Delete (single) file/s via Webinterface #40

Open
MaStr opened this Issue Apr 3, 2013 · 7 comments

Comments

Projects
None yet
3 participants
@MaStr
Member

MaStr commented Apr 3, 2013

No description provided.

@stylesuxx

This comment has been minimized.

Show comment Hide comment
@stylesuxx

stylesuxx Aug 31, 2014

Contributor

Who should be able to delete files?

  • The user who uploaded them: This could be implementd in a similar way as the possibility to delete board posts when a password is set on creation
  • The owner of the piratebox: This would mean there has to be some kind of "admin user" for file management - or a password set by the uploading user so he can delete it, and a global password with which every file can be deleted.

Let me know which variant you would prefer and I will implement it.

Contributor

stylesuxx commented Aug 31, 2014

Who should be able to delete files?

  • The user who uploaded them: This could be implementd in a similar way as the possibility to delete board posts when a password is set on creation
  • The owner of the piratebox: This would mean there has to be some kind of "admin user" for file management - or a password set by the uploading user so he can delete it, and a global password with which every file can be deleted.

Let me know which variant you would prefer and I will implement it.

@MaStr

This comment has been minimized.

Show comment Hide comment
@MaStr

MaStr Aug 31, 2014

Member

The owner would be the first approach, that is what is most wanted.

Thank you.

Member

MaStr commented Aug 31, 2014

The owner would be the first approach, that is what is most wanted.

Thank you.

@stylesuxx

This comment has been minimized.

Show comment Hide comment
@stylesuxx

stylesuxx Aug 31, 2014

Contributor

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.

Contributor

stylesuxx commented Aug 31, 2014

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.

@MaStr

This comment has been minimized.

Show comment Hide comment
@MaStr

MaStr Sep 1, 2014

Member

Good Point.
We should consider running the admin interface on port 443 and SSL only.
That complete part would be better to be developed in a feature branch instead of directly in the development branch, I think.

On 31 Aug 2014, at 22:45, Chris notifications@github.com wrote:

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.


Reply to this email directly or view it on GitHub.

Member

MaStr commented Sep 1, 2014

Good Point.
We should consider running the admin interface on port 443 and SSL only.
That complete part would be better to be developed in a feature branch instead of directly in the development branch, I think.

On 31 Aug 2014, at 22:45, Chris notifications@github.com wrote:

OK, after reading one of your other answers (about the file upload with the script) passing a password when uploading would mean to hack the uploading script - so in this case deletion by owner is easier.

Starting to work on this right away.

Just one thing I want to note, is that by sniffing it would be possible to get the password - since we do not have SSL.


Reply to this email directly or view it on GitHub.

@stylesuxx

This comment has been minimized.

Show comment Hide comment
@stylesuxx

stylesuxx Sep 1, 2014

Contributor

Alright, I can do this in a feature branch.
I use the gitflow branching model, so I basically do all the changes in seperate branches.

Is SSL enabled? I have the 1.0 version on my mr3020 and tried to access the piratebox via https, but no luck.

Contributor

stylesuxx commented Sep 1, 2014

Alright, I can do this in a feature branch.
I use the gitflow branching model, so I basically do all the changes in seperate branches.

Is SSL enabled? I have the 1.0 version on my mr3020 and tried to access the piratebox via https, but no luck.

@MaStr

This comment has been minimized.

Show comment Hide comment
@MaStr

MaStr Sep 1, 2014

Member

Not yet. It should be enabled, when we come around with an separate Admin-Interface.

That may need additional packages on OpenWrt, we have to remember that. That could be a reason to not launch it with a 1.x release and keep it for a larger 2.0 release (Because it breakes compatibility).

Member

MaStr commented Sep 1, 2014

Not yet. It should be enabled, when we come around with an separate Admin-Interface.

That may need additional packages on OpenWrt, we have to remember that. That could be a reason to not launch it with a 1.x release and keep it for a larger 2.0 release (Because it breakes compatibility).

@deavmi

This comment has been minimized.

Show comment Hide comment
@deavmi

deavmi Sep 30, 2015

An admin interface would be cool. Of which could contain the ability for the admin to delete files.

Users can only delete files they uploaded.

deavmi commented Sep 30, 2015

An admin interface would be cool. Of which could contain the ability for the admin to delete files.

Users can only delete files they uploaded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment