• last updated 47 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
download-archive reform

File-Storage used to generate downloaded archives in tgz format, to then switch to zip, more user-friendly, in particular outside the Linux world (See https://openacs.org/forums/message-view?message_id=557561). To ease the transition, a couple of parameters and relative API were introduced that would allow to choose the preferred command one should use. During this reform however, default parameter values in the tcl code became inconsistent with those in the info file. Furthermore, the chosen defaults were set as absolute paths to the executable, which is not friendly to non-linux environments, or other scenarios where the "typical" Linux filesystem structure cannot be assumed (e.g. containers, MacOS...).

The only usage of this parameters/api was in fact in the download-archive vuh. In upstream codebase, no package references this file, not even the file-storage itself. Upon review, one could see that the file would also allow to specify a custom download filename via the path, which could be considered questionable. It would also execute the command in a way that once again assumes some form of Linux environment (e.g. invoking bash).

Save for the ability to customize the archive format and the anti-feature of being able to manipulate the archive filename via the path, the script largely relplicates www/download-zip, in a better shape after a few reforms hinted by e.g. penetration tools.

Given the aformentioned considerations, I have decided to make download-archive a simple redirect to download-zip. Specifying the object_id via the path will keep working, while URLs out there expecting the name to change will not fail, but the name will not be modified. The archive format will from now on be assumed to be zip.

    • -1
    • +15
    ./tcl/file-storage-install-procs.tcl
    • -57
    • +24
    ./www/download-archive/index.vuh
Cleanup of external binaries: always use "util::which" to resolve binaries

  1. … 5 more files in changeset.
Improved consistency with external programs

Since "unzip" is used as well on various other places,

use it as well in the file storage. This means that

the parameter "UnzipBinary" for the file-storage package

is now obsolete.

strengthen boolean parameters in page contracts

  1. … 23 more files in changeset.
Make values optional, as the user should supply them via the form

Reintroduce "short_name" list element in the folder-chunk, used in the list format and not exactly equivalent to "name"

bumped version numbers to 5.10.1b1

  1. … 85 more files in changeset.
regenerated documentation

  1. … 294 more files in changeset.
Sign the return_url we set when we generate a zip file to prevent tampering

Test external command dependency for the package

Make sure, that also when the number of days is supplied as empty, we set it to a valid default

harden page_contract

Fix english

Deprecate fs::get_folder_contents

Avoid using get_folder_contents, doing a lot more stuff, and get the info from the db directly

Retrieve only the necessary information

Replace ad_tmpnam

Complete api coverage for the package

Cover remaining export api

    • -15
    • +129
    ./tcl/test/file-storage-procs.tcl
Make fs::get_folder_contents private: this api is only used internally to the file-storage over the codebase and its documentation suggests that it should be used with caution

Deprecate trivial fs::get_archive_extension and inline its only upstream occurrence

Prevent usage of fs::get_archive_command outside a file-storage connection context, as in this case the parameter value will be uspecified

Deprecate fs::item_editable_info and fs::item_editable_p, probably unfinished work towards some kind of inline editing feature

Increase proc coverage

check permission before adding file to zip directory

Declare api as tested

Make the api creating the Service Contract implementations for RSS in the file-storage package private, as they are meant to be invoked only once at install/uninstall time

Deprecate fs::torrent::get_hashsum, which can be replaced by a oneliner idiom on modern NaviServer

Increase proc coverage

    • -1
    • +169
    ./tcl/test/file-storage-procs.tcl
Deprecate fs::add_created_version

This api was nowhere used in upstream code, however, allowed to create a new file object revision by text content, different from fs::add_version, which would only allow to create a revision from a file.

As the two apis were otherwise identical, I have ported the behavior of fs::add_created_version info fs::add_version.

The new fs::add_version will also take many defaults for unspecified parameters from the existing content item.