rejetto forum

Software => HFS ~ HTTP File Server => Topic started by: noussibeau on January 18, 2009, 03:42:24 PM

Title: Functionnalily requirement
Post by: noussibeau on January 18, 2009, 03:42:24 PM
Hi,
thank for taht marvellous software.
I'd like to find another capability : when defining an upload folder I'd like to say that people using that folder can't see the rest of he site .. i.e no up capability.
Thanks again for all
Title: Re: Functionnalily requirement
Post by: r][m on January 18, 2009, 05:23:12 PM
noussibeau
There is more than one way to do this. Depends on the template your
using and maybe the HFS version. You didn't give many details on what
the end result should be.
One way:
Create a real folder in the root.
Set that folder properties to only those accounts and also on the upload tab.
Give them an address http://YourIP:YourPort/FolderName/~upload
If you don't want them to see files in Folder use a inverted file mask in Properties, File Masks
Files Filter \* or check no download in properties for them to be visable but secure.
Works in 2.3beta build 219. May not work in older versions.
Title: Re: Functionnalily requirement
Post by: nabilalk on January 18, 2009, 09:01:16 PM
If you don't want them to see files in Folder use a inverted file mask in Properties, File Masks
Files Filter \* or check no download in properties for them to be visable but secure.

I was with you until this point. Could you clarify what you mean by using an inverted file mask in Properties? Thanks!

-nka
Title: Re: Functionnalily requirement
Post by: r][m on January 19, 2009, 04:12:44 AM
Yeah, re-reading my post, I could have explained it better.
Hope your using build 219? This probably will work with older builds
but its been so long I don't remember how.

Right click on the folder in HFS window and choose Properties.
In Permissions tab allow only specific users access and then upload permissions.
You could create a special group for this, then link users to that group, either way
will work.
Then in Properties go to File masks tab and enter \* in Files filter
Give your users the address  http://YourIP:YourPort/FolderName/~upload.
HFS will ask for log in, and then the upload page should appear. If they cancel
upload, they will get the "Folder" page with no files visable, no matter how many are
really in it. Go to Flags tab in Properties and check No Download. Now files are
invisable and secure.
Title: Re: Functionnalily requirement
Post by: nabilalk on January 19, 2009, 09:30:24 AM
Thanks for the clarification. I followed the steps, set the permissions to a specific user and implemented the file mask filter as suggested. I ran into a problem though. 

Even after I log in with the necessary user info, I still can't see or download any files. How can I set it up so that I can view the files online with my login credentials, while allow others to publicly download files off of HFS, provided I give them a direct link to the file that I want them to download?
Title: Re: Functionnalily requirement
Post by: r][m on January 19, 2009, 04:22:02 PM
It doesn't seem logical to have it both ways.
Blind, secure upload, and yet give user link to download, defeats the purpose doesn't it?
Be much easier to give each user a folder with their unique files.
If you go to Properties for your upload folder then the tab Flags, and un-check
the No Download, the link you give for a file in that folder will work. The files
in it still wont be visable, but invisable is not the same as secure.
It is possible to add the same folder to the vfs twice. Drag and drop your
upload folder to another secure location. You can then set different user
permissions etc, on that copy, but be aware the contents of both copies are
the same.
Based on what little I know of your situation,
Thats about as far as I can go with this.
Title: Re: Functionnalily requirement
Post by: nabilalk on January 19, 2009, 07:15:23 PM
I gather that the file mask \* makes whatever files that are in that specific folder invisible.  I don't see the advantage of that versus protecting a folder with login credentials?
Title: Re: Functionnalily requirement
Post by: r][m on January 19, 2009, 08:28:17 PM
Quote
I don't see the advantage of that versus protecting a folder with login credentials?
Nor do I, but I suppose it depends on individual needs/purposes. Over time a few others have
asked how to do this.
Yes \* makes it appear to be empty, but if someone knows the file name & path they can DL it.
Title: Re: Functionnalily requirement
Post by: nabilalk on January 19, 2009, 08:34:19 PM
ic. Thanks for the info and for be patient with your explanation.

Cheers,
nka
Title: Re: Functionnalily requirement
Post by: rejetto on January 22, 2009, 11:47:36 PM
I gather that the file mask \* makes whatever files that are in that specific folder invisible.  I don't see the advantage of that versus protecting a folder with login credentials?

use case: you may want people to upload to you in same folder, but you don't want user A to download stuff of user B.
Title: Re: Functionnalily requirement
Post by: rejetto on January 22, 2009, 11:49:27 PM
welcome!

I'd like to find another capability : when defining an upload folder I'd like to say that people using that folder can't see the rest of he site .. i.e no up capability.

i didn't understand the "i.e no up capability" part.
anyway, a quick answer may be: use a password for the upload, and a different password of "the rest of the site".
Title: Re: Functionnalily requirement
Post by: noussibeau on January 29, 2009, 02:31:17 PM
Back to that discussion after some days .. Thanks for all contributions.
I'm sure I didn't explain clearly that I'd like :
        I've plenty of folders used for http connections .. good, no problem!
        I've one folder used to receive files from outside (upload ? I'never knows which direction is download and which is upload!!)

Il someone want to send me files, and by mistake or intentionnaly, he click on UP button (top right corner), he is allowed to see the list of all my http folders.. that's what I don't want. UP botton could be setup to "inactive" for instance for that folder for instance.
Perhaps there is a mean to do that (or something like that) but I didn't understood the answer(s) I understood something about files hidding not folders hidding....
Thanks for helps  :)
Title: Re: Functionnalily requirement
Post by: luca69 on January 29, 2009, 02:52:37 PM
Let's call "Bazaar" the folder that shall receive files from outside (no mismatch between upload/download)
I suppose all the folders are protected with user and password. If not, they should be!

You have two options:
1) create the folder on the Root and open to everybody
--> they cannot use "up" as there is no "up" folder
--> they see all the other shared folder, but they cannot enter without user/password

2) Create the the Bazaar at any path in the VFS and open it to everybody
--> they can enter with a direct ling (e.g. http//your_server/any_folder/_Bazaar) without user and password
--> they can use up file, but the system ask for user and password; without knowing them, they are not allowed to access to HFS!


Note: it's a good idea to create a specific user/password only for uploads, or at least to put some limits ;)
Title: Re: Functionnalily requirement
Post by: noussibeau on January 29, 2009, 03:10:24 PM
Hi,
thanks for your answer.
It's not exactly what I'd like.. but I'll do with!  ::) :)