Compare commits
No commits in common. "281ad30eec451449fcebcd732dc613cbf538dcb6" and "089b14e6c9fecdeea2a6a95346723a3077fe0ace" have entirely different histories.
281ad30eec
...
089b14e6c9
@ -1,33 +1,2 @@
|
|||||||
Admin API
|
Admin API
|
||||||
=========
|
=========
|
||||||
|
|
||||||
The administration API ``/admin`` helps the administrator user manage the Sachet server.
|
|
||||||
|
|
||||||
An important component that is not within this endpoint is user management.
|
|
||||||
See :ref:`user_info_api` and :ref:`user_list_api` for information about managing users.
|
|
||||||
|
|
||||||
Server settings
|
|
||||||
---------------
|
|
||||||
|
|
||||||
Sachet has a server settings API::
|
|
||||||
|
|
||||||
GET /admin/settings
|
|
||||||
PATCH /admin/settings
|
|
||||||
PUT /admin/settings
|
|
||||||
|
|
||||||
Currently, server settings are represented by the following object:
|
|
||||||
|
|
||||||
.. code-block:: json
|
|
||||||
|
|
||||||
{
|
|
||||||
"default_permissions": ["PERMISSION1", "PERMISSION2"]
|
|
||||||
}
|
|
||||||
|
|
||||||
Anonymous permissions
|
|
||||||
^^^^^^^^^^^^^^^^^^^^^
|
|
||||||
|
|
||||||
Anonymous permissions (``default_permissions`` in the schema) are given to clients that do not authenticate.
|
|
||||||
It is an array of strings as described by :ref:`permissions_table`.
|
|
||||||
|
|
||||||
This can be useful, for example, to publish a file to the Internet.
|
|
||||||
If the Read shares permission is enabled in anonymous permissions, anyone can read a share if given the link to it.
|
|
||||||
|
112
docs/files.rst
112
docs/files.rst
@ -1,25 +1,6 @@
|
|||||||
Files API
|
Files API
|
||||||
=========
|
=========
|
||||||
|
|
||||||
Overview
|
|
||||||
--------
|
|
||||||
The file upload process essentially works as follows:
|
|
||||||
|
|
||||||
#. ``POST /files`` with the metadata to create a share.
|
|
||||||
This will return an URL with the share you just created.
|
|
||||||
(See :ref:`files_list_api`.)
|
|
||||||
#. ``POST /files/<uuid>/content`` (the UUID is in the URL from the previous step) to upload the actual data of the share. (See :ref:`files_content_api`.)
|
|
||||||
#. ``GET /files/<uuid>/content`` to read the share.
|
|
||||||
|
|
||||||
Share modification is done with ``PUT /files/<uuid>/content``.
|
|
||||||
|
|
||||||
Shares can be locked, which means they can't be modified or deleted.
|
|
||||||
See :ref:`files_lock_api` for more information.
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
All data uploads are chunked: see :ref:`files_chunked_upload`.
|
|
||||||
|
|
||||||
.. _files_schema:
|
.. _files_schema:
|
||||||
|
|
||||||
File Schema
|
File Schema
|
||||||
@ -54,7 +35,7 @@ In JSON, a file share has the following properties::
|
|||||||
* - ``locked``
|
* - ``locked``
|
||||||
- Boolean
|
- Boolean
|
||||||
- Read-only
|
- Read-only
|
||||||
- Shows if share is locked (see :ref:`files_lock_api`.)
|
- Shows if share is locked.
|
||||||
* - ``owner_name``
|
* - ``owner_name``
|
||||||
- string
|
- string
|
||||||
-
|
-
|
||||||
@ -64,8 +45,6 @@ In JSON, a file share has the following properties::
|
|||||||
- Read-only
|
- Read-only
|
||||||
- UUID that uniquely identifies this share.
|
- UUID that uniquely identifies this share.
|
||||||
|
|
||||||
.. _files_metadata_api:
|
|
||||||
|
|
||||||
Metadata API
|
Metadata API
|
||||||
------------
|
------------
|
||||||
|
|
||||||
@ -133,38 +112,6 @@ For example:
|
|||||||
|
|
||||||
The permissions from the schema that are missing here are read-only.
