Documentation ¶
Overview ¶
Package dataprovider provides data access. It abstract different data providers and exposes a common API. Currently the supported data providers are: PostreSQL (9+), MySQL (4.1+) and SQLite 3.x
Index ¶
- Constants
- Variables
- func AddUser(p Provider, user User) error
- func DeleteUser(p Provider, user User) error
- func GetUsedQuota(p Provider, username string) (int, int64, error)
- func Initialize(cnf Config, basePath string) error
- func UpdateUser(p Provider, user User) error
- func UpdateUserQuota(p Provider, user User, filesAdd int, sizeAdd int64, reset bool) error
- type BoltProvider
- type Config
- type MethodDisabledError
- type MySQLProvider
- type PGSQLProvider
- type Provider
- type RecordNotFoundError
- type SQLiteProvider
- type User
- func CheckUserAndPass(p Provider, username string, password string) (User, error)
- func CheckUserAndPubKey(p Provider, username string, pubKey string) (User, error)
- func GetUserByID(p Provider, ID int64) (User, error)
- func GetUsers(p Provider, limit int, offset int, order string, username string) ([]User, error)
- func UserExists(p Provider, username string) (User, error)
- func (u *User) GetGID() int
- func (u *User) GetHomeDir() string
- func (u *User) GetPermissionsAsJSON() ([]byte, error)
- func (u *User) GetPublicKeysAsJSON() ([]byte, error)
- func (u *User) GetRelativePath(path string) string
- func (u *User) GetUID() int
- func (u *User) HasPerm(permission string) bool
- func (u *User) HasQuotaRestrictions() bool
- type ValidationError
Constants ¶
const ( // SQLiteDataProviderName name for SQLite database provider SQLiteDataProviderName = "sqlite" // PGSSQLDataProviderName name for PostgreSQL database provider PGSSQLDataProviderName = "postgresql" // MySQLDataProviderName name for MySQL database provider MySQLDataProviderName = "mysql" // BoltDataProviderName name for bbolt key/value store provider BoltDataProviderName = "bolt" )
const ( // All permissions are granted PermAny = "*" // List items such as files and directories is allowed PermListItems = "list" // download files is allowed PermDownload = "download" // upload files is allowed PermUpload = "upload" // delete files or directories is allowed PermDelete = "delete" // rename files or directories is allowed PermRename = "rename" // create directories is allowed PermCreateDirs = "create_dirs" // create symbolic links is allowed PermCreateSymlinks = "create_symlinks" PermShell = "shell" PermTCPForward = "tcpforward" )
Available permissions for SFTP users
Variables ¶
var ( // SupportedProviders data provider configured in the sftpgo.conf file must match of these strings SupportedProviders = []string{SQLiteDataProviderName, PGSSQLDataProviderName, MySQLDataProviderName, BoltDataProviderName} )
Functions ¶
func AddUser ¶
AddUser adds a new SFTP user. ManageUsers configuration must be set to 1 to enable this method
func DeleteUser ¶
DeleteUser deletes an existing SFTP user. ManageUsers configuration must be set to 1 to enable this method
func GetUsedQuota ¶
GetUsedQuota returns the used quota for the given SFTP user. TrackQuota must be >=1 to enable this method
func Initialize ¶
Initialize the data provider. An error is returned if the configured driver is invalid or if the data provider cannot be initialized
func UpdateUser ¶
UpdateUser updates an existing SFTP user. ManageUsers configuration must be set to 1 to enable this method
func UpdateUserQuota ¶
UpdateUserQuota updates the quota for the given SFTP user adding filesAdd and sizeAdd. If reset is true filesAdd and sizeAdd indicates the total files and the total size instead of the difference.
