In order to perform any operations in the system, we need claims (from a JWT token) to assert our privilege. All edits to the system come from a multipart mime POST /write call. We will start from an empty system, and add data. The root of the filesystem is only editable with root privilege, so we need to make user directories. Given this JWT claim, we need to generate a JWT token from some service (not gm-data) that knows user attributes and is trusted to sign off on them; like short-term certificates for tasks. Currently, the scripts ./makeurlroot, ./makeurljane invokes libraries to generate the tokens. You may want to read these short bash scripts to understand it.
Copy {
"label": "asRoot",
"values": {
"privilege": [
"root"
]
}
} The token is generated when we go through a service that makes tokens, like
We can host multiple jwt servers in the system. A user passes through a JWT server to have an appropriate cookie set.
It encodes like this valid OAuth Bearer token, that we will use to create root directories.
Copy eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb290IiwidmFsdWVzIjp7InByaXZpbGVnZSI6WyJyb290Il19fQ.AXckbmNH0HVwuixpLPsj5AJR_cztOkQn0Ltju1klz1MaMu14Keg28R__4sUSSLJYQEKTtE8HfSwcpjnOWFKnW03YAI_XY4l5ZEAo7hjuNA5oQQN1wPPShGrG8tUpFAOSZNuyLJ4SfgHgUW_-Fk1kYhbGDZAkaZL8295wRQkJjvvvvwsT recognized privilege: root (unrestricted use), readonly (no /write), blobkey (show S3 key)
We will create a directory for jane.doe@gmail.com that is readable by everyone (including anonymous), multipart/form-data POST /write with this as first part.
Copy {
"name": "jane",
"action": "C",
"parentoid": "0000000000000001",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
} We get back this:
Copy [
{
"tstamp": "158340da66e0d624",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asRoot"
},
"jwthash": "619c6c4fd8979e1f522990b989737c2f9edb93597f0a80b59e25c33d13a584ef",
"schemaversion": 6,
"name": "jane",
"action": "C",
"oid": "158340da66d4a444",
"parentoid": "0000000000000001",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340d597264594",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
] We will create a directory for lucas.moten@deciphernow.com that is readable by everyone (including anonymous), multipart/form-data POST /write with this as first part.
Copy {
"name": "lucas",
"action": "C",
"parentoid": "0000000000000001",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
} We get back this:
Copy [
{
"tstamp": "158340da69ff6a78",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asRoot"
},
"jwthash": "619c6c4fd8979e1f522990b989737c2f9edb93597f0a80b59e25c33d13a584ef",
"schemaversion": 6,
"name": "lucas",
"action": "C",
"oid": "158340da69d16150",
"parentoid": "0000000000000001",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340d597264594",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
] Now we get a jwt token for jane with these claims.
Copy {
"label": "asjane",
"values": {
"age": [
"driving",
"drinking"
],
"citizenship": [
"USA"
],
"email": [
"jane.doe@deciphernow.com"
],
"name": [
"jane fielding"
],
"org": [
"www.deciphernow.com"
]
}
}
Copy eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb2IiLCJ2YWx1ZXMiOnsiYWdlIjpbImRyaXZpbmciLCJkcmlua2luZyJdLCJjaXRpemVuc2hpcCI6WyJVU0EiXSwiZW1haWwiOlsicm9iLmZpZWxkaW5nQGRlY2lwaGVybm93LmNvbSJdLCJuYW1lIjpbInJvYiBmaWVsZGluZyJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSJdfX0.AAMXs9Bm1_BFGpNXJ12MvUlQTpbDbkULedKiU8nVtiTb2E-avEeMF5Yc0phV7bDCvcG8qZgCeeuGIx1AwIX4HmsPANrLm0437R7XWgALLeEoHncMuDh8vfoW3fiIG-edbnHQmUjvHcpvNsW2fHTSvb6GDzf2p9FXhLSGY-z6NA_uyNE9 Now we get a jwt token for lucas with these claims.
