lfss 0.12.2__py3-none-any.whl → 0.13.0__py3-none-any.whl

lfss/cli/cli.py

@@ -1,6 +1,6 @@
 from pathlib import Path
 import argparse, typing, sys
-from lfss.api import Connector, upload_directory, upload_file, download_file, download_directory
+from lfss.api import Client, upload_directory, upload_file, download_file, download_directory
 from lfss.eng.datatype import (
     FileReadPermission, AccessLevel, 
     FileSortKey, DirSortKey, 
@@ -10,6 +10,7 @@ from lfss.eng.utils import decode_uri_components, fmt_storage_size
 
 from . import catch_request_error, line_sep
 from .cli_lib import mimetype_unicode, stream_text
+from ..eng.bounded_pool import BoundedThreadPoolExecutor
 
 def parse_permission(s: str) -> FileReadPermission:
     for p in FileReadPermission:
@@ -59,9 +60,9 @@ def print_path_list(
         if not detailed:
             if isinstance(r, DirectoryRecord):
                 assert r.url.endswith("/")
-                print(decode_uri_components(r.url).rstrip("/").split("/")[-1], end="/")
+                print(r.name(), end="/")
             else:
-                print(decode_uri_components(r.url).split("/")[-1], end="")
+                print(r.name(), end="")
         else:
             print(decode_uri_components(r.url), end="")
             if isinstance(r, FileRecord):
@@ -107,12 +108,28 @@ def parse_arguments():
     sp_download.add_argument("--conflict", choices=["overwrite", "skip"], default="abort", help="Conflict resolution, only works with file download")
     sp_download.add_argument("--retries", type=int, default=0, help="Number of retries")
 
+    # move 
+    sp_move = sp.add_parser("move", help="Move or rename a file or directory", aliases=["mv"])
+    sp_move.add_argument("src", help="Source url path", type=str)
+    sp_move.add_argument("dst", help="Destination url path. If the destination exists, will raise an error. " , type=str)
+
+    # copy
+    sp_copy = sp.add_parser("copy", help="Copy a file or directory", aliases=["cp"])
+    sp_copy.add_argument("src", help="Source url path", type=str)
+    sp_copy.add_argument("dst", help="Destination url path. If the destination exists, will raise an error. ", type=str)
+
     # query
     sp_query = sp.add_parser("info", help="Query file or directories metadata from the server", aliases=["i"])
     sp_query.add_argument("path", help="Path to query", nargs="+", type=str)
 
+    # set permission
+    sp_permission = sp.add_parser("set-permission", help="Set file or directory permission", aliases=["perm"])
+    sp_permission.add_argument("path", help="Path to set permission", type=str, nargs="+")
+    sp_permission.add_argument("permission", help="New permission to set", choices=[p.name.lower() for p in FileReadPermission])
+    sp_permission.add_argument("-j", "--jobs", type=int, default=1, help="Number of concurrent permission setting")
+
     # delete
-    sp_delete = sp.add_parser("delete", help="Delete files or directories", aliases=["del"])
+    sp_delete = sp.add_parser("delete", help="Delete files or directories", aliases=["del", "rm"])
     sp_delete.add_argument("path", help="Path to delete", nargs="+", type=str)
     sp_delete.add_argument("-y", "--yes", action="store_true", help="Confirm deletion without prompt")
 
@@ -152,7 +169,7 @@ def parse_arguments():
 
 def main():
     args = parse_arguments()
-    connector = Connector()
+    connector = Client()
     if args.command == "whoami":
         with catch_request_error():
             user = connector.whoami()
@@ -227,12 +244,22 @@ def main():
                 verbose=not args.quiet,
                 n_retries=args.retries, 
                 interval=args.interval,
-                overwrite=args.overwrite
+                overwrite=args.conflict == "overwrite"
             )
             if not success:
                 print("\033[91mFailed to download: \033[0m", msg, file=sys.stderr)
     
