init import

pkg/accntcli/client.go

@@ -0,0 +1,131 @@
+package accntcli
+
+import (
+	"crypto/tls"
+	"encoding/base64"
+	"net/http"
+)
+
+type Client struct {
+	httpClient *http.Client
+	userAgent  string
+}
+
+func NewClient(transport http.RoundTripper, mwFuncs ...MiddlewareFunc) *Client {
+	if transport == nil {
+		transport = NewDefaultTransport()
+	}
+	for _, mwFunc := range mwFuncs {
+		transport = mwFunc(transport)
+	}
+	httpClient := &http.Client{
+		Transport: transport,
+	}
+
+	return &Client{
+		httpClient: httpClient,
+		userAgent:  "ociClient/1.0",
+	}
+}
+
+func (cli *Client) SetTransport(transport http.RoundTripper) {
+	cli.httpClient.Transport = transport
+}
+
+type MiddlewareFunc func(next http.RoundTripper) http.RoundTripper
+
+func (cli *Client) UseMiddleware(mwFunc MiddlewareFunc) {
+	cli.httpClient.Transport = mwFunc(cli.httpClient.Transport)
+}
+
+// BasicAuthMiddleware
+func NewBasicAuthMiddleware(user, pass string) MiddlewareFunc {
+	return func(next http.RoundTripper) http.RoundTripper {
+		return newBasicAuthMW(next, user, pass)
+	}
+}
+
+type BasicAuthMW struct {
+	user, pass string
+	next       http.RoundTripper
+}
+
+func newBasicAuthMW(next http.RoundTripper, user, pass string) *BasicAuthMW {
+	return &BasicAuthMW{
+		user: user,
+		pass: pass,
+		next: next,
+	}
+}
+
+func (tran BasicAuthMW) RoundTrip(req *http.Request) (*http.Response, error) {
+	if tran.user != "" && tran.pass != "" {
+		pair := base64.StdEncoding.EncodeToString([]byte(tran.user + ":" + tran.pass))
+		req.Header.Set("Authorization", "Basic "+pair)
+	}
+	return tran.next.RoundTrip(req)
+}
+
+// BearerAuthMiddleware
+func NewBearerAuthMiddleware(token string) MiddlewareFunc {
+	return func(next http.RoundTripper) http.RoundTripper {
+		return newBearerAuthMW(next, token)
+	}
+}
+
+type BearerAuthMW struct {
+	token string
+	next  http.RoundTripper
+}
+
+func newBearerAuthMW(next http.RoundTripper, token string) *BearerAuthMW {
+	return &BearerAuthMW{
+		token: token,
+		next:  next,
+	}
+}
+
+func (tran BearerAuthMW) RoundTrip(req *http.Request) (*http.Response, error) {
+	req.Header.Set("Authorization", "Bearer "+tran.token)
+	return tran.next.RoundTrip(req)
+}
+
+// DefaultTransport
+type DefaultTransport struct {
+	transport http.RoundTripper
+}
+
+func NewDefaultTransport() *DefaultTransport {
+	return &DefaultTransport{
+		transport: &http.Transport{
+			TLSClientConfig: &tls.Config{
+				InsecureSkipVerify: true,
+			},
+		},
+	}
+}
+
+func (wrap *DefaultTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	return wrap.transport.RoundTrip(req)
+}
+
+// ExampleMiddleware
+func NewExampleMiddleware() MiddlewareFunc {
+	return func(next http.RoundTripper) http.RoundTripper {
+		return newExampleTransport(next)
+	}
+}
+
+type ExampleTransport struct {
+	next http.RoundTripper
+}
+
+func newExampleTransport(next http.RoundTripper) *ExampleTransport {
+	return &ExampleTransport{
+		next: next,
+	}
+}
+
+func (tran ExampleTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	return tran.next.RoundTrip(req)
+}

pkg/accntcli/createacc.go

@@ -0,0 +1,38 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) CreateAccount(ctx context.Context, host, user, pass string) (string, error) {
+	var err error
+	var res string
+	params := accoper.CreateAccountParams{
+		Username: user,
+		Password: pass,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "account", "create", reqdata)
+	if err != nil {
+		return res, err
+	}
+	response := handler.NewResponse[accoper.CreateAccountResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.AccountID
+	return res, err
+}

pkg/accntcli/creategrant.go

@@ -0,0 +1,71 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) CreateGrantByAccountID(ctx context.Context, host string, accountID, right, pattern string) (string, error) {
+	var err error
+	var res string
+
+	params := accoper.CreateGrantParams{
+		AccountID: accountID,
+		Right:     right,
+		Pattern:   pattern,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grant", "create", reqdata)
+	if err != nil {
+		return res, err
+	}
+
+	response := handler.NewResponse[accoper.CreateGrantResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.GrantID
+	return res, err
+}
+
+func (cli *Client) CreateGrantByUsername(ctx context.Context, host, username string, right string, pattern string) (string, error) {
+	var err error
+	var res string
+	params := accoper.CreateGrantParams{
+		Username: username,
+		Right:    right,
+		Pattern:  pattern,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grant", "create", reqdata)
+	if err != nil {
+		return res, err
+	}
+
+	response := handler.NewResponse[accoper.CreateGrantResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.GrantID
+	return res, err
+}

pkg/accntcli/delacc.go

@@ -0,0 +1,62 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) DeleteAccountByName(ctx context.Context, host, username string) error {
+	var err error
+
+	params := accoper.DeleteAccountParams{
+		Username: username,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "delete", reqdata)
+	if err != nil {
+		return err
+	}
+	response := handler.NewResponse[accoper.DeleteAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}
+
+func (cli *Client) DeleteAccountByID(ctx context.Context, host, accountID string) error {
+	var err error
+
+	params := accoper.DeleteAccountParams{
+		AccountID: accountID,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "delete", reqdata)
+	if err != nil {
+		return err
+	}
+	response := handler.NewResponse[accoper.DeleteAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}

