Using an applications 'own_container' and NFS / Publically accessible NFS


#1

So let me pitch the scenario first… My program requires the storage of files that should be accessible to all users. The idea is, I could upload a file then any other user would be able to read that file. It really is as simple as name -> file. Ideally I would like a user to be able to see a list of all files that have been uploaded as a simple drop down menu. (This is an application where the scenario of uploading a file is very rare, but obviously needed.)

My question is; Is using the applications own_container a sensible use case? My understanding is that the own_container is like any other container (a MD)… With the exception that it is always visible to the application (always has permissions) regardless of what user is using the application. The own_container is the exact same MD regardless of what user is using the application. Thus my idea is to use NFS emulation to simply store the files in this MD, then any user that uses the application can read all the File's that have been uploaded.

Is there a serious flaw in my understanding or am I understanding things correctly? :grinning:

The one flaw I can think of is that it might be better to create a new MD, serialise it and store it in the apps own_container. This would allow additional information to still be stored in the apps own_container… Getting this idea from here: Accessing stored data without handle. I am guessing in that scenario it would have to be a public MD so that everyone would be able to write/read to it?

Any help or advice would be greatly appreciated.


#2

Hi, this is an interesting question.

No, it’s not exactly like that. It is like any other container in the sense that it is a MutableData, but it’s not shared amongst any other users or applications, and that’s why it’s called an “own container”.

On the contrary, there’s a _public container, which contents can be shared with multiple applications, but not users. A user is someone who owns the account and you can consider an app as something that works on behalf of a user it belongs to, having an access only to certain containers and actions. Thus, an app has no way to e.g. transfer ownership of a MutableData: only you, as a user, can do that. There are other constraints, but generally you have to explicitly allow apps to do something on your behalf. And even MD objects created by your app will always belong to you as a user.

So, if I understand your question correctly, you can’t share own_app and even _public with other users, as all of them belong to a single particular user only, and pointers to these containers (MDataInfos) are stored in an encrypted form in the user’s access container.

If you want to make your data public for every user of the network, you can just create your own public/non-encrypted MutableData instance and share its MDataInfo with everyone else. You can even allow everyone to modify it, by using the special User::Anyone permission.

That’s the gist of it, but perhaps @hunterlester or @bochaco also can add something from the app developer’s perspective.


#3

Thanks for your swift reply! That all does make sense…

So, looking at the web hosting manager…
It stores in the users _public container, a key-value pair where key is the service path (I’m guessing this is like maidsafe.example_app) against a value that is the xor-name of the MD that holds the service container of example_app. So when a user is in the browser and uses the domain name maidsafe.example_app it knows to xor this (in combination of the tag that corresponds to WWW) then that allows it to find the location of the service container for maidsafe.example_app… Which because this is in a users _public other users can read from because it is unencrypted… is that how the web hosting manager works? (In a high level overview anyways)

So with that in mind, could it be possible to go down a different approach… Where in a user would store, in their _public a key david's_files with a value that is the serialised form of a public MD (with a name that is publicly known such as david's_famous_cat_paintings) that could be emulated as NFS. Then, although no other users would be able to write to this david's_famous_cat_paintings MD they would be able to read File's from it if they knew of the existence of the david's_famous_cat_paintings MD?

Apologies if I am being very confusing haha!


#4

Here’s an overview of how web hosting manager stores web services: https://github.com/hunterlester/safe_examples/blob/c65abda4618e99ed73ea14c2a9aadeb47ea0574d/safe_web_api_playground/safe_dns.md

When visiting a safe:// URL, SAFE Browser uses webFetch to retrieve the web service, looking up the Mutable Data by the public ID and type tag: https://github.com/maidsafe/safe_app_nodejs/blob/master/src/app.js#L135

I wouldn’t be able to see the entries in your _public container, I can only access my own _public container.
However, assuming that you’ve hashed the david's_famous_cat_paintings string with sha3hash to create an 32 byte XOR name for your MD and if I knew the type_tag that you used to create david's_famous_cat_paintings, then yes, I could read the file entries.


#5

I think that @Joseph_Meagher’s Vidy does what you’re looking for. See https://github.com/josephm1/Vidy


#6

That page is fantastic! I really wish I had come across that before. Thanks for sharing.

Having had the weekend to mull over your answer and have a small look at this project…

… I think I know exactly how to manage things. Thanks everyone for your helpful advice.