Delete (single) file/s via Webinterface

PirateBox-Dev / PirateBoxScripts_Webserver

PirateBox Scriptcollection for running in Webserver

GNU General Public License v3.0

206 stars 101 forks source link

Delete (single) file/s via Webinterface #40

Open MaStr opened 11 years ago

stylesuxx commented 10 years ago

Who should be able to delete files?

The user who uploaded them: This could be implementd in a similar way as the possibility to delete board posts when a password is set on creation
The owner of the piratebox: This would mean there has to be some kind of "admin user" for file management - or a password set by the uploading user so he can delete it, and a global password with which every file can be deleted.

Let me know which variant you would prefer and I will implement it.

MaStr commented 10 years ago

The owner would be the first approach, that is what is most wanted.

Thank you.

stylesuxx commented 10 years ago

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.

MaStr commented 10 years ago

Good Point. We should consider running the admin interface on port 443 and SSL only. That complete part would be better to be developed in a feature branch instead of directly in the development branch, I think.

On 31 Aug 2014, at 22:45, Chris notifications@github.com wrote:

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.

— Reply to this email directly or view it on GitHub.

stylesuxx commented 10 years ago

Alright, I can do this in a feature branch. I use the gitflow branching model, so I basically do all the changes in seperate branches.

Is SSL enabled? I have the 1.0 version on my mr3020 and tried to access the piratebox via https, but no luck.

MaStr commented 10 years ago

Not yet. It should be enabled, when we come around with an separate Admin-Interface.

That may need additional packages on OpenWrt, we have to remember that. That could be a reason to not launch it with a 1.x release and keep it for a larger 2.0 release (Because it breakes compatibility).

deavmi commented 8 years ago

An admin interface would be cool. Of which could contain the ability for the admin to delete files.

Users can only delete files they uploaded.