-import os
+# Copyright 2011 GRNET S.A. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or
+# without modification, are permitted provided that the following
+# conditions are met:
+#
+# 1. Redistributions of source code must retain the above
+# copyright notice, this list of conditions and the following
+# disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials
+# provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
+# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+#
+# The views and conclusions contained in the software and
+# documentation are those of the authors and should not be
+# interpreted as representing official policies, either expressed
+# or implied, of GRNET S.A.
+
import logging
import hashlib
-import types
+from django.conf import settings
from django.http import HttpResponse
from django.template.loader import render_to_string
from django.utils import simplejson as json
from django.utils.http import parse_etags
+from django.utils.encoding import smart_unicode, smart_str
+from xml.dom import minidom
from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, ItemNotFound, Conflict,
LengthRequired, PreconditionFailed, RangeNotSatisfiable, UnprocessableEntity)
-from pithos.api.util import (printable_meta_dict, get_account_meta, put_account_meta,
- get_container_meta, put_container_meta, get_object_meta, put_object_meta,
- validate_modification_preconditions, copy_or_move_object, get_range,
- raw_input_socket, socket_read_iterator, api_method)
+from pithos.api.util import (rename_meta_key, format_header_key, printable_header_dict, get_account_headers,
+ put_account_headers, get_container_headers, put_container_headers, get_object_headers, put_object_headers,
+ update_manifest_meta, update_sharing_meta, update_public_meta, validate_modification_preconditions,
+ validate_matching_preconditions, split_container_object_string, copy_or_move_object,
+ get_int_parameter, get_content_length, get_content_range, socket_read_iterator,
+ object_data_response, put_object_block, hashmap_hash, api_method)
from pithos.backends import backend
+from pithos.backends.base import NotAllowedError
logger = logging.getLogger(__name__)
def top_demux(request):
if request.method == 'GET':
+ if request.user:
+ return account_list(request)
return authenticate(request)
else:
return method_not_allowed(request)
def account_demux(request, v_account):
if request.method == 'HEAD':
return account_meta(request, v_account)
- elif request.method == 'GET':
- return container_list(request, v_account)
elif request.method == 'POST':
return account_update(request, v_account)
+ elif request.method == 'GET':
+ return container_list(request, v_account)
else:
return method_not_allowed(request)
def container_demux(request, v_account, v_container):
if request.method == 'HEAD':
return container_meta(request, v_account, v_container)
- elif request.method == 'GET':
- return object_list(request, v_account, v_container)
elif request.method == 'PUT':
return container_create(request, v_account, v_container)
elif request.method == 'POST':
return container_update(request, v_account, v_container)
elif request.method == 'DELETE':
return container_delete(request, v_account, v_container)
+ elif request.method == 'GET':
+ return object_list(request, v_account, v_container)
else:
return method_not_allowed(request)
elif request.method == 'MOVE':
return object_move(request, v_account, v_container, v_object)
elif request.method == 'POST':
+ if request.META.get('CONTENT_TYPE', '').startswith('multipart/form-data'):
+ return object_write_form(request, v_account, v_container, v_object)
return object_update(request, v_account, v_container, v_object)
elif request.method == 'DELETE':
return object_delete(request, v_account, v_container, v_object)
x_auth_key = request.META.get('HTTP_X_AUTH_KEY')
if not x_auth_user or not x_auth_key:
raise BadRequest('Missing X-Auth-User or X-Auth-Key header')
-
response = HttpResponse(status=204)
- response['X-Auth-Token'] = '0000'
- response['X-Storage-Url'] = os.path.join(request.build_absolute_uri(), 'demo')
+
+ uri = request.build_absolute_uri()
+ if '?' in uri:
+ uri = uri[:uri.find('?')]
+
+ response['X-Auth-Token'] = x_auth_key
+ response['X-Storage-Url'] = uri + (uri.endswith('/') and '' or '/') + x_auth_user
+ return response
+
+@api_method('GET', format_allowed=True)
+def account_list(request):
+ # Normal Response Codes: 200, 204
+ # Error Response Codes: serviceUnavailable (503),
+ # badRequest (400)
+
+ response = HttpResponse()
+
+ marker = request.GET.get('marker')
+ limit = get_int_parameter(request.GET.get('limit'))
+ if not limit:
+ limit = 10000
+
+ accounts = backend.list_accounts(request.user, marker, limit)
+
+ if request.serialization == 'text':
+ if len(accounts) == 0:
+ # The cloudfiles python bindings expect 200 if json/xml.
