The check could be expensive with some backends and is generally
only required the first time that a user logs in
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
we know if the client asks to remove a file or directory so let's
use the appropriate command without letting the sftp library guess
the appropriate behavior
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
if you share a single folder with read scope, you can now browse the share
and download single files
Fixes#674
See #677
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
The updated version avoid to always create a socket connected to the
journald on application start.
Now the socket is only created if we log to the journald
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
naming rules allow to support case insensitive usernames, trim trailing
and leading white spaces, and accept any valid UTF-8 characters in
usernames.
If you were enabling `skip_natural_keys_validation` now you need to
set `naming_rules` to `1`
Fixes#687
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
with total limit or separate settings for uploads and downloads and
overrides based on the client's IP address.
Limits can be reset using the REST API
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
301 MovedPermanently is cached by the browser which can
be annoying when it is is on base path like / while one
may reuse the domain (e.g. localhost) for other apps/tests.
Fixes#695
Signed-off-by: Jeremy Clerc <jeremy@clerc.io>
Disallowed files/dirs can be completly hidden. This may cause performance
issues for large directories
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
We can tighten security by adding the following to
the systemd service file:
* NoNewPrivileges: should never be needed
* DevicePolicy: only basics required
* PrivateDevices: only needs mounted stuff, never devs
* ProtectSystem: no need to change boot
* RestrictAddressFamilies: INET, UNIX only
Signed-off-by: Marc <mail@lpcvoid.com>
the clone button is not needed anymore, you can select a user and
click on template to generate one or more similar users or you can
create users/folders from an empty template
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
The page to add/edit users should be less less intimidating now.
All the advanced settings are hidden by default. Permissions are set
to any, so if you also have a users base dir set, to add a user
you have to simply set username, password or public key and save
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>