mirror of https://github.com/perkeep/perkeep.git
3df678b010
Some of the publisher features have moved from the server-side app to the client-side app (the browser) thanks to gopherjs. Some of these features imply doing some search queries against Camlistore, which requires authentication. The server-side app receives the necessary credentials on creation, from Camlistore. However, we can't just communicate them to the client-side (as we do with the web UI) since the publisher app itself does not require any auth and is supposed to be exposed to the world. Therefore, we need to allow some search queries to be done without authentication. To this end, the app handler on Camlistore now assumes a new role: it is also a search proxy for the app. The app sends an unauthenticated search query to the app handler (instead of directly to the search handler), and it is the role of the app handler to verify that this query is allowed for the app, and if yes, to forward the search to the Camlistore's search handler. We introduce a new mechanism to filter the search queries in the form of a master query. Upon startup, the publisher registers, using the new CAMLI_APP_MASTERQUERY_URL env var, a *search.SearchQuery with the app handler. The app handler runs that query and caches all the blob refs included in the response to that query. In the following, all incoming search queries are run by the app handler, which checks that none of the response blobs are out of the set defined by the aforementioned cached blob refs. If that check fails, the search response is not forwarded to the app/client. The process can be improved in a subsequent CL (or patchset), with finer grained domains, i.e. a master search query per published camliPath, instead of one for the whole app handler. Change-Id: I00d91ff73e0cbe78744bfae9878077dc3a8521f4 |
||
|---|---|---|
| .. | ||
| example-blobs | ||
| json-signing | ||
| protocol | ||
| publishing | ||
| release | ||
| schema | ||
| todo | ||
| README.md | ||
| app-environment.md | ||
| arch.md | ||
| client-config.md | ||
| environment-vars.md | ||
| overview.md | ||
| overview.txt | ||
| principles.md | ||
| prior-art.md | ||
| release.txt | ||
| search-ui.md | ||
| search-ui.txt | ||
| server-config.md | ||
| sharing.md | ||
| status.md | ||
| terms.md | ||
| uses.md | ||
| web-ui-styleguide.md | ||
README.md
Documentation
- Overview: The original motivation and background for why Camlistore exists and what one might use it for.
For Users
If you're just looking to set up a Camlistore server and use it yourself, check out our getting started guide. The documents below go into more detail on customizing the high level configuration for use such as alternative blob storage or synchronization to cloud storage.
- Command-line tools
- Server Config: Details for configuring server storage and access, including synchronization to other Camlistore servers or backup to cloud storage providers
- Client config: Clients need this configuration file to securely connect to your Camlistore server(s)
For Developers
If you want to help the development of Camlistore or just want to know more about the how and why behind Camlistore, these docs are the going to help you get started. Something we didn't cover here that you're interested in? Ask on the mailing list.
Concepts
- Principles: our base principles, goals, assumptions
- Terminology: let's agree on terms to stay sane
- Use Cases: what one might do with all this (or at least our aspirations)
- Prior Art: other projects with similar goals or strategies
- Contributing: how to help
- Style guide for the Web UI
Technical Docs
- Packages: internal API documentation
- Architecture: the pieces, layers, and how they interact
- Schema: how we model data in Camlistore
- JSON Signing
- Sharing
Presentations
- 2016-04, GDG Seattle: [slides] [video]
- 2016-04, LinuxFest Northwest: [slides] [video]
- 2015-02, FOSDEM: [slides] [video]
- 2014-02, FOSDEM: [slides] [video] [WebM]
- 2013-06, Google Developers Live: [video]
- 2011-05, São Paolo Perl Conference: [slides]
- 2011-02, First Introduction: [slides]