+ response.status_code = 204
+ return response
+ response.status_code = 200
+ response.content = '\n'.join(accounts) + '\n'
+ return response
+
+ account_meta = []
+ for x in accounts:
+ try:
+ meta = backend.get_account_meta(request.user, x)
+ groups = backend.get_account_groups(request.user, x)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ else:
+ rename_meta_key(meta, 'modified', 'last_modified')
+ rename_meta_key(meta, 'until_timestamp', 'x_account_until_timestamp')
+ for k, v in groups.iteritems():
+ meta['X-Container-Group-' + k] = ','.join(v)
+ account_meta.append(printable_header_dict(meta))
+ if request.serialization == 'xml':
+ data = render_to_string('accounts.xml', {'accounts': account_meta})
+ elif request.serialization == 'json':
+ data = json.dumps(account_meta)
+ response.status_code = 200
+ response.content = data
return response
@api_method('HEAD')
# unauthorized (401),
# badRequest (400)
- meta = backend.get_account_meta(request.user)
+ until = get_int_parameter(request.GET.get('until'))
+ try:
+ meta = backend.get_account_meta(request.user, v_account, until)
+ groups = backend.get_account_groups(request.user, v_account)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+
+ validate_modification_preconditions(request, meta)
response = HttpResponse(status=204)
- put_account_meta(response, meta)
+ put_account_headers(response, meta, groups)
return response
@api_method('POST')
# unauthorized (401),
# badRequest (400)
- meta = get_account_meta(request)
- backend.update_account_meta(request.user, meta)
+ meta, groups = get_account_headers(request)
+ replace = True
+ if 'update' in request.GET:
+ replace = False
+ if groups:
+ try:
+ backend.update_account_groups(request.user, v_account, groups, replace)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except ValueError:
+ raise BadRequest('Invalid groups header')
+ if meta or replace:
+ try:
+ backend.update_account_meta(request.user, v_account, meta, replace)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
return HttpResponse(status=202)
@api_method('GET', format_allowed=True)
# unauthorized (401),
# badRequest (400)
- meta = backend.get_account_meta(request.user)
+ until = get_int_parameter(request.GET.get('until'))
+ try:
+ meta = backend.get_account_meta(request.user, v_account, until)
+ groups = backend.get_account_groups(request.user, v_account)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
validate_modification_preconditions(request, meta)
response = HttpResponse()
- put_account_meta(response, meta)
+ put_account_headers(response, meta, groups)
marker = request.GET.get('marker')
- limit = request.GET.get('limit')
- if limit:
- try:
- limit = int(limit)
- if limit <= 0:
- raise ValueError
- except ValueError:
- limit = 10000
+ limit = get_int_parameter(request.GET.get('limit'))
+ if not limit:
+ limit = 10000
+
+ shared = False
+ if 'shared' in request.GET:
+ shared = True
try:
- containers = backend.list_containers(request.user, marker, limit)
+ containers = backend.list_containers(request.user, v_account, marker, limit, shared, until)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
containers = []
container_meta = []
for x in containers:
try:
- meta = backend.get_container_meta(request.user, x)
+ meta = backend.get_container_meta(request.user, v_account, x, until)
+ policy = backend.get_container_policy(request.user, v_account, x)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
- continue
- container_meta.append(printable_meta_dict(meta))
+ pass
+ else:
+ rename_meta_key(meta, 'modified', 'last_modified')
+ rename_meta_key(meta, 'until_timestamp', 'x_container_until_timestamp')
+ for k, v in policy.iteritems():
+ meta['X-Container-Policy-' + k] = v
+ container_meta.append(printable_header_dict(meta))
if request.serialization == 'xml':
- data = render_to_string('containers.xml', {'account': request.user, 'containers': container_meta})
+ data = render_to_string('containers.xml', {'account': v_account, 'containers': container_meta})
elif request.serialization == 'json':
data = json.dumps(container_meta)
response.status_code = 200
# unauthorized (401),
# badRequest (400)
+ until = get_int_parameter(request.GET.get('until'))
try:
- meta = backend.get_container_meta(request.user, v_container)
+ meta = backend.get_container_meta(request.user, v_account, v_container, until)
+ meta['object_meta'] = backend.list_object_meta(request.user, v_account, v_container, until)
