1 # Copyright 2011-2012 GRNET S.A. All rights reserved.
3 # Redistribution and use in source and binary forms, with or
4 # without modification, are permitted provided that the following
7 # 1. Redistributions of source code must retain the above
8 # copyright notice, this list of conditions and the following
11 # 2. Redistributions in binary form must reproduce the above
12 # copyright notice, this list of conditions and the following
13 # disclaimer in the documentation and/or other materials
14 # provided with the distribution.
16 # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17 # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20 # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23 # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 # POSSIBILITY OF SUCH DAMAGE.
29 # The views and conclusions contained in the software and
30 # documentation are those of the authors and should not be
31 # interpreted as representing official policies, either expressed
32 # or implied, of GRNET S.A.
37 import uuid as uuidlib
42 from base import DEFAULT_QUOTA, DEFAULT_VERSIONING, NotAllowedError, QuotaError, BaseBackend
44 # Stripped-down version of the HashMap class found in tools.
47 def __init__(self, blocksize, blockhash):
48 super(HashMap, self).__init__()
49 self.blocksize = blocksize
50 self.blockhash = blockhash
52 def _hash_raw(self, v):
53 h = hashlib.new(self.blockhash)
59 return self._hash_raw('')
61 return self.__getitem__(0)
67 h += [('\x00' * len(h[0]))] * (s - len(h))
69 h = [self._hash_raw(h[x] + h[x + 1]) for x in range(0, len(h), 2)]
72 # Default modules and settings.
73 DEFAULT_DB_MODULE = 'pithos.backends.lib.sqlalchemy'
74 DEFAULT_DB_CONNECTION = 'sqlite:///backend.db'
75 DEFAULT_BLOCK_MODULE = 'pithos.backends.lib.hashfiler'
76 DEFAULT_BLOCK_PATH = 'data/'
77 #DEFAULT_QUEUE_MODULE = 'pithos.backends.lib.rabbitmq'
78 #DEFAULT_QUEUE_CONNECTION = 'rabbitmq://guest:guest@localhost:5672/pithos'
80 QUEUE_MESSAGE_KEY = '#'
81 QUEUE_CLIENT_ID = 2 # Pithos.
83 ( CLUSTER_NORMAL, CLUSTER_HISTORY, CLUSTER_DELETED ) = range(3)
90 logger = logging.getLogger(__name__)
93 def backend_method(func=None, autocommit=1):
96 return backend_method(func, autocommit)
101 def fn(self, *args, **kw):
102 self.wrapper.execute()
104 ret = func(self, *args, **kw)
105 self.wrapper.commit()
108 self.wrapper.rollback()
113 class ModularBackend(BaseBackend):
114 """A modular backend.
116 Uses modules for SQL functions and storage.
119 def __init__(self, db_module=None, db_connection=None,
120 block_module=None, block_path=None,
121 queue_module=None, queue_connection=None):
122 db_module = db_module or DEFAULT_DB_MODULE
123 db_connection = db_connection or DEFAULT_DB_CONNECTION
124 block_module = block_module or DEFAULT_BLOCK_MODULE
125 block_path = block_path or DEFAULT_BLOCK_PATH
126 #queue_module = queue_module or DEFAULT_QUEUE_MODULE
127 #queue_connection = queue_connection or DEFAULT_QUEUE_CONNECTION
129 self.hash_algorithm = 'sha256'
130 self.block_size = 4 * 1024 * 1024 # 4MB
132 self.default_policy = {'quota': DEFAULT_QUOTA, 'versioning': DEFAULT_VERSIONING}
136 return sys.modules[m]
138 self.db_module = load_module(db_module)
139 self.wrapper = self.db_module.DBWrapper(db_connection)
140 params = {'wrapper': self.wrapper}
141 self.permissions = self.db_module.Permissions(**params)
142 for x in ['READ', 'WRITE']:
143 setattr(self, x, getattr(self.db_module, x))
144 self.node = self.db_module.Node(**params)
145 for x in ['ROOTNODE', 'SERIAL', 'HASH', 'SIZE', 'TYPE', 'MTIME', 'MUSER', 'UUID', 'CHECKSUM', 'CLUSTER', 'MATCH_PREFIX', 'MATCH_EXACT']:
146 setattr(self, x, getattr(self.db_module, x))
148 self.block_module = load_module(block_module)
149 params = {'path': block_path,
150 'block_size': self.block_size,
151 'hash_algorithm': self.hash_algorithm}
152 self.store = self.block_module.Store(**params)
154 if queue_module and queue_connection:
155 self.queue_module = load_module(queue_module)
156 params = {'exchange': queue_connection,
157 'message_key': QUEUE_MESSAGE_KEY,
158 'client_id': QUEUE_CLIENT_ID}
159 self.queue = self.queue_module.Queue(**params)
162 def send(self, *args):
168 self.queue = NoQueue()
175 def list_accounts(self, user, marker=None, limit=10000):
176 """Return a list of accounts the user can access."""
