the user and group system is basically finished, the fs needs progress on creating entries

`inner` -> `directory`

package.json

@@ -1,17 +1,16 @@
 {
 	"name": "rhpidfyre.io",
-	"private": true,
 	"version": "0.0.1",
+	"private": true,
 	"type": "module",
+	"devDependencies": {
+		"sass": "^1.89.0",
+		"typescript": "^5.8.3",
+		"vite": "^6.3.5"
+	},
 	"scripts": {
 		"dev": "vite",
 		"build": "tsc && vite build",
 		"preview": "vite preview"
-	},
-	"devDependencies": {
-		"sass": "^1.85.1",
-		"typescript": "^5.8.2",
-		"vite": "^6.2.0",
-		"vite-plugin-html": "^3.2.2"
 	}
 }

src/rt/crypto/generate.ts

@@ -0,0 +1,24 @@
+interface SHA256 {
+	readonly secret: string
+}
+
+class Crypto {
+	protected inner: string
+
+	constructor(inner: string) {
+		this.inner = inner
+	}
+
+	public async sha256_hash(): Promise<SHA256> {
+		const encoder = new TextEncoder()
+		const hash = await crypto.subtle.digest("SHA-256", encoder.encode(this.inner))
+		const hash_as_uint8 = new Uint8Array(hash)
+
+		return { secret: Array.from(hash_as_uint8).map(byte => byte.toString(16).padStart(2, "0")).join("") }
+	}
+}
+
+export default Crypto
+export {
+	type SHA256
+}

src/rt/elements/prompt.ts

@@ -1,6 +1,6 @@
 import { cyan, green } from "../shell/color"
-import { get_working_dir_name } from "../rfwfs/library"
 
+import librfwfs, { username } from "../rfwfs/library"
 import create from "./create"
 
 interface Ps1Prompt {
@@ -43,14 +43,20 @@ function ps1_element(user: HTMLSpanElement, dir: HTMLSpanElement) {
 	return display
 }
 
-function working_dir() {
+function working_dir_name() {
-	const dir_name = get_working_dir_name()
+	const dir = librfwfs.home.dir()
-	return dir_name === "user" ? "~" : dir_name
+	if (dir) {
+		const dir_name = dir.name.read()
+		if (dir_name) {
+			return dir_name === username ? "~" : dir_name
+		}
+	}
+	return "?"
 }
 
 function working_dir_element() {
 	const user = cyan("user")
-	const dir = green(" "+working_dir())
+	const dir = green(" "+working_dir_name())
 	return ps1_element(user, dir)
 }
 

src/rt/fs.ts

@@ -0,0 +1,15 @@
+import rfwfs, { PERMISSION_FLAGS } from "./rfwfs/main"
+
+const time_now = (Date.now()/1000) | 0
+const fs = new rfwfs()
+
+const root = fs.push_bulk_unsafe([
+	rfwfs.directory_in_root({
+		permissions: {wheel: PERMISSION_FLAGS.RWX, users: PERMISSION_FLAGS.NONE},
+		timestamp: time_now,
+		metadata: {},
+		name: "bin"
+	})
+])
+
+export default fs

src/rt/rfwfs/collection.ts

@@ -1,46 +0,0 @@
-import { type Entry } from "./main"
-
-import entry_search from "./index"
-
-type Files<T> = Entry<T>[]
-
-interface EntryCollectionManipulate {
-	pop: <T extends Entry<T>>(file_name: string) => Entry<T> | undefined,
-	get: <T extends Entry<T>>(file_name: string) => Entry<T> | undefined
-	push: <T extends Entry<T>>(entry: Entry<T>) => boolean,
-	sort: () => void,
-}
-interface EntryCollection<T> extends EntryCollectionManipulate {
-	readonly inner: Files<T>
-}
-
-function entry_trait<T extends Entry<T>>() {
-	const trait = {} as EntryCollection<T>
-	trait.sort = function() {
-		this.inner.sort((a,z) => a.name.localeCompare(z.name))
-	}
-	trait.push = function(entry) {
-		const no_duplicates = entry_search(this.inner, entry.name)
-		if (!no_duplicates) {
-			this.push(entry)
-			this.sort()
-			return true
-		}
-		return false
-	}
-	trait.pop = function(file_name) {
-		const file_search = entry_search(this.inner, file_name)
-		if (file_search) {
-			this.inner.splice(file_search.index, 1)
-			return file_search.result
-		}
-		return
-	}
-	return trait
-}
-
-export {
-	entry_trait,
-	type EntryCollection,
-	type Files,
-}

src/rt/rfwfs/groups.ts

@@ -0,0 +1,179 @@
+import { ROOT_ID } from "./main";
+
+import wrap, { type WrapResult } from "./wrap";
+import User from "./users";
+
+type User_Index = [User, number]
+type WrapUserSearch = WrapResult<User_Index | undefined, GroupSearch>
+
+type SysGroupsNames = "wheel" | "users"
+
+const enum SysGroups {
+	Wheel,
+	Users,
+}
+const enum UserMoveStatus {
+	Ok,
+	RootBlocked,
+	MovingNonExistentUser,
+	AlreadyInWheel,
+	AlreadyInUsers,
+}
+const enum GroupRemoveStatus {
+	Ok,
+	RootBlocked,
+	RemovingNonExistentUser,
+}
+const enum GroupSearch {
+	NotFound,
+	WheelResult,
+	UsersResult,
+}
+
+interface Groups {
+	wheel: Group,
+	users: Group,
+	together: () => User[]
+}
+
+class Group {
+	protected inner: User[];
+	private group_type: SysGroups;
+
+	constructor(type: SysGroups) {
+		this.group_type = type
+		this.inner = []
+	}
+
+	public users(): User[] {
+		return [...this.inner]
+	}
+	public type(): SysGroups {
+		return this.group_type
+	}
+	public type_as_name(): SysGroupsNames {
+		return this.type() === SysGroups.Wheel ? "wheel" : "users"
+	}
+
+	public add_user(user: User): boolean {
+		const duplicate = this.inner.find(user_in_group => user_in_group.uname() === user.uname())
+		if (!duplicate) {
+			this.inner.push(user)
+			return true
+		}
+		return false
+	}
+
+	public remove_user(user: User): User | undefined {
+		for (let i = 0; i<this.inner.length; i++) {
+			if (this.inner[i].uname() === user.uname()) {
+				this.inner.splice(i, 1)
+				return this.inner[i]
+			}
+		}
+		return undefined
+	}
+}
+
+const groups: Groups = {
+	wheel: new Group(SysGroups.Wheel),
+	users: new Group(SysGroups.Users),
+	together: function() {
+		return [...this.wheel.users(), ...this.users.users()]
+	}
+}
+
+function wrap_user_search(status: GroupSearch, result?: User_Index): WrapUserSearch {
+	return wrap(result, status)
+}
+
+function group_iter_for_user(uname: string, group_t: Group): User_Index | undefined {
+	const group_t_users = group_t.users()
+	for (let i = 0; i<group_t_users.length; i++) {
+		if (group_t_users[i].uname() === uname) {
+			return [group_t_users[i], i]
+		}
+	}
+	return undefined
+}
+
+function groups_find_user(uname: string): WrapUserSearch {
+	const exist_in_wheel = group_iter_for_user(uname, groups.wheel)
+	if (exist_in_wheel) {
+		return wrap_user_search(GroupSearch.WheelResult, exist_in_wheel)
+	}
+	const exist_in_users = group_iter_for_user(uname, groups.users)
+	if (exist_in_users) {
+		return wrap_user_search(GroupSearch.UsersResult, exist_in_users)
+	}
+	return wrap_user_search(GroupSearch.NotFound)
+}
+
+function group_add(new_user: User, group_t: Group): GroupSearch {
+	const dups = groups_find_user(new_user.uname())
+	if (dups.status === GroupSearch.NotFound) {
+		group_t.add_user(new_user)
+	}
+	return dups.status
+}
+
+function group_remove(uname: string, group_t: Group): GroupRemoveStatus {
+	if (uname !== ROOT_ID.NAME) {
+		const found_user = group_t.users().find(user => user.uname() === uname)
+		if (found_user) {
+			group_t.remove_user(found_user)
+			return GroupRemoveStatus.Ok
+		}
+		return GroupRemoveStatus.RemovingNonExistentUser
+	}
+	return GroupRemoveStatus.RootBlocked
+}
+
+function group_user_move(uname: string, new_group: SysGroups): UserMoveStatus {
+	if (uname === ROOT_ID.NAME) { return UserMoveStatus.RootBlocked }
+
+	const find_in_group = groups_find_user(uname)
+	if (find_in_group.status === GroupSearch.NotFound) { return UserMoveStatus.MovingNonExistentUser }
+
+	if (new_group === SysGroups.Wheel) {
+		if (find_in_group.status === GroupSearch.WheelResult) { return UserMoveStatus.AlreadyInWheel }
+
+		groups.wheel.add_user(groups.users.remove_user((find_in_group.result as User_Index)[0]) as User)
+	} else if (new_group === SysGroups.Users) {
+		if (find_in_group.status === GroupSearch.UsersResult) { return UserMoveStatus.AlreadyInUsers }
+
+		groups.users.add_user(groups.wheel.remove_user((find_in_group.result as User_Index)[0]) as User)
+	}
+	return UserMoveStatus.Ok
+}
+
+function group_wheel_add(new_user: User): GroupSearch {
+	return group_add(new_user, groups.wheel)
+}
+
+function group_wheel_remove(uname: string): GroupRemoveStatus {
+	return group_remove(uname, groups.wheel)
+}
+
+function group_users_add(new_user: User): GroupSearch {
+	return group_add(new_user, groups.users)
+}
+
+function group_users_remove(uname: string): GroupRemoveStatus {
+	return group_remove(uname, groups.users)
+}
+
+export default groups
+export {
+	group_wheel_remove,
+	group_users_remove,
+	groups_find_user,
+	group_wheel_add,
+	group_users_add,
+	group_user_move,
+	type SysGroupsNames,
+	GroupRemoveStatus,
+	GroupSearch,
+	SysGroups,
+	Group,
+}

src/rt/rfwfs/index.ts

@@ -1,23 +1,19 @@
 import { type Entry } from "./main"
-import { type Files } from "./collection"
+import wrap, { WrapResult } from "./wrap"
 
-interface SearchResult<T> {
+function wrap_bsearch<T extends Entry>(index: number, result: T): WrapResult<T, number> {
-	readonly result: T,
+	return wrap(result, index)
-	readonly index: number
-}
-function wrap_result<T>(result: T, index: number): SearchResult<T> {
-	return { result: result, index: index }
 }
 
-export default function entry_search<T>(cloned_file_collection: Files<T>, file_name: string): SearchResult<Entry<T>> | undefined {
+export default function directory_search<T extends Entry>(dir_files: T[], file_name: string): WrapResult<T, number> | undefined {
 	let start = 0
-	let end = cloned_file_collection.length-1
+	let end = dir_files.length-1
 	while (start<=end) {
 		const median = (start+end)>>1
-		const median_name = cloned_file_collection[median].name
+		const median_name = dir_files[median].name.__inner()
 
-		if (median_name == file_name) { //left == right && (T == U) is not necessary
+		if (median_name === file_name) {
-			return wrap_result(cloned_file_collection[median], median)
+			return wrap_bsearch(median, dir_files[median])
 		} else if (median_name<file_name) {
 			start = median+1
 		} else {

src/rt/rfwfs/library.ts

@@ -0,0 +1,60 @@
+import { wrap_entry, type WrapResultEntry } from "./wrap"
+import { ReadStatus } from "./enum/status"
+
+import rfwfs, { type DirectoryAny, type EntryCollection, type DirectoryAnyDepth } from "./main"
+import fs from "../fs"
+
+type Path = string[]
+
+interface Home {
+	path: () => Path,
+	dir: () => DirectoryAny | undefined,
+}
+interface Librfwfs {
+	home: Home,
+	traverse_to: (path: Path) => WrapResultEntry<DirectoryAny, ReadStatus>
+	pwd_entry: <T extends EntryCollection<T>>(working_dir: T) => Path | undefined
+}
+
+let username: string = "user"
+
+const librfwfs = {} as Librfwfs
+
+librfwfs.traverse_to = function(path) {
+	let traverse = fs
+
+	for (const path_name of path) {
+		const find = traverse.inner.find(path_name)
+
+		if (find.status === ReadStatus.Ok) {
+			if (find.result && rfwfs.is_dir(find.result)) {
+				traverse = find.result as DirectoryAnyDepth
+			} else {
+				return wrap_entry(ReadStatus.Denied)
+			}
+		} else {
+			return wrap_entry(find.status)
+		}
+	}
+	return wrap_entry(ReadStatus.Ok, traverse)
+}
+
+librfwfs.pwd_entry = function(working_dir) {
+
+}
+
+librfwfs.home = {} as Home
+
+librfwfs.home.path = function() {
+	return ["home", username]
+}
+
+librfwfs.home.dir = function() {
+	const traverse = librfwfs.traverse_to(this.path())
+	return traverse.status === ReadStatus.Ok ? traverse.result : undefined
+}
+
+export default librfwfs
+export {
+	username
+}

src/rt/rfwfs/main.ts

@@ -1,47 +1,395 @@
-import { type EntryCollection } from "./collection"
+import wrap, { type WrapResult, ConstEnum, Option } from "./wrap"
+import { SysGroups } from "./groups"
+
+import directory_search from "./index"
+import User, { LibUser } from "./users"
 
 const enum EntryType {
+	Root,
+	File,
 	Directory,
-	File
+	Binary,
+	SymLink,
 }
-const enum Permissions {
+const enum PushStatus {
-	r,
+	Ok,
-	w,
+	Duplicate,
-	rw,
+	Denied,
-	none
+}
+const enum ReadStatus {
+	Ok,
+	NotFound,
+	NotInGroup,
+	Denied,
+}
+const enum ModifyStatus {
+	Ok,
+	NotInGroup,
+	Denied,
+}
+const enum ModifyAccessType {
+	Read,
+	Write,
 }
 
-interface Entry<T> {
+const enum ROOT_ID {
-	readonly name: string,
+	TRUNK = "/",
-	readonly type: EntryType,
+	NAME  = "root",
-	readonly inner: T,
+	UID   = 0,
-	readonly timestamp: number,
-	readonly collection?: EntryCollection<T>,
-	readonly permissions: Permissions,
 }
-interface Rfwfs {
+const enum PERMISSION_FLAGS {
-	new_entry: <T extends Entry<T>>(name: string, permissions: Permissions, timestamp: number, inner: T) => Entry<T>,
+	NONE = -1,
-	entry_trait: <T extends Entry<T>>(inner: T) => EntryCollection<T>
+	R    = 1 << 0,
-	new_entry_tree: <T>(files: T) => T,
+	W    = 1 << 1,
+	X    = 1 << 2,
+	RWX  = PERMISSION_FLAGS.R | PERMISSION_FLAGS.W | PERMISSION_FLAGS.X
 }
 
-const rfwfs = {} as Rfwfs
+interface Permissions<W = Gate<PERMISSION_FLAGS>, U = Gate<PERMISSION_FLAGS>> {
+	wheel: W,
+	users: U,
+}
+type GroupPermissionsRoot = Permissions<Gate<PERMISSION_FLAGS>, Gate<PERMISSION_FLAGS.NONE>>
 
-rfwfs.new_entry = function(name, permissions, timestamp, inner) {
+interface Metadata {
-	const file_type = typeof inner == "object" ? EntryType.Directory : EntryType.File
+	[index: string]: string
-	return {
+}
-		name: name,
+
-		type: file_type,
+interface Entry<
-		inner: inner,
+	T extends EntryType = EntryType,
-		timestamp: timestamp ? timestamp : Math.floor(Date.now()/1000),
+	P extends Permissions = Permissions,
-		collection: file_type === EntryType.Directory ? this.entry_trait(inner) : undefined,
+	N = Gate<string>
-		permissions: permissions,
+> {
+	readonly type: T,
+	permissions: P,
+	timestamp: Gate<number>,
+	metadata: Gate<Metadata>,
+	group: Gate<SysGroups>,
+	owner: Gate<User>,
+	name: N,
+}
+
+type Directory<T extends Entry> = DirectoryContainer<RfwfsDirectory<T>>
+
+interface DirectoryContainer<T> extends Entry {
+	files: Gate<Entry[]>,
+	parent: Gate<T> | null,
+}
+
+interface Root extends Entry<EntryType.Root, GroupPermissionsRoot, ROOT_ID.TRUNK> {
+	parent: null,
+	files: Gate<Entry[]>,
+}
+
+interface DirectoryInRoot extends Entry<EntryType.Root, Permissions {
+
+}
+
+interface DirectoryInRootProperties {
+	permissions: Permissions<PERMISSION_FLAGS, PERMISSION_FLAGS.NONE>,
+	timestamp: number,
+	metadata: Metadata,
+	name: string,
+}
+
+/** Other directory types that can be treated as a single arbitrary directory.
+
+Do not cast.
+*/
+type DirectoryAssociates<T extends Entry> = Directory<T> | DirectoryInRoot | Root
+/** Other entry types that can be treated as a single arbitrary entry.
+
+Do not cast.
+*/
+type EntryAssociates = Entry | Root
+
+type WrapResultEntry<T extends Entry, U> = WrapResult<T | undefined, U>
+type WrapResultNone<T>                   = WrapResult<Option.None, T>
+type WrapEntryRead<V>                    = WrapResult<V | undefined, ModifyStatus>
+
+function wrap_entry<T extends ConstEnum, U extends Entry>(status: T, result?: U): WrapResultEntry<U, T> {
+	return wrap(result, status)
+}
+
+function wrap_none<T extends ConstEnum>(status: T): WrapResultNone<T> {
+	return wrap(Option.None, status)
+}
+
+function wrap_entry_read<V>(status: ModifyStatus, result?: V): WrapEntryRead<V> {
+	return wrap(result, status)
+}
+
+function fs_dir_sort<T extends Entry>(dir: DirectoryAssociates<T>) {
+	dir.files.__inner().sort((a,z) => a.name.__inner().localeCompare(z.name.__inner()))
+}
+
+function fs_dir_clone<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
+	const clone_find = directory_search(dir.files.__inner(), file_name)
+	if (clone_find) {
+		return wrap_entry(ReadStatus.Ok, { ...clone_find.result as T })
+	}
+	return wrap_entry(ReadStatus.NotFound)
+}
+
+function fs_dir_find<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
+	const file_search = directory_search(dir.files.__inner(), file_name)
+	if (file_search) {
+		return wrap_entry(ReadStatus.Ok, file_search.result as T)
+	}
+	return wrap_entry(ReadStatus.NotFound)
+}
+
+function fs_dir_push<T extends Entry>(dir: DirectoryAssociates<T>, entry: Entry) {
+	const no_duplicates = directory_search(dir.files.__inner(), entry.name.__inner())
+	if (!no_duplicates) {
+		dir.files.__inner().push(entry)
+		fs_dir_sort(dir)
+		return wrap_none(PushStatus.Ok)
+	}
+	return wrap_none(PushStatus.Duplicate)
+}
+
+function fs_dir_pop<T extends Entry>(dir: DirectoryAssociates<T>, file_name: string): WrapResultEntry<T, ReadStatus> {
+	const pop_find = directory_search(dir.files.__inner(), file_name)
+	if (pop_find) {
+		dir.files.__inner().splice(pop_find.status, 1)
+		return wrap_entry(ReadStatus.Ok, pop_find.result as T)
+	}
+	return wrap_entry(ReadStatus.NotFound)
+}
+
+function user_group_perms(entry: EntryAssociates): PERMISSION_FLAGS | undefined {
+	const user               = LibUser.current_sys_user
+	const current_user_group = user.group()
+
+	if (user.is_root() || current_user_group.type() === entry.group.__inner()) {
+		return entry.permissions[current_user_group.type_as_name()].__inner()
+	}
+	return undefined
+}
+
+function user_group_read_write<T extends Entry>(entry: DirectoryAssociates<T>): ModifyStatus {
+	if (LibUser.current_sys_user.is_root()) {
+		return ModifyStatus.Ok
+	}
+	const group_perms = user_group_perms(entry)
+	if (group_perms) {
+		return LibRfwfs.read_write_access(group_perms) ? ModifyStatus.Ok : ModifyStatus.Denied
+	}
+	return ModifyStatus.NotInGroup
+}
+
+class Gate<V> {
+	private inner: V;
+	protected entry: EntryAssociates;
+
+	constructor(entry: EntryAssociates, value: V) {
+		this.inner = value
+		this.entry = entry
+	}
+
+	private access_read_write(accessType: ModifyAccessType): ModifyStatus {
+		const group_perms = user_group_perms(this.entry)
+		if (group_perms) {
+			switch (accessType) {
+				case ModifyAccessType.Read:
+					return LibRfwfs.read_access(group_perms)  ? ModifyStatus.Ok : ModifyStatus.Denied
+				case ModifyAccessType.Write:
+					return LibRfwfs.write_access(group_perms) ? ModifyStatus.Ok : ModifyStatus.Denied
+			}
+		}
+		return ModifyStatus.NotInGroup
+	}
+
+	public __inner(): V {
+		return this.inner
+	}
+
+	public read(): WrapEntryRead<V> {
+		switch (this.access_read_write(ModifyAccessType.Read)) {
+			case ModifyStatus.Ok:
+				return wrap_entry_read(ModifyStatus.Ok, this.inner)
+			case ModifyStatus.NotInGroup:
+				return wrap_entry_read(ModifyStatus.NotInGroup)
+			case ModifyStatus.Denied:
+				return wrap_entry_read(ModifyStatus.Denied)
 		}
 	}
 
+	public write<T extends V>(new_value: T): ModifyStatus {
+		switch (this.access_read_write(ModifyAccessType.Read)) {
+			case ModifyStatus.Ok:
+				this.inner = new_value
+				return ModifyStatus.Ok
+			case ModifyStatus.NotInGroup:
+				return ModifyStatus.NotInGroup
+			case ModifyStatus.Denied:
+				return ModifyStatus.Denied
+		}
+	}
+}
+
+class RfwfsDirectory<T extends Entry> {
+	public dir: DirectoryAssociates<T>;
+
+	constructor(dir: DirectoryAssociates<T>) {
+		this.dir = dir
+	}
+
+	public sort() {
+		fs_dir_sort(this.dir)
+	}
+
+	public clone(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.dir)) {
+			return fs_dir_clone(this.dir, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public find(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.dir)) {
+			return fs_dir_find(this.dir, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public push<E extends Entry>(entry: E): WrapResultNone<PushStatus> {
+		if (user_group_read_write(this.dir)) {
+			return fs_dir_push(this.dir, entry)
+		}
+		return wrap_none(PushStatus.Denied)
+	}
+
+	public pop(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.dir)) {
+			fs_dir_pop(this.dir, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public push_bulk_unsafe(dirs: T[]) {
+		dirs.forEach(dir => this.dir.files.__inner().push(dir))
+		this.sort()
+	}
+
+	public push_unsafe(dir: T) {
+		this.dir.files.__inner().push(dir)
+		this.sort()
+	}
+}
+
+class LibRfwfs {
+	public static is_root<T extends Entry>(entry: T): boolean {
+		return entry.type === EntryType.Root
+	}
+	public static is_dir<T extends Entry>(entry: T): boolean {
+		return entry.type === EntryType.Directory
+	}
+	public static is_file<T extends Entry>(entry: T): boolean {
+		return entry.type === EntryType.File
+	}
+	public static is_binary<T extends Entry>(entry: T): boolean {
+		return entry.type === EntryType.Binary
+	}
+	public static is_symlink<T extends Entry>(entry: T): boolean {
+		return entry.type === EntryType.SymLink
+	}
+
+	public static read_access(permissions: PERMISSION_FLAGS): boolean {
+		return (permissions & PERMISSION_FLAGS.R) !== 0
+	}
+	public static write_access(permissions: PERMISSION_FLAGS): boolean {
+		return (permissions & PERMISSION_FLAGS.W) !== 0
+	}
+	public static execute_access(permissions: PERMISSION_FLAGS): boolean {
+		return (permissions & PERMISSION_FLAGS.X) !== 0
+	}
+	public static read_write_access(permissions: PERMISSION_FLAGS): boolean {
+		return LibRfwfs.read_access(permissions) && LibRfwfs.write_access(permissions)
+	}
+
+	public static directory_in_root(properties: DirectoryInRootProperties): RfwfsDirectory<DirectoryInRoot> {
+		const dir_o = { type: EntryType.Directory } as DirectoryInRoot
+		dir_o.permissions = {
+			wheel: new Gate(dir_o, properties.permissions.wheel),
+			users: new Gate(dir_o, properties.permissions.users),
+		}
+		dir_o.metadata    = new Gate(dir_o, properties.metadata)
+		dir_o.timestamp   = new Gate(dir_o, properties.timestamp)
+		dir_o.files       = new Gate(dir_o, [])
+		dir_o.name        = new Gate(dir_o, properties.name)
+		dir_o.parent      = null
+		return new RfwfsDirectory(dir_o)
+	}
+}
+
+class Rfwfs extends LibRfwfs {
+	public root: Root;
+
+	constructor() {
+		super()
+		this.root = { type: EntryType.Root } as Root
+		this.root.permissions = {
+			wheel: new Gate(this.root, PERMISSION_FLAGS.RWX),
+			users: new Gate(this.root, PERMISSION_FLAGS.NONE)
+		}
+		this.root.timestamp = new Gate(this.root, (Date.now()/1000) | 0)
+		this.root.parent = null
+		this.root.files = new Gate(this.root, [])
+		this.root.name = ROOT_ID.TRUNK
+	}
+
+	public sort() {
+		fs_dir_sort(this.root)
+	}
+
+	public clone(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.root)) {
+			return fs_dir_clone(this.root, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public find(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.root)) {
+			return fs_dir_find(this.root, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public push<T extends Entry>(entry: T): WrapResultNone<PushStatus> {
+		if (user_group_read_write(this.root)) {
+			return fs_dir_push(this.root, entry)
+		}
+		return wrap_none(PushStatus.Denied)
+	}
+
+	public pop(file_name: string): WrapResultEntry<Entry, ReadStatus> {
+		if (user_group_read_write(this.root)) {
+			fs_dir_pop(this.root, file_name)
+		}
+		return wrap_entry(ReadStatus.Denied)
+	}
+
+	public push_bulk_unsafe(dirs: DirectoryInRoot[]) {
+		dirs.forEach(dir => this.root.files.__inner().push(dir))
+		this.sort()
+	}
+
+	public push_unsafe(dir: DirectoryInRoot) {
+		this.root.files.__inner().push(dir)
+		this.sort()
+	}
+}
+
+export default Rfwfs
 export {
-	EntryType,
+	type DirectoryInRoot,
-	Permissions,
+	type RfwfsDirectory,
-	type EntryCollection,
+	type Directory,
 	type Entry,
+	PERMISSION_FLAGS,
+	EntryType,
+	ROOT_ID,
 }