-    elif args.command in ["delete", "del"]:
+    elif args.command in ["move", "mv"]:
+        with catch_request_error(default_error_handler_dict(f"{args.src} -> {args.dst}")):
+            connector.move(args.src, args.dst)
+            print(f"\033[32mMoved\033[0m ({args.src} -> {args.dst})")
+    
+    elif args.command in ["copy", "cp"]:
+        with catch_request_error(default_error_handler_dict(f"{args.src} -> {args.dst}")):
+            connector.copy(args.src, args.dst)
+            print(f"\033[32mCopied\033[0m ({args.src} -> {args.dst})")
+
+    elif args.command in ["delete", "del", "rm"]:
         if not args.yes:
             print("You are about to delete the following paths:")
             for path in args.path:
@@ -250,10 +277,32 @@ def main():
         for path in args.path:
             with catch_request_error(default_error_handler_dict(path)):
                 res = connector.get_meta(path)
-                if res is None:
-                    print(f"\033[31mNot found\033[0m ({path})")
-                else:
-                    print(res)
+                print(res)
+    
+    elif args.command in ["set-permission", "perm"]:
+        flist = []
+        for path in args.path:
+            if not path.endswith("/"):
+                flist.append(path)
+            else:
+                batch_size = 10_000
+                with catch_request_error(default_error_handler_dict(path), cleanup_fn=lambda: flist.clear()):
+                    for offset in range(0, connector.count_files(path, flat=True), batch_size):
+                        files = connector.list_files(path, offset=offset, limit=batch_size, flat=True)
+                        flist.extend([f.url for f in files])
+        if len(flist)>1 and input(f"You are about to set permission of {len(flist)} files to {args.permission.upper()}. Are you sure? ([yes]/no): ").lower() not in ["", "y", "yes"]:
+            print("Aborted.")
+            exit(0)
+        with connector.session(args.jobs) as c, BoundedThreadPoolExecutor(args.jobs) as executor:
+            for f in flist:
+                executor.submit(
+                    lambda p: (
+                        c.set_file_permission(p, parse_permission(args.permission)),
+                        print(f"\033[32mSet permission\033[0m ({p}) to {args.permission.upper()}")
+                    ), f
+                )
+            executor.shutdown(wait=True)
+            
     
     elif args.command in ["ls", "list"]:
         with catch_request_error(default_error_handler_dict(args.path)):
@@ -265,9 +314,10 @@ def main():
                 order_desc=args.reverse,
             )
             print_path_list(res, detailed=args.long)
-            if len(res.dirs) + len(res.files) == args.limit:
-                print(f"\033[33m[Warning] List limit reached, use --offset and --limit to list more items.\033[0m")
-    
+            if args.path != "/" and len(res.dirs) + len(res.files) == args.limit:
+                _len_str = f"{args.offset + 1}-{args.offset + len(res.dirs) + len(res.files)}/{connector.count_dirs(args.path) + connector.count_files(args.path)}"
+                print(f"{_len_str} items listed.")
+
     elif args.command in ["lsf", "list-f"]:
         with catch_request_error(default_error_handler_dict(args.path)):
             res = connector.list_files(
@@ -279,8 +329,12 @@ def main():
                 order_desc=args.reverse,
             )
             print_path_list(res, detailed=args.long)
-            if len(res) == args.limit:
-                print(f"\033[33m[Warning] List limit reached, use --offset and --limit to list more files.\033[0m")
+            if args.path != "/" and len(res) == args.limit:
+                if args.recursive:
+                    _len_str = f"{args.offset + 1}-{args.offset + len(res)}/{connector.count_files(args.path, flat=True)}"
+                else:
+                    _len_str = f"{args.offset + 1}-{args.offset + len(res)}/{connector.count_files(args.path)}"
+                print(f"{_len_str} files listed.")
         
     elif args.command in ["lsd", "list-d"]:
         with catch_request_error(default_error_handler_dict(args.path)):
@@ -293,8 +347,9 @@ def main():
                 order_desc=args.reverse,
             )
             print_path_list(res, detailed=args.long)
-            if len(res) == args.limit:
-                print(f"\033[33m[Warning] List limit reached, use --offset and --limit to list more directories.\033[0m")
+            if args.path != "/" and len(res) == args.limit:
+                _len_str = f"{args.offset + 1}-{args.offset + len(res)}/{connector.count_dirs(args.path)}"
+                print(f"{_len_str} items listed.")
     