pkg/accntcli/delgrant.go

@@ -0,0 +1,36 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) DeleteGrant(ctx context.Context, host, grantID string) error {
+	var err error
+	params := accoper.DeleteGrantParams{
+		GrantID: grantID,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grant", "delete", reqdata)
+	if err != nil {
+		return err
+	}
+
+	response := handler.NewResponse[accoper.DeleteGrantResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}

pkg/accntcli/getacc.go

@@ -0,0 +1,67 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+	"mbase/pkg/descr"
+)
+
+func (cli *Client) GetAccountByName(ctx context.Context, host, username string) (*descr.AccountShort, error) {
+	var err error
+	res := &descr.AccountShort{}
+	params := accoper.GetAccountParams{
+		Username: username,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "get", reqdata)
+	if err != nil {
+		return res, err
+	}
+	response := handler.NewResponse[accoper.GetAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Account
+	return res, err
+}
+
+func (cli *Client) GetAccountByID(ctx context.Context, host, accountID string) (*descr.AccountShort, error) {
+	var err error
+	res := &descr.AccountShort{}
+
+	params := accoper.GetAccountParams{
+		AccountID: accountID,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "get", reqdata)
+	if err != nil {
+		return res, err
+	}
+
+	response := handler.NewResponse[accoper.GetAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Account
+	return res, err
+}

pkg/accntcli/getgrant.go

@@ -0,0 +1,39 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+	"mbase/pkg/descr"
+)
+
+func (cli *Client) GetGrant(ctx context.Context, host, grantID string) (*descr.Grant, error) {
+	var err error
+	res := &descr.Grant{}
+	params := accoper.GetGrantParams{
+		GrantID: grantID,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grant", "get", reqdata)
+	if err != nil {
+		return res, err
+	}
+
+	response := handler.NewResponse[accoper.GetGrantResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Grant
+	return res, err
+}

pkg/accntcli/httpcall.go

@@ -0,0 +1,56 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package accntcli
+
+import (
+	"bytes"
+	"context"
+	"fmt"
+	"io"
+	"net/http"
+	"strconv"
+)
+
+func (cli *Client) doHTTPCall(ctx context.Context, host, obj, oper string, req []byte) ([]byte, error) {
+	var err error
+	var res []byte
+
+	reader := bytes.NewReader(req)
+	ref, err := NewReferer(host, obj, oper)
+	if err != nil {
+		return res, err
+	}
+	httpReq, err := http.NewRequestWithContext(ctx, http.MethodPost, ref.Point(), reader)
+	if err != nil {
+		return res, err
+	}
+	httpReq.Header.Set("User-Agent", cli.userAgent)
+	httpReq.Header.Set("Accept", "*/*")
+	httpResp, err := cli.httpClient.Do(httpReq)
+	if err != nil {
+		return res, err
+	}
+	defer httpResp.Body.Close()
+	if httpResp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Unexpected response code: %s", httpResp.Status)
+		return res, err
+	}
+	contentLength := httpResp.Header.Get("Content-Length")
+	if contentLength == "" {
+		err := fmt.Errorf("Content-Length header is missing")
+		return res, err
+	}
+	blobSize, err := strconv.ParseInt(contentLength, 10, 64)
+	if err != nil {
+		return res, err
+	}
+	buffer := bytes.NewBuffer(nil)
+	recSize, err := io.Copy(buffer, httpResp.Body)
+	if blobSize != recSize {
+		err := fmt.Errorf("Mismatch declared and actual body size, %d and %d", blobSize, recSize)
+		return res, err
+	}
+	res = buffer.Bytes()
+	return res, err
+}

pkg/accntcli/listacc.go

@@ -0,0 +1,37 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+	"mbase/pkg/descr"
+)
+
+func (cli *Client) ListAccounts(ctx context.Context, host string) ([]descr.AccountShort, error) {
+	var err error
+	res := make([]descr.AccountShort, 0)
+
+	params := accoper.ListAccountsParams{}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "accounts", "list", reqdata)
+	if err != nil {
+		return res, err
+	}
+	response := handler.NewResponse[accoper.ListAccountsResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Accounts
+	return res, err
+}

pkg/accntcli/listgrants.go

@@ -0,0 +1,66 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+	"mbase/pkg/descr"
+)
+
+func (cli *Client) ListGrantsByUsername(ctx context.Context, host, username string) ([]descr.Grant, error) {
+	var err error
+	res := make([]descr.Grant, 0)
+	params := accoper.ListGrantsParams{
+		Username: username,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grants", "list", reqdata)
+	if err != nil {
+		return res, err
+	}
+
+	response := handler.NewResponse[accoper.ListGrantsResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Grants
+	return res, err
+}
+
+func (cli *Client) ListGrantsByAccountID(ctx context.Context, host, accountID string) ([]descr.Grant, error) {
+	var err error
+	res := make([]descr.Grant, 0)
+	params := accoper.ListGrantsParams{
+		AccountID: accountID,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grants", "list", reqdata)
+	if err != nil {
+		return res, err
+	}
+	response := handler.NewResponse[accoper.ListGrantsResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Grants
+	return res, err
+}