src/rt/rfwfs/users.ts

@@ -0,0 +1,182 @@
+import { ROOT_ID } from "./main";
+
+import Crypto, { type SHA256 } from "../crypto/generate";
+import groups, { groups_find_user, GroupSearch, SysGroups, Group } from "./groups";
+
+const enum UserSet {
+	Ok,
+	AlreadyLoggedIn,
+	UserDoesNotExist,
+}
+const enum PasswordCheckStatus {
+	Ok,
+	MinBound,
+	MaxBound,
+}
+const enum PasswordSetStatus {
+	Ok,
+	RootRequiresPassword,
+	MinBound,
+	MaxBound,
+	Incorrect,
+}
+const enum SetUnameStatus {
+	Ok,
+	CantChangeRootName,
+	NotFound,
+	WheelResult,
+	UsersResult,
+}
+
+const enum PASS_BOUNDS {
+	MIN = 4,
+	MAX = 1 << 12, //64 ^ 2
+}
+
+let uid_count: number = 0
+
+class LibUser {
+	public static current_sys_user: User;
+
+	public static get_sys_user(): User {
+		return groups.together().find(user => user.is_logged_in()) as User
+	}
+
+	public static set_sys_user(uname: string): UserSet {
+		const found_user    = groups_find_user(uname)
+		const result_user_i = found_user.result
+		if (!result_user_i)                  { return UserSet.UserDoesNotExist }
+		if (result_user_i[0].is_logged_in()) { return UserSet.AlreadyLoggedIn }
+
+		LibUser.current_sys_user = result_user_i[0]
+		return UserSet.Ok
+	}
+
+	public static in_password_bounds(password: string): PasswordCheckStatus {
+		//Math.min(Math.max(PASS_BOUNDS.MIN, password.length), PASS_BOUNDS.MAX) < PASS_BOUNDS.MAX
+		if (password.length > PASS_BOUNDS.MIN) {
+			if (password.length < PASS_BOUNDS.MAX) {
+				return PasswordCheckStatus.Ok
+			}
+			return PasswordCheckStatus.MaxBound
+		}
+		return PasswordCheckStatus.MinBound
+	}
+}
+
+class User {
+	private inner_password?: SHA256;
+	private inner_group: Group;
+	private inner_name: string;
+	private inner_uid: number;
+	private current: boolean;
+
+	constructor(name: string, group: Group, password?: SHA256) {
+		const root_creation = name === ROOT_ID.NAME
+		if (root_creation) {
+			this.inner_uid = 0
+			this.inner_group = group
+		} else {
+			uid_count += 1
+			this.inner_uid = uid_count
+			this.inner_group = group
+		}
+
+		this.inner_name = name
+		this.current = root_creation
+		this.inner_password = password
+	}
+
+	private set_as_current(): boolean {
+		LibUser.get_sys_user().current = false
+		LibUser.current_sys_user = this
+		this.current = true
+		return this.current
+	}
+
+	public is_logged_in(): boolean {
+		return this.current
+	}
+	public in_wheel(): boolean {
+		return this.inner_group.type() === SysGroups.Wheel
+	}
+	public password(): SHA256 | undefined {
+		return this.inner_password
+	}
+	public is_root(): boolean {
+		return this.inner_name === ROOT_ID.NAME && this.inner_uid === ROOT_ID.UID
+	}
+	public group(): Group {
+		return this.inner_group
+	}
+	public uname(): string {
+		return this.inner_name
+	}
+	public uid(): number {
+		return this.inner_uid
+	}
+
+	public async check_password(password?: string): Promise<boolean> {
+		if (!(password && this.inner_password) || (await new Crypto(password).sha256_hash()).secret === this.inner_password.secret) {
+			return true
+		}
+		return false
+	}
+
+	public async login(password?: string): Promise<boolean> {
+		if (!this.inner_password || (password && await this.check_password(password))) {
+			return this.set_as_current()
+		}
+		return false
+	}
+
+	public set_uname(new_uname: string): SetUnameStatus {
+		if (this.is_root()) { return SetUnameStatus.CantChangeRootName }
+
+		const search = groups_find_user(new_uname)
+		switch (search.status) {
+			case GroupSearch.NotFound:
+				this.inner_name = new_uname
+				break
+			case GroupSearch.UsersResult:
+				return SetUnameStatus.UsersResult
+			case GroupSearch.WheelResult:
+				return SetUnameStatus.WheelResult
+		}
+		return SetUnameStatus.Ok
+	}
+
+	public async set_password(current_password: string, new_password?: string): Promise<PasswordSetStatus> {
+		if (await this.check_password(current_password)) {
+			if (new_password) {
+				switch (LibUser.in_password_bounds(new_password)) {
+					case PasswordCheckStatus.Ok:
+						this.inner_password = await new Crypto(new_password).sha256_hash()
+						break
+					case PasswordCheckStatus.MinBound:
+						return PasswordSetStatus.MinBound
+					case PasswordCheckStatus.MaxBound:
+						return PasswordSetStatus.MaxBound
+				}
+			} else {
+				if (this.is_root()) { return PasswordSetStatus.RootRequiresPassword }
+				//This user has no password
+				this.inner_password = undefined
+			}
+			return PasswordSetStatus.Ok
+		}
+		return PasswordSetStatus.Incorrect
+	}
+}
+
+groups.wheel.add_user(
+	new User(ROOT_ID.NAME, groups.wheel, { secret: "90a956efae97cca5ec584977d96a236aa76b0a07def9fcafab87fd221a1d2cfe" })
+)
+groups.users.add_user(
+	new User("user", groups.users)
+)
+
+export default User
+export {
+	LibUser
+}