     elif args.command in ["cat", "concatenate"]:
         for _p in args.path:

lfss/cli/cli_lib.py

@@ -1,5 +1,5 @@
 
-from ..api.connector import Connector
+from ..api.connector import Client
 from ..eng.datatype import DirectoryRecord, FileRecord
 
 def mimetype_unicode(r: DirectoryRecord | FileRecord):
@@ -37,7 +37,7 @@ def mimetype_unicode(r: DirectoryRecord | FileRecord):
     return "📄"
 
 def stream_text(
-    conn: Connector, 
+    conn: Client, 
     path: str,
     encoding="utf-8",
     chunk_size=1024 * 8,
@@ -51,8 +51,6 @@ def stream_text(
     """
     MAX_TEXT_SIZE = 100 * 1024 * 1024  # 100 MB
     r = conn.get_fmeta(path)
-    if r is None:
-        raise FileNotFoundError(f"File not found: {path}")
     if r.file_size > MAX_TEXT_SIZE:
         raise ValueError(f"File size {r.file_size} exceeds maximum text size {MAX_TEXT_SIZE}")
     ss = conn.get_stream(r.url, chunk_size=chunk_size)

lfss/eng/database.py

@@ -85,14 +85,14 @@ class UserConn(DBObjectBase):
         max_storage: int = 1073741824, permission: FileReadPermission = FileReadPermission.UNSET
         ) -> int:
         def validate_username(username: str):
-            assert not set(username) & {'/', ':'}, "Invalid username"
-            assert not username.startswith('_'), "Error: reserved username"
-            assert not (len(username) > 255), "Username too long"
-            assert urllib.parse.quote(username) == username, "Invalid username, must be URL safe"
+            assert_or(not set(username) & {'/', ':'}, InvalidInputError("Invalid username"))
+            assert_or(not username.startswith('_'), InvalidInputError("Error: reserved username"))
+            assert_or(not (len(username) > 255), InvalidInputError("Username too long"))
+            assert_or(urllib.parse.quote(username) == username, InvalidInputError("Invalid username, must be URL safe"))
         validate_username(username)
         self.logger.debug(f"Creating user {username}")
         credential = hash_credential(username, password)
-        assert await self.get_user(username) is None, "Duplicate username"
+        assert_or(await self.get_user(username) is None, InvalidDataError(f"Duplicate username: {username}"))
         await self.cur.execute("INSERT INTO user (username, credential, is_admin, max_storage, permission) VALUES (?, ?, ?, ?, ?)", (username, credential, is_admin, max_storage, permission))
         self.logger.info(f"User {username} created")
         assert self.cur.lastrowid is not None
@@ -102,9 +102,9 @@ class UserConn(DBObjectBase):
         self, username: str, password: Optional[str] = None, is_admin: Optional[bool] = None, 
         max_storage: Optional[int] = None, permission: Optional[FileReadPermission] = None
         ):
-        assert not username.startswith('_'), "Error: reserved username"
-        assert not ('/' in username or len(username) > 255), "Invalid username"
-        assert urllib.parse.quote(username) == username, "Invalid username, must be URL safe"
+        assert_or(not username.startswith('_'), InvalidInputError("Error: reserved username"))
+        assert_or(not ('/' in username or len(username) > 255), InvalidInputError("Invalid username"))
+        assert_or(urllib.parse.quote(username) == username, InvalidInputError("Invalid username, must be URL safe"))
 
         current_record = await self.get_user(username)
         if current_record is None:
@@ -169,7 +169,8 @@ class UserConn(DBObjectBase):
             List all users that user can do [AliasLevel] to, with level >= level, 
         else:
             List all users that can do [AliasLevel] to user, with level >= level
-        Note: the returned list does not include user and is not apporiate for admin (who has all permissions for all users)
+
+        Note: the returned list does not include the user and is not apporiate for admin (who has all permissions for all users)
         """
         assert int(level) > AccessLevel.NONE, f"Invalid level, {level}"
         aim_field = 'src_user_id' if incoming else 'dst_user_id'
@@ -297,6 +298,12 @@ class FileConn(DBObjectBase):
         dirs = [await get_dir(url + d) for d in dirs_str]
         return dirs
     