pkg/accntcli/referer.go

@@ -0,0 +1,77 @@
+package accntcli
+
+import (
+	"net/url"
+	"path"
+	"strings"
+)
+
+type Referer struct {
+	urlobj     *url.URL
+	user, pass string
+	obj, oper  string
+}
+
+func NewReferer(hostname, object, operation string) (*Referer, error) {
+	ref := &Referer{
+		obj:  object,
+		oper: operation,
+	}
+	if !strings.Contains(hostname, "://") {
+		hostname = "https://" + hostname
+	}
+	urlobj, err := url.Parse(hostname)
+	if err != nil {
+		return ref, err
+	}
+	if urlobj.User != nil {
+		ref.user = urlobj.User.Username()
+		ref.pass, _ = urlobj.User.Password()
+		urlobj.User = nil
+	}
+	urlobj.Path = "/"
+	ref.urlobj = urlobj
+	return ref, err
+}
+
+func ParseHostinfo(hostname string) (*Referer, error) {
+	ref := &Referer{}
+	if !strings.Contains(hostname, "://") {
+		hostname = "https://" + hostname
+	}
+	urlobj, err := url.Parse(hostname)
+	if err != nil {
+		return ref, err
+	}
+	if urlobj.User != nil {
+		ref.user = urlobj.User.Username()
+		ref.pass, _ = urlobj.User.Password()
+		urlobj.User = nil
+	}
+	urlobj.Path = "/"
+	ref.urlobj = urlobj
+	return ref, err
+}
+
+func (ref *Referer) Host() string {
+	return ref.urlobj.Host
+}
+
+func (ref *Referer) Raw() string {
+	return path.Join(ref.urlobj.Host, "/v3/api/", ref.obj, ref.oper)
+}
+
+func (ref *Referer) Point() string {
+	curl := ref.urlobj.JoinPath("/v3/api/", ref.obj, ref.oper)
+	return curl.String()
+}
+
+func (ref *Referer) Userinfo() (string, string) {
+	return ref.user, ref.pass
+}
+
+func (ref *Referer) SetUserinfo(user, pass string) {
+	if user != "" && pass != "" {
+		ref.user, ref.pass = user, pass
+	}
+}

pkg/accntcli/servhello.go

@@ -0,0 +1,36 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/handler"
+	"mbase/app/servoper"
+)
+
+func (cli *Client) ServiceHello(ctx context.Context, host string) (bool, error) {
+	var res bool
+	var err error
+
+	params := servoper.SendHelloParams{}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return res, err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "service", "hello", reqdata)
+	if err != nil {
+		return res, err
+	}
+	response := handler.Response[servoper.SendHelloResult]{}
+	err = json.Unmarshal(resdata, &response)
+	if err != nil {
+		return res, err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return res, err
+	}
+	res = response.Result.Alive
+	return res, err
+}

pkg/accntcli/updateacc.go

@@ -0,0 +1,64 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) UpdateAccountByName(ctx context.Context, host, username, newUsername, newPassword string) error {
+	var err error
+	params := accoper.UpdateAccountParams{
+		Username:    username,
+		NewUsername: newUsername,
+		NewPassword: newPassword,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "update", reqdata)
+	if err != nil {
+		return err
+	}
+	response := handler.NewResponse[accoper.UpdateAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}
+
+func (cli *Client) UpdateAccountByID(ctx context.Context, host string, accountID, newUsername, newPassword string) error {
+	var err error
+	params := accoper.UpdateAccountParams{
+		AccountID:   accountID,
+		NewUsername: newUsername,
+		NewPassword: newPassword,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	resdata, err := cli.doHTTPCall(ctx, host, "account", "update", reqdata)
+	if err != nil {
+		return err
+	}
+	response := handler.NewResponse[accoper.UpdateAccountResult]()
+	err = json.Unmarshal(resdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}

pkg/accntcli/updgrant.go

@@ -0,0 +1,36 @@
+package accntcli
+
+import (
+	"context"
+	"encoding/json"
+	"errors"
+
+	"mbase/app/accoper"
+	"mbase/app/handler"
+)
+
+func (cli *Client) UpdateGrant(ctx context.Context, host, grantID, newPattern string) error {
+	var err error
+	params := accoper.UpdateGrantParams{
+		GrantID:    grantID,
+		NewPattern: newPattern,
+	}
+	reqdata, err := json.Marshal(params)
+	if err != nil {
+		return err
+	}
+	respdata, err := cli.doHTTPCall(ctx, host, "grant", "update", reqdata)
+	if err != nil {
+		return err
+	}
+	response := handler.NewResponse[accoper.UpdateGrantResult]()
+	err = json.Unmarshal(respdata, response)
+	if err != nil {
+		return err
+	}
+	if response.Error {
+		err = errors.New(response.Message)
+		return err
+	}
+	return err
+}

pkg/auxhttp/basic.go

@@ -0,0 +1,52 @@
+/*
+  * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ *
+*/
+
+package auxhttp
+
+import (
+	"encoding/base64"
+	"fmt"
+	"strings"
+)
+
+func EncodeBasicAuth(username, password string) string {
+	auth := username + ":" + password
+	return "Basic " + base64.StdEncoding.EncodeToString([]byte(auth))
+}
+
+func ParseBasicAuth(basicFields string) (string, string, error) {
+	var err error
+	var username string
+	var password string
+	if basicFields == "" {
+		err := fmt.Errorf("Empty auth field")
+		return username, password, err
+	}
+	authFields := strings.SplitN(basicFields, " ", 2)
+	if len(authFields) < 2 {
+		err = fmt.Errorf("Cannot split auth field: %s", basicFields)
+		return username, password, err
+	}
+	authType := strings.TrimSpace(authFields[0])
+	if strings.ToLower(authType) != strings.ToLower("Basic") {
+		err = fmt.Errorf("Not basic auth type")
+		return username, password, err
+	}
+	authPairEncoded := authFields[1]
+	pairEncoded, err := base64.StdEncoding.DecodeString(authPairEncoded)
+	if err != nil {
+		err = fmt.Errorf("Cannon decode auth pair")
+		return username, password, err
+	}
+	authPair := strings.SplitN(string(pairEncoded), ":", 2)
+	if len(authPair) != 2 {
+		err = fmt.Errorf("Wrong auth pair")
+		return username, password, err
+	}
+	username = authPair[0]
+	password = authPair[1]
+	return username, password, err
+}

