OneDev
Projects
Global Views
files-gallery-ea
Code
Files
Commits
Branches
Tags
Code Comments
Code Compare
Pull Requests
Issues
Builds
Statistics
Child Projects
OneDev 11.9.7 Try EE
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update Try Enterprise Edition
Projects sev files-gallery-ea Files
master
ROOT /
Enable build support by adding .onedev-buildspec.yml
config Loading last commit info...
css
js
schemas
.gitignore
LICENSE
NOTICE
README.md
_filesconfig.php.sample
README.md

This code is beta!

While file sharing and WebDAV are mostly complete and tested, the sample config has not been updated since the previous major version, and WebDAV permissions are not set up yet.

Files Gallery Extended Access Add-on

Extended Access (EA) is an add-on package for Files Gallery that aims to add personal user configuration, share links, and WebDAV support to Files Gallery, upgrading it into a proper fully-featured groupware file management platform.

Previously, EA was known as User Files & Sharing (UFS), but was renamed as version 0.11.0 of Files Gallery added native multi-user support, which this project was modified to use.

EA is currently compatible with Files Gallery 0.12.4. Earlier and later versions may not work. The config/scripts/update.sh script will install/upgrade to the latest compatible version.

EA currently delivers patches on top of Files Gallery. If you manually install Files Gallery, you must also install the patches in the config/scripts/patches directory.

Files Gallery is a fast, web-based file management system, originally designed for X3 Photo Gallery, but later modularized to allow independent use. It is, in its most basic form, a single PHP file, that can be put into any directory, instantly transforming an otherwise boring directory index into an advanced file browser, uploader, and editor.

What is EA?

Files Gallery loads configuration from an administrator-created PHP file. I [ab]used this feature to inject my own functionality into Files Gallery, hijacking various internal functions and stapling on new ones. In some cases, EA takes complete control, like when dealing with share links. Otherwise, EA modifies the environment and passes on execution back to Files Gallery.

EA also modifies the user interface through custom JavaScript to implement user config personalization, share link UI, and more.

EA Features

  • User configuration self-service (Files Gallery natively only allows admins to update user configuration)
  • File sharing via share links
  • Share link access controls, with configurable authentication challenges
  • Files Gallery configuration settings can be applied to share links
  • UI for all of the above
  • Automatic header-based user login, using native Files Gallery user backend
  • Automatic account creation and provisioning when using header authentication
  • Root templates for automatic folder assignment
  • WebDAV access to share links with password authentication control
  • PDO backend allows for multiple choices for supporting database

Requirements

EA is a stateful system and stores share link configuration in a database. It uses a SQLite database by default, but as the database is accessed using PDO, any PDO ANSI SQL-compatible backend should work. SQLite and PostgreSQL have been tested.

Why EA?

I have gone through tons of file sharing and groupware platforms, and each of them suffers from at least one of the same recurring issues:

  • Too many features/bloated
  • Too complex for simple usage scenarios
  • Missing critical features, e.g. share links
  • Unoptimized and runs poorly

My use case is simple:

  • Users each get their own automatically provisioned, private file storage
  • Users can upload, download, view, and potentially modify files through web UI
  • Users can share files and directories with others, with customizable controls
  • Other users can perform all the same actions on shared files where allowed
  • Files can be accessed with WebDAV

While I liked how Files Gallery worked when I first discovered it, it did lack some of the features I wanted that would allow it to replace my existing solutions. Given that Files Gallery consists of a single PHP file (with supporting scripts and assets), it seemed simple enough to modify, and the developers allow doing so, I set off to add my own features.

The end result of that work is EA.

Installation

  1. Copy _filesconfig.php.sample to _filesconfig.php and edit to your liking
  2. Run config/scripts/upgrade.sh to install Files Gallery and asset bundle
  3. Serve this repo through PHP-FPM or your preferred service

It is recommended to that your reverse proxy/webserver block access to paths beginning with .git, as well as the entirety of the config and users directories, as such paths should never be served to end users.

You should make sure to forward your share, WebDAV, and user files paths to Files Gallery, in addition to the root. In general, all of these paths except for the root should be unique, but the code is written in such a way that you may be able to nest them (for example, placing the WebDAV URI below shares).

Also, config should be made writable by the PHP user if the default SQLite database is used, as it is stored in config/db.sqlite. config.php should be made unwritable for the PHP user for security, and so that Files Gallery won't be able to modify/replace the file. It will try to do this during updates.

TODO

This project is still a work in progress. The following features are missing:

  • Mentioning the WebDAV support when creating a share link, its restrictions (only works with Password and Notify controls), or showing the resulting URL after the link is created.
  • Allowing the user to disable WebDAV when creating a share link.
  • WebDAV support for user files?
  • WebDAV does not respect permissions and other configuration settings. It is full read/write! You should probably leave it disabled unless this is OK.
  • Reshare feature does not restrict permissions, so you can for example enable writing where the parent share has it disabled. Permissions should cascade.
  • Update sample config. It is very out of date and much of the contents is no longer relevant, or has been renamed so that it will no longer work with the current version.
  • Reverse proxy setup guide and best practices.
  • Endpoint for reverse proxy auth request to get e.g. share root directories for faster file access performance.
  • Self-service password reset.
  • Password hashing algorithm config option.

Not planned

These features will not be implemented:

  • Other authentication methods other than Files Gallery password and reverse proxy header.
  • Other DAV endpoints like CalDAV and CardDAV... Maybe if it's easy.

License

Copyright (c) 2024-2025 sevmonster. All rights reserved.

This project, except where otherwise noted, and specifically excluding Files Gallery and any associated intellectual property, is licensed under the Apache License, Version 2.0 (the "License"); you may not use it except in compliance with the License. A copy of the License is made available in the LICENSE file. You may also obtain a copy of the license at the Apache website.

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Please wait...
Page is in error, reload to recover