Over constrictive file location parameters

[abduct]

moonraker/moonraker/plugins/file_manager.py

Line 88 in 6403eaa

if not os.path.isdir(path) or not path.startswith(home) or \

I believe this conditional is highly restrictive and should be refactored to allow for files to be placed anywhere where the daemon has proper permissions to access. For instance this restricts a user from using /etc/conf.d/ or any other directory that is outside of /home/.

I don't necessarily understand why moonraker is being so restrictive in this situation and if it is for permission issues, I believe checking for read/write perms would be better than limiting to a single directory, which a user may not be able to write or read to anyways.

Thanks.

[Arksine]

It is unwise to serve large portions of the file system of over http. Aside from the security implications (not necessarily related to permissions), Moonraker's file manager could get bogged down when it attempts to traverse a file list. If there are recursive symlinks it would result in an infinite loop. The file manager is meant to serve a very limited number of files/folders that are useful for Klipper and Moonraker itself. Thus these restrictions are in place to help make sure users don't serve more of the file system than they should.

I don't see a compelling reason for config or gcode files to exist anywhere other than in a subfolder of the home directory. If you do want the files to exist elsewhere, such as on a mounted disk, you can create a symlink in your home directory and point the configuration toward it. I would simply advise being very careful with this.