diff options
| author | Dan Engelbrecht <[email protected]> | 2024-10-23 10:31:43 +0200 |
|---|---|---|
| committer | GitHub Enterprise <[email protected]> | 2024-10-23 10:31:43 +0200 |
| commit | 530ab3394938331f224058c381a1db5d4a68e6a9 (patch) | |
| tree | 5060eb394d67b7454855aed0fa8d7d3acf5f5c98 /src/zenserver/workspaces/httpworkspaces.h | |
| parent | fix gc date (#204) (diff) | |
| download | zen-530ab3394938331f224058c381a1db5d4a68e6a9.tar.xz zen-530ab3394938331f224058c381a1db5d4a68e6a9.zip | |
workspace share security (#192)
- Improvement: Reworked workspace shares to be more secure. Workspaces and workspace shares can only be created using the `zen workspace` command, the http endpoint is disabled unless zenserver is started with the `--workspaces-allow-changes` option enabled.
- Each workspace are now configured via a `zenworkspaceconfig.json` file in the root of each workspace
- A workspace can allow shares to be created via the http interface if the workspace is created with the `--allow-share-create-from-http` option enabled
- A new http endpoint at `/ws` - issuing a `Get` operation will get you a list of workspaces
- A new http endpoint at `/ws/refresh` - issuing a `Get` will make zenserver scan for edits in workspaces and workspace shares
Diffstat (limited to 'src/zenserver/workspaces/httpworkspaces.h')
| -rw-r--r-- | src/zenserver/workspaces/httpworkspaces.h | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/src/zenserver/workspaces/httpworkspaces.h b/src/zenserver/workspaces/httpworkspaces.h index dfa50f822..f01f58b86 100644 --- a/src/zenserver/workspaces/httpworkspaces.h +++ b/src/zenserver/workspaces/httpworkspaces.h @@ -10,15 +10,16 @@ namespace zen { class Workspaces; -struct FileServeConfig +struct WorkspacesServeConfig { std::filesystem::path SystemRootDir; + bool AllowConfigurationChanges = false; }; class HttpWorkspacesService final : public HttpService, public IHttpStatsProvider { public: - HttpWorkspacesService(HttpStatsService& StatsService, const FileServeConfig& Cfg, Workspaces& Workspaces); + HttpWorkspacesService(HttpStatsService& StatsService, const WorkspacesServeConfig& Cfg, Workspaces& Workspaces); virtual ~HttpWorkspacesService(); virtual const char* BaseUri() const override; @@ -50,9 +51,13 @@ private: void Initialize(); std::filesystem::path GetStatePath() const; - void ReadState(); - void WriteState(); + void RefreshState(); + // void WriteState(); + bool MayChangeConfiguration(const HttpServerRequest& Req) const; + + void WorkspacesRequest(HttpRouterRequest& Req); + void RefreshRequest(HttpRouterRequest& Req); void FilesRequest(HttpRouterRequest& Req); void ChunkInfoRequest(HttpRouterRequest& Req); void BatchRequest(HttpRouterRequest& Req); @@ -75,12 +80,12 @@ private: void ChunkRequest(HttpRouterRequest& Req, const Oid& WorkspaceId, const Oid& ShareId, const Oid& ChunkId); void ShareRequest(HttpRouterRequest& Req, const Oid& WorkspaceId, const Oid& InShareId); - HttpStatsService& m_StatsService; - const FileServeConfig m_Config; - HttpRequestRouter m_Router; - Workspaces& m_Workspaces; - WorkspacesStats m_WorkspacesStats; - metrics::OperationTiming m_HttpRequests; + HttpStatsService& m_StatsService; + const WorkspacesServeConfig m_Config; + HttpRequestRouter m_Router; + Workspaces& m_Workspaces; + WorkspacesStats m_WorkspacesStats; + metrics::OperationTiming m_HttpRequests; }; } // namespace zen |