Copy {
"label": "asLucas",
"values": {
"age": [
"driving",
"drinking"
],
"citizenship": [
"USA"
],
"email": [
"lucas.moten@deciphernow.com"
],
"name": [
"lucas moten"
],
"org": [
"www.deciphernow.com",
"ieee"
]
}
}
Copy eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNMdWNhcyIsInZhbHVlcyI6eyJhZ2UiOlsiZHJpdmluZyIsImRyaW5raW5nIl0sImNpdGl6ZW5zaGlwIjpbIlVTQSJdLCJlbWFpbCI6WyJsdWNhcy5tb3RlbkBkZWNpcGhlcm5vdy5jb20iXSwibmFtZSI6WyJsdWNhcyBtb3RlbiJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSIsImllZWUiXX19.AO58W-CnDelUYv0ox8OgluZfrp2K34MVVQnb_WCpMhvFPJQooGDW0rAZO6jXaAVpz-7shE5dilRNPeEzNFddodqqALQH4B-x05ZJsYJwsJakTkbwubufg-_uqUQHc0Bh2hzxKfe9xcsZx3n7OkeOmoOQpuVgaJ228q_8N5tjpZ7WoS7A Create a file in the directory for jane.doe@gmail.com. multipart/form-data POST /write, with this in first part, and file blob next part
Copy [
{
"name": "timer.go",
"action": "C",
"parentoid": "158340da66d4a444",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
}
] We get back this.
Copy [
{
"tstamp": "158340da77f085e0",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "2bf847b0df164363ee63d222a8e32eadce5b940cd9e0dfa578d0e72e00cd05d3",
"schemaversion": 6,
"name": "timer.go",
"action": "C",
"oid": "158340da77e33a5c",
"parentoid": "158340da66d4a444",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da66e0d624",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "558/158340da6ed32558"
},
"size": 283,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "qMayQ5vYmGJIiGD+b46GhLQQjlKksA3URcS2V0jZXMZaDDmoeq1Esa66OlHWV8+CHhkKIL2EBGWxArq870Sp0E28ygftatK/Wiyp/GJ9gLU8T9U8hHJ/E0s4ERYnlVTjO4X8v79aCBRNV+6xBv7ETr1T3n8ePgHSwEc="
},
"encryptednonce": {
"master": "yUY3tJc/fsGu8JQP"
}
}
] Create a file in the directory for lucas.moten@deciphernow.com. multipart/form-data POST /write, with this in first part, and file blob next part
Copy [
{
"name": "timer.go",
"action": "C",
"parentoid": "158340da69d16150",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
}
] We get back this.
Copy [
{
"tstamp": "158340da7db8d66c",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asLucas"
},
"jwthash": "c752eb6f3618877d076dc1c1dc070d7f77f894c06918f2c5858714659cd6c936",
"schemaversion": 6,
"name": "timer.go",
"action": "C",
"oid": "158340da7dabda98",
"parentoid": "158340da69d16150",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da69ff6a78",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9c4/158340da7af5e9c4"
},
"size": 283,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "dFrhN4l+h9wTODEpwm7OIsWsf+g10xvZbvjqRw686Mlte8dfU+3x0NValBrqTQfEGolvfmx345mfcvewKNHe5loJcOMtVVdGOsOdE6F5zCaBvuy6UZvbasYRA2aOl262nirMANITttErkueVAA4YEAg6mNvmzd2XzUU="
},
"encryptednonce": {
"master": "U9ub6IEGpNiGvCI5"
}
}
] Write Entire Directories In One Call
In order to do bulk uploads, it is possible to make a single large transaction. This transaction is an array of writes that should succeed or fail together. It is necessary for some writes to refer to previous writes, such as creating a directory in the 5th entry, and the 6th entry declaring that its parent directory is the 5th entry (ie: one entry prior to this one). This means that we need a notion of references to copy the oid of a previous write (that we won't know until it's inserted into the database) into the parentoid of this entry. If we POST /write this as multipart/form-data, this will be the first part:
Copy [
{
"name": "bigDir",
"action": "C",
"parentoid": "158340da66d4a444",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
},
{
"name": "timer.go",
"action": "C",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"references": [
{
"address": -1,
"from": "oid",
"to": "parentoid"
}
]
},
{
"name": "testlocal",
"action": "C",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"references": [
{
"address": -2,
"from": "oid",
"to": "parentoid"
}
]
}
] ... And the second part will be the actual file:
Copy package client
import "time"
type Timer struct {
Counter int64
Start time.Time
Elapsed time.Duration
}
func NewTimer() *Timer {
return &Timer{Start: time.Now()}
}
func (t *Timer) Add(e int64) {
t.Counter += 3
}
func (t *Timer) Stop() {
t.Elapsed = time.Since(t.Start)
} The first element of the first part (json) specified a directory. The second element of the first part specified a file. Because in this file we did not specify an Rname for where it goes in S3, it is going to expect that the next part of this multipart is this file.
