(ˢᵒᶜⁱᵉᵗʸserver) aims to be a platform for developing collaborative applications.
sTeam server project repository: sTeam.
sTeam-REST API repository: sTeam-REST
sTeam Server object permissions
sTeam command line lacks the functionality to read and set the object access permissions. The permission bits are: read,write, execute, move, insert,
annotate, sanction. The permission function was designed analogous to the getfacl() command in linux. It should display permissions as: rwxmias corresponding to the permission granted on the object.
The the key functions are get_sanction, which returns a list of objects and permissions and sanction_object, which adds a new object and its set of permissions. The permissions is stored as an integer and the function should break the individual bits like getfact().
The permission bits for the sTeam objects are declared in the
access.h
// access.h: The permission bits #define FAIL -1 #define ACCESS_DENIED 0 #define ACCESS_GRANTED 1 #define ACCESS_BLOCKED 2 #define SANCTION_READ 1 #define SANCTION_EXECUTE 2 #define SANCTION_MOVE 4 #define SANCTION_WRITE 8 #define SANCTION_INSERT 16 #define SANCTION_ANNOTATE 32
The get_sanction
method defined in the access.pike
returns a mapping which has the ACL(Access Control List) of all the objects in the sTeam server.
// Returns the sanction mapping of this object, if the caller is privileged
// the pointer will be returned, otherwise a copy.
final mapping
get_sanction()
{
if ( _SECURITY->trust(CALLER) )
return mSanction;
return copy_value(mSanction);
}
The functions gets the permission values which are set for every object in the server.
The sanction_object
method defined in the object.pike
sets the permissions for the new objects.
// Set new permission for an object in the acl. Old permission are overwritten.
int sanction_object(object grp, int permission)
{
ASSERTINFO(_SECURITY->valid_proxy(grp), "Sanction on non-proxy!");
if ( query_sanction(grp) == permission )
return permission; // if permissions are already fine
try_event(EVENT_SANCTION, CALLER, grp, permission);
set_sanction(grp, permission);
run_event(EVENT_SANCTION, CALLER, grp, permission);
return permission;
}
This method makes use of the set_sanction
which sets the permission onthe object. The task ahead is to make use of the above functions and write a sTeam-shell command which would provide the user to easily access and change the permissions for the objects.
Merging into the Source
The work done during GSOC 2016 by Siddhant and Ajinkya on the sTeam server was merged into the gsoc201-societyserver-devel and gsoc2016-source branches in the societyserver repository.
The merged code can be found at:
https://github.com/societyserver/sTeam/tree/gsoc2016-source
https://github.com/societyserver/sTeam/tree/gsoc2016-societyserver-devel
The merged code needs to be tested before the debian package for the sTeam server is prepared. The testing has resulted into resolving of minor bugs.
Doxygen Documentation
The documentation for the sTeam is done using doxygen. The doxygen.pike
is written and used to make the documentation for the sTeam server. The Doxyfile which includes the configuration for generating the sTeam documentation is modified and input files are added. The generated documentation is deployed on the gh-pages in the societyserver/sTeam
repository.
The documentation can be found at:
http://societyserver.github.io/sTeam/files.html
The header files and the constants defined are also included in the sTeam documentation.
sTeam Documentation:
sTeam defined constants:
Feel free to explore the repository. Suggestions for improvements are welcomed.
Checkout the FOSSASIA Idea’s page for more information on projects supported by FOSSASIA.