Skip to content
/ sfs-cli Public

Simple Bloody Storage, innit? Just chuck in your files, holds 'em steady, no faff. Works a treat, plain and proper.

7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fossMeDaddy/sfs-cli

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 

Repository files navigation

Simple Fucking Storage (SFS) [WIP]

Use Simple File Storage for scenarios when you really can't use any NSFW words :)

Basic Idea

A wrapper on top of your existing storage solutions like AWS's S3 or Cloudflare's R2.

Let me lay down a mental model of how SFS is a necessary and actually a good abstraction over traditional key-value mapped object storage solutions.

SFS creates an imaginary file system for you, which is intended to be like the file system you have on your machine.

  • All users get one API_SECRET, API_KEY pair to control their file system.
  • The API credentials allow the user to create access tokens
  • Access tokens allow the user to do anything inside the / (root) path in their file system, user can create nested directories and files inside directories.
  • Users can provide fine-grained visibility and control of their own file system to other users via generating access tokens and fine-graining access by "ACPs"

ACP (Access Control Path)

a permission format used as input to generate access tokens.

An ACP contains the following information:

  1. PERMS: what kind of operation(s) are allowed. possible values are create, read, update, delete
  2. PATH PATTERN: what subpath(s) are allowed. example values: public/images/**.{jpeg|jpg|png}, public/**.*, dist/bin/cli.exe
permission:/pseudo/regex/string/**/*.{exe|out|o|bin}

here are some examples of valid ACPs:

  • r:/projects/sfs/src.zip - read access to the file present at /projects/sfs/src.zip
  • rcu:/projects/sfs/src/**.* - create, read and update access to file of ANY type (*.*) in ALL FILES OF ALL NESTED DIRECTORIES in src (**)
  • rd:/tmp/artifacts/arm64-*.bin - read and delete access to any file starting with name "arm64-" and having a ".bin" extension (arm64-*.bin) present in the "artifacts" directory. NO NESTED DIRECTORIES ARE PERMITTED due to the absence of **

Trivial Scenario

as the owner of a file system, let's say I have a file tree in my file system that looks like this:

home/
  - users/
    - johnd092/
      - files/
        - profile.jpeg
        - cover_image.jpeg
        - resume.pdf
  - apps/
    - releases/
      - bin1.exe
      - bin2.exe

I have a user johnd092 wanting to edit his images in my file system, I can generate an access token for john and fine-grain his access by passing in curd:/home/users/johnd092/files/*.{jpeg|jpg|png|webp} as an ACP inside access token generation API to generate an access token allowing john to perform all operations (read, create, update and delete) on the files that are covered by the pseudo-regex string.

And this is all there is to SFS, so you don't have to take 30-hour udemy courses on how to make your pre-signed url work.

NOTE:

This is a heavy work in progress and not even functional as of me writing this readme (30 oct, 24)

About

Simple Bloody Storage, innit? Just chuck in your files, holds 'em steady, no faff. Works a treat, plain and proper.

Resources

Readme
Activity

Stars

7 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

0.0.1 Latest
Jan 13, 2025

Packages

No packages published

Languages