+ policy = backend.get_container_policy(request.user, v_account, v_container)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Container does not exist')
+ validate_modification_preconditions(request, meta)
+
response = HttpResponse(status=204)
- put_container_meta(response, meta)
+ put_container_headers(response, meta, policy)
return response
@api_method('PUT')
# unauthorized (401),
# badRequest (400)
- meta = get_container_meta(request)
+ meta, policy = get_container_headers(request)
try:
- backend.create_container(request.user, v_container)
+ backend.put_container(request.user, v_account, v_container, policy)
ret = 201
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except ValueError:
+ raise BadRequest('Invalid policy header')
except NameError:
ret = 202
- if len(meta) > 0:
- backend.update_container_meta(request.user, v_container, meta)
+ if ret == 202 and policy:
+ try:
+ backend.update_container_policy(request.user, v_account, v_container, policy, replace=False)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
+ except ValueError:
+ raise BadRequest('Invalid policy header')
+ if meta:
+ try:
+ backend.update_container_meta(request.user, v_account, v_container, meta, replace=False)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
return HttpResponse(status=ret)
# unauthorized (401),
# badRequest (400)
- meta = get_container_meta(request)
- try:
- backend.update_container_meta(request.user, v_container, meta)
- except NameError:
- raise ItemNotFound('Container does not exist')
+ meta, policy = get_container_headers(request)
+ replace = True
+ if 'update' in request.GET:
+ replace = False
+ if policy:
+ try:
+ backend.update_container_policy(request.user, v_account, v_container, policy, replace)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
+ except ValueError:
+ raise BadRequest('Invalid policy header')
+ if meta or replace:
+ try:
+ backend.update_container_meta(request.user, v_account, v_container, meta, replace)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
return HttpResponse(status=202)
@api_method('DELETE')
# unauthorized (401),
# badRequest (400)
+ until = get_int_parameter(request.GET.get('until'))
try:
- backend.delete_container(request.user, v_container)
+ backend.delete_container(request.user, v_account, v_container, until)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Container does not exist')
except IndexError:
# unauthorized (401),
# badRequest (400)
+ until = get_int_parameter(request.GET.get('until'))
try:
- meta = backend.get_container_meta(request.user, v_container)
+ meta = backend.get_container_meta(request.user, v_account, v_container, until)
+ meta['object_meta'] = backend.list_object_meta(request.user, v_account, v_container, until)
+ policy = backend.get_container_policy(request.user, v_account, v_container)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Container does not exist')
validate_modification_preconditions(request, meta)
response = HttpResponse()
- put_container_meta(response, meta)
+ put_container_headers(response, meta, policy)
path = request.GET.get('path')
prefix = request.GET.get('prefix')
prefix = prefix.lstrip('/')
marker = request.GET.get('marker')
- limit = request.GET.get('limit')
- if limit:
- try:
- limit = int(limit)
- if limit <= 0:
- raise ValueError
- except ValueError:
- limit = 10000
+ limit = get_int_parameter(request.GET.get('limit'))
+ if not limit:
+ limit = 10000
+
+ keys = request.GET.get('meta')
+ if keys:
+ keys = keys.split(',')
+ l = [smart_str(x) for x in keys if x.strip() != '']
+ keys = [format_header_key('X-Object-Meta-' + x.strip()) for x in l]
+ else:
+ keys = []
+
+ shared = False
+ if 'shared' in request.GET:
+ shared = True
try:
- objects = backend.list_objects(request.user, v_container, prefix, delimiter, marker, limit, virtual)
+ objects = backend.list_objects(request.user, v_account, v_container, prefix, delimiter, marker, limit, virtual, keys, shared, until)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Container does not exist')
response.status_code = 204
return response
response.status_code = 200
- response.content = '\n'.join(objects) + '\n'
+ response.content = '\n'.join([x[0] for x in objects]) + '\n'
return response
object_meta = []
for x in objects:
- try:
- meta = backend.get_object_meta(request.user, v_container, x)
- except NameError:
+ if x[1] is None:
# Virtual objects/directories.
- if virtual and delimiter and x.endswith(delimiter):
- object_meta.append({"subdir": x})
- continue
- object_meta.append(printable_meta_dict(meta))
+ object_meta.append({'subdir': x[0]})
+ else:
+ try:
+ meta = backend.get_object_meta(request.user, v_account, v_container, x[0], x[1])
+ if until is None:
+ permissions = backend.get_object_permissions(request.user, v_account, v_container, x[0])
+ public = backend.get_object_public(request.user, v_account, v_container, x[0])
+ else:
+ permissions = None
+ public = None
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ pass
+ else:
+ rename_meta_key(meta, 'modified', 'last_modified')
+ rename_meta_key(meta, 'modified_by', 'x_object_modified_by')
+ rename_meta_key(meta, 'version', 'x_object_version')
+ rename_meta_key(meta, 'version_timestamp', 'x_object_version_timestamp')
+ update_sharing_meta(request, permissions, v_account, v_container, x[0], meta)
+ update_public_meta(public, meta)
+ object_meta.append(printable_header_dict(meta))
if request.serialization == 'xml':
data = render_to_string('objects.xml', {'container': v_container, 'objects': object_meta})
elif request.serialization == 'json':
# unauthorized (401),
# badRequest (400)
+ version = request.GET.get('version')
try:
- meta = backend.get_object_meta(request.user, v_container, v_object)
+ meta = backend.get_object_meta(request.user, v_account, v_container, v_object, version)
+ if version is None:
+ permissions = backend.get_object_permissions(request.user, v_account, v_container, v_object)
+ public = backend.get_object_public(request.user, v_account, v_container, v_object)
+ else:
+ permissions = None
+ public = None
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Object does not exist')
+ except IndexError:
+ raise ItemNotFound('Version does not exist')
- response = HttpResponse(status=204)
- put_object_meta(response, meta)
+ update_manifest_meta(request, v_account, meta)
+ update_sharing_meta(request, permissions, v_account, v_container, v_object, meta)
+ update_public_meta(public, meta)
+
+ # Evaluate conditions.
+ validate_modification_preconditions(request, meta)
+ try:
+ validate_matching_preconditions(request, meta)
+ except NotModified:
+ response = HttpResponse(status=304)
+ response['ETag'] = meta['hash']
+ return response
+
+ response = HttpResponse(status=200)
+ put_object_headers(response, meta)
return response
-@api_method('GET')
+@api_method('GET', format_allowed=True)
def object_read(request, v_account, v_container, v_object):
# Normal Response Codes: 200, 206
# Error Response Codes: serviceUnavailable (503),
# badRequest (400),
# notModified (304)
+ version = request.GET.get('version')
+
+ # Reply with the version list. Do this first, as the object may be deleted.
+ if version == 'list':
+ if request.serialization == 'text':
+ raise BadRequest('No format specified for version list.')
+
+ try:
+ v = backend.list_versions(request.user, v_account, v_container, v_object)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ d = {'versions': v}
+ if request.serialization == 'xml':
+ d['object'] = v_object
+ data = render_to_string('versions.xml', d)
+ elif request.serialization == 'json':
+ data = json.dumps(d)
+
+ response = HttpResponse(data, status=200)
+ response['Content-Length'] = len(data)
+ return response
+
try:
- meta = backend.get_object_meta(request.user, v_container, v_object)
+ meta = backend.get_object_meta(request.user, v_account, v_container, v_object, version)
+ if version is None:
+ permissions = backend.get_object_permissions(request.user, v_account, v_container, v_object)
+ public = backend.get_object_public(request.user, v_account, v_container, v_object)
+ else:
+ permissions = None
+ public = None
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Object does not exist')
+ except IndexError:
+ raise ItemNotFound('Version does not exist')
- response = HttpResponse()
- put_object_meta(response, meta)
-
- # Range handling.
- range = get_range(request)
- if range is not None:
- offset, length = range
- if offset < 0:
- offset = meta['bytes'] + offset
- if offset > meta['bytes'] or (length and offset + length > meta['bytes']):
- raise RangeNotSatisfiable('Requested range exceeds object limits')
- if not length:
- length = -1
-
- response['Content-Length'] = length # Update with the correct length.
- response.status_code = 206
- else:
- offset = 0
- length = -1
- response.status_code = 200
+ update_manifest_meta(request, v_account, meta)
+ update_sharing_meta(request, permissions, v_account, v_container, v_object, meta)
+ update_public_meta(public, meta)
- # Conditions (according to RFC2616 must be evaluated at the end).