Notice the References field used to fill in unknown parentoid with oid of previous directory.
The new directory was assigned an oid of 158340da87cde534, and the two files copied that in as their parent oids. The first file saw it -1 entry back, and second file saw it -2 entries back.
We will write this update record, where we specify ALL of the state required.. We might change anything on it.
Copy [
{
"name": "timer-renamed.go",
"action": "U",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
}
}
] Delete An Existing Object (158340da87e468e0)
Put into a deleted state. The key field is the oid.
Copy [
{
"name": "byebye",
"action": "D",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "octet/stream",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
] Reference: Full Bytes Of Calls
Input: Create a directory
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=96671eb25ce299977e9cc5408df31b44c7b7da281debd64fa352f26e8f80
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb290IiwidmFsdWVzIjp7InByaXZpbGVnZSI6WyJyb290Il19fQ.AXckbmNH0HVwuixpLPsj5AJR_cztOkQn0Ltju1klz1MaMu14Keg28R__4sUSSLJYQEKTtE8HfSwcpjnOWFKnW03YAI_XY4l5ZEAo7hjuNA5oQQN1wPPShGrG8tUpFAOSZNuyLJ4SfgHgUW_-Fk1kYhbGDZAkaZL8295wRQkJjvvvvwsT
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--96671eb25ce299977e9cc5408df31b44c7b7da281debd64fa352f26e8f80
Content-Disposition: form-data; name="metadata"
[
{
"name": "jane",
"action": "C",
"parentoid": "0000000000000001",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--96671eb25ce299977e9cc5408df31b44c7b7da281debd64fa352f26e8f80-- Output: The directory is created
Copy HTTP/1.1 200 OK
Content-Length: 908
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:03 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 32
X-Request-Id: d8e64bc6-a7c9-487b-bd2f-fd45f2609942
X-Schema-Version: 6
X-Session-Id: session158340da653686fc
[
{
"tstamp": "158340da66e0d624",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asRoot"
},
"jwthash": "619c6c4fd8979e1f522990b989737c2f9edb93597f0a80b59e25c33d13a584ef",
"schemaversion": 6,
"name": "jane",
"action": "C",
"oid": "158340da66d4a444",
"parentoid": "0000000000000001",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340d597264594",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
] Input: Create a directory
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=69fa686e6071bac50921c4ff40c5ea4e61aa6474d23be30acee7362dafd7
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb290IiwidmFsdWVzIjp7InByaXZpbGVnZSI6WyJyb290Il19fQ.AXckbmNH0HVwuixpLPsj5AJR_cztOkQn0Ltju1klz1MaMu14Keg28R__4sUSSLJYQEKTtE8HfSwcpjnOWFKnW03YAI_XY4l5ZEAo7hjuNA5oQQN1wPPShGrG8tUpFAOSZNuyLJ4SfgHgUW_-Fk1kYhbGDZAkaZL8295wRQkJjvvvvwsT
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--69fa686e6071bac50921c4ff40c5ea4e61aa6474d23be30acee7362dafd7
Content-Disposition: form-data; name="metadata"
[
{
"name": "lucas",
"action": "C",
"parentoid": "0000000000000001",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--69fa686e6071bac50921c4ff40c5ea4e61aa6474d23be30acee7362dafd7-- Output: The directory is created
Copy HTTP/1.1 200 OK
Content-Length: 916
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:03 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 34
X-Request-Id: f06319e9-b8ab-4c05-a7ee-0d6283e8090d
X-Schema-Version: 6
X-Session-Id: session158340da685230d4
[
{
"tstamp": "158340da69ff6a78",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asRoot"
},
"jwthash": "619c6c4fd8979e1f522990b989737c2f9edb93597f0a80b59e25c33d13a584ef",
"schemaversion": 6,
"name": "lucas",
