X-Git-Url: https://code.grnet.gr/git/pithos/blobdiff_plain/16fd4b63c35f589bd2621cf80a4c93c01a07f9d0..5bc1116cd4eba5e58e94e2fbbe61db5dac1fce8f:/pithos/api/functions.py diff --git a/pithos/api/functions.py b/pithos/api/functions.py index a68f865..75a2108 100644 --- a/pithos/api/functions.py +++ b/pithos/api/functions.py @@ -1,20 +1,58 @@ -import os +# Copyright 2011 GRNET S.A. All rights reserved. +# +# Redistribution and use in source and binary forms, with or +# without modification, are permitted provided that the following +# conditions are met: +# +# 1. Redistributions of source code must retain the above +# copyright notice, this list of conditions and the following +# disclaimer. +# +# 2. Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS +# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# +# The views and conclusions contained in the software and +# documentation are those of the authors and should not be +# interpreted as representing official policies, either expressed +# or implied, of GRNET S.A. + import logging import hashlib -import types +from django.conf import settings from django.http import HttpResponse from django.template.loader import render_to_string from django.utils import simplejson as json from django.utils.http import parse_etags +from django.utils.encoding import smart_str +from xml.dom import minidom + +from pithos.lib.filter import parse_filters -from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, ItemNotFound, Conflict, - LengthRequired, PreconditionFailed, RangeNotSatisfiable, UnprocessableEntity) -from pithos.api.util import (printable_meta_dict, get_account_meta, put_account_meta, - get_container_meta, put_container_meta, get_object_meta, put_object_meta, - validate_modification_preconditions, copy_or_move_object, get_range, - raw_input_socket, socket_read_iterator, api_method) -from pithos.backends import backend +from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, Forbidden, ItemNotFound, Conflict, + LengthRequired, PreconditionFailed, RequestEntityTooLarge, RangeNotSatisfiable, UnprocessableEntity) +from pithos.api.util import (rename_meta_key, format_header_key, printable_header_dict, get_account_headers, + put_account_headers, get_container_headers, put_container_headers, get_object_headers, put_object_headers, + update_manifest_meta, update_sharing_meta, update_public_meta, validate_modification_preconditions, + validate_matching_preconditions, split_container_object_string, copy_or_move_object, + get_int_parameter, get_content_length, get_content_range, socket_read_iterator, SaveToBackendHandler, + object_data_response, put_object_block, hashmap_hash, api_method, json_encode_decimal) +from pithos.backends.base import NotAllowedError, QuotaError logger = logging.getLogger(__name__) @@ -22,6 +60,8 @@ logger = logging.getLogger(__name__) def top_demux(request): if request.method == 'GET': + if getattr(request, 'user', None) is not None: + return account_list(request) return authenticate(request) else: return method_not_allowed(request) @@ -29,24 +69,24 @@ def top_demux(request): def account_demux(request, v_account): if request.method == 'HEAD': return account_meta(request, v_account) - elif request.method == 'GET': - return container_list(request, v_account) elif request.method == 'POST': return account_update(request, v_account) + elif request.method == 'GET': + return container_list(request, v_account) else: return method_not_allowed(request) def container_demux(request, v_account, v_container): if request.method == 'HEAD': return container_meta(request, v_account, v_container) - elif request.method == 'GET': - return object_list(request, v_account, v_container) elif request.method == 'PUT': return container_create(request, v_account, v_container) elif request.method == 'POST': return container_update(request, v_account, v_container) elif request.method == 'DELETE': return container_delete(request, v_account, v_container) + elif request.method == 'GET': + return object_list(request, v_account, v_container) else: return method_not_allowed(request) @@ -62,51 +102,133 @@ def object_demux(request, v_account, v_container, v_object): elif request.method == 'MOVE': return object_move(request, v_account, v_container, v_object) elif request.method == 'POST': + if request.META.get('CONTENT_TYPE', '').startswith('multipart/form-data'): + return object_write_form(request, v_account, v_container, v_object) return object_update(request, v_account, v_container, v_object) elif request.method == 'DELETE': return object_delete(request, v_account, v_container, v_object) else: return method_not_allowed(request) -@api_method('GET') +@api_method('GET', user_required=False) def authenticate(request): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) x_auth_user = request.META.get('HTTP_X_AUTH_USER') x_auth_key = request.META.get('HTTP_X_AUTH_KEY') if not x_auth_user or not x_auth_key: raise BadRequest('Missing X-Auth-User or X-Auth-Key header') - response = HttpResponse(status=204) - response['X-Auth-Token'] = '0000' - response['X-Storage-Url'] = os.path.join(request.build_absolute_uri(), 'demo') + + uri = request.build_absolute_uri() + if '?' in uri: + uri = uri[:uri.find('?')] + + response['X-Auth-Token'] = x_auth_key + response['X-Storage-Url'] = uri + ('' if uri.endswith('/') else '/') + x_auth_user + return response + +@api_method('GET', format_allowed=True) +def account_list(request): + # Normal Response Codes: 200, 204 + # Error Response Codes: serviceUnavailable (503), + # badRequest (400) + + response = HttpResponse() + + marker = request.GET.get('marker') + limit = get_int_parameter(request.GET.get('limit')) + if not limit: + limit = 10000 + + accounts = request.backend.list_accounts(request.user_uniq, marker, limit) + + if request.serialization == 'text': + if len(accounts) == 0: + # The cloudfiles python bindings expect 200 if json/xml. + response.status_code = 204 + return response + response.status_code = 200 + response.content = '\n'.join(accounts) + '\n' + return response + + account_meta = [] + for x in accounts: + if x == request.user_uniq: + continue + try: + meta = request.backend.get_account_meta(request.user_uniq, x) + groups = request.backend.get_account_groups(request.user_uniq, x) + except NotAllowedError: + raise Forbidden('Not allowed') + else: + rename_meta_key(meta, 'modified', 'last_modified') + rename_meta_key(meta, 'until_timestamp', 'x_account_until_timestamp') + m = dict([(k[15:], v) for k, v in meta.iteritems() if k.startswith('X-Account-Meta-')]) + for k in m: + del(meta['X-Account-Meta-' + k]) + if m: + meta['X-Account-Meta'] = printable_header_dict(m) + if groups: + meta['X-Account-Group'] = printable_header_dict(dict([(k, ','.join(v)) for k, v in groups.iteritems()])) + account_meta.append(printable_header_dict(meta)) + if request.serialization == 'xml': + data = render_to_string('accounts.xml', {'accounts': account_meta}) + elif request.serialization == 'json': + data = json.dumps(account_meta) + response.status_code = 200 + response.content = data return response @api_method('HEAD') def account_meta(request, v_account): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = backend.get_account_meta(request.user) + until = get_int_parameter(request.GET.get('until')) + try: + meta = request.backend.get_account_meta(request.user_uniq, v_account, until) + groups = request.backend.get_account_groups(request.user_uniq, v_account) + policy = request.backend.get_account_policy(request.user_uniq, v_account) + except NotAllowedError: + raise Forbidden('Not allowed') + + validate_modification_preconditions(request, meta) response = HttpResponse(status=204) - put_account_meta(response, meta) + put_account_headers(response, meta, groups, policy) return response @api_method('POST') def account_update(request, v_account): # Normal Response Codes: 202 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = get_account_meta(request) - backend.update_account_meta(request.user, meta) + meta, groups = get_account_headers(request) + replace = True + if 'update' in request.GET: + replace = False + if groups: + try: + request.backend.update_account_groups(request.user_uniq, v_account, + groups, replace) + except NotAllowedError: + raise Forbidden('Not allowed') + except ValueError: + raise BadRequest('Invalid groups header') + if meta or replace: + try: + request.backend.update_account_meta(request.user_uniq, v_account, meta, + replace) + except NotAllowedError: + raise Forbidden('Not allowed') return HttpResponse(status=202) @api_method('GET', format_allowed=True) @@ -114,28 +236,36 @@ def container_list(request, v_account): # Normal Response Codes: 200, 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = backend.get_account_meta(request.user) + until = get_int_parameter(request.GET.get('until')) + try: + meta = request.backend.get_account_meta(request.user_uniq, v_account, until) + groups = request.backend.get_account_groups(request.user_uniq, v_account) + policy = request.backend.get_account_policy(request.user_uniq, v_account) + except NotAllowedError: + raise Forbidden('Not allowed') validate_modification_preconditions(request, meta) response = HttpResponse() - put_account_meta(response, meta) + put_account_headers(response, meta, groups, policy) marker = request.GET.get('marker') - limit = request.GET.get('limit') - if limit: - try: - limit = int(limit) - if limit <= 0: - raise ValueError - except ValueError: - limit = 10000 + limit = get_int_parameter(request.GET.get('limit')) + if not limit: + limit = 10000 + + shared = False + if 'shared' in request.GET: + shared = True try: - containers = backend.list_containers(request.user, marker, limit) + containers = request.backend.list_containers(request.user_uniq, v_account, + marker, limit, shared, until) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: containers = [] @@ -151,12 +281,27 @@ def container_list(request, v_account): container_meta = [] for x in containers: try: - meta = backend.get_container_meta(request.user, x) + meta = request.backend.get_container_meta(request.user_uniq, v_account, + x, until) + policy = request.backend.get_container_policy(request.user_uniq, + v_account, x) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: - continue - container_meta.append(printable_meta_dict(meta)) + pass + else: + rename_meta_key(meta, 'modified', 