AjaXplorer 4.3.0 “dev” release : brand new features

Glad to announce the release of AjaXplorer 4.3.0, which as its number implies is in the DEV branch. This means that it is by no way meant to be used in a production environnement, and particularly the support of exotic languages and browsers will be very poor. But this does mean that we need your help to test and report the various problems that the new features will necessarily bring on board. Don’t be afraid, deploy and play with it, you’ll love it!

Summary

Here is a summary of the major changes and new plugins, the complete changelog is available lower in this page.

  • Major rewrite of the Auth/Conf module, the “role” concept was generalized and refined, and the “group” concept is added as well. Basically, a logged user can at runtime inherit from various roles : its group role, administrator-assigned roles, and personal roles. This will refine the set of ACL available to the user, but NOT ONLY : plugins parameters and actions can be changed and overriden in each role, on a per-repository basis. This may sound complicated, but this opens the doors for a ultra-high flexibility, and among other, for complex multi-tenancy scenariis. A draft documentation is already online here.
  • WebDAV Component totally replaced : at last! After years of struggling with ezComponent WebDav module, we’ve switched to SabreDAV, which is way more active, and of course, way more stable. However, the drawback is that it introduces a requirement of using PHP5.3 for AjaXplorer. Discussion on this topic is welcome in the forum, if you consider it’s a problematic constraint.
  • Mailing, Notifications, folder/file Watching are now almost in the core of the application. A flexible meta.watch plugin allows you to be notified each time someone reads and/or writes inside a folder or a file. Can be used the other way round in conjunction with the ShareCenter to notify the people with whom you share a folder that you have added a new doc. And of course integrates nicely with the Scheduler to triggers the emails in an asynchronous way.
  • New plugins include access.hpcloud, a driver to take advantage of the Open-Stack based HP Object Storage offer, cypher.encfs, a plugin that can be used to cypher a folder on the server using EncFS, and metastore.xattr , a metadata storage using the Extended Attribute. This one is still experimental, but should definitely be tested deeper, as it seems a good solution to keep a filesystem accessed by other protocols in sync with AjaXplorer.
  • Desktop Synchronization Tool is available in early beta. The project is hosted on GitHub, Java programmers are welcome to contribute! The installers for Windows and MacOS are available on SourceForge. There is no installer for Linux yet. Please read carefully the GitHub ReadMe, there is high requirement on the php_rsync extension being installed on the server (succesfully tested on Debian 6 & CentOS 5 & 6). See the dedicated page on the website http://ajaxplorer.info/extensions/desktop-sync/
  • If you have not seen it yet, the iOS application is updated to iOS6, with a nice new layout for iPad, it’s not anymore a “bigger version” of the iphone.. Thanks to our new commiter Brahim, we will release a bugfix version of Android very soon as well.

What’s next?

On our road to Ajxp5, we are launching a huge work on the GUI, that definitely has a lot of room from improvement to be more user friendly. We will also switch to GitHub at one point or another, to allow easier forking/contribution to the core. All the new plugins will also probably lack documentation, we’re on it!
——————

Detailed Changelog

AUTH/CONF COMPONENTS MASSIVE REWRITE

. Groups implementation : users can now be part of “groups“, and a user can be administrator of a sub-group only. Repositories and roles can be marked with a given group as well, making them accessible only to the users of the group and below. This is a good step toward multi-tenancy. Groups are also accessible for sharing : ability to share with a whole group at once.
. Roles generalization : The role concept is now a generic container for a extended set of data : ACL, but also plugins Parameters and plugins actions set to be disabled. Roles can be manually created, but a user will by default inherit its rights from a default “personal” role, and from roles attached to its groups. This is making the configurations/ACL ultra-flexible, and you can for example set different configs parameters for two different groups, and then override these for a specific user if necessary. These parameters and actions can also be applied to a chosen “scope” for repositories : All Repositories, Shared Repositories, or each repository one by one. See this page for more info : http://ajaxplorer.info/documentation/administration/4b-configs-roles-ajaxplorer-5/
. The old “CUSTOM_DATA” fields defined in the conf drivers options are now actually brought by plugins manifest, and a “scope” attribute allows to attach these custom fields to either the users, the groups, or the roles (or all of them).
. Roles (and by extension users and groups), Repositories and Plugins now have their own brand new editors.
. A “lock” property of the users can trigger a predefined action just after login, useful for either forcing pass change, or setting a GUC to validate. If set to “logout”, the user just cannot log.