+ # Evaluate conditions.
validate_modification_preconditions(request, meta)
- if_match = request.META.get('HTTP_IF_MATCH')
- if if_match is not None and if_match != '*':
- if meta['hash'] not in [x.lower() for x in parse_etags(if_match)]:
- raise PreconditionFailed('Object Etag does not match')
- if_none_match = request.META.get('HTTP_IF_NONE_MATCH')
- if if_none_match is not None:
- if if_none_match == '*' or meta['hash'] in [x.lower() for x in parse_etags(if_none_match)]:
- raise NotModified('Object Etag matches')
-
try:
- response.content = backend.get_object(request.user, v_container, v_object, offset, length)
- except NameError:
- raise ItemNotFound('Object does not exist')
+ validate_matching_preconditions(request, meta)
+ except NotModified:
+ response = HttpResponse(status=304)
+ response['ETag'] = meta['hash']
+ return response
- return response
+ sizes = []
+ hashmaps = []
+ if 'X-Object-Manifest' in meta:
+ try:
+ src_container, src_name = split_container_object_string('/' + meta['X-Object-Manifest'])
+ objects = backend.list_objects(request.user, v_account, src_container, prefix=src_name, virtual=False)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except ValueError:
+ raise BadRequest('Invalid X-Object-Manifest header')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
+
+ try:
+ for x in objects:
+ s, h = backend.get_object_hashmap(request.user, v_account, src_container, x[0], x[1])
+ sizes.append(s)
+ hashmaps.append(h)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+ except IndexError:
+ raise ItemNotFound('Version does not exist')
+ else:
+ try:
+ s, h = backend.get_object_hashmap(request.user, v_account, v_container, v_object, version)
+ sizes.append(s)
+ hashmaps.append(h)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+ except IndexError:
+ raise ItemNotFound('Version does not exist')
+
+ # Reply with the hashmap.
+ if 'hashmap' in request.GET and request.serialization != 'text':
+ size = sum(sizes)
+ hashmap = sum(hashmaps, [])
+ d = {'block_size': backend.block_size, 'block_hash': backend.hash_algorithm, 'bytes': size, 'hashes': hashmap}
+ if request.serialization == 'xml':
+ d['object'] = v_object
+ data = render_to_string('hashes.xml', d)
+ elif request.serialization == 'json':
+ data = json.dumps(d)
+
+ response = HttpResponse(data, status=200)
+ put_object_headers(response, meta)
+ response['Content-Length'] = len(data)
+ return response
+
+ return object_data_response(request, sizes, hashmaps, meta)
-@api_method('PUT')
+@api_method('PUT', format_allowed=True)
def object_write(request, v_account, v_container, v_object):
# Normal Response Codes: 201
# Error Response Codes: serviceUnavailable (503),
# unprocessableEntity (422),
# lengthRequired (411),
+ # conflict (409),
# itemNotFound (404),
# unauthorized (401),
# badRequest (400)
- copy_from = request.META.get('HTTP_X_COPY_FROM')
- move_from = request.META.get('HTTP_X_MOVE_FROM')
+ # Evaluate conditions.
+ if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'):
+ try:
+ meta = backend.get_object_meta(request.user, v_account, v_container, v_object)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ meta = {}
+ validate_matching_preconditions(request, meta)
+
+ copy_from = smart_unicode(request.META.get('HTTP_X_COPY_FROM'), strings_only=True)
+ move_from = smart_unicode(request.META.get('HTTP_X_MOVE_FROM'), strings_only=True)
if copy_from or move_from:
- # TODO: Why is this required? Copy this ammount?
- content_length = request.META.get('CONTENT_LENGTH')
- if not content_length:
- raise LengthRequired('Missing Content-Length header')
+ content_length = get_content_length(request) # Required by the API.
if move_from:
- copy_or_move_object(request, move_from, (v_container, v_object), move=True)
+ try:
+ src_container, src_name = split_container_object_string(move_from)
+ except ValueError:
+ raise BadRequest('Invalid X-Move-From header')
+ version_id = copy_or_move_object(request, v_account, src_container, src_name, v_container, v_object, move=True)
else:
- copy_or_move_object(request, copy_from, (v_container, v_object), move=False)
- return HttpResponse(status=201)
+ try:
+ src_container, src_name = split_container_object_string(copy_from)
+ except ValueError:
+ raise BadRequest('Invalid X-Copy-From header')
+ version_id = copy_or_move_object(request, v_account, src_container, src_name, v_container, v_object, move=False)
+ response = HttpResponse(status=201)
+ response['X-Object-Version'] = version_id
+ return response
- meta = get_object_meta(request)
+ meta, permissions, public = get_object_headers(request)
content_length = -1
if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked':
- content_length = request.META.get('CONTENT_LENGTH')
- if not content_length:
- raise LengthRequired('Missing Content-Length header')
- try:
- content_length = int(content_length)
- if content_length < 0:
- raise ValueError
- except ValueError:
- raise BadRequest('Invalid Content-Length header')
+ content_length = get_content_length(request)