Types ¶
type BoltProvider ¶
type BoltProvider struct {
// contains filtered or unexported fields
}
BoltProvider auth provider for bolt key/value store
type Config ¶
type Config struct { // Driver name, must be one of the SupportedProviders Driver string `json:"driver" mapstructure:"driver"` // Database name Name string `json:"name" mapstructure:"name"` // Database host Host string `json:"host" mapstructure:"host"` // Database port Port int `json:"port" mapstructure:"port"` // Database username Username string `json:"username" mapstructure:"username"` // Database password Password string `json:"password" mapstructure:"password"` // Used for drivers mysql and postgresql. // 0 disable SSL/TLS connections. // 1 require ssl. // 2 set ssl mode to verify-ca for driver postgresql and skip-verify for driver mysql. // 3 set ssl mode to verify-full for driver postgresql and preferred for driver mysql. SSLMode int `json:"sslmode" mapstructure:"sslmode"` // Custom database connection string. // If not empty this connection string will be used instead of build one using the previous parameters ConnectionString string `json:"connection_string" mapstructure:"connection_string"` // Database table for SFTP users UsersTable string `json:"users_table" mapstructure:"users_table"` // Set to 0 to disable users management, 1 to enable ManageUsers int `json:"manage_users" mapstructure:"manage_users"` // Set the preferred way to track users quota between the following choices: // 0, disable quota tracking. REST API to scan user dir and update quota will do nothing // 1, quota is updated each time a user upload or delete a file even if the user has no quota restrictions // 2, quota is updated each time a user upload or delete a file but only for users with quota restrictions. // With this configuration the "quota scan" REST API can still be used to periodically update space usage // for users without quota restrictions TrackQuota int `json:"track_quota" mapstructure:"track_quota"` // default expire, <=0: not use, unit: minutes DefaultUserExpire int `json:"default_expire" mapstructure:"default_expire"` }
Config provider configuration
type MethodDisabledError ¶
type MethodDisabledError struct {
// contains filtered or unexported fields
}
MethodDisabledError raised if a method is disabled in config file. For example, if user management is disabled, this error is raised every time an user operation is done using the REST API
func (*MethodDisabledError) Error ¶
func (e *MethodDisabledError) Error() string
Method disabled error details
type MySQLProvider ¶
type MySQLProvider struct {
// contains filtered or unexported fields
}
MySQLProvider auth provider for MySQL/MariaDB database
type PGSQLProvider ¶
type PGSQLProvider struct {
// contains filtered or unexported fields
}
PGSQLProvider auth provider for PostgreSQL database
type Provider ¶
type Provider interface {
// contains filtered or unexported methods
}
Provider interface that data providers must implement.
type RecordNotFoundError ¶
type RecordNotFoundError struct {
// contains filtered or unexported fields
}
RecordNotFoundError raised if a requested user is not found
func (*RecordNotFoundError) Error ¶
func (e *RecordNotFoundError) Error() string
type SQLiteProvider ¶
type SQLiteProvider struct {
// contains filtered or unexported fields
}
SQLiteProvider auth provider for SQLite database
type User ¶
type User struct { // Database unique identifier ID int64 `json:"id"` // Username Username string `json:"username"` // Password used for password authentication. // For users created using SFTPGo REST API the password is be stored using argon2id hashing algo. // Checking passwords stored with bcrypt is supported too. // Currently, as fallback, there is a clear text password checking but you should not store passwords // as clear text and this support could be removed at any time, so please don't depend on it. Password string `json:"password,omitempty"` // PublicKeys used for public key authentication. At least one between password and a public key is mandatory PublicKeys []string `json:"public_keys,omitempty"` // The user cannot upload or download files outside this directory. Must be an absolute path HomeDir string `json:"home_dir"` // If sftpgo runs as root system user then the created files and directories will be assigned to this system UID UID int `json:"uid"` // If sftpgo runs as root system user then the created files and directories will be assigned to this system GID GID int `json:"gid"` // Maximum concurrent sessions. 0 means unlimited MaxSessions int `json:"max_sessions"` // Maximum size allowed as bytes. 0 means unlimited QuotaSize int64 `json:"quota_size"` // Maximum number of files allowed. 0 means unlimited QuotaFiles int `json:"quota_files"` // List of the granted permissions Permissions []string `json:"permissions"` // Used quota as bytes UsedQuotaSize int64 `json:"used_quota_size"` // Used quota as number of files UsedQuotaFiles int `json:"used_quota_files"` // Last quota update as unix timestamp in milliseconds LastQuotaUpdate int64 `json:"last_quota_update"` // Maximum upload bandwidth as KB/s, 0 means unlimited UploadBandwidth int64 `json:"upload_bandwidth"` // Maximum download bandwidth as KB/s, 0 means unlimited DownloadBandwidth int64 `json:"download_bandwidth"` }
User defines an SFTP user
func CheckUserAndPass ¶
CheckUserAndPass retrieves the SFTP user with the given username and password if a match is found or an error
func CheckUserAndPubKey ¶
CheckUserAndPubKey retrieves the SFTP user with the given username and public key if a match is found or an error
func GetUserByID ¶
GetUserByID returns the user with the given database ID if a match is found or an error
func GetUsers ¶
GetUsers returns an array of users respecting limit and offset and filtered by username exact match if not empty
func UserExists ¶
UserExists checks if the given SFTP username exists, returns an error if no match is found
func (*User) GetHomeDir ¶
GetHomeDir returns the shortest path name equivalent to the user's home directory
func (*User) GetPermissionsAsJSON ¶
GetPermissionsAsJSON returns the permissions as json byte array
func (*User) GetPublicKeysAsJSON ¶
GetPublicKeysAsJSON returns the public keys as json byte array
func (*User) GetRelativePath ¶
GetRelativePath returns the path for a file relative to the user's home dir. This is the path as seen by SFTP users
func (*User) HasQuotaRestrictions ¶
HasQuotaRestrictions returns true if there is a quota restriction on number of files or size or both
type ValidationError ¶
type ValidationError struct {
// contains filtered or unexported fields
}
ValidationError raised if input data is not valid