Add a preference to control clients' permissions.

[berhem-taher]

Closes #217 .
See: https://mina.apache.org/ftpserver-project/ftplet.html

[wolpi]

Ftplet API is interesting. But how would you support permissions in sftp? I thought about implementing permissions in file classes:
https://github.com/wolpi/prim-ftpd/tree/master/primitiveFTPd/src/org/primftpd/filesystem

[berhem-taher]

how would you support permissions in sftp?

I forgot about SFTP :|

I thought about implementing permissions in file classes

I prefer permissions to be processed by the server rather than file classes (or the filesystem), requests are allowed/disallowed before passing the associated commands to the filesystem.

If using file classes gives more benefits, easier debugging, etc., i will use look into them.
One advantage i can think of, is to check if a file exists, before allowing/blocking APPE (append).

[berhem-taher]

Overriding SftpEventListener's methods shall give control over permissions.
https://github.com/apache/mina-sshd/blob/master/docs/sftp.md#sftpeventlistener
https://github.com/apache/mina-sshd/blob/master/sshd-sftp/src/main/java/org/apache/sshd/sftp/server/SftpEventListener.java

I can't find org.apache.sshd.sftp.server.SftpEventListener or SftpSubsystemFactory in this project (prim-ftpd), since we don't ave mina-sshd as a dependency.

[wolpi]

Well, for both libraries (mina ftpd and mina sshd) it has been necessary to copy their code inside this source tree and do some modifications. For ftpd the reason is that it relies on old school java streams io which stopped working in some android version. For sshd the reason are crypto libraries. mina sshd uses bouncy castle but in some android version it was not possible to use bouncy castle anymore. Also for sshd we are stuck on an older version due to support for JDK versions in android. Probably SftpEventListener is not present in that old version.

But even as library code is now part of this source (and there are already modifications) I want to keep modifications to a minimum. I still want to use extension APIs for stuff specific to this app.

So far I see file objects (or filesystem abstractions of mina libraries) as primary API between servers and android app.

But ftplet and listeners are good ways as well. If you could dig out something for the old sshd it would be great.

[berhem-taher]

I extended SftpSubsystem, and overridden process to check for permissions before processing the commands.

But for some reason, the server (SFTP) can't be initialized properly. So i can't test whether my edits are working.
WinSCP gives this error:
Cannot initialize SFTP protocol. Is the host running an SFTP server?
Using sftp command, the Authentication succeeds, but the connection is suddenly closed.

If the problem persists I will consider using Filesystem classes, they seem nice to work with. (although it's a bit of a mess)

[berhem-taher]

it was not possible to use bouncy castle anymore

Check Spongy Castle, it's Bouncy Castle with minor changes to solve the conflicts

Also, new versions of mina-sshd support Java 8. Check: https://github.com/apache/mina-sshd#core-requirements

[wolpi]

WinSCP gives this error:

Are there exceptions in log?

Check Spongy Castle, it's Bouncy Castle with minor changes to solve the conflicts

Even with spongy castle it would be necessary to change code of mina library and thus copy it to this app's code.

Also, new versions of mina-sshd support Java 8

Android forces us to stick with java 6. At least with minSDK Version we have right now. And API of newer mina-sshd has changed a lot. If this app would be changed to use it, it would be a lot of work.

If the problem persists I will consider using Filesystem classes

See these two commits. I changed that to be able to use preferences in filesystem classes. You might need to rebase your fork.

6c50d49
f563e9e