+    async def is_dir_exist(self, url: str) -> bool:
+        if not url.endswith('/'): url += '/'
+        cursor = await self.cur.execute("SELECT 1 FROM fmeta WHERE url LIKE ? ESCAPE '\\' LIMIT 1", (self.escape_sqlike(url) + '%', ))
+        res = await cursor.fetchone()
+        return res is not None
+    
     async def count_dir_files(self, url: str, flat: bool = False):
         if not url.endswith('/'): url += '/'
         if url == '/': url = ''
@@ -463,8 +470,8 @@ class FileConn(DBObjectBase):
         Copy all files under old_url to new_url, 
         if user_id is None, will not change the owner_id of the files. Otherwise, will change the owner_id to user_id.
         """
-        assert old_url.endswith('/'), "Old path must end with /"
-        assert new_url.endswith('/'), "New path must end with /"
+        assert_or(old_url.endswith('/'), InvalidInputError("Old path must end with /"))
+        assert_or(new_url.endswith('/'), InvalidInputError("New path must end with /"))
         cursor = await self.cur.execute(
             "SELECT * FROM fmeta WHERE url LIKE ? ESCAPE '\\'",
             (self.escape_sqlike(old_url) + '%', )
@@ -484,37 +491,54 @@ class FileConn(DBObjectBase):
             await self._user_size_inc(user_id, old_record.file_size)
         self.logger.info(f"Copied path {old_url} to {new_url}")
     
-    async def move_file(self, old_url: str, new_url: str):
+    async def move_file(self, old_url: str, new_url: str, transfer_to_user: Optional[int] = None):
         old = await self.get_file_record(old_url)
         if old is None:
             raise FileNotFoundError(f"File {old_url} not found")
         new_exists = await self.get_file_record(new_url)
         if new_exists is not None:
             raise FileExistsError(f"File {new_url} already exists")
-        await self.cur.execute("UPDATE fmeta SET url = ?, create_time = CURRENT_TIMESTAMP WHERE url = ?", (new_url, old_url))
+        await self.cur.execute(
+            "UPDATE fmeta SET url = ?, owner_id = ?, create_time = CURRENT_TIMESTAMP WHERE url = ?", 
+            (new_url, old.owner_id if transfer_to_user is None else transfer_to_user, old_url)
+        )
+        if transfer_to_user is not None and transfer_to_user != old.owner_id:
+            await self._user_size_dec(old.owner_id, old.file_size)
+            await self._user_size_inc(transfer_to_user, old.file_size)
         self.logger.info(f"Moved file {old_url} to {new_url}")
     