'last_modified') + rename_meta_key(meta, 'until_timestamp', 'x_container_until_timestamp') + m = dict([(k[17:], v) for k, v in meta.iteritems() if k.startswith('X-Container-Meta-')]) + for k in m: + del(meta['X-Container-Meta-' + k]) + if m: + meta['X-Container-Meta'] = printable_header_dict(m) + if policy: + meta['X-Container-Policy'] = printable_header_dict(dict([(k, v) for k, v in policy.iteritems()])) + container_meta.append(printable_header_dict(meta)) if request.serialization == 'xml': - data = render_to_string('containers.xml', {'account': request.user, 'containers': container_meta}) + data = render_to_string('containers.xml', {'account': v_account, 'containers': container_meta}) elif request.serialization == 'json': data = json.dumps(container_meta) response.status_code = 200 @@ -168,16 +313,26 @@ def container_meta(request, v_account, v_container): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + until = get_int_parameter(request.GET.get('until')) try: - meta = backend.get_container_meta(request.user, v_container) + meta = request.backend.get_container_meta(request.user_uniq, v_account, + v_container, until) + meta['object_meta'] = request.backend.list_object_meta(request.user_uniq, + v_account, v_container, until) + policy = request.backend.get_container_policy(request.user_uniq, v_account, + v_container) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') + validate_modification_preconditions(request, meta) + response = HttpResponse(status=204) - put_container_meta(response, meta) + put_container_headers(request, response, meta, policy) return response @api_method('PUT') @@ -185,19 +340,39 @@ def container_create(request, v_account, v_container): # Normal Response Codes: 201, 202 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = get_container_meta(request) + meta, policy = get_container_headers(request) try: - backend.create_container(request.user, v_container) + request.backend.put_container(request.user_uniq, v_account, v_container, policy) ret = 201 + except NotAllowedError: + raise Forbidden('Not allowed') + except ValueError: + raise BadRequest('Invalid policy header') except NameError: ret = 202 - if len(meta) > 0: - backend.update_container_meta(request.user, v_container, meta) + if ret == 202 and policy: + try: + request.backend.update_container_policy(request.user_uniq, v_account, + v_container, policy, replace=False) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') + except ValueError: + raise BadRequest('Invalid policy header') + if meta: + try: + request.backend.update_container_meta(request.user_uniq, v_account, + v_container, meta, replace=False) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') return HttpResponse(status=ret) @@ -206,15 +381,48 @@ def container_update(request, v_account, v_container): # Normal Response Codes: 202 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = get_container_meta(request) - try: - backend.update_container_meta(request.user, v_container, meta) - except NameError: - raise ItemNotFound('Container does not exist') - return HttpResponse(status=202) + meta, policy = get_container_headers(request) + replace = True + if 'update' in request.GET: + replace = False + if policy: + try: + request.backend.update_container_policy(request.user_uniq, v_account, + v_container, policy, replace) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') + except ValueError: + raise BadRequest('Invalid policy header') + if meta or replace: + try: + request.backend.update_container_meta(request.user_uniq, v_account, + v_container, meta, replace) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') + + content_length = -1 + if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked': + content_length = get_int_parameter(request.META.get('CONTENT_LENGTH', 0)) + content_type = request.META.get('CONTENT_TYPE') + hashmap = [] + if content_type and content_type == 'application/octet-stream' and content_length != 0: + for data in socket_read_iterator(request, content_length, + request.backend.block_size): + # TODO: Raise 408 (Request Timeout) if this takes too long. + # TODO: Raise 499 (Client Disconnect) if a length is defined and we stop before getting this much data. + hashmap.append(request.backend.put_block(data)) + + response = HttpResponse(status=202) + if hashmap: + response.content = '\n'.join(hashmap) + '\n' + return response @api_method('DELETE') def container_delete(request, v_account, v_container): @@ -222,11 +430,15 @@ def container_delete(request, v_account, v_container): # Error Response Codes: serviceUnavailable (503), # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + until = get_int_parameter(request.GET.get('until')) try: - backend.delete_container(request.user, v_container) + request.backend.delete_container(request.user_uniq, v_account, v_container, + until) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') except IndexError: @@ -238,18 +450,26 @@ def object_list(request, v_account, v_container): # Normal Response Codes: 200, 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + until = get_int_parameter(request.GET.get('until')) try: - meta = backend.get_container_meta(request.user, v_container) + meta = request.backend.get_container_meta(request.user_uniq, v_account, + v_container, until) + meta['object_meta'] = request.backend.list_object_meta(request.user_uniq, + v_account, v_container, until) + policy = request.backend.get_container_policy(request.user_uniq, v_account, + v_container) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') validate_modification_preconditions(request, meta) response = HttpResponse() - put_container_meta(response, meta) + put_container_headers(request, response, meta, policy) path = request.GET.get('path') prefix = request.GET.get('prefix') @@ -270,17 +490,31 @@ def object_list(request, v_account, v_container): prefix = prefix.lstrip('/') marker = request.GET.get('marker') - limit = request.GET.get('limit') - if limit: - try: - limit = int(limit) - if limit <= 0: - raise ValueError - except ValueError: - limit = 10000 + limit = get_int_parameter(request.GET.get('limit')) + if not limit: + limit = 10000 + + keys = request.GET.get('meta') + if keys: + keys = [smart_str(x.strip()) for x in keys.split(',') if x.strip() != ''] + included, excluded, opers = parse_filters(keys) + keys = [] + keys += [format_header_key('X-Object-Meta-' + x) for x in included] + keys += ['!'+format_header_key('X-Object-Meta-' + x) for x in excluded] + keys += ['%s%s%s' % (format_header_key('X-Object-Meta-' + k), o, v) for k, o, v in opers] + else: + keys = [] + + shared = False + if 'shared' in request.GET: + shared = True try: - objects = backend.list_objects(request.user, v_container, prefix, delimiter, marker, limit, virtual) + objects = request.backend.list_objects(request.user_uniq, v_account, + v_container, prefix, delimiter, marker, + limit, virtual, keys, shared, until) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -290,23 +524,49 @@ def object_list(request, v_account, v_container): response.status_code = 204 return response response.status_code = 200 - response.content = '\n'.join(objects) + '\n' + response.content = '\n'.join([x[0] for x in objects]) + '\n' return response object_meta = [] for x in objects: - try: - meta = backend.get_object_meta(request.user, v_container, x) - except NameError: + if x[1] is None: # Virtual objects/directories. - if virtual and delimiter and x.endswith(delimiter): - object_meta.append({"subdir": x}) - continue - object_meta.append(printable_meta_dict(meta)) + object_meta.append({'subdir': x[0]}) + else: + try: + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, x[0], x[1]) + if until is None: + permissions = request.backend.get_object_permissions( + request.user_uniq, v_account, v_container, x[0]) + public = request.backend.get_object_public(request.user_uniq, + v_account, v_container, x[0]) + else: + permissions = None + public = None + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + pass + else: + rename_meta_key(meta, 'hash', 'x_object_hash') # Will be replaced by ETag. + rename_meta_key(meta, 'ETag', 'hash') + rename_meta_key(meta, 'modified', 'last_modified') + rename_meta_key(meta, 'modified_by', 'x_object_modified_by') + rename_meta_key(meta, 'version', 'x_object_version') + rename_meta_key(meta, 'version_timestamp', 'x_object_version_timestamp') + m = dict([(k[14:], v) for k, v in meta.iteritems() if k.startswith('X-Object-Meta-')]) + for k in m: + del(meta['X-Object-Meta-' + k]) + if m: + meta['X-Object-Meta'] = printable_header_dict(m) + update_sharing_meta(request, permissions, v_account, v_container, x[0], meta) + update_public_meta(public, meta) + object_meta.append(printable_header_dict(meta)) if request.serialization == 'xml': data = render_to_string('objects.xml', {'container': v_container, 'objects': object_meta}) elif request.serialization == 'json': - data = json.dumps(object_meta) + data = json.dumps(object_meta, default=json_encode_decimal) response.status_code = 200 response.content = data return response @@ -316,143 +576,337 @@ def object_meta(request, v_account, v_container, v_object): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + version = request.GET.get('version') try: - meta = backend.get_object_meta(request.user, v_container, v_object) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, version) + if version is None: + permissions = request.backend.get_object_permissions(request.user_uniq, + v_account, v_container, v_object) + public = request.backend.get_object_public(request.user_uniq, v_account, + v_container, v_object) + else: + permissions = None + public = None + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') + except IndexError: + raise ItemNotFound('Version does not exist') - response = HttpResponse(status=204) - put_object_meta(response, meta) + update_manifest_meta(request, v_account, meta) + update_sharing_meta(request, permissions, v_account, v_container, v_object, meta) + update_public_meta(public, meta) + + # Evaluate conditions. + validate_modification_preconditions(request, meta) + try: + validate_matching_preconditions(request, meta) + except NotModified: + response = HttpResponse(status=304) + response['ETag'] = meta['ETag'] + return response + + response = HttpResponse(status=200) + put_object_headers(response, meta) return response -@api_method('GET') +@api_method('GET', format_allowed=True) def