Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: new auth #218

Merged
merged 1 commit into from
Jun 1, 2023
Merged

feat: new auth #218

merged 1 commit into from
Jun 1, 2023

Conversation

sigoden
Copy link
Owner

@sigoden sigoden commented Jun 1, 2023
edited
Loading

The access level path control used by dufs has two disadvantages:

  1. One path cannot support multiple users
  2. It is very troublesome to set multiple paths for one user

So it needs to be refactored.
The new auth is account based, it closes #207, closes #208.

Access Control

Dufs supports account based access control. You can control who can do what on which path with --auth/-a.

dufs -a [user:pass]@path[:rw][,path[:rw]...][|...]

1: Multiple rules are separated by "|"
2: User and pass are the account name and password, if omitted, it is an anonymous user
3: One rule can set multiple paths, separated by ","
4: Add :rw after the path to indicate that the path has read and write permissions, otherwise the path has readonly permissions.

dufs -A -a admin:admin@/:rw

admin has all permissions for all paths.

dufs -A -a admin:admin@/:rw -a guest:guest@/

guest has readonly permissions for all paths.

dufs -A -a admin:admin@/:rw -a @/

All paths is public, everyone can view/download it.

dufs -A -a admin:admin@/:rw -a user1:pass1@/user1:rw -a user2:pass2@/user2
dufs -A -a "admin:admin@/:rw|user1:pass1@/user1:rw|user2:pass2@/user2"

user1 has all permissions for /user1/* path.
user2 has all permissions for /user2/* path.

dufs -A -a user:pass@/dir1:rw,/dir2:rw,dir3

user has all permissions for /dir1/* and /dir2/*, has readonly permissions for /dir3/.

dufs -a admin:admin@/

Since dufs only allows viewing/downloading, admin can only view/download files.

BREAKING CHANGE: new auth

@sigoden sigoden merged commit f8ea416 into main Jun 1, 2023
@sigoden sigoden deleted the new-auth branch June 1, 2023 10:52
@p-linnane p-linnane mentioned this pull request Jun 1, 2023
Merged
@neuronull neuronull mentioned this pull request Jun 2, 2023
Merged
MuXiu1997 added a commit to MuXiu1997/cloud-server-services that referenced this pull request Aug 26, 2023
@MuXiu1997
Update values to adapt to the v0.36.0 version of dufs
2a00cf9 
Ref: sigoden/dufs#218
MuXiu1997 added a commit to MuXiu1997/cloud-server-services that referenced this pull request Aug 26, 2023
@MuXiu1997
Update values to adapt to the v0.36.0 version of dufs
de944b1 
Ref: sigoden/dufs#218
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@sigoden