-    async def move_dir(self, old_url: str, new_url: str, user_id: Optional[int] = None):
-        assert old_url.endswith('/'), "Old path must end with /"
-        assert new_url.endswith('/'), "New path must end with /"
-        if user_id is None:
-            cursor = await self.cur.execute(
-                "SELECT * FROM fmeta WHERE url LIKE ? ESCAPE '\\'",
-                (self.escape_sqlike(old_url) + '%', )
-                )
-            res = await cursor.fetchall()
-        else:
-            cursor = await self.cur.execute(
-                "SELECT * FROM fmeta WHERE url LIKE ? ESCAPE '\\' AND owner_id = ?", 
-                (self.escape_sqlike(old_url) + '%', user_id)
-                )
-            res = await cursor.fetchall()
+    async def transfer_ownership(self, url: str, new_owner: int):
+        old = await self.get_file_record(url)
+        if old is None:
+            raise FileNotFoundError(f"File {url} not found")
+        if new_owner == old.owner_id:
+            return
+        await self.cur.execute("UPDATE fmeta SET owner_id = ? WHERE url = ?", (new_owner, url))
+        await self._user_size_dec(old.owner_id, old.file_size)
+        await self._user_size_inc(new_owner, old.file_size)
+        self.logger.info(f"Transferred ownership of file {url} from user {old.owner_id} to user {new_owner}")
+    
+    async def move_dir(self, old_url: str, new_url: str, transfer_to_user: Optional[int] = None):
+        assert_or(old_url.endswith('/'), InvalidInputError("Old path must end with /"))
+        assert_or(new_url.endswith('/'), InvalidInputError("New path must end with /"))
+        cursor = await self.cur.execute(
+            "SELECT url, owner_id, file_size FROM fmeta WHERE url LIKE ? ESCAPE '\\'",
+            (self.escape_sqlike(old_url) + '%', )
+            )
+        res = await cursor.fetchall()
         for r in res:
-            new_r = new_url + r[0][len(old_url):]
-            if await (await self.cur.execute("SELECT url FROM fmeta WHERE url = ?", (new_r, ))).fetchone():
-                self.logger.error(f"File {new_r} already exists on move path: {old_url} -> {new_url}")
-                raise FileDuplicateError(f"File {new_r} already exists")
-            await self.cur.execute("UPDATE fmeta SET url = ?, create_time = CURRENT_TIMESTAMP WHERE url = ?", (new_r, r[0]))
+            r_url, r_user, r_size = r
+            new_url_full = new_url + r_url[len(old_url):]
+            if await (await self.cur.execute("SELECT url FROM fmeta WHERE url = ?", (new_url_full, ))).fetchone():
+                self.logger.error(f"File {new_url_full} already exists on move path: {old_url} -> {new_url}")
+                raise FileDuplicateError(f"File {new_url_full} already exists")
+            await self.cur.execute(
+                "UPDATE fmeta SET url = ?, owner_id = ?, create_time = CURRENT_TIMESTAMP WHERE url = ?", 
+                (new_url_full, r_user if transfer_to_user is None else transfer_to_user, r_url)
+                )
+            if transfer_to_user is not None and transfer_to_user != r_user:
+                await self._user_size_dec(r_user, r_size)
+                await self._user_size_inc(transfer_to_user, r_size)
     
     async def log_access(self, url: str):
         await self.cur.execute("UPDATE fmeta SET access_time = CURRENT_TIMESTAMP WHERE url = ?", (url, ))
@@ -529,17 +553,13 @@ class FileConn(DBObjectBase):
         self.logger.info(f"Deleted fmeta {url}")
         return file_record
     
-    async def delete_user_file_records(self, owner_id: int) -> list[FileRecord]:
-        """ Delete all records with owner_id """
+    async def list_user_file_records(self, owner_id: int) -> list[FileRecord]:
+        """ list all records with owner_id """
         cursor = await self.cur.execute("SELECT * FROM fmeta WHERE owner_id = ?", (owner_id, ))
         res = await cursor.fetchall()
-        await self.cur.execute("DELETE FROM usize WHERE user_id = ?", (owner_id, ))
-        res = await self.cur.execute("DELETE FROM fmeta WHERE owner_id = ? RETURNING *", (owner_id, ))
-        ret = [self.parse_record(r) for r in await res.fetchall()]
-        self.logger.info(f"Deleted {len(ret)} file records for user {owner_id}") # type: ignore
-        return ret
-    
-    async def delete_records_by_prefix(self, path: str, under_owner_id: Optional[int] = None) -> list[FileRecord]:
+        return [self.parse_record(r) for r in res]
+
+    async def delete_records_by_prefix(self, path: str) -> list[FileRecord]:
         """Delete all records with url starting with path"""
         # update user size
         cursor = await self.cur.execute(
@@ -559,10 +579,7 @@ class FileConn(DBObjectBase):
         # if any new records are created here, the size update may be inconsistent
         # but it's not a big deal... we should have only one writer
         