# Should be BadRequest, but API says otherwise.
if 'Content-Type' not in meta:
raise LengthRequired('Missing Content-Type header')
- md5 = hashlib.md5()
- if content_length == 0:
- try:
- backend.update_object(request.user, v_container, v_object, '')
- except NameError:
- raise ItemNotFound('Container does not exist')
+ if 'hashmap' in request.GET:
+ if request.serialization not in ('json', 'xml'):
+ raise BadRequest('Invalid hashmap format')
+
+ data = ''
+ for block in socket_read_iterator(request, content_length, backend.block_size):
+ data = '%s%s' % (data, block)
+
+ if request.serialization == 'json':
+ d = json.loads(data)
+ if not hasattr(d, '__getitem__'):
+ raise BadRequest('Invalid data formating')
+ try:
+ hashmap = d['hashes']
+ size = int(d['bytes'])
+ except:
+ raise BadRequest('Invalid data formatting')
+ elif request.serialization == 'xml':
+ try:
+ xml = minidom.parseString(data)
+ obj = xml.getElementsByTagName('object')[0]
+ size = int(obj.attributes['bytes'].value)
+
+ hashes = xml.getElementsByTagName('hash')
+ hashmap = []
+ for hash in hashes:
+ hashmap.append(hash.firstChild.data)
+ except:
+ raise BadRequest('Invalid data formatting')
+
+ meta.update({'hash': hashmap_hash(hashmap)}) # Update ETag.
else:
- sock = raw_input_socket(request)
- offset = 0
- for data in socket_read_iterator(sock, content_length):
+ md5 = hashlib.md5()
+ size = 0
+ hashmap = []
+ for data in socket_read_iterator(request, content_length, backend.block_size):
# TODO: Raise 408 (Request Timeout) if this takes too long.
# TODO: Raise 499 (Client Disconnect) if a length is defined and we stop before getting this much data.
+ size += len(data)
+ hashmap.append(backend.put_block(data))
md5.update(data)
- try:
- backend.update_object(request.user, v_container, v_object, data, offset)
- except NameError:
- raise ItemNotFound('Container does not exist')
- offset += len(data)
+
+ meta['hash'] = md5.hexdigest().lower()
+ etag = request.META.get('HTTP_ETAG')
+ if etag and parse_etags(etag)[0].lower() != meta['hash']:
+ raise UnprocessableEntity('Object ETag does not match')
+
+ try:
+ version_id = backend.update_object_hashmap(request.user, v_account, v_container, v_object, size, hashmap, meta, True, permissions)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except IndexError, e:
+ raise Conflict('\n'.join(e.data) + '\n')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
+ except ValueError:
+ raise BadRequest('Invalid sharing header')
+ except AttributeError, e:
+ raise Conflict('\n'.join(e.data) + '\n')
+ if public is not None:
+ try:
+ backend.update_object_public(request.user, v_account, v_container, v_object, public)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+
+ response = HttpResponse(status=201)
+ response['ETag'] = meta['hash']
+ response['X-Object-Version'] = version_id
+ return response
+
+@api_method('POST')
+def object_write_form(request, v_account, v_container, v_object):
+ # Normal Response Codes: 201
+ # Error Response Codes: serviceUnavailable (503),
+ # itemNotFound (404),
+ # unauthorized (401),
+ # badRequest (400)
+
+ if not request.FILES.has_key('X-Object-Data'):
+ raise BadRequest('Missing X-Object-Data field')
+ file = request.FILES['X-Object-Data']
+
+ meta = {}
+ meta['Content-Type'] = file.content_type
+
+ md5 = hashlib.md5()
+ size = 0
+ hashmap = []
+ for data in file.chunks(backend.block_size):
+ size += len(data)
+ hashmap.append(backend.put_block(data))
+ md5.update(data)
meta['hash'] = md5.hexdigest().lower()
- etag = request.META.get('HTTP_ETAG')
- if etag and parse_etags(etag)[0].lower() != meta['hash']:
- raise UnprocessableEntity('Object Etag does not match')
+
try:
- backend.update_object_meta(request.user, v_container, v_object, meta)
+ version_id = backend.update_object_hashmap(request.user, v_account, v_container, v_object, size, hashmap, meta, True)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
- raise ItemNotFound('Object does not exist')
+ raise ItemNotFound('Container does not exist')
response = HttpResponse(status=201)
response['ETag'] = meta['hash']
+ response['X-Object-Version'] = version_id
return response
@api_method('COPY')
dest_path = request.META.get('HTTP_DESTINATION')
if not dest_path:
raise BadRequest('Missing Destination header')
- copy_or_move_object(request, (v_container, v_object), dest_path, move=False)
- return HttpResponse(status=201)
+ try:
+ dest_container, dest_name = split_container_object_string(dest_path)
+ except ValueError:
+ raise BadRequest('Invalid Destination header')
+
+ # Evaluate conditions.