pkg/auxhttp/crange.go

@@ -0,0 +1,93 @@
+/*
+  * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ *
+*/
+
+package auxhttp
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+)
+
+func ParseOCIContentRange(ref string) (int64, int64, error) {
+	var start, end int64
+	var err error
+
+	startstop := strings.TrimSpace(ref)
+	tmp := strings.SplitN(startstop, "-", 2)
+	if len(tmp) != 2 {
+		err = fmt.Errorf("Wrong Content-Range definition, strange range def %v", startstop)
+		return start, end, err
+	}
+	startstr := tmp[0]
+	endstr := tmp[1]
+
+	start, err = strconv.ParseInt(startstr, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Range definition, strange start %s", startstr)
+		return start, end, err
+	}
+	end, err = strconv.ParseInt(endstr, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Range definition, strange end %s", endstr)
+		return start, end, err
+	}
+	return start, end, err
+}
+
+func ParseContentRange(ref string) (int64, int64, int64, error) {
+	var start, end, total int64
+	var err error
+
+	const bytesUnit = "bytes"
+
+	tmp := strings.SplitN(ref, " ", 2)
+	if len(tmp) != 2 {
+		err := fmt.Errorf("Wrong Content-Range definition, len is only %d", len(tmp))
+		return start, end, total, err
+	}
+	unit := strings.ToLower(tmp[0])
+	if unit != bytesUnit {
+		err = fmt.Errorf("Wrong Content-Range definition, strange length def %s", unit)
+		return start, end, total, err
+	}
+	ranger := strings.TrimSpace(tmp[1])
+
+	tmp = strings.Split(ranger, "/")
+	if len(tmp) != 2 {
+		err = fmt.Errorf("Wrong Content-Range definition, dont found total")
+		return start, end, total, err
+	}
+	totalstr := tmp[1]
+	if totalstr == "*" {
+		total = 0
+	} else {
+		total, err = strconv.ParseInt(totalstr, 10, 64)
+		if err != nil {
+			return start, end, total, err
+		}
+	}
+	startstop := tmp[0]
+	tmp = strings.SplitN(startstop, "-", 2)
+	if len(tmp) != 2 {
+		err = fmt.Errorf("Wrong Content-Range definition, strange range def %v", startstop)
+		return start, end, total, err
+	}
+	startstr := tmp[0]
+	endstr := tmp[1]
+
+	start, err = strconv.ParseInt(startstr, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Range definition, strange start %s", startstr)
+		return start, end, total, err
+	}
+	end, err = strconv.ParseInt(endstr, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Range definition, strange end %s", endstr)
+		return start, end, total, err
+	}
+	return start, end, total, err
+}

pkg/auxpwd/passwd.go

@@ -0,0 +1,107 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxpwd
+
+import (
+	"crypto/sha256"
+	"crypto/sha512"
+	"encoding/hex"
+	"fmt"
+	"math/rand"
+	"strings"
+	"time"
+)
+
+var rnd *rand.Rand
+
+const (
+	sha256Prefix = "sha256pwd"
+	sha512Prefix = "sha512pwd"
+	saltSize     = 16
+)
+
+func init() {
+	src := rand.NewSource(time.Now().UnixNano())
+	rnd = rand.New(src)
+}
+
+func MakeSHA256Hash(passwd []byte) string {
+	var res string
+	salt := hex.EncodeToString(randomBytes(saltSize))
+	passwdString := hex.EncodeToString(passwd)
+	passwdString = fmt.Sprintf("%s%s", passwdString, salt)
+
+	hasher := sha256.New()
+	hasher.Write([]byte(passwdString))
+	checksum := hex.EncodeToString(hasher.Sum(nil))
+
+	res = fmt.Sprintf("%s:%s:%s", sha256Prefix, salt, checksum)
+	return res
+}
+
+func MakeSHA512Hash(passwd []byte) string {
+	var res string
+	salt := hex.EncodeToString(randomBytes(saltSize))
+	passwdString := hex.EncodeToString(passwd)
+	passwdString = fmt.Sprintf("%s%s", passwdString, salt)
+
+	hasher := sha512.New()
+	hasher.Write([]byte(passwdString))
+	checksum := hex.EncodeToString(hasher.Sum(nil))
+
+	res = fmt.Sprintf("%s:%s:%s", sha512Prefix, salt, checksum)
+	return res
+}
+
+func PasswordMatch(passwd []byte, hash string) bool {
+	hashComponents := strings.Split(hash, ":")
+	if len(hashComponents) != 3 {
+		return false
+	}
+	method := hashComponents[0]
+	salt := hashComponents[1]
+	controlChecksum := hashComponents[2]
+
+	switch method {
+	case sha256Prefix:
+		passwdString := hex.EncodeToString(passwd)
+		passwdString = fmt.Sprintf("%s%s", passwdString, salt)
+		hasher := sha256.New()
+		hasher.Write([]byte(passwdString))
+		checksum := hex.EncodeToString(hasher.Sum(nil))
+		if checksum != controlChecksum {
+			return false
+		}
+	case sha512Prefix:
+		passwdString := hex.EncodeToString(passwd)
+		passwdString = fmt.Sprintf("%s%s", passwdString, salt)
+		hasher := sha512.New()
+		hasher.Write([]byte(passwdString))
+		checksum := hex.EncodeToString(hasher.Sum(nil))
+		if checksum != controlChecksum {
+			return false
+		}
+	default:
+		return false
+	}
+	return true
+}
+
+func randomString(n int) string {
+	const letters = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	arr := make([]byte, n)
+	lettersArrayLen := len(letters)
+	for i := range arr {
+		arr[i] = letters[rnd.Intn(lettersArrayLen)]
+	}
+	return string(arr)
+}
+
+func randomBytes(n int) []byte {
+	arr := make([]byte, n)
+	for i := range arr {
+		arr[i] = byte(rnd.Intn(256) & 0xFF)
+	}
+	return arr
+}