-        if under_owner_id is None:
-            res = await self.cur.execute("DELETE FROM fmeta WHERE url LIKE ? ESCAPE '\\' RETURNING *", (self.escape_sqlike(path) + '%', ))
-        else:
-            res = await self.cur.execute("DELETE FROM fmeta WHERE url LIKE ? ESCAPE '\\' AND owner_id = ? RETURNING *", (self.escape_sqlike(path) + '%', under_owner_id))
+        res = await self.cur.execute("DELETE FROM fmeta WHERE url LIKE ? ESCAPE '\\' RETURNING *", (self.escape_sqlike(path) + '%', ))
         all_f_rec = await res.fetchall()
         self.logger.info(f"Deleted {len(all_f_rec)} file(s) for path {path}") # type: ignore
         return [self.parse_record(r) for r in all_f_rec]
@@ -959,7 +976,13 @@ class Database:
                     raise PermissionDeniedError(f"Permission denied: {op_user.username} cannot move file {old_url}")
                 if await check_path_permission(new_url, op_user, cursor=cur) < AccessLevel.WRITE:
                     raise PermissionDeniedError(f"Permission denied: {op_user.username} cannot move file to {new_url}")
-            await fconn.move_file(old_url, new_url)
+            await fconn.move_file(old_url, new_url, transfer_to_user=op_user.id if op_user is not None else None)
+
+            # check user size limit if transferring ownership
+            if op_user is not None:
+                user_size_used = await fconn.user_size(op_user.id)
+                if user_size_used > op_user.max_storage:
+                    raise StorageExceededError(f"Unable to move file, user size limit exceeded: {user_size_used} > {op_user.max_storage}")
 
             new_mime, _ = mimetypes.guess_type(new_url)
             if not new_mime is None:
@@ -981,6 +1004,12 @@ class Database:
                 if await check_path_permission(new_url, op_user, cursor=cur) < AccessLevel.WRITE:
                     raise PermissionDeniedError(f"Permission denied: {op_user.username} cannot copy file to {new_url}")
             await fconn.copy_file(old_url, new_url, user_id=op_user.id if op_user is not None else None)
+
+            # check user size limit if transferring ownership
+            if op_user is not None:
+                user_size_used = await fconn.user_size(op_user.id)
+                if user_size_used > op_user.max_storage:
+                    raise StorageExceededError(f"Unable to copy file, user size limit exceeded: {user_size_used} > {op_user.max_storage}")
     
     async def move_dir(self, old_url: str, new_url: str, op_user: UserRecord):
         validate_url(old_url, 'dir')
@@ -990,9 +1019,9 @@ class Database:
             new_url = new_url[1:]
         if old_url.startswith('/'):
             old_url = old_url[1:]
-        assert old_url != new_url, "Old and new path must be different"
-        assert old_url.endswith('/'), "Old path must end with /"
-        assert new_url.endswith('/'), "New path must end with /"
+        assert_or(old_url != new_url, InvalidPathError("Old and new path must be different"))
+        assert_or(old_url.endswith('/'), InvalidPathError("Old path must end with /"))
+        assert_or(new_url.endswith('/'), InvalidPathError("New path must end with /"))
 
         async with unique_cursor() as cur:
             if not (
@@ -1004,6 +1033,12 @@ class Database:
         async with transaction() as cur:
             fconn = FileConn(cur)
             await fconn.move_dir(old_url, new_url, op_user.id)
+
+            # check user size limit
+            user_size_used = await fconn.user_size(op_user.id)
+            if user_size_used > op_user.max_storage:
+                raise StorageExceededError(f"Unable to move path, user size limit exceeded: {user_size_used} > {op_user.max_storage}")
+                
     
     async def copy_dir(self, old_url: str, new_url: str, op_user: UserRecord):
         validate_url(old_url, 'dir')
@@ -1013,9 +1048,9 @@ class Database:
             new_url = new_url[1:]
         if old_url.startswith('/'):
             old_url = old_url[1:]
-        assert old_url != new_url, "Old and new path must be different"
-        assert old_url.endswith('/'), "Old path must end with /"
-        assert new_url.endswith('/'), "New path must end with /"
+        assert_or(old_url != new_url, InvalidPathError("Old and new path must be different"))
+        assert_or(old_url.endswith('/'), InvalidPathError("Old path must end with /"))
+        assert_or(new_url.endswith('/'), InvalidPathError("New path must end with /"))
 
         async with unique_cursor() as cur:
             if not (
@@ -1028,7 +1063,12 @@ class Database:
             fconn = FileConn(cur)
             await fconn.copy_dir(old_url, new_url, op_user.id)
 
