRequest,
fmt.Sprintf("invalid query parameter 'depth': %s", rawDepth))
return
}
depth = parsedDepth
}
entries, err := c.listIsolatedDir(mv, path, depth)
if err != nil {
if os.IsNotExist(err) {
c.RespondError(http.StatusNotFound, model.ErrorCodeFileNotFound, err.Error())
} else {
c.RespondError(http.StatusInternalServerError, model.ErrorCodeRuntimeError, err.Error())
}
return
}
c.RespondSuccess(entries)
}
func (c *IsolatedSessionController) listIsolatedDir(mv vfs.FS, root string, maxDepth int) ([]model.FileInfo, error) {
entries := make([]model.FileInfo, 0, 16)
if maxDepth == 0 {
return entries, nil
}
var walk func(string, int) error
walk = func(dir string, currentDepth int) error {
dirEntries, err := mv.ReadDir(dir)
if err != nil {
return err
}
for _, entry := range dirEntries {
entryPath := filepath.Join(dir, entry.Name())
info, err := entry.Info()
if err != nil {
return err
}
entries = append(entries, buildIsolatedFileInfo(entryPath, info))
if entry.IsDir() && currentDepth+1 < maxDepth {
if err := walk(entryPath, currentDepth+1); err != nil {
return err
}
}
}
return nil
}
return entries, walk(root, 0)
}
func buildIsolatedFileInfo(path string, info os.FileInfo) model.FileInfo {
ft := "file"
mode := info.Mode()
if mode&os.ModeSymlink != 0 {
ft = "symlink"
} else if info.IsDir() {
ft = "directory"
}
modeStr := strconv.FormatInt(int64(mode.Perm()), 8)
modeInt, _ := strconv.Atoi(modeStr)
return model.FileInfo{
Path: path,
Type: ft,
Size: info.Size(),
ModifiedAt: info.ModTime(),
Permission: model.Permission{
Mode: modeInt,
},
}
}