pkg/auxpwd/passwd_test.go

@@ -0,0 +1,43 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxpwd
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestPasswd256(t *testing.T) {
+	password := []byte("123456789")
+	wrongPasswd := []byte("qwerty")
+
+	hash := MakeSHA256Hash(password)
+	fmt.Printf("%s\n", hash)
+	{
+		match := PasswordMatch(password, hash)
+		require.Equal(t, true, match)
+	}
+	{
+		match := PasswordMatch(wrongPasswd, hash)
+		require.NotEqual(t, true, match)
+	}
+}
+
+func TestPasswd512(t *testing.T) {
+	password := []byte("123456781")
+	wrongPasswd := []byte("qwerty")
+
+	hash := MakeSHA512Hash(password)
+	fmt.Printf("%s\n", hash)
+	{
+		match := PasswordMatch(password, hash)
+		require.Equal(t, true, match)
+	}
+	{
+		match := PasswordMatch(wrongPasswd, hash)
+		require.NotEqual(t, true, match)
+	}
+}

pkg/auxtool/cleandir.go

@@ -0,0 +1,37 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxtool
+
+import (
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+// Clean only overbase elements of dir path if possible
+func CleanDirs(basedir, datadir string) {
+	separator := string(os.PathSeparator)
+
+	basedir = filepath.Clean(separator + basedir)
+	datadir = filepath.Clean(separator + datadir)
+
+	items := strings.Split(datadir, separator)
+	for i := len(items); i > 0; i-- {
+		p := filepath.Join(items[0:i]...)
+		p = filepath.Clean(separator + p)
+		if p == basedir {
+			break
+		}
+		fileInfo, err := os.Stat(p)
+		if err != nil {
+			return
+		}
+		if fileInfo.IsDir() {
+			err = os.Remove(p)
+			if err != nil {
+				return
+			}
+		}
+	}
+}

pkg/auxtool/fileex.go

@@ -0,0 +1,31 @@
+package auxtool
+
+import (
+	"os"
+)
+
+func FileExists(name string) bool {
+	fileStat, err := os.Stat(name)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return false
+		}
+	}
+	if fileStat.IsDir() {
+		return false
+	}
+	return true
+}
+
+func DirExists(name string) bool {
+	fileStat, err := os.Stat(name)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return false
+		}
+	}
+	if fileStat == nil {
+		return false
+	}
+	return fileStat.IsDir()
+}

pkg/auxtool/randstr.go

@@ -0,0 +1,22 @@
+/*
+  * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ *
+*/
+/*
+ */
+
+package auxtool
+
+import (
+	"math/rand"
+)
+
+func RandomString(n int) string {
+	const letters = "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	arr := make([]byte, n)
+	for i := range arr {
+		arr[i] = letters[rand.Intn(len(letters))]
+	}
+	return string(arr)
+}

pkg/auxtool/tmpfile.go

@@ -0,0 +1,22 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxtool
+
+import (
+	"encoding/hex"
+	"fmt"
+	"math/rand"
+	"time"
+)
+
+func init() {
+	rand.Seed(time.Now().UnixNano())
+}
+
+func MakeTmpFilename(prefix string) string {
+	randBytes := make([]byte, 6)
+	rand.Read(randBytes)
+	suffix := hex.EncodeToString(randBytes)
+	return fmt.Sprintf("%s.tmp.%s", prefix, suffix)
+}

pkg/auxtool/unixnow.go

@@ -0,0 +1,13 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxtool
+
+import (
+	"time"
+)
+
+func TimeNow() string {
+	return time.Now().Format(time.RFC3339)
+
+}

