VFS/DataProvider/Config refactoring + SSH public key authentication

Phase 1-6 of refactoring plan: - VFS abstraction (VfsBackend trait + LocalFs + OpenFlags builder) - DataProvider trait (SqliteProvider + PgProvider, SFTPGo-compatible) - Config refactoring (AppConfig unified sections, env overrides) - SSH handlers (sftp/scp/rsync) migrated to VFS + DataProvider - SSH public key authentication (Ed25519 signature verification) - SSH stderr → CHANNEL_EXTENDED_DATA support - Web auth uses DataProvider instead of direct SQL - User home directory from provider (per-user isolation) - PostgreSQL auth provider for SFTPGo compatibility
2026-06-18 23:35:18 +08:00
parent 83fb0de78a
commit f90e4f496c
25 changed files with 2039 additions and 612 deletions
--- a/markbase-core/src/vfs/open_flags.rs
+++ b/markbase-core/src/vfs/open_flags.rs
@@ -0,0 +1,75 @@
+/// 文件打开标志（映射 SSH_FXF_* 和 POSIX open flags）
+#[derive(Debug, Clone, Default)]
+pub struct OpenFlags {
+    pub read: bool,
+    pub write: bool,
+    pub append: bool,
+    pub create: bool,
+    pub truncate: bool,
+    pub exclusive: bool,
+    pub mode: u32,
+}
+
+impl OpenFlags {
+    pub fn new() -> Self {
+        Self::default()
+    }
+
+    pub fn read(mut self) -> Self {
+        self.read = true;
+        self
+    }
+
+    pub fn write(mut self) -> Self {
+        self.write = true;
+        self
+    }
+
+    pub fn append(mut self) -> Self {
+        self.append = true;
+        self.write = true;
+        self
+    }
+
+    pub fn create(mut self) -> Self {
+        self.create = true;
+        self.write = true;
+        self
+    }
+
+    pub fn truncate(mut self) -> Self {
+        self.truncate = true;
+        self.write = true;
+        self
+    }
+
+    pub fn exclusive(mut self) -> Self {
+        self.exclusive = true;
+        self
+    }
+
+    pub fn mode(mut self, mode: u32) -> Self {
+        self.mode = mode;
+        self
+    }
+
+    /// 从 SFTP 的 pflags（SSH_FXF_*）构建 OpenFlags
+    pub fn from_sftp_pflags(pflags: u32) -> Self {
+        let read = pflags & 0x00000001 != 0;
+        let write = pflags & 0x00000002 != 0;
+        let append = pflags & 0x00000004 != 0;
+        let create = pflags & 0x00000008 != 0;
+        let truncate = pflags & 0x00000010 != 0;
+        let exclusive = pflags & 0x00000020 != 0;
+
+        Self {
+            read,
+            write,
+            append,
+            create,
+            truncate,
+            exclusive,
+            mode: 0o644,
+        }
+    }
+}