"action": "C",
"oid": "158340da69d16150",
"parentoid": "0000000000000001",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340d597264594",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
] Input: Create a file in the directory
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=6cddace98d2f6eb0440f7f21adbd6623ed50b1b2fc8f6a1d17a8c890394a
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb2IiLCJ2YWx1ZXMiOnsiYWdlIjpbImRyaXZpbmciLCJkcmlua2luZyJdLCJjaXRpemVuc2hpcCI6WyJVU0EiXSwiZW1haWwiOlsicm9iLmZpZWxkaW5nQGRlY2lwaGVybm93LmNvbSJdLCJuYW1lIjpbInJvYiBmaWVsZGluZyJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSJdfX0.AAMXs9Bm1_BFGpNXJ12MvUlQTpbDbkULedKiU8nVtiTb2E-avEeMF5Yc0phV7bDCvcG8qZgCeeuGIx1AwIX4HmsPANrLm0437R7XWgALLeEoHncMuDh8vfoW3fiIG-edbnHQmUjvHcpvNsW2fHTSvb6GDzf2p9FXhLSGY-z6NA_uyNE9
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--6cddace98d2f6eb0440f7f21adbd6623ed50b1b2fc8f6a1d17a8c890394a
Content-Disposition: form-data; name="metadata"
[
{
"name": "timer.go",
"action": "C",
"parentoid": "158340da66d4a444",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--6cddace98d2f6eb0440f7f21adbd6623ed50b1b2fc8f6a1d17a8c890394a
Content-Disposition: form-data; name="data"; filename="timer.go"
Content-Type: application/octet-stream
package client
import "time"
type Timer struct {
Counter int64
Start time.Time
Elapsed time.Duration
}
func NewTimer() *Timer {
return &Timer{Start: time.Now()}
}
func (t *Timer) Add(e int64) {
t.Counter += 3
}
func (t *Timer) Stop() {
t.Elapsed = time.Since(t.Start)
}
--6cddace98d2f6eb0440f7f21adbd6623ed50b1b2fc8f6a1d17a8c890394a-- Output: The file was created
Copy HTTP/1.1 200 OK
Content-Length: 1402
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:03 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 181
X-Request-Id: d07a2b10-a836-400a-846f-4caea9a776fc
X-Schema-Version: 6
X-Session-Id: session158340da6d51e520
[
{
"tstamp": "158340da77f085e0",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "2bf847b0df164363ee63d222a8e32eadce5b940cd9e0dfa578d0e72e00cd05d3",
"schemaversion": 6,
"name": "timer.go",
"action": "C",
"oid": "158340da77e33a5c",
"parentoid": "158340da66d4a444",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da66e0d624",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "558/158340da6ed32558"
},
"size": 283,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@gmail.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "qMayQ5vYmGJIiGD+b46GhLQQjlKksA3URcS2V0jZXMZaDDmoeq1Esa66OlHWV8+CHhkKIL2EBGWxArq870Sp0E28ygftatK/Wiyp/GJ9gLU8T9U8hHJ/E0s4ERYnlVTjO4X8v79aCBRNV+6xBv7ETr1T3n8ePgHSwEc="
},
"encryptednonce": {
"master": "yUY3tJc/fsGu8JQP"
}
}
] Input: Create a file in the directory
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=30c9912e8b9e57608c17a374a4bee38d7089fc5345a47ad63b9ef380c201
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNMdWNhcyIsInZhbHVlcyI6eyJhZ2UiOlsiZHJpdmluZyIsImRyaW5raW5nIl0sImNpdGl6ZW5zaGlwIjpbIlVTQSJdLCJlbWFpbCI6WyJsdWNhcy5tb3RlbkBkZWNpcGhlcm5vdy5jb20iXSwibmFtZSI6WyJsdWNhcyBtb3RlbiJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSIsImllZWUiXX19.AO58W-CnDelUYv0ox8OgluZfrp2K34MVVQnb_WCpMhvFPJQooGDW0rAZO6jXaAVpz-7shE5dilRNPeEzNFddodqqALQH4B-x05ZJsYJwsJakTkbwubufg-_uqUQHc0Bh2hzxKfe9xcsZx3n7OkeOmoOQpuVgaJ228q_8N5tjpZ7WoS7A
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--30c9912e8b9e57608c17a374a4bee38d7089fc5345a47ad63b9ef380c201
Content-Disposition: form-data; name="metadata"
[
{
"name": "timer.go",
"action": "C",
