lfss 0.1.0__tar.gz → 0.2.1__tar.gz

{lfss-0.1.0 → lfss-0.2.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: lfss
-Version: 0.1.0
+Version: 0.2.1
 Summary: Lightweight file storage service
 Home-page: https://github.com/MenxLi/lfss
 Author: li, mengxun
@@ -18,6 +18,7 @@ Project-URL: Repository, https://github.com/MenxLi/lfss
 Description-Content-Type: text/markdown
 
 # Lightweight File Storage Service (LFSS)
+[![PyPI](https://img.shields.io/pypi/v/lfss)](https://pypi.org/project/lfss/)
 
 A lightweight file/object storage service!
 
@@ -28,15 +29,19 @@ lfss-user add <username> <password>
 lfss-serve
 ```
 
-By default, the data will be stored in the `.storage_data` directory, in a sqlite database.  
-The data storage can be set via environment variable `LFSS_DATA`.
+By default, the data will be stored in `.storage_data`. 
+You can change storage directory using the `LFSS_DATA` environment variable.
 
 I provide a simple client to interact with the service.  
-Just start a web server at `/frontend` and open `index.html` in your browser.
-
-Currently, there is no file access-control, anyone can access any file with `GET` request.  
-However, the path-listing is only available to the authenticated user (to their own files, under `<username>/`).  
+Just start a web server at `/frontend` and open `index.html` in your browser, or use:
+```sh
+lfss-panel
+```
 
 The API usage is simple, just `GET`, `PUT`, `DELETE` to the `/<username>/file/url` path.  
 Authentication is done via `Authorization` header, with the value `Bearer <token>`.  
-Please refer to `frontend` as an application example, and `frontend/api.js` for the API usage.
+You can refer to `frontend` as an application example, and `frontend/api.js` for the API usage.
+
+By default, the service exposes all files to the public for `GET` requests, 
+but file-listing is restricted to the user's own files.  
+Please refer to [docs/Permission.md](./docs/Permission.md) for more details on the permission system.

lfss-0.2.1/Readme.md

@@ -0,0 +1,28 @@
+# Lightweight File Storage Service (LFSS)
+[![PyPI](https://img.shields.io/pypi/v/lfss)](https://pypi.org/project/lfss/)
+
+A lightweight file/object storage service!
+
+Usage: 
+```sh
+pip install .
+lfss-user add <username> <password>
+lfss-serve
+```
+
+By default, the data will be stored in `.storage_data`. 
+You can change storage directory using the `LFSS_DATA` environment variable.
+
+I provide a simple client to interact with the service.  
+Just start a web server at `/frontend` and open `index.html` in your browser, or use:
+```sh
+lfss-panel
+```
+
+The API usage is simple, just `GET`, `PUT`, `DELETE` to the `/<username>/file/url` path.  
+Authentication is done via `Authorization` header, with the value `Bearer <token>`.  
+You can refer to `frontend` as an application example, and `frontend/api.js` for the API usage.
+
+By default, the service exposes all files to the public for `GET` requests, 
+but file-listing is restricted to the user's own files.  
+Please refer to [docs/Permission.md](./docs/Permission.md) for more details on the permission system.

lfss-0.2.1/docs/Permission.md

@@ -0,0 +1,29 @@
+
+# Permission System
+There are two roles in the system: Admin and User (you can treat then as buckets).  
+
+## `PUT` and `DELETE` permissions
+Non-login user don't have `PUT/DELETE` permissions.  
+Every user can have `PUT/DELETE` permissions of files under its own `/<user>/` path.  
+The admin can have `PUT/DELETE` permissions of files of all users.
+
+## `GET` permissions
+The `GET` is used to access the file (if path is not ending with `/`), or to list the files under a path (if path is ending with `/`). 
+
+### Path-listing
+- Non-login users cannot list any files.
+- All users can list the files under their own path 
+- Admins can list the files under other users' path. 