src/rt/rfwfs/wrap.ts

@@ -0,0 +1,24 @@
+const enum Option {
+	None,
+	Some,
+}
+
+type ConstEnum = number
+
+interface WrapResult<T, U> {
+	/** The resulting value if `U` is a success status */
+	readonly result: T,
+	/** Represents some arbitrary extra value, usually a status */
+	readonly status: U,
+}
+
+function wrap<T, U>(result: T, some: U): WrapResult<T, U> {
+	return { result: result, status: some }
+}
+
+export default wrap
+export {
+	type WrapResult,
+	type ConstEnum,
+	Option,
+}

src/rt/shell/command/builtin/cd.ts

@@ -1,10 +1,11 @@
-import { set_working_dir, SetDirStatus } from "../../../rfwfs/library"
+import { ReadStatus } from "../../../rfwfs/enum"
 import type { Args, Term } from "../list"
 
+import lib from "../../../rfwfs/library"
 import stdout from "../../../elements/stdout"
 
 export default function cd(term: Term, args: Args): boolean {
-	const new_dir_status = set_working_dir(args[1])
+	const new_dir_status = lib.traverse_to(args)
 
 	if (new_dir_status === SetDirStatus.NotADirectory) {
 		term.appendChild(stdout(`cd: "${args[1]}" is not a directory`))

tsconfig.json

@@ -16,6 +16,7 @@
     /* Linting */
     "strict": true,
     "noUnusedLocals": true,
+    "noUnusedParameters": true,
     "noFallthroughCasesInSwitch": true,
     "noUncheckedSideEffectImports": true,
     "noImplicitAny": true,

vite.config.js

@@ -1,10 +1,6 @@
 import { defineConfig } from 'vite'
-import { createHtmlPlugin } from 'vite-plugin-html'
 
 export default defineConfig({
-	plugins: [
-		createHtmlPlugin({minify: true}),
-	],
 	root: "src",
 	build: {
 		outDir: "../dist"