Closed rajeevb2 closed 8 years ago
Thank you. I will try this out. When is 0.5 coming out? I would love to see if you can somehow support roles (beyond client verification) also -- like Unix/Linux file permissions that allow or disallow fileops on certain files using authorization. I am happy to help here too.
0.5 was out 3 days ago, I just forgot to add proper release tags... Sorry! You might use the verifyClient mechanism to add some kind of roles as well - the accept callback makes it possible to pass a custom file system implementation as well in addition to the options in the sample code above:
return accept({
userName: userName,
filesystem: new CustomFilesystem(userName),
virtualRoot: '/data',
readOnly: false,
});
The filesystem object has to implement functions defined by IFilesystem and the easiest way to get started is to create a wrapper around the built-in LocalFilesystem object that optionally modifies its functionality to some degree:
var CustomFilesystem = (function () {
function CustomFilesystem(userName) {
this.userName = userName;
this.inner = new SFTP.LocalFilesystem();
}
CustomFilesystem.prototype.open = function (path, flags, attrs, callback) {
this.inner.open(path, flags, attrs, callback);
};
CustomFilesystem.prototype.close = function (handle, callback) {
this.inner.close(handle, callback);
};
CustomFilesystem.prototype.read = function (handle, buffer, offset, length, position, callback) {
this.inner.read(handle, buffer, offset, length, position, callback);
};
CustomFilesystem.prototype.write = function (handle, buffer, offset, length, position, callback) {
this.inner.write(handle, buffer, offset, length, position, callback);
};
CustomFilesystem.prototype.lstat = function (path, callback) {
this.inner.lstat(path, callback);
};
CustomFilesystem.prototype.fstat = function (handle, callback) {
this.inner.fsetstat(handle, callback);
};
CustomFilesystem.prototype.setstat = function (path, attrs, callback) {
this.inner.setstat(path, attrs, callback);
};
CustomFilesystem.prototype.fsetstat = function (handle, attrs, callback) {
this.inner.fsetstat(handle, attrs, callback);
};
CustomFilesystem.prototype.opendir = function (path, callback) {
this.inner.opendir(path, callback);
};
CustomFilesystem.prototype.readdir = function (handle, callback) {
this.inner.readdir(handle, callback);
};
CustomFilesystem.prototype.unlink = function (path, callback) {
this.inner.unlink(path, callback);
};
CustomFilesystem.prototype.mkdir = function (path, attrs, callback) {
this.inner.mkdir(path, attrs, callback);
};
CustomFilesystem.prototype.rmdir = function (path, callback) {
this.inner.rmdir(path, callback);
};
CustomFilesystem.prototype.realpath = function (path, callback) {
this.inner.realpath(path, callback);
};
CustomFilesystem.prototype.stat = function (path, callback) {
this.inner.stat(path, callback);
};
CustomFilesystem.prototype.rename = function (oldPath, newPath, callback) {
this.inner.rename(oldPath, newPath, callback);
};
CustomFilesystem.prototype.readlink = function (path, callback) {
this.inner.readlink(path, callback);
};
CustomFilesystem.prototype.symlink = function (targetpath, linkpath, callback) {
this.inner.symlink(targetpath, linkpath, callback);
};
CustomFilesystem.prototype.link = function (oldPath, newPath, callback) {
this.inner.link(oldPath, newPath, callback);
};
return CustomFilesystem;
})();
For example, you might modify these functions to check for appropriate permissions before performing the desired action, and/or to use file attributes located in some kind of a database instead of real filesystem ones.
In the future, I would like to add a high-level API for creating custom filesystems more easily, but I'm currently busy with other features. However, a custom SFTP-enabled file storage that stores file data in the filesystem and attributes (uid/gid/permissions) in a database sounds like a great idea! If you would like to help with this, please let me know at lukas@nuane.com
Thanks Lukas. I will try this out.