178 logger.debug("list_accounts: %s %s %s", user, marker, limit)
179 allowed = self._allowed_accounts(user)
180 start, limit = self._list_limits(allowed, marker, limit)
181 return allowed[start:start + limit]
184 def get_account_meta(self, user, account, domain, until=None, include_user_defined=True):
185 """Return a dictionary with the account metadata for the domain."""
187 logger.debug("get_account_meta: %s %s %s", account, domain, until)
188 path, node = self._lookup_account(account, user == account)
190 if until or node is None or account not in self._allowed_accounts(user):
191 raise NotAllowedError
193 props = self._get_properties(node, until)
194 mtime = props[self.MTIME]
198 count, bytes, tstamp = self._get_statistics(node, until)
199 tstamp = max(tstamp, mtime)
203 modified = self._get_statistics(node)[2] # Overall last modification.
204 modified = max(modified, mtime)
207 meta = {'name': account}
210 if props is not None and include_user_defined:
211 meta.update(dict(self.node.attribute_get(props[self.SERIAL], domain)))
212 if until is not None:
213 meta.update({'until_timestamp': tstamp})
214 meta.update({'name': account, 'count': count, 'bytes': bytes})
215 meta.update({'modified': modified})
219 def update_account_meta(self, user, account, domain, meta, replace=False):
220 """Update the metadata associated with the account for the domain."""
222 logger.debug("update_account_meta: %s %s %s %s", account, domain, meta, replace)
224 raise NotAllowedError
225 path, node = self._lookup_account(account, True)
226 self._put_metadata(user, node, domain, meta, replace)
229 def get_account_groups(self, user, account):
230 """Return a dictionary with the user groups defined for this account."""
232 logger.debug("get_account_groups: %s", account)
234 if account not in self._allowed_accounts(user):
235 raise NotAllowedError
237 self._lookup_account(account, True)
238 return self.permissions.group_dict(account)
241 def update_account_groups(self, user, account, groups, replace=False):
242 """Update the groups associated with the account."""
244 logger.debug("update_account_groups: %s %s %s", account, groups, replace)
246 raise NotAllowedError
247 self._lookup_account(account, True)
248 self._check_groups(groups)
250 self.permissions.group_destroy(account)
251 for k, v in groups.iteritems():
252 if not replace: # If not already deleted.
253 self.permissions.group_delete(account, k)
255 self.permissions.group_addmany(account, k, v)
258 def get_account_policy(self, user, account):
259 """Return a dictionary with the account policy."""
261 logger.debug("get_account_policy: %s", account)
263 if account not in self._allowed_accounts(user):
264 raise NotAllowedError
266 path, node = self._lookup_account(account, True)
267 return self._get_policy(node)
270 def update_account_policy(self, user, account, policy, replace=False):
271 """Update the policy associated with the account."""
273 logger.debug("update_account_policy: %s %s %s", account, policy, replace)
275 raise NotAllowedError
276 path, node = self._lookup_account(account, True)
277 self._check_policy(policy)
278 self._put_policy(node, policy, replace)
281 def put_account(self, user, account, policy={}):
282 """Create a new account with the given name."""
284 logger.debug("put_account: %s %s", account, policy)
286 raise NotAllowedError
287 node = self.node.node_lookup(account)
289 raise NameError('Account already exists')
291 self._check_policy(policy)
292 node = self._put_path(user, self.ROOTNODE, account)
293 self._put_policy(node, policy, True)
296 def delete_account(self, user, account):
297 """Delete the account with the given name."""
299 logger.debug("delete_account: %s", account)
301 raise NotAllowedError
302 node = self.node.node_lookup(account)
305 if not self.node.node_remove(node):
306 raise IndexError('Account is not empty')
307 self.permissions.group_destroy(account)
310 def list_containers(self, user, account, marker=None, limit=10000, shared=False, until=None):
311 """Return a list of containers existing under an account."""
313 logger.debug("list_containers: %s %s %s %s %s", account, marker, limit, shared, until)
315 if until or account not in self._allowed_accounts(user):
316 raise NotAllowedError
317 allowed = self._allowed_containers(user, account)
318 start, limit = self._list_limits(allowed, marker, limit)
319 return allowed[start:start + limit]
321 allowed = [x.split('/', 2)[1] for x in self.permissions.access_list_shared(account)]
322 allowed = list(set(allowed))
323 start, limit = self._list_limits(allowed, marker, limit)
324 return allowed[start:start + limit]
325 node = self.node.node_lookup(account)
326 return [x[0] for x in self._list_object_properties(node, account, '', '/', marker, limit, False, None, [], until)]
329 def list_container_meta(self, user, account, container, domain, until=None):
330 """Return a list with all the container's object meta keys for the domain."""