"parentoid": "158340da69d16150",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--30c9912e8b9e57608c17a374a4bee38d7089fc5345a47ad63b9ef380c201
Content-Disposition: form-data; name="data"; filename="timer.go"
Content-Type: application/octet-stream
package client
import "time"
type Timer struct {
Counter int64
Start time.Time
Elapsed time.Duration
}
func NewTimer() *Timer {
return &Timer{Start: time.Now()}
}
func (t *Timer) Add(e int64) {
t.Counter += 3
}
func (t *Timer) Stop() {
t.Elapsed = time.Since(t.Start)
}
--30c9912e8b9e57608c17a374a4bee38d7089fc5345a47ad63b9ef380c201-- Output: The file was created
Copy HTTP/1.1 200 OK
Content-Length: 1410
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:03 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 75
X-Request-Id: 92cd2818-7634-4815-93e8-fccb9b2832e5
X-Schema-Version: 6
X-Session-Id: session158340da79567a34
[
{
"tstamp": "158340da7db8d66c",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asLucas"
},
"jwthash": "c752eb6f3618877d076dc1c1dc070d7f77f894c06918f2c5858714659cd6c936",
"schemaversion": 6,
"name": "timer.go",
"action": "C",
"oid": "158340da7dabda98",
"parentoid": "158340da69d16150",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da69ff6a78",
"objectpolicy": {
"label": "forAnonReadLucasFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "lucas.moten@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9c4/158340da7af5e9c4"
},
"size": 283,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby lucas.moten@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "dFrhN4l+h9wTODEpwm7OIsWsf+g10xvZbvjqRw686Mlte8dfU+3x0NValBrqTQfEGolvfmx345mfcvewKNHe5loJcOMtVVdGOsOdE6F5zCaBvuy6UZvbasYRA2aOl262nirMANITttErkueVAA4YEAg6mNvmzd2XzUU="
},
"encryptednonce": {
"master": "U9ub6IEGpNiGvCI5"
}
}
] Input: Do a multi-upload of one new directory, with two files into it.
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=cca271771aef2def01a939540697b8e28d7649bab739f3e7dec658bdd249
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb2IiLCJ2YWx1ZXMiOnsiYWdlIjpbImRyaXZpbmciLCJkcmlua2luZyJdLCJjaXRpemVuc2hpcCI6WyJVU0EiXSwiZW1haWwiOlsicm9iLmZpZWxkaW5nQGRlY2lwaGVybm93LmNvbSJdLCJuYW1lIjpbInJvYiBmaWVsZGluZyJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSJdfX0.AbhZX9hW0WfOsYpFUZZVf3q5igg0oc9yrHtYacypmjbv4htTfShkv7Xf8CV3VU3BP4CeL_3YCEDoFXiy8NK3bpV6ABTuf4MWI5EKaTJ3i7c8SNq6Qj8NTxemp5DXcPpIW6o6F5SIUOCNRYjzffTrTcRieNCmVk7nW3lVCkkJpHUcr8cm
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--cca271771aef2def01a939540697b8e28d7649bab739f3e7dec658bdd249
Content-Disposition: form-data; name="metadata"
[
{
"name": "bigDir",
"action": "C",
"parentoid": "158340da66d4a444",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
},
{
"name": "timer.go",
"action": "C",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/",
"references": [
{
"address": -1,
"from": "oid",
"to": "parentoid"
}
]
},
{
"name": "testlocal",
"action": "C",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/",
"references": [
{
"address": -2,
"from": "oid",
"to": "parentoid"
}
]
}
]
--cca271771aef2def01a939540697b8e28d7649bab739f3e7dec658bdd249
Content-Disposition: form-data; name="data"; filename="timer.go"
Content-Type: application/octet-stream
package client
import "time"
type Timer struct {
Counter int64
Start time.Time
Elapsed time.Duration
}
func NewTimer() *Timer {
return &Timer{Start: time.Now()}
}
func (t *Timer) Add(e int64) {
t.Counter += 3
}
func (t *Timer) Stop() {
t.Elapsed = time.Since(t.Start)
}
--cca271771aef2def01a939540697b8e28d7649bab739f3e7dec658bdd249
Content-Disposition: form-data; name="data"; filename="testlocal"
