mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

updates

Browse source
This commit is contained in:
Joey Hess 2012-08-19 20:14:34 -04:00
commit 773a06fce6
3 changed files with 19 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

2
doc/design/assistant/configurators.mdwn
View file

@ -9,7 +9,7 @@ through setting up common use cases.
* Create a repository (run when the web app is started without a configured * Create a repository (run when the web app is started without a configured
repository too). repository too).
* Clone this repo to a USB drive. * Clone this repo to a USB drive or other removable drive. **done**
* Clone this repo to another host. (Needs [[pairing]]) * Clone this repo to another host. (Needs [[pairing]])
* Set up Amazon S3. * Set up Amazon S3.
* Set up rsync remote. * Set up rsync remote.

2
doc/design/assistant/leftovers.mdwn
View file

@ -1,6 +1,6 @@
Things that don't fit anywhere else: Things that don't fit anywhere else:
* Automatically start daemon on boot or when user logs in. * Automatically start daemon on boot or when user logs in. **done**
* Somehow get content that is unavailable. This is problematic with inotify, * Somehow get content that is unavailable. This is problematic with inotify,
since we only get an event once the user has tried (and failed) to read since we only get an event once the user has tried (and failed) to read
from the file. This is only needed if all the files in the directory from the file. This is only needed if all the files in the directory

33
doc/design/assistant/webapp.mdwn
View file

@ -1,27 +1,14 @@
The webapp is a web server that displays a shiny interface. The webapp is a web server that displays a shiny interface.
## security
* Listen only to localhost. **done**
* Instruct the user's web browser to open an url that contains a secret
token. This guards against other users on the same system. **done**
(I would like to avoid passwords or other authentication methods,
it's your local system.)
* Don't pass the url with secret token directly to the web browser,
as that exposes it to `ps`. Instead, write a html file only the user can read,
that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
needing authentication.
## interface ## interface
* list of files uploading and downloading **done** * list of files uploading and downloading **done**
* button to open file browser on repo (`xdg-open $DIR`) **done** * button to open file browser on repo (`xdg-open $DIR`) **done**
* progress bars for each file (see [[progressbars]]) * progress bars for each file (see [[progressbars]])
* drag and drop to reorder * drag and drop to reorder
* cancel and pause * cancel, pause, and resume **done**
* keep it usable w/o javascript, and accessible to blind, etc * keep it usable w/o javascript **done**
* keep it accessible to blind, etc
## other features ## other features
@ -42,3 +29,17 @@ The webapp is a web server that displays a shiny interface.
* record repository that was made, and use it next time run **done** * record repository that was made, and use it next time run **done**
* write a pid file, to prevent more than one first-start process running * write a pid file, to prevent more than one first-start process running
at once **done** at once **done**
## security **acceptable/done**
* Listen only to localhost. **done**
* Instruct the user's web browser to open an url that contains a secret
token. This guards against other users on the same system. **done**
(I would like to avoid passwords or other authentication methods,
it's your local system.)
* Don't pass the url with secret token directly to the web browser,
as that exposes it to `ps`. Instead, write a html file only the user can read,
that redirects to the webapp. **done**
* Alternative for Linux at least would be to write a small program using
GTK+ Webkit, that runs the webapp, and can know what user ran it, avoiding
needing authentication.