332 logger.debug("list_container_meta: %s %s %s %s", account, container, domain, until)
336 raise NotAllowedError
337 allowed = self.permissions.access_list_paths(user, '/'.join((account, container)))
339 raise NotAllowedError
340 path, node = self._lookup_container(account, container)
341 before = until if until is not None else inf
342 allowed = self._get_formatted_paths(allowed)
343 return self.node.latest_attribute_keys(node, domain, before, CLUSTER_DELETED, allowed)
346 def get_container_meta(self, user, account, container, domain, until=None, include_user_defined=True):
347 """Return a dictionary with the container metadata for the domain."""
349 logger.debug("get_container_meta: %s %s %s %s", account, container, domain, until)
351 if until or container not in self._allowed_containers(user, account):
352 raise NotAllowedError
353 path, node = self._lookup_container(account, container)
354 props = self._get_properties(node, until)
355 mtime = props[self.MTIME]
356 count, bytes, tstamp = self._get_statistics(node, until)
357 tstamp = max(tstamp, mtime)
361 modified = self._get_statistics(node)[2] # Overall last modification.
362 modified = max(modified, mtime)
365 meta = {'name': container}
368 if include_user_defined:
369 meta.update(dict(self.node.attribute_get(props[self.SERIAL], domain)))
370 if until is not None:
371 meta.update({'until_timestamp': tstamp})
372 meta.update({'name': container, 'count': count, 'bytes': bytes})
373 meta.update({'modified': modified})
377 def update_container_meta(self, user, account, container, domain, meta, replace=False):
378 """Update the metadata associated with the container for the domain."""
380 logger.debug("update_container_meta: %s %s %s %s %s", account, container, domain, meta, replace)
382 raise NotAllowedError
383 path, node = self._lookup_container(account, container)
384 self._put_metadata(user, node, domain, meta, replace)
387 def get_container_policy(self, user, account, container):
388 """Return a dictionary with the container policy."""
390 logger.debug("get_container_policy: %s %s", account, container)
392 if container not in self._allowed_containers(user, account):
393 raise NotAllowedError
395 path, node = self._lookup_container(account, container)
396 return self._get_policy(node)
399 def update_container_policy(self, user, account, container, policy, replace=False):
400 """Update the policy associated with the container."""
402 logger.debug("update_container_policy: %s %s %s %s", account, container, policy, replace)
404 raise NotAllowedError
405 path, node = self._lookup_container(account, container)
406 self._check_policy(policy)
407 self._put_policy(node, policy, replace)
410 def put_container(self, user, account, container, policy={}):
411 """Create a new container with the given name."""
413 logger.debug("put_container: %s %s %s", account, container, policy)
415 raise NotAllowedError
417 path, node = self._lookup_container(account, container)
421 raise NameError('Container already exists')
423 self._check_policy(policy)
424 path = '/'.join((account, container))
425 node = self._put_path(user, self._lookup_account(account, True)[1], path)
426 self._put_policy(node, policy, True)
429 def delete_container(self, user, account, container, until=None):
430 """Delete/purge the container with the given name."""
432 logger.debug("delete_container: %s %s %s", account, container, until)
434 raise NotAllowedError
435 path, node = self._lookup_container(account, container)
437 if until is not None:
438 hashes, size = self.node.node_purge_children(node, until, CLUSTER_HISTORY)
440 self.store.map_delete(h)
441 self.node.node_purge_children(node, until, CLUSTER_DELETED)
442 self._report_size_change(user, account, -size, {'action': 'container purge'})
445 if self._get_statistics(node)[0] > 0:
446 raise IndexError('Container is not empty')
447 hashes, size = self.node.node_purge_children(node, inf, CLUSTER_HISTORY)
449 self.store.map_delete(h)
450 self.node.node_purge_children(node, inf, CLUSTER_DELETED)
451 self.node.node_remove(node)
452 self._report_size_change(user, account, -size, {'action': 'container delete'})
454 def _list_objects(self, user, account, container, prefix, delimiter, marker, limit, virtual, domain, keys, shared, until, size_range, all_props):
455 if user != account and until:
456 raise NotAllowedError
457 allowed = self._list_object_permissions(user, account, container, prefix, shared)
458 if shared and not allowed:
460 path, node = self._lookup_container(account, container)
461 allowed = self._get_formatted_paths(allowed)
462 return self._list_object_properties(node, path, prefix, delimiter, marker, limit, virtual, domain, keys, until, size_range, allowed, all_props)
464 def _list_object_permissions(self, user, account, container, prefix, shared):
466 path = '/'.join((account, container, prefix)).rstrip('/')
468 allowed = self.permissions.access_list_paths(user, path)
470 raise NotAllowedError
473 allowed = self.permissions.access_list_shared(path)
479 def list_objects(self, user, account, container, prefix='', delimiter=None, marker=None, limit=10000, virtual=True, domain=None, keys=[], shared=False, until=None, size_range=None):
480 """Return a list of object (name, version_id) tuples existing under a container."""
