From 9b092524f7ad7c250cd1a7a6bd3f71a72d8e8f3e Mon Sep 17 00:00:00 2001 From: leithoff Date: Fri, 20 May 2016 15:12:31 +0200 Subject: [PATCH] Created VFS System (markdown) --- VFS-System.md | 92 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 VFS-System.md diff --git a/VFS-System.md b/VFS-System.md new file mode 100644 index 0000000..7b9a707 --- /dev/null +++ b/VFS-System.md @@ -0,0 +1,92 @@ +### VFS Classes +Virtual File System. +The new VFS Classes are realized via Stream Wrappers. +Most documentation is done in the classes itself. + +The class is class.iface_stream_wrapper.inc.php +* instatiated class +* and static functions. + +### Classes +* iface_stream_wrapper +* oldvfs_stream_wrapper +* vfs_stream_wrapper +* sqlfs_stream_wrapper +* egw_vfs + +oldvfs_stream_wrapper instantiates the iface_stream_wrapper +all methods must be implemented (since the iface_stream_wrapper is defined as php5 interface) +Some more functions are implemented with the derived classes (touch, chown, chmod, etc). + +main thing is, that there is a whole lot of stats for all possible actions regarding files and dirs, these will +be cached in a stat-cache, that improves performance for that request. + +vfs_stream_wrapper does implement a new class/style sqlfs with fstab and the possibility of mounting any allowed +vfs path. The path is resolved first thing before accessing the URL given by the request. +a call may be: +```php +./cli.php ls -l vfs://ralf:PASSWORD@default +./cli.php ls -l vfs://root_USER:PASSWORD@default where USER is the Config or headeradmin user and PASSSWORD its password. +./cli.php ls -l oldvfs://ralf:PASSWORD@default +``` +Security is realized via a user concept. Mounts or any access must be realized using a existing user. +A concept of a root user is implemented, as known for most Linux/Unix users. This user is specified +by prepending root_ before the USER:PASSWORD Sequence. + +We make extensive use of the new find function, since it gives the possibility of recursively accessing +the mounted path. the find function allowes for a callback of the desired functionality. + +SQLFS implements Groupfolders with inheritance of user rights of from top to childs, that way files +can be accessed by all groupmembers. Even if a file is created only with userrights. +If you have only readrights in a folder, you see only the objects you are allowed to see/access. + +The native StreamWrapper uses the WebServer User to determine readability and writeablity. +The derived classes do use virtual users/group rights derived from known eGroupware users/groups. + +### Consequences/Benefits +|| oldvfs || stream wrapper interface || +|| all in memory || done all in chunks || +|| || filter/encoding possible while reading/writing || +|| || SqlFS uses the php pdo interface to access blobs of all possible databases via stream reading/writing (you need to install the pdo extension for php)|| + + +### Commandline Interface +Commandline interface must be run with root or webserver rights. +``` +[root@farm01 inc]# ../../filemanager/cli.php +Usage: cli.php ls [-r|--recursive] URL [URL2 ...] + cli.php cat URL [URL2 ...] + cli.php cp [-r|--recursive] [-p|--perms] URL-from URL-to + cli.php cp [-r|--recursive] [-p|--perms] URL-from [URL-from2 ...] URL-to-directory + cli.php rm [-r|--recursive] URL [URL2 ...] + cli.php mkdir [-p|--parents] URL [URL2 ...] + cli.php rmdir URL [URL2 ...] + cli.php touch [-r|--recursive] [-d|--date time] URL [URL2 ...] + cli.php chmod [-r|--recursive] mode=[ugoa]*[+-=][rwx]+,... URL [URL2 ...] + cli.php chown [-r|--recursive] user URL [URL2 ...] + cli.php chgrp [-r|--recursive] group URL [URL2 ...] + cli.php find URL [URL2 ...] [-type (d|f)][-dirs_last][-mime type[/sub]][-name pattern][-path pattern] + [-uid id][-user name][-nouser][-gid id][-group name][-nogroup][-size N][-cmin N][-ctime N][-mmin N] + [-mtime N] (N: +n --> >n, -n --> =n) + cli.php mount URL [path] (without path prints out the mounts) + cli.php umount URL|path + +URL: {vfs|sqlfs|oldvfs}://user:password@domain/home/user/file, /dir/file, ... + +Use root_{header-admin|config-user} as user and according password for root access (no user specific access control and chown). + +``` + +### Example Calls +An example call for a readonly mount, given that the setup user name is "admin" with "adminPassword": +``` +./filemanager/cli.php mount 'filesystem://root_admin:adminPassword@default/home/user?user=groupwareUser&mode=005' /home/groupwareUser/harddrive +``` +Note that the user given in the "user=" option must exist in eGroupware. It defaults to "root". Usually the option "user=root" will not work because "root" is not a valid egroupware user but just a name for the superuser (setup user). + +An example for a mount list: +``` +./filemanager/cli.php mount --user root_admin --password adminPassword +``` + +More options for the URL syntax can be found in the [http://svn.stylite.de/viewvc/egroupware/trunk/phpgwapi/inc/class.filesystem_stream_wrapper.inc.php?view=markup Stream Wrapper Source Code].