pkg/auxutar/utar.go

@@ -0,0 +1,151 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxutar
+
+import (
+	"archive/tar"
+	"io"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+)
+
+func Archive(srcdir, dstpath string) error {
+	var err error
+	srcdir = filepath.Clean(srcdir)
+	dstpath = filepath.Clean(dstpath)
+
+	err = os.MkdirAll(filepath.Dir(dstpath), 0750)
+	if err != nil {
+		return err
+	}
+	tarFile, err := os.OpenFile(dstpath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0640)
+	if err != nil {
+		return err
+	}
+	defer tarFile.Close()
+
+	tarWriter := tar.NewWriter(tarFile)
+	defer tarWriter.Close()
+
+	walker := func(filename string, fileInfo os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if !fileInfo.Mode().IsRegular() {
+			return nil
+		}
+		header, err := tar.FileInfoHeader(fileInfo, fileInfo.Name())
+		if err != nil {
+			return err
+		}
+		header.Name = strings.TrimPrefix(filename, filepath.Clean(srcdir))
+		header.Name = strings.TrimPrefix(header.Name, string(filepath.Separator))
+		err = tarWriter.WriteHeader(header)
+		if err != nil {
+			return err
+		}
+		wrapfunc := func() error {
+			file, err := os.Open(filename)
+			if err != nil {
+				return err
+			}
+			defer file.Close()
+			_, err = io.Copy(tarWriter, file)
+			if err != nil {
+				return err
+			}
+			return err
+		}
+		err = wrapfunc()
+		if err != nil {
+			return err
+		}
+		return nil
+	}
+	err = filepath.Walk(srcdir, walker)
+	if err != nil {
+		return err
+	}
+	return err
+}
+
+func Unarchive(filename, dstdir string) error {
+	var err error
+	err = os.MkdirAll(dstdir, 0755)
+	if err != nil {
+		return err
+	}
+	file, err := os.OpenFile(filename, os.O_RDONLY, 0)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	tarReader := tar.NewReader(file)
+	for {
+		header, err := tarReader.Next()
+		switch {
+		case err == io.EOF:
+			return nil
+		case err != nil:
+			return err
+		case header == nil:
+			continue
+		}
+		target := filepath.Join(dstdir, header.Name)
+		target = filepath.Clean(target)
+
+		fileInfo := header.FileInfo()
+		switch header.Typeflag {
+		case tar.TypeDir:
+			_, err := os.Stat(target)
+			if os.IsNotExist(err) {
+				err = nil
+				err := os.MkdirAll(target, fileInfo.Mode())
+				if err != nil {
+					return err
+				}
+			}
+			if err != nil {
+				return err
+			}
+		case tar.TypeReg:
+			wrapfunc := func() error {
+				dir := filepath.Dir(target)
+				_, err := os.Stat(dir)
+				if os.IsNotExist(err) {
+					err := os.MkdirAll(dir, 0750)
+					if err != nil {
+						return err
+					}
+				}
+				file, err := os.OpenFile(target, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, fileInfo.Mode())
+				if err != nil {
+					return err
+				}
+				defer file.Close()
+				_, err = io.Copy(file, tarReader)
+				if err != nil {
+					return err
+				}
+				return err
+			}
+			err = wrapfunc()
+			if err != nil {
+				return err
+			}
+		}
+		err = os.Chtimes(target, time.Now(), fileInfo.ModTime())
+		if err != nil {
+			return err
+		}
+		err = file.Chmod(fileInfo.Mode())
+		if err != nil {
+			return err
+		}
+	}
+	return err
+}

pkg/auxuuid/uuid.go

@@ -0,0 +1,14 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxuuid
+
+import (
+	"github.com/google/uuid"
+)
+
+const ZeroUUID string = "00000000-0000-0000-0000-000000000000"
+
+func NewUUID() string {
+	return uuid.New().String()
+}

pkg/auxx509/x509cert.go

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxx509
+
+import (
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/x509"
+	"crypto/x509/pkix"
+	"encoding/pem"
+	"fmt"
+	"math/big"
+	"time"
+)
+
+func CreateSelfSignedCert(subject string, dnsNames ...string) ([]byte, []byte, error) {
+	var err error
+	certPem := make([]byte, 0)
+	keyPem := make([]byte, 0)
+
+	now := time.Now()
+
+	const yearsAfter int = 10
+	const keySize int = 2048
+
+	key, err := rsa.GenerateKey(rand.Reader, keySize)
+	if err != nil {
+		err := fmt.Errorf("Can't create a private key: %v", err)
+		return certPem, keyPem, err
+
+	}
+	keyPemBlock := pem.Block{
+		Type:  "RSA PRIVATE KEY",
+		Bytes: x509.MarshalPKCS1PrivateKey(key),
+	}
+	keyPem = pem.EncodeToMemory(&keyPemBlock)
+
+	names := make([]string, 0)
+	names = append(names, subject)
+	names = append(names, dnsNames...)
+	tml := x509.Certificate{
+		SerialNumber: big.NewInt(now.Unix()),
+		NotBefore:    now,
+		NotAfter:     now.AddDate(yearsAfter, 0, 0),
+		Subject: pkix.Name{
+			CommonName: subject,
+		},
+		DNSNames:              names,
+		BasicConstraintsValid: true,
+	}
+	certBytes, err := x509.CreateCertificate(rand.Reader, &tml, &tml, &key.PublicKey, key)
+	if err != nil {
+		return certPem, keyPem, fmt.Errorf("Can't create a certificate: %v", err)
+
+	}
+	certPemBlock := pem.Block{
+		Type:  "CERTIFICATE",
+		Bytes: certBytes,
+	}
+	certPem = pem.EncodeToMemory(&certPemBlock)
+	if err != nil {
+		return certPem, keyPem, err
+	}
+	return certPem, keyPem, err
+}

pkg/auxx509/x509cert_test.go

@@ -0,0 +1,18 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package auxx509
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestCert(t *testing.T) {
+	caCert, caKey, err := CreateSelfSignedCert("test1")
+	require.NoError(t, err)
+	fmt.Println(string(caCert))
+	fmt.Println(string(caKey))
+}