Rajeev
On Oct 14, 2015, at 3:22 PM, Lukas Pokorny notifications@github.com wrote:
0.5 was out 3 days ago, I just forgot to add proper release tags... Sorry! You might use the verifyClient mechanism to add some kind of roles as well - the accept callback makes it possible to pass a custom file system implementation as well in addition to the options in the sample code above:
return accept({ userName: userName, filesystem: new CustomFilesystem(userName), virtualRoot: '/data', readOnly: false, }); The filesystem object has to implement functions defined by IFilesystem https://github.com/lukaaash/sftp-ws/blob/master/src/lib/fs-api.ts and the easiest way to get started is to create a wrapper around the built-in LocalFilesystem object that optionally modifies its functionality to some degree:
var CustomFilesystem = (function () { function CustomFilesystem(userName) { this.userName = userName; this.inner = new SFTP.LocalFilesystem(); }
CustomFilesystem.prototype.open = function (path, flags, attrs, callback) { this.inner.open(path, flags, attrs, callback); }; CustomFilesystem.prototype.close = function (handle, callback) { this.inner.close(handle, callback); }; CustomFilesystem.prototype.read = function (handle, buffer, offset, length, position, callback) { this.inner.read(handle, buffer, offset, length, position, callback); }; CustomFilesystem.prototype.write = function (handle, buffer, offset, length, position, callback) { this.inner.write(handle, buffer, offset, length, position, callback); }; CustomFilesystem.prototype.lstat = function (path, callback) { this.inner.lstat(path, callback); }; CustomFilesystem.prototype.fstat = function (handle, callback) { this.inner.fsetstat(handle, callback); }; CustomFilesystem.prototype.setstat = function (path, attrs, callback) { this.inner.setstat(path, attrs, callback); }; CustomFilesystem.prototype.fsetstat = function (handle, attrs, callback) { this.inner.fsetstat(handle, attrs, callback); }; CustomFilesystem.prototype.opendir = function (path, callback) { this.inner.opendir(path, callback); }; CustomFilesystem.prototype.readdir = function (handle, callback) { this.inner.readdir(handle, callback); }; CustomFilesystem.prototype.unlink = function (path, callback) { this.inner.unlink(path, callback); }; CustomFilesystem.prototype.mkdir = function (path, attrs, callback) { this.inner.mkdir(path, attrs, callback); }; CustomFilesystem.prototype.rmdir = function (path, callback) { this.inner.rmdir(path, callback); }; CustomFilesystem.prototype.realpath = function (path, callback) { this.inner.realpath(path, callback); }; CustomFilesystem.prototype.stat = function (path, callback) { this.inner.stat(path, callback); }; CustomFilesystem.prototype.rename = function (oldPath, newPath, callback) { this.inner.rename(oldPath, newPath, callback); }; CustomFilesystem.prototype.readlink = function (path, callback) { this.inner.readlink(path, callback); }; CustomFilesystem.prototype.symlink = function (targetpath, linkpath, callback) { this.inner.symlink(targetpath, linkpath, callback); }; CustomFilesystem.prototype.link = function (oldPath, newPath, callback) { this.inner.link(oldPath, newPath, callback); }; return CustomFilesystem;
})(); For example, you might modify these functions to check for appropriate permissions before performing the desired action, and/or to use file attributes located in some kind of a database instead of real filesystem ones.
In the future, I would like to add a high-level API for creating custom filesystems more easily, but I'm currently busy with other features. However, a custom SFTP-enabled file storage that stores file data in the filesystem and attributes (uid/gid/permissions) in a database sounds like a great idea! If you would like to help with this, please let me know at lukas@nuane.com mailto:lukas@nuane.com — Reply to this email directly or view it on GitHub https://github.com/lukaaash/sftp-ws/issues/3#issuecomment-148220196.
Yes, there is, but it was not fully implemented until v0.5.0 (and thus unusable). Now you can implement a custom verifyClient handler that should be perfectly capable of authenticating with JWT. For simplicity, the following code demonstrates a very simple "Basic" authentication (this is not going to work with web-based clients, of course, but JWT will).