-    async def __batch_delete_file_blobs(self, fconn: FileConn, file_records: list[FileRecord], batch_size: int = 512):
+            # check user size limit
+            user_size_used = await fconn.user_size(op_user.id)
+            if user_size_used > op_user.max_storage:
+                raise StorageExceededError(f"Unable to copy path, user size limit exceeded: {user_size_used} > {op_user.max_storage}")
+
+    async def __batch_unlink_file_blobs(self, fconn: FileConn, file_records: list[FileRecord], batch_size: int = 512):
         # https://github.com/langchain-ai/langchain/issues/10321
         internal_ids = []
         external_ids = []
@@ -1049,14 +1089,16 @@ class Database:
 
     async def delete_dir(self, url: str, op_user: Optional[UserRecord] = None) -> Optional[list[FileRecord]]:
         validate_url(url, 'dir')
-        from_owner_id = op_user.id if op_user is not None and not (op_user.is_admin or await check_path_permission(url, op_user) >= AccessLevel.WRITE) else None
+        if op_user is not None:
+            if await check_path_permission(url, op_user) < AccessLevel.WRITE:
+                raise PermissionDeniedError(f"Permission denied: {op_user.username} cannot delete path {url}")
 
         async with transaction() as cur:
             fconn = FileConn(cur)
-            records = await fconn.delete_records_by_prefix(url, from_owner_id)
+            records = await fconn.delete_records_by_prefix(url)
             if not records:
                 return None
-            await self.__batch_delete_file_blobs(fconn, records)
+            await self.__batch_unlink_file_blobs(fconn, records)
             return records
     
     async def delete_user(self, u: str | int):
@@ -1070,14 +1112,33 @@ class Database:
             await uconn.delete_user(user.username)
 
             fconn = FileConn(cur)
-            records = await fconn.delete_user_file_records(user.id)
-            self.logger.debug("Deleting files...")
-            await self.__batch_delete_file_blobs(fconn, records)
-            self.logger.info(f"Deleted {len(records)} file(s) for user {user.username}")
 
             # make sure the user's directory is deleted, 
-            # may contain admin's files, but delete them all
-            await fconn.delete_records_by_prefix(user.username + '/')
+            to_del_records = await fconn.delete_records_by_prefix(user.username + '/')
+
+            # transfer ownership of files outside the user's directory
+            to_transfer_records = await fconn.list_user_file_records(user.id)
+            __user_map: dict[str, UserRecord] = {}
+            for r in to_transfer_records:
+                r_username = r.url.split('/')[0]
+                if not r_username in __user_map:
+                    r_user = await uconn.get_user(r_username)
+                    assert r_user is not None, f"User {r_username} not found"
+                    __user_map[r_username] = r_user
+                r_user = __user_map[r_username]
+                await fconn.transfer_ownership(r.url, r_user.id)
+
+            # check user size limit
+            for r_user in __user_map.values():
+                user_size_used = await fconn.user_size(r_user.id)
+                if user_size_used > r_user.max_storage:
+                    raise StorageExceededError(f"Unable to transfer files, user size limit exceeded for {r_user.username}: {user_size_used} > {r_user.max_storage}")
+
+            self.logger.info(f"Transferred ownership of {len(to_transfer_records)} file(s) outside user {user.username}'s directory")
+
+            # release file blobs finally
+            await self.__batch_unlink_file_blobs(fconn, to_del_records)
+            self.logger.info(f"Deleted user {user.username} and {len(to_del_records)} file(s) under the user's directory")
     
     async def iter_dir(self, top_url: str, urls: Optional[list[str]]) -> AsyncIterable[tuple[FileRecord, bytes | AsyncIterable[bytes]]]:
         validate_url(top_url, 'dir')
@@ -1159,7 +1220,7 @@ async def _get_path_owner(cur: aiosqlite.Cursor, path: str) -> UserRecord:
     uconn = UserConn(cur)
     path_user = await uconn.get_user(path_username)
     if path_user is None:
-        raise InvalidPathError(f"Invalid path: {path_username} is not a valid username")
+        raise PathNotFoundError(f"Path not found: {path_username} is not a valid username")
     return path_user
 
 async def check_file_read_permission(user: UserRecord, file: FileRecord, cursor: Optional[aiosqlite.Cursor] = None) -> tuple[bool, str]:

lfss/eng/datatype.py

@@ -1,5 +1,6 @@
 from enum import IntEnum
 import dataclasses, typing
+import urllib.parse
 from .utils import fmt_storage_size
 
 class FileReadPermission(IntEnum):
@@ -32,6 +33,10 @@ class UserRecord:
     def __str__(self):
         return  f"User {self.username} (id={self.id}, admin={self.is_admin}, created at {self.create_time}, last active at {self.last_active}, " + \
                 f"storage={fmt_storage_size(self.max_storage)}, permission={self.permission.name})"
+    
+    def desensitize(self):
+        self.credential = "__HIDDEN__"
+        return self
 
 @dataclasses.dataclass
 class FileRecord:
@@ -45,7 +50,12 @@ class FileRecord:
     external: bool
     mime_type: str
 
+    def name(self, raw: bool = False):
+        name = self.url.rsplit('/', 1)[-1]
+        return name if raw else urllib.parse.unquote(name)
+
     def __post_init__(self):
+        assert not self.url.endswith('/'), "File URL should not end with '/'"
         self.permission = FileReadPermission(self.permission)
 
     def __str__(self):
@@ -61,6 +71,15 @@ class DirectoryRecord:
     access_time: str = ""
     n_files: int = -1
 
+    def name(self, raw: bool = False):
+        if self.url == "/" or self.url == "": 
+            return ""
+        name = self.url.rstrip('/').rsplit('/', 1)[-1]
+        return name if raw else urllib.parse.unquote(name)
+
+    def __post_init__(self):
+        assert self.url.endswith('/'), "Directory URL should end with '/'"
+
     def __str__(self):
         return f"Directory {self.url} (size={fmt_storage_size(self.size)}, created at {self.create_time}, updated at {self.update_time}, accessed at {self.access_time}, n_files={self.n_files})"
 

lfss/eng/error.py

@@ -1,4 +1,5 @@
 import sqlite3
+from typing import Callable
 
 class LFSSExceptionBase(Exception):...
 
@@ -8,7 +9,9 @@ class InvalidOptionsError(LFSSExceptionBase, ValueError):...
 
 class InvalidDataError(LFSSExceptionBase, ValueError):...
 
-class InvalidPathError(LFSSExceptionBase, ValueError):...
+class InvalidInputError(InvalidDataError):...
+
+class InvalidPathError(InvalidDataError):...
 
 class DatabaseLockedError(LFSSExceptionBase, sqlite3.DatabaseError):...
 
@@ -22,4 +25,13 @@ class PermissionDeniedError(LFSSExceptionBase, PermissionError):...
 
 class StorageExceededError(LFSSExceptionBase):...
 
-class TooManyItemsError(LFSSExceptionBase):...
+class TooManyItemsError(LFSSExceptionBase):...
+
+def assert_or(condition: bool, exception: LFSSExceptionBase | Callable[[], LFSSExceptionBase]):
+    if not condition:
+        if isinstance(exception, Exception):
+            raise exception
+        elif callable(exception):
+            raise exception()
+        else:
+            raise TypeError("Exception must be an instance of LFSSExceptionBase or a callable returning one")

lfss/svc/app.py

@@ -1,7 +1,9 @@
 from .app_base import ENABLE_WEBDAV
 from .app_native import *
+from .app_native_user import *
 
 # order matters
+app.include_router(router_user)
 app.include_router(router_api)
 if ENABLE_WEBDAV:
     from .app_dav import *

lfss/svc/app_base.py

@@ -147,12 +147,16 @@ async def registered_user(user: UserRecord = Depends(get_current_user)):
     return user
 
 router_api = APIRouter(prefix="/_api")
+router_user = APIRouter(prefix="/_api/user")
 router_dav = APIRouter(prefix="")
 router_fs = APIRouter(prefix="")
 
 __all__ = [
     "app", "db", "logger", 
     "handle_exception", "skip_request_log", 
-    "router_api", "router_fs", "router_dav", 
-    "get_current_user", "registered_user"
+    "get_current_user", "registered_user", 
+    "router_api", 
+    "router_user", 
+    "router_fs", 
+    "router_dav", 
     ]