pkg/client/attic/file.go

@@ -0,0 +1,417 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ * This work is published and licensed under a Creative Commons
+ * Attribution-NonCommercial-NoDerivatives 4.0 International License.
+ *
+ * Distribution of this work is permitted, but commercial use and
+ * modifications are strictly prohibited.
+ */
+package client
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strconv"
+
+	"mbase/pkg/auxhttp"
+	"mbase/pkg/descr"
+)
+
+func (cli *Client) FileInfo(ctx context.Context, fileuri string) (bool, *descr.File, error) {
+	var exists bool
+	var err error
+	file := &descr.File{}
+	fileuri, username, password, err := repackServiceURI(fileuri)
+	if err != nil {
+		return exists, file, err
+	}
+	fileuri, err = convertFileURI(fileuri)
+	if err != nil {
+		return exists, file, err
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodHead, fileuri, nil)
+	if err != nil {
+		return exists, file, err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return exists, file, err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode == http.StatusOK {
+		file.Collection = resp.Header.Get("Content-Collection")
+		file.Name = resp.Header.Get("Content-Name")
+		contentSize := resp.Header.Get("Content-Size")
+		size, err := strconv.ParseInt(contentSize, 10, 64)
+		if err != nil {
+			return exists, file, err
+		}
+		file.Size = size
+		file.Type = resp.Header.Get("Content-Type")
+		file.Checksum = resp.Header.Get("Content-Digest")
+		exists = true
+	}
+	return exists, file, err
+}
+
+func (cli *Client) PutFile(ctx context.Context, filename, fileuri string) error {
+	var err error
+	fileuri, username, password, err := repackServiceURI(fileuri)
+	if err != nil {
+		return err
+	}
+	fileuri, err = convertFileURI(fileuri)
+	if err != nil {
+		return err
+	}
+	file, err := os.Open(filename)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodPut, fileuri, file)
+	if err != nil {
+		return err
+	}
+	fileinfo, err := os.Stat(filename)
+	if err != nil {
+		return err
+	}
+	filesize := fileinfo.Size()
+
+	req.ContentLength = filesize
+	req.Header.Set("Content-Type", "application/octet-stream")
+	req.Header.Set("Content-Size", strconv.FormatInt(filesize, 10))
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+
+	resp, err := client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return err
+	}
+	return err
+}
+
+func (cli *Client) GetFile(ctx context.Context, fileuri, filename string) (int64, error) {
+	var err error
+	var size int64
+
+	fileuri, username, password, err := repackServiceURI(fileuri)
+	if err != nil {
+		return size, err
+	}
+	fileuri, err = convertFileURI(fileuri)
+	if err != nil {
+		return size, err
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fileuri, nil)
+	if err != nil {
+		return size, err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return size, err
+	}
+	defer resp.Body.Close()
+
+	contentLength := resp.Header.Get("Content-Length")
+	if contentLength == "" {
+		err = fmt.Errorf("Empty Content-Length received")
+		return size, err
+	}
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return size, err
+	}
+	declSize, err := strconv.ParseInt(contentLength, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Length value: %v", err)
+		return size, err
+	}
+	dirname := filepath.Dir(filename)
+	err = os.MkdirAll(dirname, 0750)
+	if err != nil {
+		return size, err
+	}
+	file, err := os.OpenFile(filename, os.O_WRONLY|os.O_CREATE, 0640)
+	if err != nil {
+		return size, err
+	}
+	size, err = io.Copy(file, resp.Body)
+	if err != nil {
+		return size, err
+	}
+	if size != declSize {
+		err := fmt.Errorf("Mismatch Content-Length and recorded filesize")
+		return size, err
+	}
+	return size, err
+}
+
+func (cli *Client) DeleteFile(ctx context.Context, fileuri string) error {
+	var err error
+
+	fileuri, username, password, err := repackServiceURI(fileuri)
+	if err != nil {
+		return err
+	}
+	fileuri, err = convertFileURI(fileuri)
+	if err != nil {
+		return err
+	}
+	req, err := http.NewRequestWithContext(ctx, http.MethodDelete, fileuri, nil)
+	if err != nil {
+		return err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return err
+	}
+	return err
+}
+
+func (cli *Client) ListFiles(ctx context.Context, catalogURI, usePathAs string) ([]descr.File, error) {
+	var err error
+	res := make([]descr.File, 0)
+
+	catalogURI, username, password, err := repackServiceURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+	catalogURI, err = convertFilesURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+	// Add values
+	values := url.Values{}
+	if usePathAs != "" {
+		values.Add("pathAs", string(usePathAs))
+	}
+	encodedValues := values.Encode()
+	if encodedValues != "" {
+		catalogURI = catalogURI + "?" + encodedValues
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, catalogURI, nil)
+	if err != nil {
+		return res, err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return res, err
+	}
+	defer resp.Body.Close()
+
+	contentLength := resp.Header.Get("Content-Length")
+	if contentLength == "" {
+		err = fmt.Errorf("Empty Content-Length received")
+		return res, err
+	}
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return res, err
+	}
+	declSize, err := strconv.ParseInt(contentLength, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Length value: %v", err)
+		return res, err
+	}
+	respBuffer := bytes.NewBuffer(nil)
+	size, err := io.Copy(respBuffer, resp.Body)
+	if err != nil {
+		return res, err
+	}
+	respBytes := respBuffer.Bytes()
+	if size != declSize {
+		err := fmt.Errorf("Mismatch Content-Length and recorded filesize")
+		return res, err
+	}
+	err = json.Unmarshal(respBytes, &res)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (cli *Client) ListCollections(ctx context.Context, catalogURI, usePathAs string) ([]string, error) {
+	var err error
+	res := make([]string, 0)
+
+	catalogURI, username, password, err := repackServiceURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+	catalogURI, err = convertCollectionsURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+
+	// Add values
+	values := url.Values{}
+	if usePathAs != "" {
+		values.Add("pathAs", string(usePathAs))
+	}
+	encodedValues := values.Encode()
+	if encodedValues != "" {
+		catalogURI = catalogURI + "?" + encodedValues
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, catalogURI, nil)
+	if err != nil {
+		return res, err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return res, err
+	}
+	defer resp.Body.Close()
+
+	contentLength := resp.Header.Get("Content-Length")
+	if contentLength == "" {
+		err = fmt.Errorf("Empty Content-Length received")
+		return res, err
+	}
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return res, err
+	}
+	declSize, err := strconv.ParseInt(contentLength, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Length value: %v", err)
+		return res, err
+	}
+	respBuffer := bytes.NewBuffer(nil)
+	size, err := io.Copy(respBuffer, resp.Body)
+	if err != nil {
+		return res, err
+	}
+	respBytes := respBuffer.Bytes()
+	if size != declSize {
+		err := fmt.Errorf("Mismatch Content-Length and recorded filesize")
+		return res, err
+	}
+	err = json.Unmarshal(respBytes, &res)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}
+
+func (cli *Client) DeleteCollection(ctx context.Context, catalogURI, usePathAs string, dryRun bool) ([]descr.File, error) {
+	var err error
+	res := make([]descr.File, 0)
+
+	catalogURI, username, password, err := repackServiceURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+	catalogURI, err = convertCollectionURI(catalogURI)
+	if err != nil {
+		return res, err
+	}
+	// Add values
+	values := url.Values{}
+	if usePathAs != "" {
+		values.Add("pathAs", string(usePathAs))
+	}
+	if dryRun {
+		values.Add("dryRun", "true")
+	}
+	encodedValues := values.Encode()
+	if encodedValues != "" {
+		catalogURI = catalogURI + "?" + encodedValues
+	}
+
+	req, err := http.NewRequestWithContext(ctx, http.MethodDelete, catalogURI, nil)
+	if err != nil {
+		return res, err
+	}
+	if username != "" && password != "" {
+		basic := auxhttp.EncodeBasicAuth(username, password)
+		req.Header.Add("Authorization", basic)
+	}
+	client := makeHTTPClient(cli.skipTLSVerify)
+	resp, err := client.Do(req)
+	if err != nil {
+		return res, err
+	}
+	defer resp.Body.Close()
+
+	contentLength := resp.Header.Get("Content-Length")
+	if contentLength == "" {
+		err = fmt.Errorf("Empty Content-Length received")
+		return res, err
+	}
+	if resp.StatusCode != http.StatusOK {
+		err := fmt.Errorf("Received wrong status code: %s", resp.Status)
+		return res, err
+	}
+	declSize, err := strconv.ParseInt(contentLength, 10, 64)
+	if err != nil {
+		err = fmt.Errorf("Wrong Content-Length value: %v", err)
+		return res, err
+	}
+	respBuffer := bytes.NewBuffer(nil)
+	size, err := io.Copy(respBuffer, resp.Body)
+	if err != nil {
+		return res, err
+	}
+	respBytes := respBuffer.Bytes()
+	if size != declSize {
+		err := fmt.Errorf("Mismatch Content-Length and recorded filesize")
+		return res, err
+	}
+	err = json.Unmarshal(respBytes, &res)
+	if err != nil {
+		return res, err
+	}
+	return res, err
+}