482 logger.debug("list_objects: %s %s %s %s %s %s %s %s %s %s %s %s", account, container, prefix, delimiter, marker, limit, virtual, domain, keys, shared, until, size_range)
483 return self._list_objects(user, account, container, prefix, delimiter, marker, limit, virtual, domain, keys, shared, until, size_range, False)
486 def list_object_meta(self, user, account, container, prefix='', delimiter=None, marker=None, limit=10000, virtual=True, domain=None, keys=[], shared=False, until=None, size_range=None):
487 """Return a list of object metadata dicts existing under a container."""
489 logger.debug("list_object_meta: %s %s %s %s %s %s %s %s %s %s %s %s", account, container, prefix, delimiter, marker, limit, virtual, domain, keys, shared, until, size_range)
490 props = self._list_objects(user, account, container, prefix, delimiter, marker, limit, virtual, domain, keys, shared, until, size_range, True)
494 objects.append({'subdir': p[0]})
496 objects.append({'name': p[0],
497 'bytes': p[self.SIZE + 1],
498 'type': p[self.TYPE + 1],
499 'hash': p[self.HASH + 1],
500 'version': p[self.SERIAL + 1],
501 'version_timestamp': p[self.MTIME + 1],
502 'modified': p[self.MTIME + 1] if until is None else None,
503 'modified_by': p[self.MUSER + 1],
504 'uuid': p[self.UUID + 1],
505 'checksum': p[self.CHECKSUM + 1]})
509 def list_object_permissions(self, user, account, container, prefix=''):
510 """Return a list of paths that enforce permissions under a container."""
512 logger.debug("list_object_permissions: %s %s %s", account, container, prefix)
513 return self._list_object_permissions(user, account, container, prefix, True)
516 def list_object_public(self, user, account, container, prefix=''):
517 """Return a dict mapping paths to public ids for objects that are public under a container."""
519 logger.debug("list_object_public: %s %s %s", account, container, prefix)
521 for path, p in self.permissions.public_list('/'.join((account, container, prefix))):
522 public[path] = p + ULTIMATE_ANSWER
526 def get_object_meta(self, user, account, container, name, domain, version=None, include_user_defined=True):
527 """Return a dictionary with the object metadata for the domain."""
529 logger.debug("get_object_meta: %s %s %s %s %s", account, container, name, domain, version)
530 self._can_read(user, account, container, name)
531 path, node = self._lookup_object(account, container, name)
532 props = self._get_version(node, version)
534 modified = props[self.MTIME]
537 modified = self._get_version(node)[self.MTIME] # Overall last modification.
538 except NameError: # Object may be deleted.
539 del_props = self.node.version_lookup(node, inf, CLUSTER_DELETED)
540 if del_props is None:
541 raise NameError('Object does not exist')
542 modified = del_props[self.MTIME]
545 if include_user_defined:
546 meta.update(dict(self.node.attribute_get(props[self.SERIAL], domain)))
547 meta.update({'name': name,
548 'bytes': props[self.SIZE],
549 'type': props[self.TYPE],
550 'hash': props[self.HASH],
551 'version': props[self.SERIAL],
552 'version_timestamp': props[self.MTIME],
553 'modified': modified,
554 'modified_by': props[self.MUSER],
555 'uuid': props[self.UUID],
556 'checksum': props[self.CHECKSUM]})
560 def update_object_meta(self, user, account, container, name, domain, meta, replace=False):
561 """Update the metadata associated with the object for the domain and return the new version."""
563 logger.debug("update_object_meta: %s %s %s %s %s %s", account, container, name, domain, meta, replace)
564 self._can_write(user, account, container, name)
565 path, node = self._lookup_object(account, container, name)
566 src_version_id, dest_version_id = self._put_metadata(user, node, domain, meta, replace)
567 self._apply_versioning(account, container, src_version_id)
568 return dest_version_id
571 def get_object_permissions(self, user, account, container, name):
572 """Return the action allowed on the object, the path
573 from which the object gets its permissions from,
574 along with a dictionary containing the permissions."""
576 logger.debug("get_object_permissions: %s %s %s", account, container, name)
578 permissions_path = self._get_permissions_path(account, container, name)
580 if self.permissions.access_check(permissions_path, self.WRITE, user):
582 elif self.permissions.access_check(permissions_path, self.READ, user):
585 raise NotAllowedError
586 self._lookup_object(account, container, name)
587 return (allowed, permissions_path, self.permissions.access_get(permissions_path))
590 def update_object_permissions(self, user, account, container, name, permissions):
591 """Update the permissions associated with the object."""