Content-Type: application/octet-stream
#!/bin/bash
export CLIENT_ADDRESS=localhost
export CLIENT_PORT=8181
export CLIENT_USE_TLS=false
export CLIENT_PREFIX=
GOCACHE=off go test -v
--cca271771aef2def01a939540697b8e28d7649bab739f3e7dec658bdd249-- Output: The directory was created, then file placed into directory
Copy HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:04 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 125
X-Request-Id: dff68304-3d7e-4862-8a46-f17eab5c71ab
X-Schema-Version: 6
X-Session-Id: session158340da80ad3c50
e91
[
{
"tstamp": "158340da87dc4228",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "7ea48eeafbb17279af2ad4d324b487f16c24d3f32d3677e576b447bc6145e3e2",
"schemaversion": 6,
"name": "bigDir",
"action": "C",
"oid": "158340da87cde534",
"parentoid": "158340da66d4a444",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da66e0d624",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"derived": {},
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
},
{
"tstamp": "158340da87ed6fd0",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "7ea48eeafbb17279af2ad4d324b487f16c24d3f32d3677e576b447bc6145e3e2",
"schemaversion": 6,
"name": "timer.go",
"action": "C",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da87dc4228",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"size": 283,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "7qMAqxRa8ffJqasa5d0OZNUNiIw3+GVkNB2UURits7XMTyPWY9zifshCzT5uqoSTd5jMr1WE/l5QtAhEXhcX0R1iQSeCCi60IxZPcLwmLBB35BanyIuCDoKJ/56E13rayUdMrj6mfAWjyKCShjKHyetQ/IwR2L/JwPM="
},
"encryptednonce": {
"master": "McNgUdg6Ps27Eje9"
}
},
{
"tstamp": "158340da88040128",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "7ea48eeafbb17279af2ad4d324b487f16c24d3f32d3677e576b447bc6145e3e2",
"schemaversion": 6,
"name": "testlocal",
"action": "C",
"oid": "158340da87f74758",
"parentoid": "158340da87cde534",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da87dc4228",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "97c/158340da825da97c"
},
"size": 143,
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"sha256plain": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "6CqR7yp8Umo4DbufGapU+My4JemywaQEYH2oeov+vFveX1bcPZx9m4G9wjyIcUT4oSDyhZ48zWa3eYBUXIRiftsdDwgKrqJkC7fgTyLxrejT91mHNnwY/Bx6AAJUnWkjFLe2khwB9JlcxL7GLtociNXGrySUa5SwXfA="
},
"encryptednonce": {
"master": "AL+uvVz9T/Ca7XNJ"
}
}
]
0 Input: Update (action U) the metadata on a file that was already created. We can re-name it, move it by changing its parent, etc. Most fields are editable, except for the oid.
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=81eefa85560302f6f0fcef89b0505a53cccc3d675833aa2485b47b506fb5
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb2IiLCJ2YWx1ZXMiOnsiYWdlIjpbImRyaXZpbmciLCJkcmlua2luZyJdLCJjaXRpemVuc2hpcCI6WyJVU0EiXSwiZW1haWwiOlsicm9iLmZpZWxkaW5nQGRlY2lwaGVybm93LmNvbSJdLCJuYW1lIjpbInJvYiBmaWVsZGluZyJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSJdfX0.AbhZX9hW0WfOsYpFUZZVf3q5igg0oc9yrHtYacypmjbv4htTfShkv7Xf8CV3VU3BP4CeL_3YCEDoFXiy8NK3bpV6ABTuf4MWI5EKaTJ3i7c8SNq6Qj8NTxemp5DXcPpIW6o6F5SIUOCNRYjzffTrTcRieNCmVk7nW3lVCkkJpHUcr8cm
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--81eefa85560302f6f0fcef89b0505a53cccc3d675833aa2485b47b506fb5
Content-Disposition: form-data; name="metadata"
[
{
"name": "timer-renamed.go",
"action": "U",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--81eefa85560302f6f0fcef89b0505a53cccc3d675833aa2485b47b506fb5-- Output: The metadata was modified, but its stream was not re-uploaded or modified.