+
+### File-access
+For accessing file content, the user must have `GET` permission of the file, which is determined by the `permission` field of both the owner and the file. 
+(Note: The owner of the file is the user who created the file, may not necessarily be the user under whose path the file is stored.)   
+
+There are four types of permissions: `unset`, `public`, `protected`, `private`.
+Non-admin users can access files based on:   
+
+- If the file is `public`, then all users can access it.
+- If the file is `protected`, then only the logged-in user can access it.  
+- If the file is `private`, then only the owner can access it.
+- If the file is `unset`, then the file's permission is inherited from the owner's permission.
+- If both the owner and the file have `unset` permission, then the file is `public`.

lfss-0.2.1/frontend/api.js

@@ -0,0 +1,178 @@
+
+/**
+ * @typedef Config
+ * @property {string} endpoint - the endpoint of the API
+ * @property {string} token - the token to authenticate the user
+ * 
+ * Partially complete...
+ * @typedef {Object} UserRecord
+ * @property {number} id - the id of the user
+ * @property {string} username - the username of the user
+ * @property {boolean} is_admin - whether the user is an admin
+ * @property {string} create_time - the time the user was created
+ * @property {number} max_storage - the maximum storage the user can use
+ * @property {number} permission - the default read permission of the files owned by the user
+ * 
+ * Partially complete...
+ * @typedef {Object} FileRecord
+ * @property {string} url - the url of the file
+ * @property {number} owner_id - the id of the owner of the file
+ * @property {number} file_size - the size of the file, in bytes
+ * @property {string} create_time - the time the file was created
+ * @property {string} access_time - the time the file was last accessed
+ * 
+ * Partially complete...
+ * @typedef {Object} DirectoryRecord
+ * @property {string} url - the url of the directory
+ * @property {string} size - the size of the directory, in bytes
+ * 
+ * @typedef {Object} PathListResponse
+ * @property {DirectoryRecord[]} dirs - the list of directories in the directory
+ * @property {FileRecord[]} files - the list of files in the directory
+ * 
+ */
+
+export const permMap = {
+    0: 'unset',
+    1: 'public',
+    2: 'protected',
+    3: 'private'
+}
+
+export default class Connector {
+
+    constructor(){
+        /** @type {Config} */
+        this.config = {
+            endpoint: 'http://localhost:8000',
+            token: ''
+        }
+    }
+
+    /**
+    * @param {string} path - the path to the file (url)
+    * @param {File} file - the file to upload
+    * @returns {Promise<string>} - the promise of the request, the url of the file
+    */
+    async put(path, file){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        const fileBytes = await file.arrayBuffer();
+        const res = await fetch(this.config.endpoint + '/' + path, {
+            method: 'PUT',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token, 
+                'Content-Type': 'application/octet-stream'
+            },
+            body: fileBytes
+        });
+        if (res.status != 200 && res.status != 201){
+            throw new Error(`Failed to upload file, status code: ${res.status}, message: ${await res.json()}`);
+        }
+        return (await res.json()).url;
+    }
+
+    /**
+    * @param {string} path - the path to the file (url), should end with .json
+    * @param {Objec} data - the data to upload
+    * @returns {Promise<string>} - the promise of the request, the url of the file
+    */
+    async putJson(path, data){
+        if (!path.endsWith('.json')){ throw new Error('Upload object must end with .json'); }
+        if (path.startsWith('/')){ path = path.slice(1); }
+        const res = await fetch(this.config.endpoint + '/' + path, {
+            method: 'PUT',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token,
+                'Content-Type': 'application/json'
+            },
+            body: JSON.stringify(data)
+        });
+        if (res.status != 200 && res.status != 201){
+            throw new Error(`Failed to upload object, status code: ${res.status}, message: ${await res.json()}`);
+        }
+        return (await res.json()).url;
+    }
+
+    async delete(path){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        const res = await fetch(this.config.endpoint + '/' + path, {
+            method: 'DELETE',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token