593 logger.debug("update_object_permissions: %s %s %s %s", account, container, name, permissions)
595 raise NotAllowedError
596 path = self._lookup_object(account, container, name)[0]
597 self._check_permissions(path, permissions)
598 self.permissions.access_set(path, permissions)
601 def get_object_public(self, user, account, container, name):
602 """Return the public id of the object if applicable."""
604 logger.debug("get_object_public: %s %s %s", account, container, name)
605 self._can_read(user, account, container, name)
606 path = self._lookup_object(account, container, name)[0]
607 p = self.permissions.public_get(path)
613 def update_object_public(self, user, account, container, name, public):
614 """Update the public status of the object."""
616 logger.debug("update_object_public: %s %s %s %s", account, container, name, public)
617 self._can_write(user, account, container, name)
618 path = self._lookup_object(account, container, name)[0]
620 self.permissions.public_unset(path)
622 self.permissions.public_set(path)
625 def get_object_hashmap(self, user, account, container, name, version=None):
626 """Return the object's size and a list with partial hashes."""
628 logger.debug("get_object_hashmap: %s %s %s %s", account, container, name, version)
629 self._can_read(user, account, container, name)
630 path, node = self._lookup_object(account, container, name)
631 props = self._get_version(node, version)
632 hashmap = self.store.map_get(binascii.unhexlify(props[self.HASH]))
633 return props[self.SIZE], [binascii.hexlify(x) for x in hashmap]
635 def _update_object_hash(self, user, account, container, name, size, type, hash, checksum, permissions, src_node=None, is_copy=False):
636 if permissions is not None and user != account:
637 raise NotAllowedError
638 self._can_write(user, account, container, name)
639 if permissions is not None:
640 path = '/'.join((account, container, name))
641 self._check_permissions(path, permissions)
643 account_path, account_node = self._lookup_account(account, True)
644 container_path, container_node = self._lookup_container(account, container)
645 path, node = self._put_object_node(container_path, container_node, name)
646 pre_version_id, dest_version_id = self._put_version_duplicate(user, node, src_node=src_node, size=size, type=type, hash=hash, checksum=checksum, is_copy=is_copy)
649 del_size = self._apply_versioning(account, container, pre_version_id)
650 size_delta = size - del_size
652 account_quota = long(self._get_policy(account_node)['quota'])
653 container_quota = long(self._get_policy(container_node)['quota'])
654 if (account_quota > 0 and self._get_statistics(account_node)[1] + size_delta > account_quota) or \
655 (container_quota > 0 and self._get_statistics(container_node)[1] + size_delta > container_quota):
656 # This must be executed in a transaction, so the version is never created if it fails.
658 self._report_size_change(user, account, size_delta, {'action': 'object update'})
660 if permissions is not None:
661 self.permissions.access_set(path, permissions)
662 return pre_version_id, dest_version_id
665 def update_object_hashmap(self, user, account, container, name, size, type, hashmap, checksum, domain, meta={}, replace_meta=False, permissions=None):
666 """Create/update an object with the specified size and partial hashes."""
668 logger.debug("update_object_hashmap: %s %s %s %s %s %s %s", account, container, name, size, type, hashmap, checksum)
669 if size == 0: # No such thing as an empty hashmap.
670 hashmap = [self.put_block('')]
671 map = HashMap(self.block_size, self.hash_algorithm)
672 map.extend([binascii.unhexlify(x) for x in hashmap])
673 missing = self.store.block_search(map)
676 ie.data = [binascii.hexlify(x) for x in missing]
680 pre_version_id, dest_version_id = self._update_object_hash(user, account, container, name, size, type, binascii.hexlify(hash), checksum, permissions)
681 self._put_metadata_duplicate(pre_version_id, dest_version_id, domain, meta, replace_meta)
682 self.store.map_put(hash, map)
683 return dest_version_id
686 def update_object_checksum(self, user, account, container, name, version, checksum):
687 """Update an object's checksum."""
689 logger.debug("update_object_checksum: %s %s %s %s %s", account, container, name, version, checksum)
690 # Update objects with greater version and same hashmap and size (fix metadata updates).
691 self._can_write(user, account, container, name)
692 path, node = self._lookup_object(account, container, name)
693 props = self._get_version(node, version)
694 versions = self.node.node_get_versions(node)
696 if x[self.SERIAL] >= int(version) and x[self.HASH] == props[self.HASH] and x[self.SIZE] == props[self.SIZE]:
697 self.node.version_put_property(x[self.SERIAL], 'checksum', checksum)
699 def _copy_object(self, user, src_account, src_container, src_name, dest_account, dest_container, dest_name, type, dest_domain=None, dest_meta={}, replace_meta=False, permissions=None, src_version=None, is_move=False):
700 self._can_read(user, src_account, src_container, src_name)
701 path, node = self._lookup_object(src_account, src_container, src_name)
702 # TODO: Will do another fetch of the properties in duplicate version...