Copy HTTP/1.1 200 OK
Content-Length: 1312
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:04 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 29
X-Request-Id: b3dbd31e-cd9f-4219-8e2d-dd08dc97e6a4
X-Schema-Version: 6
X-Session-Id: session158340da897e0058
[
{
"tstamp": "158340da8b1822e0",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "7ea48eeafbb17279af2ad4d324b487f16c24d3f32d3677e576b447bc6145e3e2",
"schemaversion": 6,
"name": "timer-renamed.go",
"action": "U",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da87ed6fd0",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "text/plain",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "a1YMYefzF4YwAezqJgEyGWFvnM4EpEvbvCVlxqm9iWlDvkMWLkT2dloC4FyhkF40ObdPNp/YnUZfApjFre8EBelVriiNaXSUnQP2hpi1mCFYEtCUCOq1tGAaE1yRXSMk/vS2S/lP/nQQyTiLo3Qz/sATQu8wjk9cmKs="
},
"encryptednonce": {
"master": "kCKQivQAssXMv0jT"
}
}
] Input: Put this file into a Deleted (action D) state. You can see old versions in history, but this file is no longer in current listings.
Copy POST /services/gm-data/0.1/write HTTP/1.1
Host: 127.0.0.1:9443
Content-Type: multipart/form-data; boundary=cd0629b511ce1b4f1c752d2c2aa4e64e8b6724f7e6f403d77e7d3026770b
Cookie: userpolicy=eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1NTAxODI4MDMsImxhYmVsIjoiYXNSb2IiLCJ2YWx1ZXMiOnsiYWdlIjpbImRyaXZpbmciLCJkcmlua2luZyJdLCJjaXRpemVuc2hpcCI6WyJVU0EiXSwiZW1haWwiOlsicm9iLmZpZWxkaW5nQGRlY2lwaGVybm93LmNvbSJdLCJuYW1lIjpbInJvYiBmaWVsZGluZyJdLCJvcmciOlsid3d3LmRlY2lwaGVybm93LmNvbSJdfX0.AbhZX9hW0WfOsYpFUZZVf3q5igg0oc9yrHtYacypmjbv4htTfShkv7Xf8CV3VU3BP4CeL_3YCEDoFXiy8NK3bpV6ABTuf4MWI5EKaTJ3i7c8SNq6Qj8NTxemp5DXcPpIW6o6F5SIUOCNRYjzffTrTcRieNCmVk7nW3lVCkkJpHUcr8cm
X-Envoy-Upstream-Rq-Timeout-Ms: 300000
--cd0629b511ce1b4f1c752d2c2aa4e64e8b6724f7e6f403d77e7d3026770b
Content-Disposition: form-data; name="metadata"
[
{
"name": "byebye",
"action": "D",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "octet/stream",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/"
}
]
--cd0629b511ce1b4f1c752d2c2aa4e64e8b6724f7e6f403d77e7d3026770b-- Output: The Delete only needs a few key fields, but including the entire state will allow for the trashcan to show all relevant information about it.
