From bf0abc586c20a4d280d2d27baa6d6d0a8f8d53d5 Mon Sep 17 00:00:00 2001
From: Weisenhorn Geoffroy <geoffroy.weisenhorn@gmail.com>
Date: Wed, 29 Oct 2008 22:10:00 +0100
Subject: FIX: check if file is readable

---
 woof | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/woof b/woof
index 5e2591f..383226f 100755
--- a/woof
+++ b/woof
@@ -27,6 +27,7 @@
 """ woof -- an ad-hoc single file webserver"""
 
 import sys, os, popen2, signal, select, socket, getopt, commands
+import stat
 import urllib, BaseHTTPServer
 import ConfigParser
 
@@ -98,6 +99,24 @@ def find_ip ():
 
     return ip_addr
 
+def is_owner(stf):
+    """Return true if the file belongs to the current user"""
+    return stf.st_uid == os.getuid()
+
+def is_group(stf):
+    """Return true if the file belongs to the group of current user"""
+    return stf.st_gid == os.getgid()
+
+def is_read(filename):
+    """ Check whether a file is readable """
+    result_st = os.stat(filename)
+    if is_owner(result_st):
+        return (result_st.st_mode & stat.S_IRUSR)
+    elif is_group(result_st):
+        return (result_st.st_mode & stat.S_IRGRP)
+    else:
+        return (result_st.st_mode & stat.S_IROTH)
+
 class FileServHTTPRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
     """
     Main class implementing an HTTP-Requesthandler, that serves just a single
@@ -335,6 +354,10 @@ def main ():
     if not (os.path.isfile (filename) or os.path.isdir (filename)):
         usage (defaultport, defaultmaxdown,
              "%s: Neither file nor directory" % filenames[0])
+    if not is_read(filename):
+        usage (defaultport, defaultmaxdown,
+               "%s: Check read permission" % filenames[0])
+
     serve_files (filename, maxdown, ip_addr, port)
 
     # wait for child processes to terminate
-- 
cgit v1.2.3