Should this be a lambda instead so you could specify your own function
completely? I used to own an ISP and one of the challenges was
running the network news server. You'd have > 1M files on a 20 gig
drive and have to give them to multiple peers over their lifetime.
One thing that we did for performance was to hack the ext2 filesystem
to recognize a magic pattern of: inode:%d as a filename. If that
pattern was found then the integer was taken to be the inode number
and the file was never actually looked up in the inode tree. (The
tree traversal for having >10k files in one directory is what slows
things down.) If we could just pass a lambda to the table instead
then one could conceivably use the same type of system to solve this
problem.
On Fri, Jun 11, 2010 at 1:20 PM, mdipierro <mdipie...@cs.depaul.edu> wrote:
> Field('name','upload',authorize=f)
>
> where
>
> def f(row):
> if auth.user and auth.user.id is allowed to download row.id
> return True else return False
>
> the authorize function is called automatically (if declared) when
> somebody attempts to download an uploaded document.
>
> On 11 Giu, 14:11, weheh <richard_gor...@verizon.net> wrote:
>> Once assigned, the user_id that my app creates is never changed. I
>> would use the auth.user.id field, but I don't like the fact that it's
>> sequential and therefore, easily guessed. I doubt that uploads can be
>> hacked easily since you did such a good job with security.
>> Nevertheless, I prefer to have an additional layer of obfuscation by
>> having an encrypted user_id.
>>
>> On Jun 10, 11:32 pm, mdipierro <mdipie...@cs.depaul.edu> wrote:
>>
>> > The problem with this is that the, I assume, tha database links the
>> > uploaded filename to the user_id and therefore you need to access the
>> > database to locate the file. That is ok until the database changes and
>> > somebody edits the user_id. Than you can no longer locate the file.
>>
>> > On Jun 10, 7:36 am, weheh <richard_gor...@verizon.net> wrote:
>>
>> > > I think I'm dealing with the same situation, however, I'm going about
>> > > it a little differently. I'm storing files in
>>
>> > > uploads/users/user_id/filename
>>
>> > > My user_id is a cypher of characters [A-Z][a-z][0-9] with a length
>> > > anywhere from 8 to 12 characters or so. The filename is another cypher
>> > > created automatically by web2py, following the table.field approach.
>>
>> > > One thing I'm thinking about is taking the user/user_id/filename
>> > > structure entirely outside of web2py. The reason is that my server has
>> > > 2 disk partitions and I might want to have these files resident under
>> > > C:/ or D:/ Another reason is that I might want to gradually move
>> > > these files to the cloud or another server. I'm wondering whether this
>> > > is reasonable and even possible to do from within a web2py app working
>> > > around the web2py way.- Hide quoted text -
>>
>> > - Show quoted text -