Copy HTTP/1.1 200 OK
Content-Length: 1314
Content-Type: text/plain; charset=utf-8
Date: Thu, 14 Feb 2019 14:20:04 GMT
Server: envoy
X-Envoy-Upstream-Service-Time: 27
X-Request-Id: 6852b4aa-87c9-41dd-bb9d-8affa03da7b6
X-Schema-Version: 6
X-Session-Id: session158340da8c743200
[
{
"tstamp": "158340da8dedf8f0",
"tstampend": "7fffffffffffffff",
"userpolicy": {
"label": "asjane"
},
"jwthash": "7ea48eeafbb17279af2ad4d324b487f16c24d3f32d3677e576b447bc6145e3e2",
"schemaversion": 6,
"name": "timer-renamed.go",
"action": "D",
"oid": "158340da87e468e0",
"parentoid": "158340da87cde534",
"expiration": "7fffffffffffffff",
"checkedtstamp": "158340da8b1822e0",
"objectpolicy": {
"label": "forAnonReadjaneFull",
"requirements": {
"f": "owner-full-ro-all",
"a": [
{
"v": "email"
},
{
"v": "jane.doe@deciphernow.com"
}
]
}
},
"mimetype": "octet/stream",
"rname": {
"S3": "9d0/158340da825d69d0"
},
"derived": {},
"isfile": true,
"security": {
"label": "anonymousread ownedby jane.doe@deciphernow.com",
"foreground": "#FFFFFF",
"background": "#000000"
},
"fulldir": "/0000000000000001/",
"encrypteddata": {
"master": "OH0lGhfamqian77SXCa8wDcPLo7bwS9V6HJcD/rN88P4qB8uadgYxz4RfNOznCWGmsVSQp5ooS8olduEWwPWLoM/6P8jrm/W8H6ZAo+04IoFhyX5bTPy69IdNlH5OzXut6LW/iR32YVajhqFsxAZRos6n1fqpzH7iUo="
},
"encryptednonce": {
"master": "ccBi4atBM3SzTV1s"
}
}
] Reference: Event fields
version of the schema from which this object came
sha256 of JWT token we accepted
jwt claims used when creating this event
nanosecond timestamp of this objects creation time - unique per event.
end data for this record validity, which may change
file/dir name without pathing
actions on a file to put it into its current state
a numeric identifier assigned to a file/dir. happens to be a nanoseconds timestamp. (oid, tstamp) are the primary key for these events.
oid of the parent directory.
tstamp as of which this record will not come back from queries. may legally require purges at some point.
the tstamp of the previous version of the oid we compared against.
the rules that allow action (C R U D X P)
same as content-type. set for this object, and also for S3 blobs.
${AWS_S3_BUCKET}/${AWS_S3_PARTITION}/${rname} is where this object is in S3. Name is assigned even if only IPFS is used.
Fields to denote that a file is derived from another - ie: doc to PDS. (oid,tstamp) are a primary key for the original. type allows us to track what kind of derivation it is, such as doc-to-txt.
Set this if it is a file. You will get a directory if you don't set this.
Put custom fields in here that gm-data does not understand, but need to be tracked by the application.
For a directory, if we try to stream the directory, ${defaultfile} will be the assumed name. index.html is the default value.
Security labels are written here, along with their foreground/background pen colors.
Description of what is in the file or directory
sha256 of the plaintext, can be used in the client to calculate a minimum number of files to send for update
the blob algorithm. if not specified, we store in S3 with SSECustomerKey
In order to just purge a single event, supply a purgetstamp along with the oid.
full dir for this version of this file, beginning and terminated with a slash
When uploading files, an array of updates can be supplied; so that we can upload files into directories that don't yet exist. Indices are negative relative values.
Allow for fields to be encrypted on a case-by-case basis
Values for action
create a file, system will make up an oid. parentoid is required.
permissions to read metadata about a file.
update a file, with existing oid. if oid not given, lookup by name will be done for upsert behavior.
delete a file. oid and objectPolicy are required.
execute on a file/dir. this means streaming a file, or listing dir.
purge a file, which deletes the entire history of the oid.
Values for security
the banner string shown at top and bottom, such as SECRET
the background color in html color form such as #FF0000
the foreground color of the text in html format such as #FFFFFF
Values for blobalgorithm
SSECustomerKey, where we must track a crypto key, and we send the key into the S3 request to decrypt and encrypt. This allows for the use of analytics APIs that can supply a crypto key.
Disable encryption in the S3 bucket. This facilitates use with APIs that cannot supply a crypto key, and don't need encryption.
Server Side S3 encryption. This means that the client does not need to supply the crypto key, as S3 finds and plugs it in.
Values for references
a relative value in the array of uploaded values
the field to copy from: parentoid, oid, tstamp
the field to copy to: oid, tstamp
Values for encrypted
overwrite given name with encrypted name when this metadata is retrieved.
overwrite given security label with encrypted security when this metadata is retrieved.
overwrite given blobkey label with encrypted blobkey when this metadata is retrieved.
overwrite given custom attributes with encrypted custom attributes when this metadata is retrieved - per field.