+            }, 
+        });
+        if (res.status == 200) return;
+        throw new Error(`Failed to delete file, status code: ${res.status}, message: ${await res.json()}`);
+    }
+
+    /**
+     * @param {string} path - the path to the file
+     * @returns {Promise<FileRecord | null>} - the promise of the request
+     */
+    async getMetadata(path){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        const res = await fetch(this.config.endpoint + '/_api/fmeta?path=' + path, {
+            method: 'GET',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token
+            },
+        });
+        if (res.status == 404){
+            return null;
+        }
+        return await res.json();
+    }
+
+    /**
+     * @param {string} path - the path to the file directory, should ends with '/'
+     * @returns {Promise<PathListResponse>} - the promise of the request
+     */
+    async listPath(path){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        if (!path.endsWith('/')){ path += '/'; }
+        const res = await fetch(this.config.endpoint + '/' + path, {
+            method: 'GET',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token
+            },
+        });
+        if (res.status == 403 || res.status == 401){
+            throw new Error(`Access denied to ${path}`);
+        }
+        return await res.json();
+    }
+
+    /**
+     * Check the user information by the token
+     * @returns {Promise<UserRecord>} - the promise of the request
+     */
+    async whoami(){
+        const res = await fetch(this.config.endpoint + '/_api/whoami', {
+            method: 'GET',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token
+            },
+        });
+        if (res.status != 200){
+            throw new Error('Failed to get user info, status code: ' + res.status);
+        }
+        return await res.json();
+    };
+
+    /**
+     * @param {string} path - file path(url)
+     * @param {number} permission - please refer to the permMap
+     */
+    async setFilePermission(path, permission){
+        if (path.startsWith('/')){ path = path.slice(1); }
+        const res = await fetch(this.config.endpoint + '/_api/fmeta?path=' + path + '&perm=' + permission, {
+            method: 'POST',
+            headers: {
+                'Authorization': 'Bearer ' + this.config.token
+            },
+        });
+        if (res.status != 200){
+            throw new Error(`Failed to set permission, status code: ${res.status}, message: ${await res.json()}`);
+        }
+    }
+}

lfss-0.2.1/frontend/index.html

@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>LFSS</title>
+    <link rel="stylesheet" href="./styles.css">
+</head>
+<body>
+
+    <div class="container header" id="settings">
+        <div class="input-group" style="min-width: 300px;">
+            <label for="endpoint">Endpoint</label>
+            <input type="text" id="endpoint" placeholder="http://localhost:8000" autocomplete="off">
+        </div>
+        <div class="input-group" style="min-width: 800px;">
+            <label for="token">Token</label>
+            <input type="text" id="token" placeholder="" autocomplete="off">
+        </div>
+        <div class="input-group">
+            <span id='back-btn'>⬅️</span>
+            <input type="text" id="path" placeholder="path/to/files/" autocomplete="off">
+        </div>
+    </div>
+
+    <div class="container content" id="view">
+        <div id="position-hint" class='disconnected'>
+            <span></span>
+            <label></label>
+        </div>
+        <table id="files">
+            <thead>
+                <tr>
+                    <th>File</th>
+                    <th>Size</th>
+                    <th>Accessed</th>
+                    <th>Created</th>
+                    <th>Read access</th>
+                    <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody id="files-table-body">
+            </tbody>
+        </table>
+    </div>
+
+    <div class="container footer" id="upload">
+        <div class="input-group">
+            <input type="file" id="file-selector" accept="*">
+            <label for="file-name" id="upload-file-prefix"></label>
+            <input type="text" id="file-name" placeholder="Destination file path" autocomplete="off">
+            <span id='randomize-fname-btn'>🎲</span>
+            <button id="upload-btn">Upload</button>
+        </div>
+    </div>
+
+</body>
+
+<script src="./scripts.js" type="module" async defer></script>
+</html>