You have to design an enhanced file-sharing service which can be:
- used to share files upto 10 GB each
- These files can be shared to a selective group of users only
- Each of the selected users can edit the file (i.e. edit some text in the file, delete some text, add some text). This should be communicated to all the users of the file in almost real-time.
There would be millions of instances of this service which will be running.
Can you please tell
-
How will you handle the security related aspects of file sharing?
I mentioned that for each of the shared file we can have an Access control list that consists of a list of users with the kind of permissions they have (i.e either read-only or read-write permission)
However the interviewer mentioned that it is not the correct way to share file and it can have security issues. I am not sure what is the right way to share the files and what can be the security issues with ACL's. -
For the real-time updates to the file where multiple users are simultaneously editing the file, how will all the users be communicated such updates?
I mentioned about web-sockets usage -
How will such updates (i.e. the deltas in file) be communicated to all the users
I mentioned about using something like a 'git diff' kind of approach where each of the file would have chunks and then each chunk would have a hash. For any edit to the file, hashes of some of the blocks would change and only those blocks need to be transmitted to each of the users/only transmit the modified block to the server which then takes care of updating the files at each of the users end -
What strategies can be used to handle conflicting writes
I mentioned about the strategy that last write wins.
Can someone suggest on these answers if they are correct. If they are not correct, then what would be the correct answers/approaches here.