Crate unftp_sbe_restrict

Expand description

A libunftp wrapper storage back-end that restricts FTP operations and in so doing provide some form of authorization.

Quick start

Start by implementing the libunftp UserDetail trait and then follow that by implementing UserWithPermissions.

Finally call the RestrictingVfs::new() method.

use libunftp::auth::UserDetail;
use unftp_sbe_restrict::{UserWithPermissions, VfsOperations};
use std::fmt::Formatter;

#[derive(Debug, PartialEq, Eq)]
pub struct User {
    pub username: String,
    // e.g. this can be something like
    // `VfsOperations::all() - VfsOperations::PUT - VfsOperations::DEL`
    pub permissions: VfsOperations,
}

impl UserDetail for User {
    fn account_enabled(&self) -> bool {
        true
    }
}

impl std::fmt::Display for User {
    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
        write!(f, "User(username: {:?}", self.username,)
    }
}

impl UserWithPermissions for User {
    fn permissions(&self) -> VfsOperations {
        self.permissions
    }
}

// Return type omited for brevity.
fn create_restricted_storage_backend() {
    use unftp_sbe_fs::{Filesystem, Meta};
    let _backend = Box::new(move || {
        unftp_sbe_restrict::RestrictingVfs::<Filesystem, User, Meta>::new(Filesystem::new("/srv/ftp"))
    });
}

Structs

RestrictingVfs
A virtual filesystem that checks if the user has permissions to do its operations before it delegates to another storage back-end.
VfsOperations
The FTP operations that can be enabled/disabled for the virtual filesystem.

Traits

UserWithPermissions
Used by RestrictingVfs to obtain permission info from a UserDetail implementation