703 props = self._get_version(node, src_version) # Check to see if source exists.
704 src_version_id = props[self.SERIAL]
705 hash = props[self.HASH]
706 size = props[self.SIZE]
708 is_copy = not is_move and (src_account, src_container, src_name) != (dest_account, dest_container, dest_name) # New uuid.
709 pre_version_id, dest_version_id = self._update_object_hash(user, dest_account, dest_container, dest_name, size, type, hash, None, permissions, src_node=node, is_copy=is_copy)
710 self._put_metadata_duplicate(src_version_id, dest_version_id, dest_domain, dest_meta, replace_meta)
711 return dest_version_id
714 def copy_object(self, user, src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta={}, replace_meta=False, permissions=None, src_version=None):
715 """Copy an object's data and metadata."""
717 logger.debug("copy_object: %s %s %s %s %s %s %s %s %s %s %s %s", src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta, replace_meta, permissions, src_version)
718 dest_version_id = self._copy_object(user, src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta, replace_meta, permissions, src_version, False)
719 return dest_version_id
722 def move_object(self, user, src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta={}, replace_meta=False, permissions=None):
723 """Move an object's data and metadata."""
725 logger.debug("move_object: %s %s %s %s %s %s %s %s %s %s %s", src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta, replace_meta, permissions)
726 if user != src_account:
727 raise NotAllowedError
728 dest_version_id = self._copy_object(user, src_account, src_container, src_name, dest_account, dest_container, dest_name, type, domain, meta, replace_meta, permissions, None, True)
729 if (src_account, src_container, src_name) != (dest_account, dest_container, dest_name):
730 self._delete_object(user, src_account, src_container, src_name)
731 return dest_version_id
733 def _delete_object(self, user, account, container, name, until=None):
735 raise NotAllowedError
737 if until is not None:
738 path = '/'.join((account, container, name))
739 node = self.node.node_lookup(path)
744 h, s = self.node.node_purge(node, until, CLUSTER_NORMAL)
747 h, s = self.node.node_purge(node, until, CLUSTER_HISTORY)
751 self.store.map_delete(h)
752 self.node.node_purge(node, until, CLUSTER_DELETED)
754 props = self._get_version(node)
756 self.permissions.access_clear(path)
757 self._report_size_change(user, account, -size, {'action': 'object purge'})
760 path, node = self._lookup_object(account, container, name)
761 src_version_id, dest_version_id = self._put_version_duplicate(user, node, size=0, type='', hash=None, checksum='', cluster=CLUSTER_DELETED)
762 del_size = self._apply_versioning(account, container, src_version_id)
764 self._report_size_change(user, account, -del_size, {'action': 'object delete'})
765 self.permissions.access_clear(path)
768 def delete_object(self, user, account, container, name, until=None):
769 """Delete/purge an object."""
771 logger.debug("delete_object: %s %s %s %s", account, container, name, until)
772 self._delete_object(user, account, container, name, until)
775 def list_versions(self, user, account, container, name):
776 """Return a list of all (version, version_timestamp) tuples for an object."""
778 logger.debug("list_versions: %s %s %s", account, container, name)
779 self._can_read(user, account, container, name)
780 path, node = self._lookup_object(account, container, name)
781 versions = self.node.node_get_versions(node)
782 return [[x[self.SERIAL], x[self.MTIME]] for x in versions if x[self.CLUSTER] != CLUSTER_DELETED]
785 def get_uuid(self, user, uuid):
786 """Return the (account, container, name) for the UUID given."""
788 logger.debug("get_uuid: %s", uuid)
789 info = self.node.latest_uuid(uuid)
793 account, container, name = path.split('/', 2)
794 self._can_read(user, account, container, name)
795 return (account, container, name)
798 def get_public(self, user, public):
799 """Return the (account, container, name) for the public id given."""
801 logger.debug("get_public: %s", public)
802 if public is None or public < ULTIMATE_ANSWER:
804 path = self.permissions.public_path(public - ULTIMATE_ANSWER)
807 account, container, name = path.split('/', 2)
808 self._can_read(user, account, container, name)
809 return (account, container, name)
811 @backend_method(autocommit=0)
812 def get_block(self, hash):
813 """Return a block's data."""
815 logger.debug("get_block: %s", hash)
816 block = self.store.block_get(binascii.unhexlify(hash))
818 raise NameError('Block does not exist')
821 @backend_method(autocommit=0)
822 def put_block(self, data):
823 """Store a block and return the hash."""