|
The permissions from the schema that are missing here are read-only.
|
||||||
|
|
||||||
.. _files_list_api:
|
|
||||||
|
|
||||||
List API
|
|
||||||
--------
|
|
||||||
|
|
||||||
The File List API allows listing shares and creating new ones::
|
|
||||||
|
|
||||||
GET /files
|
|
||||||
POST /files
|
|
||||||
|
|
||||||
GET
|
|
||||||
^^^
|
|
||||||
|
|
||||||
``GET /files`` is a :ref:`paginated endpoint<pagination>` that returns a list of shares.
|
|
||||||
|
|
||||||
To access this endpoint, a user needs the :ref:`list shares<permissions_table>` permission.
|
|
||||||
|
|
||||||
POST
|
|
||||||
^^^^
|
|
||||||
|
|
||||||
``POST /files`` creates a new share.
|
|
||||||
The request body must conform to the :ref:`File schema<files_schema>`.
|
|
||||||
|
|
||||||
To access this endpoint, a user needs the :ref:`create shares<permissions_table>` permission.
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
The share created here is empty, and only contains metadata.
|
|
||||||
See :ref:`files_content_api` for information on uploading content.
|
|
||||||
|
|
||||||
.. _files_content_api:
|
|
||||||
|
|
||||||
Content API
|
Content API
|
||||||
-----------
|
-----------
|
||||||
|
|
||||||
@ -176,40 +123,6 @@ Sachet implements the following endpoints for this API::
|
|||||||
PUT /files/<file_uuid>/content
|
PUT /files/<file_uuid>/content
|
||||||
GET /files/<file_uuid>/content
|
GET /files/<file_uuid>/content
|
||||||
|
|
||||||
POST
|
|
||||||
^^^^
|
|
||||||
|
|
||||||
``POST /files/<file_uuid>/content`` initializes the content of an empty share.
|
|
||||||
This endpoint requires the :ref:`create shares<permissions_table>` permission.
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
You must first create a share before initializing it: see :ref:`files_list_api` for information about creation.
|
|
||||||
|
|
||||||
Uploads must be chunked (see :ref:`files_chunked_upload`).
|
|
||||||
|
|
||||||
To modify the contents of an existing share, use ``PUT`` instead.
|
|
||||||
|
|
||||||
PUT
|
|
||||||
^^^^
|
|
||||||
|
|
||||||
``PUT /files/<file_uuid>/content`` modifies the content of an existing share.
|
|
||||||
This endpoint requires the :ref:`modify shares<permissions_table>` permission.
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
You must initialize a share's content using ``POST`` before modifying it.
|
|
||||||
|
|
||||||
Uploads must be chunked (see :ref:`files_chunked_upload`).
|
|
||||||
|
|
||||||
GET
|
|
||||||
^^^^
|
|
||||||
|
|
||||||
``GET /files/<file_uuid>/content`` reads the contents of a share.
|
|
||||||
This endpoint requires the :ref:`read shares<permissions_table>` permission.
|
|
||||||
|
|
||||||
This endpoint supports `HTTP Range <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Range>`_ headers.
|
|
||||||
|
|
||||||
.. _files_chunked_upload :
|
.. _files_chunked_upload :
|
||||||
|
|
||||||
Chunked upload protocol
|
Chunked upload protocol
|
||||||
@ -228,7 +141,7 @@ the server will instead respond with ``201 Created``.
|
|||||||
|
|
||||||
Every chunk has the following schema:
|
Every chunk has the following schema:
|
||||||
|
|
||||||
.. _files_chunk_schema:
|
.. _files_chunk_schema :
|
||||||
|
|
||||||
.. code-block::
|
.. code-block::
|
||||||
|
|
||||||
@ -260,24 +173,3 @@ Every chunk has the following schema:
|
|||||||
* - ``upload``
|
* - ``upload``
|
||||||
- Binary data (file)
|
- Binary data (file)
|
||||||
- Data contained in this chunk.