object_read(request, v_account, v_container, v_object): # Normal Response Codes: 200, 206 # Error Response Codes: serviceUnavailable (503), # rangeNotSatisfiable (416), # preconditionFailed (412), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400), # notModified (304) + version = request.GET.get('version') + + # Reply with the version list. Do this first, as the object may be deleted. + if version == 'list': + if request.serialization == 'text': + raise BadRequest('No format specified for version list.') + + try: + v = request.backend.list_versions(request.user_uniq, v_account, + v_container, v_object) + except NotAllowedError: + raise Forbidden('Not allowed') + d = {'versions': v} + if request.serialization == 'xml': + d['object'] = v_object + data = render_to_string('versions.xml', d) + elif request.serialization == 'json': + data = json.dumps(d, default=json_encode_decimal) + + response = HttpResponse(data, status=200) + response['Content-Length'] = len(data) + return response + try: - meta = backend.get_object_meta(request.user, v_container, v_object) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, version) + if version is None: + permissions = request.backend.get_object_permissions(request.user_uniq, + v_account, v_container, v_object) + public = request.backend.get_object_public(request.user_uniq, v_account, + v_container, v_object) + else: + permissions = None + public = None + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') + except IndexError: + raise ItemNotFound('Version does not exist') - response = HttpResponse() - put_object_meta(response, meta) - - # Range handling. - range = get_range(request) - if range is not None: - offset, length = range - if offset < 0: - offset = meta['bytes'] + offset - if offset > meta['bytes'] or (length and offset + length > meta['bytes']): - raise RangeNotSatisfiable('Requested range exceeds object limits') - if not length: - length = -1 - - response['Content-Length'] = length # Update with the correct length. - response.status_code = 206 - else: - offset = 0 - length = -1 - response.status_code = 200 + update_manifest_meta(request, v_account, meta) + update_sharing_meta(request, permissions, v_account, v_container, v_object, meta) + update_public_meta(public, meta) - # Conditions (according to RFC2616 must be evaluated at the end). + # Evaluate conditions. validate_modification_preconditions(request, meta) - if_match = request.META.get('HTTP_IF_MATCH') - if if_match is not None and if_match != '*': - if meta['hash'] not in [x.lower() for x in parse_etags(if_match)]: - raise PreconditionFailed('Object Etag does not match') - if_none_match = request.META.get('HTTP_IF_NONE_MATCH') - if if_none_match is not None: - if if_none_match == '*' or meta['hash'] in [x.lower() for x in parse_etags(if_none_match)]: - raise NotModified('Object Etag matches') - try: - response.content = backend.get_object(request.user, v_container, v_object, offset, length) - except NameError: - raise ItemNotFound('Object does not exist') + validate_matching_preconditions(request, meta) + except NotModified: + response = HttpResponse(status=304) + response['ETag'] = meta['ETag'] + return response - return response + sizes = [] + hashmaps = [] + if 'X-Object-Manifest' in meta: + try: + src_container, src_name = split_container_object_string('/' + meta['X-Object-Manifest']) + objects = request.backend.list_objects(request.user_uniq, v_account, + src_container, prefix=src_name, virtual=False) + except NotAllowedError: + raise Forbidden('Not allowed') + except ValueError: + raise BadRequest('Invalid X-Object-Manifest header') + except NameError: + raise ItemNotFound('Container does not exist') + + try: + for x in objects: + s, h = request.backend.get_object_hashmap(request.user_uniq, + v_account, src_container, x[0], x[1]) + sizes.append(s) + hashmaps.append(h) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + except IndexError: + raise ItemNotFound('Version does not exist') + else: + try: + s, h = request.backend.get_object_hashmap(request.user_uniq, v_account, + v_container, v_object, version) + sizes.append(s) + hashmaps.append(h) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + except IndexError: + raise ItemNotFound('Version does not exist') + + # Reply with the hashmap. + if 'hashmap' in request.GET and request.serialization != 'text': + size = sum(sizes) + hashmap = sum(hashmaps, []) + d = { + 'block_size': request.backend.block_size, + 'block_hash': request.backend.hash_algorithm, + 'bytes': size, + 'hashes': hashmap} + if request.serialization == 'xml': + d['object'] = v_object + data = render_to_string('hashes.xml', d) + elif request.serialization == 'json': + data = json.dumps(d) + + response = HttpResponse(data, status=200) + put_object_headers(response, meta) + response['Content-Length'] = len(data) + return response + + request.serialization = 'text' # Unset. + return object_data_response(request, sizes, hashmaps, meta) -@api_method('PUT') +@api_method('PUT', format_allowed=True) def object_write(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # unprocessableEntity (422), # lengthRequired (411), + # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + # Evaluate conditions. + if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): + try: + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + meta = {} + validate_matching_preconditions(request, meta) + copy_from = request.META.get('HTTP_X_COPY_FROM') move_from = request.META.get('HTTP_X_MOVE_FROM') if copy_from or move_from: - # TODO: Why is this required? Copy this ammount? - content_length = request.META.get('CONTENT_LENGTH') - if not content_length: - raise LengthRequired('Missing Content-Length header') + content_length = get_content_length(request) # Required by the API. + src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT') + if not src_account: + src_account = request.user_uniq if move_from: - copy_or_move_object(request, move_from, (v_container, v_object), move=True) + try: + src_container, src_name = split_container_object_string(move_from) + except ValueError: + raise BadRequest('Invalid X-Move-From header') + version_id = copy_or_move_object(request, src_account, src_container, src_name, + v_account, v_container, v_object, move=True) else: - copy_or_move_object(request, copy_from, (v_container, v_object), move=False) - return HttpResponse(status=201) + try: + src_container, src_name = split_container_object_string(copy_from) + except ValueError: + raise BadRequest('Invalid X-Copy-From header') + version_id = copy_or_move_object(request, src_account, src_container, src_name, + v_account, v_container, v_object, move=False) + response = HttpResponse(status=201) + response['X-Object-Version'] = version_id + return response - meta = get_object_meta(request) + meta, permissions, public = get_object_headers(request) content_length = -1 if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked': - content_length = request.META.get('CONTENT_LENGTH') - if not content_length: - raise LengthRequired('Missing Content-Length header') - try: - content_length = int(content_length) - if content_length < 0: - raise ValueError - except ValueError: - raise BadRequest('Invalid Content-Length header') + content_length = get_content_length(request) # Should be BadRequest, but API says otherwise. if 'Content-Type' not in meta: raise LengthRequired('Missing Content-Type header') - md5 = hashlib.md5() - if content_length == 0: - try: - backend.update_object(request.user, v_container, v_object, '') - except NameError: - raise ItemNotFound('Container does not exist') + if 'hashmap' in request.GET: + if request.serialization not in ('json', 'xml'): + raise BadRequest('Invalid hashmap format') + + data = '' + for block in socket_read_iterator(request, content_length, + request.backend.block_size): + data = '%s%s' % (data, block) + + if request.serialization == 'json': + d = json.loads(data) + if not hasattr(d, '__getitem__'): + raise BadRequest('Invalid data formating') + try: + hashmap = d['hashes'] + size = int(d['bytes']) + except: + raise BadRequest('Invalid data formatting') + elif request.serialization == 'xml': + try: + xml = minidom.parseString(data) + obj = xml.getElementsByTagName('object')[0] + size = int(obj.attributes['bytes'].value) + + hashes = xml.getElementsByTagName('hash') + hashmap = [] + for hash in hashes: + hashmap.append(hash.firstChild.data) + except: + raise BadRequest('Invalid data formatting') + + meta.update({'ETag': hashmap_hash(request, hashmap)}) # Update ETag. else: - sock = raw_input_socket(request) - offset = 0 - for data in socket_read_iterator(sock, content_length): + md5 = hashlib.md5() + size = 0 + hashmap = [] + for data in socket_read_iterator(request, content_length, + request.backend.block_size): # TODO: Raise 408 (Request Timeout) if this takes too long. # TODO: Raise 499 (Client Disconnect) if a length is defined and we stop before getting this much data. + size += len(data) + hashmap.append(request.backend.put_block(data)) md5.update(data) - try: - backend.update_object(request.user, v_container, v_object, data, offset) - except NameError: - raise ItemNotFound('Container does not exist') - offset += len(data) + + meta['ETag'] = md5.hexdigest().lower() + etag = request.META.get('HTTP_ETAG') + if etag and parse_etags(etag)[0].lower() != meta['ETag']: + raise UnprocessableEntity('Object ETag does not match') - meta['hash'] = md5.hexdigest().lower() - etag = request.META.get('HTTP_ETAG') - if etag and parse_etags(etag)[0].lower() != meta['hash']: - raise UnprocessableEntity('Object Etag does not match') try: - backend.update_object_meta(request.user, v_container, v_object, meta) + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, size, hashmap, meta, + True, permissions) + except NotAllowedError: + raise Forbidden('Not allowed') + except IndexError, e: + raise Conflict('\n'.join(e.data) + '\n') except NameError: - raise ItemNotFound('Object does not exist') + raise ItemNotFound('Container does not exist') + except ValueError: + raise BadRequest('Invalid sharing header') + except AttributeError, e: + raise Conflict('\n'.join(e.data) + '\n') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') + if public is not None: + try: + request.backend.update_object_public(request.user_uniq, v_account, + v_container, v_object, public) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + + response = HttpResponse(status=201) + response['ETag'] = meta['ETag'] + response['X-Object-Version'] = version_id + return response + +@api_method('POST') +def object_write_form(request, v_account, v_container, v_object): + # Normal Response Codes: 201 + # Error Response Codes: serviceUnavailable (503), + # itemNotFound (404), + # forbidden (403), + # badRequest (400) + + request.upload_handlers = [SaveToBackendHandler(request)] + if not request.FILES.has_key('X-Object-Data'): + raise BadRequest('Missing X-Object-Data field') + file = request.FILES['X-Object-Data'] + + meta = {} + meta['Content-Type'] = file.content_type + meta['ETag'] = file.etag + + try: + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, file.size, file.hashmap, meta, True) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') response = HttpResponse(status=201) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] + response['X-Object-Version'] = version_id return response @api_method('COPY') @@ -460,56 +914,303 @@ def object_copy(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT') + if not dest_account: + dest_account = request.user_uniq dest_path = request.META.get('HTTP_DESTINATION') if not dest_path: raise BadRequest('Missing Destination header') - copy_or_move_object(request, (v_container, v_object), dest_path, move=False) - return HttpResponse(status=201) + try: + dest_container, dest_name = split_container_object_string(dest_path) + except ValueError: + raise BadRequest('Invalid Destination header') + + # Evaluate conditions. + if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): + src_version = request.META.get('HTTP_X_SOURCE_VERSION') + try: + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, src_version) + except NotAllowedError: + raise Forbidden('Not allowed') + except (NameError, IndexError): + raise ItemNotFound('Container or object does not exist') + validate_matching_preconditions(request, meta) + + version_id = copy_or_move_object(request, v_account, v_container, v_object, + dest_account, dest_container, dest_name, move=False) + response = HttpResponse(status=201) + response['X-Object-Version'] = version_id + return response @api_method('MOVE') def object_move(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT') + if not dest_account: + dest_account = request.user_uniq dest_path = request.META.get('HTTP_DESTINATION') if not dest_path: raise BadRequest('Missing Destination header') - copy_or_move_object(request, (v_container, v_object), dest_path, move=True) - return HttpResponse(status=201) + try: + dest_container, dest_name = split_container_object_string(dest_path) + except ValueError: + raise BadRequest('Invalid Destination header') + + # Evaluate conditions. + if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): + try: + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container or object does not exist') + validate_matching_preconditions(request, meta) + + version_id = copy_or_move_object(request, v_account, v_container, v_object, + dest_account, dest_container, dest_name, move=True) + response = HttpResponse(status=201) + response['X-Object-Version'] = version_id + return response @api_method('POST') def object_update(request, v_account, v_container, v_object): - # Normal Response Codes: 202 + # Normal Response Codes: 202, 204 # Error Response Codes: serviceUnavailable (503), + # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - meta = get_object_meta(request) - if 'Content-Type' in meta: + meta, permissions, public = get_object_headers(request) + content_type = meta.get('Content-Type') + if content_type: del(meta['Content-Type']) # Do not allow changing the Content-Type. + try: - backend.update_object_meta(request.user, v_container, v_object, meta) + prev_meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') - return HttpResponse(status=202) + + # Evaluate conditions. + if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): + validate_matching_preconditions(request, prev_meta) + + # If replacing, keep previous values of 'Content-Type' and 'ETag'. + replace = True + if 'update' in request.GET: + replace = False + if replace: + for k in ('Content-Type', 'ETag'): + if k in prev_meta: + meta[k] = prev_meta[k] + + # A Content-Type or X-Source-Object header indicates data updates. + src_object = request.META.get('HTTP_X_SOURCE_OBJECT') + if (not content_type or content_type != 'application/octet-stream') and not src_object: + response = HttpResponse(status=202) + + # Do permissions first, as it may fail easier. + if permissions is not None: + try: + request.backend.update_object_permissions(request.user_uniq, + v_account, v_container, v_object, permissions) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + except ValueError: + raise BadRequest('Invalid sharing header') + except AttributeError, e: + raise Conflict('\n'.join(e.data) + '\n') + if public is not None: + try: + request.backend.update_object_public(request.user_uniq, v_account, + v_container, v_object, public) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + if meta or replace: + try: + version_id = request.backend.update_object_meta(request.user_uniq, + v_account, v_container, v_object, meta, replace) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + response['X-Object-Version'] = version_id + + return response + + # Single range update. Range must be in Content-Range. + # Based on: http://code.google.com/p/gears/wiki/ContentRangePostProposal + # (with the addition that '*' is allowed for the range - will append). + content_range = request.META.get('HTTP_CONTENT_RANGE') + if not content_range: + raise BadRequest('Missing Content-Range header') + ranges = get_content_range(request) + if not ranges: + raise RangeNotSatisfiable('Invalid Content-Range header') + + try: + size, hashmap = request.backend.get_object_hashmap(request.user_uniq, + v_account, v_container, v_object) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + + offset, length, total = ranges + if offset is None: + offset = size + elif offset > size: + raise RangeNotSatisfiable('Supplied offset is beyond object limits') + if src_object: + src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT') + if not src_account: + src_account = request.user_uniq + src_container, src_name = split_container_object_string(src_object) + src_version = request.META.get('HTTP_X_SOURCE_VERSION') + try: + src_size, src_hashmap = request.backend.get_object_hashmap(request.user_uniq, + src_account, src_container, src_name, src_version) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Source object does not exist') + + if length is None: + length = src_size + elif length > src_size: + raise BadRequest('Object length is smaller than range length') + else: + # Require either a Content-Length, or 'chunked' Transfer-Encoding. + content_length = -1 + if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked': + content_length = get_content_length(request) + + if length is None: + length = content_length + else: + if content_length == -1: + # TODO: Get up to length bytes in chunks. + length = content_length + elif length != content_length: + raise BadRequest('Content length does not match range length') + if total is not None and (total != size or offset >= size or (length > 0 and offset + length >= size)): + raise RangeNotSatisfiable('Supplied range will change provided object limits') + + dest_bytes = request.META.get('HTTP_X_OBJECT_BYTES') + if dest_bytes is not None: + dest_bytes = get_int_parameter(dest_bytes) + if dest_bytes is None: + raise BadRequest('Invalid X-Object-Bytes header') + + if src_object: + if offset % request.backend.block_size == 0: + # Update the hashes only. + sbi = 0 + while length > 0: + bi = int(offset / request.backend.block_size) + bl = min(length, request.backend.block_size) + if bi < len(hashmap): + if bl == request.backend.block_size: + hashmap[bi] = src_hashmap[sbi] + else: + data = request.backend.get_block(src_hashmap[sbi]) + hashmap[bi] = request.backend.update_block(hashmap[bi], + data[:bl], 0) + else: + hashmap.append(src_hashmap[sbi]) + offset += bl + length -= bl + sbi += 1 + else: + data = '' + sbi = 0 + while length > 0: + data += request.backend.get_block(src_hashmap[sbi]) + if length < request.backend.block_size: + data = data[:length] + bytes = put_object_block(request, hashmap, data, offset) + offset += bytes + data = data[bytes:] + length -= bytes + sbi += 1 + else: + data = '' + for d in socket_read_iterator(request, length, + request.backend.block_size): + # TODO: Raise 408 (Request Timeout) if this takes too long. + # TODO: Raise 499 (Client Disconnect) if a length is defined and we stop before getting this much data. + data += d + bytes = put_object_block(request, hashmap, data, offset) + offset += bytes + data = data[bytes:] + if len(data) > 0: + put_object_block(request, hashmap, data, offset) + + if offset > size: + size = offset + if dest_bytes is not None and dest_bytes < size: + size = dest_bytes + hashmap = hashmap[:(int((size - 1) / request.backend.block_size) + 1)] + meta.update({'ETag': hashmap_hash(request, hashmap)}) # Update ETag. + try: + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, size, hashmap, meta, + replace, permissions) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Container does not exist') + except ValueError: + raise BadRequest('Invalid sharing header') + except AttributeError, e: + raise Conflict('\n'.join(e.data) + '\n') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') + if public is not None: + try: + request.backend.update_object_public(request.user_uniq, v_account, + v_container, v_object, public) + except NotAllowedError: + raise Forbidden('Not allowed') + except NameError: + raise ItemNotFound('Object does not exist') + + response = HttpResponse(status=204) + response['ETag'] = meta['ETag'] + response['X-Object-Version'] = version_id + return response @api_method('DELETE') def object_delete(request, v_account, v_container, v_object): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + until = get_int_parameter(request.GET.get('until')) try: - backend.delete_object(request.user, v_container, v_object) + request.backend.delete_object(request.user_uniq, v_account, v_container, + v_object, until) + except NotAllowedError: + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') return HttpResponse(status=204)