pkg/descr/account.go

@@ -0,0 +1,26 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package descr
+
+type Account struct {
+	ID        string `json:"id"         db:"id"`
+	Username  string `json:"username"   db:"username"`
+	Passhash  string `json:"passhash"   db:"passhash"`
+	Disabled  bool   `json:"disabled"   db:"disabled"`
+	CreatedAt string `json:"createdAt"  db:"created_at"`
+	UpdatedAt string `json:"updatedAt"  db:"updated_at"`
+	CreatedBy string `json:"createdBy"  db:"created_by"`
+	UpdatedBy string `json:"updatedBy"  db:"updated_by"`
+}
+
+type AccountShort struct {
+	ID        string  `json:"id"`
+	Username  string  `json:"username"`
+	Disabled  bool    `json:"disabled"`
+	CreatedAt string  `json:"createdAt"`
+	UpdatedAt string  `json:"updatedAt"`
+	CreatedBy string  `json:"createdBy"`
+	UpdatedBy string  `json:"updatedBy"`
+	Grants    []Grant `json:"grants"`
+}

pkg/descr/grant.go

@@ -0,0 +1,18 @@
+/*
+  * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ *
+*/
+
+package descr
+
+type Grant struct {
+	ID        string `json:"id"         db:"id"`
+	AccountID string `json:"accountID"  db:"account_id"`
+	Right     string `json:"right"  db:"right"`
+	Pattern   string `json:"pattern"    db:"pattern"`
+	CreatedAt string `json:"createdAt"  db:"created_at"`
+	UpdatedAt string `json:"updatedAt"  db:"updated_at"`
+	CreatedBy string `json:"createdBy"  db:"created_by"`
+	UpdatedBy string `json:"updatedBy"  db:"updated_by"`
+}

pkg/descr/server.go

@@ -0,0 +1,14 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package descr
+
+type Server struct {
+	SchemeCreated    bool `yaml:"schemeCreated"`
+	AnonymousCreated bool `yaml:"anonymousCreated"`
+	InituserCreated  bool `yaml:"inituserCreated"`
+
+	SchemeCreatedAt    string `yaml:"schemeCreatedAt"`
+	AnonymousCreatedAt string `yaml:"anonymousCreatedAt"`
+	InituserCreatedAt  string `yaml:"inituserCreatedAt"`
+}

pkg/terms/terms.go

@@ -0,0 +1,28 @@
+/*
+  * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ *
+ *
+*/
+
+package terms
+
+const (
+	xxxAsFinePath string = "asFinePath"
+	xxxAsPrefix   string = "asPrefix"
+	xxxAsRegexp   string = "asRegexp"
+)
+
+const (
+	AnonimousUsername string = "anonymous"
+	AnonymousID       string = "0000000-0000-0000-0000-000000000001"
+	ServerUsername    string = "server"
+	ServerID          string = "0000000-0000-0000-0000-000000000002"
+	InitUsername      string = "mbase"
+	InitID            string = "0000000-0000-0000-0000-000000000005"
+)
+
+const (
+	// Accounts, grants
+	RightReadAccounts  string = "readAccounts"  // GetAccount, ListAccounts
+	RightWriteAccounts string = "writeAccounts" // CreateAccount, UpdateAccount, DeleteAccount
+)