825 logger.debug("put_block: %s", len(data))
826 return binascii.hexlify(self.store.block_put(data))
828 @backend_method(autocommit=0)
829 def update_block(self, hash, data, offset=0):
830 """Update a known block and return the hash."""
832 logger.debug("update_block: %s %s %s", hash, len(data), offset)
833 if offset == 0 and len(data) == self.block_size:
834 return self.put_block(data)
835 h = self.store.block_update(binascii.unhexlify(hash), offset, data)
836 return binascii.hexlify(h)
840 def _generate_uuid(self):
841 return str(uuidlib.uuid4())
843 def _put_object_node(self, path, parent, name):
844 path = '/'.join((path, name))
845 node = self.node.node_lookup(path)
847 node = self.node.node_create(parent, path)
850 def _put_path(self, user, parent, path):
851 node = self.node.node_create(parent, path)
852 self.node.version_create(node, None, 0, '', None, user, self._generate_uuid(), '', CLUSTER_NORMAL)
855 def _lookup_account(self, account, create=True):
856 node = self.node.node_lookup(account)
857 if node is None and create:
858 node = self._put_path(account, self.ROOTNODE, account) # User is account.
861 def _lookup_container(self, account, container):
862 path = '/'.join((account, container))
863 node = self.node.node_lookup(path)
865 raise NameError('Container does not exist')
868 def _lookup_object(self, account, container, name):
869 path = '/'.join((account, container, name))
870 node = self.node.node_lookup(path)
872 raise NameError('Object does not exist')
875 def _get_properties(self, node, until=None):
876 """Return properties until the timestamp given."""
878 before = until if until is not None else inf
879 props = self.node.version_lookup(node, before, CLUSTER_NORMAL)
880 if props is None and until is not None:
881 props = self.node.version_lookup(node, before, CLUSTER_HISTORY)
883 raise NameError('Path does not exist')
886 def _get_statistics(self, node, until=None):
887 """Return count, sum of size and latest timestamp of everything under node."""
890 stats = self.node.statistics_get(node, CLUSTER_NORMAL)
892 stats = self.node.statistics_latest(node, until, CLUSTER_DELETED)
897 def _get_version(self, node, version=None):
899 props = self.node.version_lookup(node, inf, CLUSTER_NORMAL)
901 raise NameError('Object does not exist')
904 version = int(version)
906 raise IndexError('Version does not exist')
907 props = self.node.version_get_properties(version)
908 if props is None or props[self.CLUSTER] == CLUSTER_DELETED:
909 raise IndexError('Version does not exist')
912 def _put_version_duplicate(self, user, node, src_node=None, size=None, type=None, hash=None, checksum=None, cluster=CLUSTER_NORMAL, is_copy=False):
913 """Create a new version of the node."""
915 props = self.node.version_lookup(node if src_node is None else src_node, inf, CLUSTER_NORMAL)
916 if props is not None:
917 src_version_id = props[self.SERIAL]
918 src_hash = props[self.HASH]
919 src_size = props[self.SIZE]
920 src_type = props[self.TYPE]
921 src_checksum = props[self.CHECKSUM]
923 src_version_id = None
928 if size is None: # Set metadata.
929 hash = src_hash # This way hash can be set to None (account or container).
934 checksum = src_checksum
935 uuid = self._generate_uuid() if (is_copy or src_version_id is None) else props[self.UUID]
938 pre_version_id = src_version_id
940 pre_version_id = None
941 props = self.node.version_lookup(node, inf, CLUSTER_NORMAL)
942 if props is not None:
943 pre_version_id = props[self.SERIAL]
944 if pre_version_id is not None:
945 self.node.version_recluster(pre_version_id, CLUSTER_HISTORY)
947 dest_version_id, mtime = self.node.version_create(node, hash, size, type, src_version_id, user, uuid, checksum, cluster)
948 return pre_version_id, dest_version_id
950 def _put_metadata_duplicate(self, src_version_id, dest_version_id, domain, meta, replace=False):
951 if src_version_id is not None:
952 self.node.attribute_copy(src_version_id, dest_version_id)
954 self.node.attribute_del(dest_version_id, domain, (k for k, v in meta.iteritems() if v == ''))
955 self.node.attribute_set(dest_version_id, domain, ((k, v) for k, v in meta.iteritems() if v != ''))
957 self.node.attribute_del(dest_version_id, domain)
958 self.node.attribute_set(dest_version_id, domain, ((k, v) for k, v in meta.iteritems()))
960 def _put_metadata(self, user, node, domain, meta, replace=False):
961 """Create a new version and store metadata."""
