Documentation by Black Sheep Research

User Tools

Site Tools

Trace:
remository:storage

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
remository:storage [2022/09/21 13:57] adminremository:storage [2022/09/22 08:39] (current) – [Access Controls] admin
Line 3: Line 3:
 ====== Remository File Storage ====== ====== Remository File Storage ======
  
-===== Database Storage =====+==== Database Storage ====
  
 The files in the repository managed by Remository can be stored in the database. When that happens, a file is split up into approximately 64 KB chunks for manageability, and stored as a series of "blobs" in the xxx_downloads_blob table.  The files in the repository managed by Remository can be stored in the database. When that happens, a file is split up into approximately 64 KB chunks for manageability, and stored as a series of "blobs" in the xxx_downloads_blob table. 
Line 13: Line 13:
 When a user uploads a new file and automatic approval is not allowed, the new file is always stored in the database, irrespective of its final destination. That way, it cannot be used for an attack on your site. Only after the file is approved is it placed in the destination indicated by the file's container.  When a user uploads a new file and automatic approval is not allowed, the new file is always stored in the database, irrespective of its final destination. That way, it cannot be used for an attack on your site. Only after the file is approved is it placed in the destination indicated by the file's container. 
  
-===== Access Controls =====+==== Access Controls ====
  
-Each container in Remository has provision for setting groups that can do various things. The four options are upload, download, edit and auto-approve. You can enter as many groups as you wish. It is possible for Remository to manage the groups, but since Joomla introduced more flexible groups, it is normally more sensible to use the CMS groups. This can be selected in the "Options" for Remository. There is a pseudo-group called "Nobody" which never has any members and disables the relevant facility.+Each container in Remository has provision for setting groups that can do various things. The four options are upload, download, edit and auto-approve. You can enter as many groups as you wish. It is possible for Remository to manage the groups, but since Joomla introduced more flexible groups, it is normally more sensible to use the CMS groups. This can be selected in the "Options" for Remository. There is a pseudo-group called "Nobody" which never has any members and disables the relevant facility. It is important to use "Nobody" to block an operation - having no groups selected makes the operation available to everyone.
  
 The first three settings are self explanatory. Auto approve is a little more complex. What it means is that when a user uploads a file, if the user is a member of one of the groups set for auto-approve, then the file will be immediately published and available for download. If the user is not a member of any of the auto-approve groups, the uploaded file is held for approval by an administrator through the Remository admin interface. The first three settings are self explanatory. Auto approve is a little more complex. What it means is that when a user uploads a file, if the user is a member of one of the groups set for auto-approve, then the file will be immediately published and available for download. If the user is not a member of any of the auto-approve groups, the uploaded file is held for approval by an administrator through the Remository admin interface.
  
-==== Storing files in the disk system ====+=== Storing files in the disk system ===
  
 But it is possible to have the file store in the disk system. You can set this as a default in the "Options". There is a default path to the file store which is shown in the control panel (front page) of the Remository administrator interface. When a new container is created, if you do not give it a specific absolute path, it will be set with the default path. You can choose a different path. It is important to do this carefully, both to avoid conflicts with other activities on the system and to ensure security. The file repository should not be accessible by the web server. This can be achieved either by ensuring that it is outside the web root, or by web server configuration directives. Remository attempts to write a suitable .htaccess file, but this cannot be guaranteed. But it is possible to have the file store in the disk system. You can set this as a default in the "Options". There is a default path to the file store which is shown in the control panel (front page) of the Remository administrator interface. When a new container is created, if you do not give it a specific absolute path, it will be set with the default path. You can choose a different path. It is important to do this carefully, both to avoid conflicts with other activities on the system and to ensure security. The file repository should not be accessible by the web server. This can be achieved either by ensuring that it is outside the web root, or by web server configuration directives. Remository attempts to write a suitable .htaccess file, but this cannot be guaranteed.
Line 37: Line 37:
 The Amazon naming system, like the normal disk system, does not prevent name clashes. Just as with the file system, you can guarantee to avoid them by specifying "Real with ID" as described above. If that option is turned on, then each file will be placed in its own "directory" that has a name based on the file ID. The Amazon naming system, like the normal disk system, does not prevent name clashes. Just as with the file system, you can guarantee to avoid them by specifying "Real with ID" as described above. If that option is turned on, then each file will be placed in its own "directory" that has a name based on the file ID.
  
-Using Amazon S3 gives you a lot of flexibility over storage (although you have to pay for it!). It also means that when a user downloads a file from your repository, it is sent to them directly from Amazon. That will normally be faster than sending from your web server. Again, there is a cost, but it is small unless you have a very large quantity of downloads. The use of Amazon clearly reduces the load on your web server, which may be a helpful move.+Using Amazon S3 gives you a lot of flexibility over storage (although you have to pay for it!). It also means that when a user downloads a file from your repository, it is sent to them directly from Amazon. That will normally be faster than sending from your web server. Again, there is a cost, but it is small unless you have a very large quantity of downloads. The use of Amazon clearly reduces the load on your web server, which may be a helpful move. Amazon claims that files stored in S3 have a very low probability of being lost.
  
remository/storage.1663768625.txt.gz · Last modified: 2022/09/21 13:57 by admin