+ if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'):
+ src_version = request.META.get('HTTP_X_SOURCE_VERSION')
+ try:
+ meta = backend.get_object_meta(request.user, v_account, v_container, v_object, src_version)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except (NameError, IndexError):
+ raise ItemNotFound('Container or object does not exist')
+ validate_matching_preconditions(request, meta)
+
+ version_id = copy_or_move_object(request, v_account, v_container, v_object, dest_container, dest_name, move=False)
+ response = HttpResponse(status=201)
+ response['X-Object-Version'] = version_id
+ return response
@api_method('MOVE')
def object_move(request, v_account, v_container, v_object):
dest_path = request.META.get('HTTP_DESTINATION')
if not dest_path:
raise BadRequest('Missing Destination header')
- copy_or_move_object(request, (v_container, v_object), dest_path, move=True)
- return HttpResponse(status=201)
+ try:
+ dest_container, dest_name = split_container_object_string(dest_path)
+ except ValueError:
+ raise BadRequest('Invalid Destination header')
+
+ # Evaluate conditions.
+ if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'):
+ try:
+ meta = backend.get_object_meta(request.user, v_account, v_container, v_object)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container or object does not exist')
+ validate_matching_preconditions(request, meta)
+
+ version_id = copy_or_move_object(request, v_account, v_container, v_object, dest_container, dest_name, move=True)
+ response = HttpResponse(status=201)
+ response['X-Object-Version'] = version_id
+ return response
@api_method('POST')
def object_update(request, v_account, v_container, v_object):
- # Normal Response Codes: 202
+ # Normal Response Codes: 202, 204
# Error Response Codes: serviceUnavailable (503),
+ # conflict (409),
# itemNotFound (404),
# unauthorized (401),
# badRequest (400)
-
- meta = get_object_meta(request)
- if 'Content-Type' in meta:
+ meta, permissions, public = get_object_headers(request)
+ content_type = meta.get('Content-Type')
+ if content_type:
del(meta['Content-Type']) # Do not allow changing the Content-Type.
+
try:
- backend.update_object_meta(request.user, v_container, v_object, meta)
+ prev_meta = backend.get_object_meta(request.user, v_account, v_container, v_object)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Object does not exist')
- return HttpResponse(status=202)
+
+ # Evaluate conditions.
+ if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'):
+ validate_matching_preconditions(request, prev_meta)
+
+ # If replacing, keep previous values of 'Content-Type' and 'hash'.
+ replace = True
+ if 'update' in request.GET:
+ replace = False
+ if replace:
+ for k in ('Content-Type', 'hash'):
+ if k in prev_meta:
+ meta[k] = prev_meta[k]
+
+ # A Content-Type or X-Source-Object header indicates data updates.
+ src_object = request.META.get('HTTP_X_SOURCE_OBJECT')
+ if (not content_type or content_type != 'application/octet-stream') and not src_object:
+ response = HttpResponse(status=202)
+
+ # Do permissions first, as it may fail easier.
+ if permissions is not None:
+ try:
+ backend.update_object_permissions(request.user, v_account, v_container, v_object, permissions)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+ except ValueError:
+ raise BadRequest('Invalid sharing header')
+ except AttributeError, e:
+ raise Conflict('\n'.join(e.data) + '\n')
+ if public is not None:
+ try:
+ backend.update_object_public(request.user, v_account, v_container, v_object, public)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+ if meta or replace:
+ try:
+ version_id = backend.update_object_meta(request.user, v_account, v_container, v_object, meta, replace)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+ response['X-Object-Version'] = version_id
+
+ return response
+
+ # Single range update. Range must be in Content-Range.
+ # Based on: http://code.google.com/p/gears/wiki/ContentRangePostProposal
+ # (with the addition that '*' is allowed for the range - will append).