963 src_version_id, dest_version_id = self._put_version_duplicate(user, node)
964 self._put_metadata_duplicate(src_version_id, dest_version_id, domain, meta, replace)
965 return src_version_id, dest_version_id
967 def _list_limits(self, listing, marker, limit):
971 start = listing.index(marker) + 1
974 if not limit or limit > 10000:
978 def _list_object_properties(self, parent, path, prefix='', delimiter=None, marker=None, limit=10000, virtual=True, domain=None, keys=[], until=None, size_range=None, allowed=[], all_props=False):
979 cont_prefix = path + '/'
980 prefix = cont_prefix + prefix
981 start = cont_prefix + marker if marker else None
982 before = until if until is not None else inf
983 filterq = keys if domain else []
986 objects, prefixes = self.node.latest_version_list(parent, prefix, delimiter, start, limit, before, CLUSTER_DELETED, allowed, domain, filterq, sizeq, all_props)
987 objects.extend([(p, None) for p in prefixes] if virtual else [])
988 objects.sort(key=lambda x: x[0])
989 objects = [(x[0][len(cont_prefix):],) + x[1:] for x in objects]
991 start, limit = self._list_limits([x[0] for x in objects], marker, limit)
992 return objects[start:start + limit]
994 # Reporting functions.
996 def _report_size_change(self, user, account, size, details={}):
997 logger.debug("_report_size_change: %s %s %s %s", user, account, size, details)
998 account_node = self._lookup_account(account, True)[1]
999 total = self._get_statistics(account_node)[1]
1000 details.update({'user': user, 'total': total})
1001 self.queue.send(account, 'diskspace', size, details)
1005 def _check_policy(self, policy):
1006 for k in policy.keys():
1008 policy[k] = self.default_policy.get(k)
1009 for k, v in policy.iteritems():
1011 q = int(v) # May raise ValueError.
1014 elif k == 'versioning':
1015 if v not in ['auto', 'none']:
1020 def _put_policy(self, node, policy, replace):
1022 for k, v in self.default_policy.iteritems():
1025 self.node.policy_set(node, policy)
1027 def _get_policy(self, node):
1028 policy = self.default_policy.copy()
1029 policy.update(self.node.policy_get(node))
1032 def _apply_versioning(self, account, container, version_id):
1033 """Delete the provided version if such is the policy.
1034 Return size of object removed.
1037 if version_id is None:
1039 path, node = self._lookup_container(account, container)
1040 versioning = self._get_policy(node)['versioning']
1041 if versioning != 'auto':
1042 hash, size = self.node.version_remove(version_id)
1043 self.store.map_delete(hash)
1047 # Access control functions.
1049 def _check_groups(self, groups):
1050 # raise ValueError('Bad characters in groups')
1053 def _check_permissions(self, path, permissions):
1054 # raise ValueError('Bad characters in permissions')
1057 def _get_formatted_paths(self, paths):
1060 node = self.node.node_lookup(p)
1061 if node is not None:
1062 props = self.node.version_lookup(node, inf, CLUSTER_NORMAL)
1063 if props is not None:
1064 if props[self.TYPE] in ('application/directory', 'application/folder'):
1065 formatted.append((p.rstrip('/') + '/', self.MATCH_PREFIX))
1066 formatted.append((p, self.MATCH_EXACT))
1069 def _get_permissions_path(self, account, container, name):
1070 path = '/'.join((account, container, name))
1071 permission_paths = self.permissions.access_inherit(path)
1072 permission_paths.sort()
1073 permission_paths.reverse()
1074 for p in permission_paths:
1078 if p.count('/') < 2:
1080 node = self.node.node_lookup(p)
1081 if node is not None:
1082 props = self.node.version_lookup(node, inf, CLUSTER_NORMAL)
1083 if props is not None:
1084 if props[self.TYPE] in ('application/directory', 'application/folder'):
1088 def _can_read(self, user, account, container, name):
1091 path = '/'.join((account, container, name))
1092 if self.permissions.public_get(path) is not None:
1094 path = self._get_permissions_path(account, container, name)
1096 raise NotAllowedError
1097 if not self.permissions.access_check(path, self.READ, user) and not self.permissions.access_check(path, self.WRITE, user):
1098 raise NotAllowedError
1100 def _can_write(self, user, account, container, name):
1103 path = '/'.join((account, container, name))
1104 path = self._get_permissions_path(account, container, name)
1106 raise NotAllowedError
1107 if not self.permissions.access_check(path, self.WRITE, user):
1108 raise NotAllowedError
1110 def _allowed_accounts(self, user):
1112 for path in self.permissions.access_list_paths(user):
1113 allow.add(path.split('/', 1)[0])
1114 return sorted(allow)
1116 def _allowed_containers(self, user, account):
1118 for path in self.permissions.access_list_paths(user, account):
1119 allow.add(path.split('/', 2)[1])
1120 return sorted(allow)