Data about the files and directories within the virtual root is kept in the SQL database. Currently, this information includes:
The internal names of these (the database column names) are stored in the $phpgw->vfs->attributes array, which is useful for loops, and is guaranteed to be up-to-date.
Note that no information is kept about files outside the virtual root. If a file is moved outside, all records of it are delete from the database. If a file is moved into the virtual root, some information, specifically MIME-type, is not stored in the database. The vital information has defaults: owner is based on where the file is being stored; size is correctly read; deleteable is set to Y.
Because of the many different ways the VFS can be used, complete ACL support is not built in. There is a bit of access control built in, just because of the way database queries are made. However, that is a discussion beyond the scope of this document. Full ACL support may be added at a later time. For now, it is fairly easy to add basic access control to your application by matching path expressions. The VFS always follows the same naming convention of $fakebase/userorgroup. So if you need to check if a user has access to $fakebase/whatever/dir/file, you need only know if they their username is 'whatever' or if they belong to the group 'whatever', and that the group has access to your application. Here is an example from PHPWebHosting:
###
# First we get their memberships
###
$memberships = $phpgw->accounts->memberships ($account_id);
###
# We determine if they're in their home directory or a group's directory
# If they request a group's directory, we ensure they have access to the group,
# and the group has access to the app
###
if ((preg_match ("+^$fakebase\/(.*)(\/|$)+U", $path, $matches)) && $matches[1] != $account_lid)
{
$phpgw->vfs->working_id = $phpgw->accounts->name2id ($matches[1]);
reset ($memberships);
while (list ($num, $group_array) = each ($memberships))
{
if ($matches[1] == $group_array["account_name"])
{
$group_ok = 1;
break;
}
}
if (!$group_ok)
{
echo $phpgw->common->error_list (array ("You do not have access to group/directory $matches[1]"));
exit;
}
}
You should also check if the group has access to your appilcation.
You might have noticed there are some functions that just pass the arguments on to other functions. These are provided in part because of legacy and in part for convenience. You can use either. Here is the list (alias -> actual):
The old VFS was hard-coded to use "/home" as the fake base directory, even though the user never saw it. With the new system, crafty administrators may wish to change "/home" to something else, say "/users" or "/public_html". The fake base directory name is stored in $phpgw->vfs->fakebase, and changing it will transparently change it throughout the VFS and all applications. However, this must be done before any data is in the VFS database. If you wish to change it afterwords, you'll have to manually update the database, replacing the old value with the new value. Application programmers need to recognize that /home is not absolute, and use $phpgw->vfs->fakebase instead. I suggest setting $fakebase = $phpgw->vfs->fakebase; right off the bat to keep things neater.