+ content_range = request.META.get('HTTP_CONTENT_RANGE')
+ if not content_range:
+ raise BadRequest('Missing Content-Range header')
+ ranges = get_content_range(request)
+ if not ranges:
+ raise RangeNotSatisfiable('Invalid Content-Range header')
+
+ try:
+ size, hashmap = backend.get_object_hashmap(request.user, v_account, v_container, v_object)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+
+ offset, length, total = ranges
+ if offset is None:
+ offset = size
+ elif offset > size:
+ raise RangeNotSatisfiable('Supplied offset is beyond object limits')
+ if src_object:
+ src_container, src_name = split_container_object_string(src_object)
+ src_container = smart_unicode(src_container, strings_only=True)
+ src_name = smart_unicode(src_name, strings_only=True)
+ src_version = request.META.get('HTTP_X_SOURCE_VERSION')
+ try:
+ src_size, src_hashmap = backend.get_object_hashmap(request.user, v_account, src_container, src_name, src_version)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Source object does not exist')
+
+ if length is None:
+ length = src_size
+ elif length > src_size:
+ raise BadRequest('Object length is smaller than range length')
+ else:
+ # Require either a Content-Length, or 'chunked' Transfer-Encoding.
+ content_length = -1
+ if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked':
+ content_length = get_content_length(request)
+
+ if length is None:
+ length = content_length
+ else:
+ if content_length == -1:
+ # TODO: Get up to length bytes in chunks.
+ length = content_length
+ elif length != content_length:
+ raise BadRequest('Content length does not match range length')
+ if total is not None and (total != size or offset >= size or (length > 0 and offset + length >= size)):
+ raise RangeNotSatisfiable('Supplied range will change provided object limits')
+
+ dest_bytes = request.META.get('HTTP_X_OBJECT_BYTES')
+ if dest_bytes is not None:
+ dest_bytes = get_int_parameter(dest_bytes)
+ if dest_bytes is None:
+ raise BadRequest('Invalid X-Object-Bytes header')
+
+ if src_object:
+ if offset % backend.block_size == 0:
+ # Update the hashes only.
+ sbi = 0
+ while length > 0:
+ bi = int(offset / backend.block_size)
+ bl = min(length, backend.block_size)
+ if bi < len(hashmap):
+ if bl == backend.block_size:
+ hashmap[bi] = src_hashmap[sbi]
+ else:
+ data = backend.get_block(src_hashmap[sbi])
+ hashmap[bi] = backend.update_block(hashmap[bi], data[:bl], 0)
+ else:
+ hashmap.append(src_hashmap[sbi])
+ offset += bl
+ length -= bl
+ sbi += 1
+ else:
+ data = ''
+ sbi = 0
+ while length > 0:
+ data += backend.get_block(src_hashmap[sbi])
+ if length < backend.block_size:
+ data = data[:length]
+ bytes = put_object_block(hashmap, data, offset)
+ offset += bytes
+ data = data[bytes:]
+ length -= bytes
+ sbi += 1
+ else:
+ data = ''
+ for d in socket_read_iterator(request, length, backend.block_size):
+ # TODO: Raise 408 (Request Timeout) if this takes too long.
+ # TODO: Raise 499 (Client Disconnect) if a length is defined and we stop before getting this much data.
+ data += d
+ bytes = put_object_block(hashmap, data, offset)
+ offset += bytes
+ data = data[bytes:]
+ if len(data) > 0:
+ put_object_block(hashmap, data, offset)
+
+ if offset > size:
+ size = offset
+ if dest_bytes is not None and dest_bytes < size:
+ size = dest_bytes
+ hashmap = hashmap[:(int((size - 1) / backend.block_size) + 1)]
+ meta.update({'hash': hashmap_hash(hashmap)}) # Update ETag.
+ try:
+ version_id = backend.update_object_hashmap(request.user, v_account, v_container, v_object, size, hashmap, meta, replace, permissions)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Container does not exist')
+ except ValueError:
+ raise BadRequest('Invalid sharing header')
+ except AttributeError, e:
+ raise Conflict('\n'.join(e.data) + '\n')
+ if public is not None:
+ try:
+ backend.update_object_public(request.user, v_account, v_container, v_object, public)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
+ except NameError:
+ raise ItemNotFound('Object does not exist')
+
+ response = HttpResponse(status=204)
+ response['ETag'] = meta['hash']
+ response['X-Object-Version'] = version_id
+ return response
@api_method('DELETE')
def object_delete(request, v_account, v_container, v_object):
# unauthorized (401),
# badRequest (400)
+ until = get_int_parameter(request.GET.get('until'))
try:
- backend.delete_object(request.user, v_container, v_object)
+ backend.delete_object(request.user, v_account, v_container, v_object, until)
+ except NotAllowedError:
+ raise Unauthorized('Access denied')
except NameError:
raise ItemNotFound('Object does not exist')
return HttpResponse(status=204)