Update connector spaces implementation state

2026-07-08 15:08:04 +02:00
parent 9a8f38f759
commit b8cb5c908f

@@ -72,45 +72,51 @@ source path entries: system, tenant, user, group, campaign when applicable.
Implemented:
- provider descriptors for Seafile, Nextcloud, WebDAV, and SMB
- database-backed connector profiles with system and tenant scope
- encrypted stored password/token support for database profiles
- JSON/environment-defined connector profiles with system, tenant, user, group,
and campaign visibility
- connector allow/deny policy enforcement before browse/import/sync
- read-only browse endpoints
- import and sync into managed files with provenance and revision metadata
- audit events for connector import, sync, and access
- settings/admin UI sections for system and tenant file connections
- linked connector-space rows owned by users or groups
- file-space API responses that include linked connector spaces
- Files UI entry point to create linked connector spaces from a browsed remote
profile/folder
- Files UI sync dialog for choosing a profile, browsing a remote folder, and
syncing a selected file into a managed destination folder
- Files UI connector-space view with provider/read-only/manual-sync state
- Docker dev stack smoke checks for WebDAV, Nextcloud, and SMB
Missing:
- database-backed connector profiles equivalent to mail-server profiles
- explicit connector profile policy rows equivalent to mail-profile policies
- settings/admin UI for system and tenant connector profiles and policy
- linked connector-space rows owned by users or groups
- file-space API responses that include linked connector spaces
- Files UI entry point to create and manage linked connector spaces
- effective connector policy/explain UI equivalent to mail-profile policies
- edit/manage actions for existing linked connector spaces
- optional background sync or remote-write semantics
## Implementation Phases
1. Persist governed connector profiles and policies.
- Add `file_connector_profiles` and `file_connector_policies` tables.
- Reuse the mail profile scope model: system and tenant first.
- Keep environment JSON profiles as bootstrap/compatibility profiles.
- Expose profile and policy CRUD endpoints.
- `file_connector_profiles` exists for system and tenant profiles.
- Environment JSON profiles remain bootstrap/compatibility profiles.
- Profile CRUD endpoints exist for database-backed profiles.
- Remaining: `file_connector_policies` plus effective policy/explain output.
2. Add linked connector spaces.
- Add `file_connector_spaces` with owner user/group, profile id, library id,
remote path, display label, sync mode, and active state.
- Enforce effective connector policy before creating or using a link.
- Return linked connector spaces from `/api/v1/files/spaces`.
- `file_connector_spaces` exists with owner user/group, profile id, library
id, remote path, display label, sync mode, and active state.
- Connector policy is enforced before creating or using a link.
- Linked connector spaces are returned from `/api/v1/files/spaces`.
3. Surface linked spaces in the Files UI.
- Show linked spaces beside managed user/group spaces.
- Add a create/edit linked-space dialog that browses an allowed profile and
selects a remote folder.
- Reuse the existing connector browser/sync flow when a linked space is open.
- Linked spaces appear beside managed user/group spaces.
- The add-space dialog browses an allowed profile and links the current
remote folder/library root.
- The connector browser/sync flow is reused when a linked space is open.
- Remaining: edit/manage actions for existing linked spaces.
4. Add sync orchestration.
- Manual sync selected file is already available.