|
- Data contained in this chunk.
|
||||||
|
|
||||||
.. _files_lock_api:
|
|
||||||
|
|
||||||
Lock API
|
|
||||||
--------
|
|
||||||
|
|
||||||
Files can be locked and unlocked.
|
|
||||||
When locked, a share can not be modified or deleted.
|
|
||||||
|
|
||||||
.. note::
|
|
||||||
|
|
||||||
When attempting illegal actions on a locked share, the server will respond ``423 Locked``.
|
|
||||||
|
|
||||||
The following API is used::
|
|
||||||
|
|
||||||
POST /files/<uuid>/lock
|
|
||||||
POST /files/<uuid>/unlock
|
|
||||||
|
|
||||||
A user needs the :ref:`lock permission<permissions_table>` to access this API.
|
|
||||||
|
|
||||||
To query whether a file is locked or not, see :ref:`files_metadata_api`.
|
|
||||||
|
@ -49,7 +49,7 @@ The following is a table of permissions Sachet offers, and what they do:
|
|||||||
- Allows users to delete any share.
|
- Allows users to delete any share.
|
||||||
* - Lock shares
|
* - Lock shares
|
||||||
- ``LOCK``
|
- ``LOCK``
|
||||||
- Allows users to lock and unlock shares (see :ref:`files_lock_api`).
|
- Allows users to lock and unlock shares.
|
||||||
* - List shares
|
* - List shares
|
||||||
- ``LIST``
|
- ``LIST``
|
||||||
- Allows users to list all shares from all users.
|
- Allows users to list all shares from all users.
|
||||||
|
@ -1,6 +1,14 @@
|
|||||||
User API
|
User API
|
||||||
========
|
========
|
||||||
|
|
||||||
|
The User API allows managing users and their permissions.
|
||||||
|
|
||||||
|
Sachet implements the following endpoints for this API::
|
||||||
|
|
||||||
|
GET /users/<username>
|
||||||
|
PATCH /users/<username>
|
||||||
|
PUT /users/<username>
|
||||||
|
|
||||||
.. _user_schema:
|
.. _user_schema:
|
||||||
|
|
||||||
User Schema
|
User Schema
|
||||||
@ -42,18 +50,8 @@ In JSON, a User object has the following properties:
|
|||||||
- Read-only
|
- Read-only
|
||||||
- Time the user registered at.
|
- Time the user registered at.
|
||||||
|
|
||||||
.. _user_info_api:
|
Endpoints
|
||||||
|
---------
|
||||||
User Info API
|
|
||||||
-------------
|
|
||||||
|
|
||||||
The User Info API allows managing users and their permissions.
|
|
||||||
|
|
||||||
Sachet implements the following endpoints for this API::
|
|
||||||
|
|
||||||
GET /users/<username>
|
|
||||||
PATCH /users/<username>
|
|
||||||
PUT /users/<username>
|
|
||||||
|
|
||||||
GET
|
GET
|
||||||
^^^
|
^^^
|
||||||
@ -117,10 +115,8 @@ For example:
|
|||||||
|
|
||||||
Only :ref:`administrators<permissions_table>` can request this method.
|
Only :ref:`administrators<permissions_table>` can request this method.
|
||||||
|
|
||||||
.. _user_list_api:
|
User List API
|
||||||
|
-------------
|
||||||
List API
|
|
||||||
--------
|
|
||||||
|
|
||||||
There is also a User List API::
|
There is also a User List API::
|
||||||
|
|
||||||
@ -137,5 +133,5 @@ GET
|
|||||||
POST
|
POST
|
||||||
^^^^
|
^^^^
|
||||||
|
|
||||||
``POST /users`` creates a new user.
|
``POST /users/`` creates a new user.
|
||||||
The request body must conform to the :ref:`User schema<user_schema>`.
|
The request body must conform to the :ref:`User schema<user_schema>`.
|
||||||
|
Loading…
x
Reference in New Issue
Block a user