WEBDAV COMPONENT REPLACEMENT

The WebDAV component, previously powered by ezComponent, was entirely replaced by SabreDAV, which is by far a more active and stable project. As a result, webDAV should be working way better, litmus tests are passing 100%, even with MacOS Finder! As a bonus, we added the possibility to point to the parent url (/shares/) with a listing of all available repositories depending on the user logged. Finally, a WEBDAV_BROWSER_LISTING option allows you to access the very simple webdav list directly in the web browser.
WARNING : THIS NOW ADD A REQUIREMENT TO PHP5.3!

NEW PLUGINS

[access.hpcloud] First implementation of HPCloud Object Storage access, based on their PHP bindings + patch. See if possible to send back the changes.
[cypher.encfs] Experimental implementation of encfs : dynamically create / mount / umount an encfs filesystem. Nice trick to handle the creation via STDIN. Requires web-server user to have sudo access to encfs and encfsctl commands. Implementation is using specific folder prefixes and node filtering. New “force_copy_delete” parameter in fsAccessDriver when moving directories from/to a mounted folder. Automatically unmount all folders at logout/repo_switch, pass the XML template & password as plugin configurations. Remind to add www-data or equivalent to sudoers for encfs and encfsctl commands.
[metastore.xattr] XAttr metastore implementation, seems to be working quite well. Requires xattr, libattr (libattr1-dev on debian), and pecl xattr extension.
[meta.watch] Update Mailer, new meta “watch” for watching a folder and getting notification on it. How to watch a root folder? Share and Watch together
[core.mailer] Generic plugin for sending email. Unique implementation yet is using phpmailer-lite.
[core.notification] USE_QUEUE parameter in NotificationCenter / Base for notification templates via i18n library
[mailer.phpmailer-lite] Mailer implementation

PLUGINS FIXES

[meta.git] Fix performChecks function
[editor.diaporama] Compute image ratio using JS when not available via metadata.
[editor.diaporama] Optimize for remote wrappers by caching references to real file whenever possible.
[editor.diaporama] PThumb : deprecated join calls
Fix spaces (rmeske)
[Access.dropbox] better error handling (could trigger a memory fault)
[log.text] : send syslog error when recursive problem.
[access.fs] Catch opendir failed call error / Remove unused countFiles call for recycle bin.
[editor.soundmanager] : totally disable for IE < 9 .
[conf.serial] Fixes in conf.serial/AJXP_User and in ldapAuthDriver for case sensitivity problems.
[action.scheduler] Add a log in fakeLongTask
[auth.ldap] Do not initialize the LDAP Connection in init() function, otherwise it’s triggered for no reason most of the time.
[action.share] Resolve AJXP_USER as parent only in a controlled environnement > Better logs for shared links actions (do not mix with author login anymore)
[meta.filehasher] Fix : filling /tmp/ dir with filehasher_patch files…
[conf.sql] New table ajxp_simple_store for multi-purpose storage. This is getting closer to JCR / PHPCR approach !!!
[meta.quota] Implement SoftQuota
[meta.filehasher] Meta.filehasher : remove rsync actions to “advertise” the fact that rsync is not on the server.

CORE FRAMEWORK (PluginService & Controller)

New variables filters AJXP_GROUP_PATH, AJXP_ALLOW_SUB_PATH
Ability to load manifests contribs including external files (for listing actions).
Add ajxp_folder mime_type to “ls” action, to allow the actions discrimination by mime types for folders as well. To be checked for side-effects!
Set GROUP_PATH as repository standard option.
LoadRegistryContribution only when building the registry – Try filtering options with role parameters.
Ability to depend on a type of plugin being present (mailer+)
Basis for attaching binary data to users/roles – Handle images for avatars
Add node.read hook wherever possible
Abstract updateUserObject() function can be call to let the AUTH drivers enrich the CONF users object, implementation sample on LDAP, by automatically mapping ldap attributes to CUSTOM_DATA_ parameters.
Fix exception loop
Fix logger : when using CLI, REMOTE_ADRESS not available, display PHP_CLI instead.

CORE UI (gui.ajax)

Actions : new attribute evalMetadata on selectionContext
MetaStoreProvider interface now declares an inherentMetaMove() method to be implemented.
ShareCenter : Update node metadata on before_change instead of change, otherwise automoving metastore will move metadata before checking the node.
Move Conf / Auth group methods to abstract classes, SQL conf to be implemented. Code cleaning.
ShareCenter : Handle group sharing from start to end.
In FormManager, ability to set a field readonly .
IE : always LoadAutoLoadResources() after registry is loaded
Connexion : display error message, not error object.
IE XPath : set SelectionLanguage property to be able to use contains() expression.
Display a NEXT instead of OK for create_user and create_repository