X-Git-Url: https://code.grnet.gr/git/pithos/blobdiff_plain/6d0f82fe29cbb00894ad6d06ee81ee2caa0cc971..808cea65f1f1bafa8c6bfeb713c9cc690c1b54b2:/pithos/api/functions.py diff --git a/pithos/api/functions.py b/pithos/api/functions.py index 595b570..a3d131b 100644 --- a/pithos/api/functions.py +++ b/pithos/api/functions.py @@ -39,19 +39,20 @@ from django.http import HttpResponse from django.template.loader import render_to_string from django.utils import simplejson as json from django.utils.http import parse_etags -from django.utils.encoding import smart_unicode, smart_str +from django.utils.encoding import smart_str from xml.dom import minidom -from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, ItemNotFound, Conflict, - LengthRequired, PreconditionFailed, RangeNotSatisfiable, UnprocessableEntity) +from pithos.lib.filter import parse_filters + +from pithos.api.faults import (Fault, NotModified, BadRequest, Unauthorized, Forbidden, ItemNotFound, Conflict, + LengthRequired, PreconditionFailed, RequestEntityTooLarge, RangeNotSatisfiable, UnprocessableEntity) from pithos.api.util import (rename_meta_key, format_header_key, printable_header_dict, get_account_headers, put_account_headers, get_container_headers, put_container_headers, get_object_headers, put_object_headers, update_manifest_meta, update_sharing_meta, update_public_meta, validate_modification_preconditions, validate_matching_preconditions, split_container_object_string, copy_or_move_object, - get_int_parameter, get_content_length, get_content_range, socket_read_iterator, - object_data_response, put_object_block, hashmap_hash, api_method) -from pithos.backends import connect_backend -from pithos.backends.base import NotAllowedError + get_int_parameter, get_content_length, get_content_range, socket_read_iterator, SaveToBackendHandler, + object_data_response, put_object_block, hashmap_hash, api_method, json_encode_decimal) +from pithos.backends.base import NotAllowedError, QuotaError logger = logging.getLogger(__name__) @@ -59,7 +60,7 @@ logger = logging.getLogger(__name__) def top_demux(request): if request.method == 'GET': - if request.user: + if getattr(request, 'user', None) is not None: return account_list(request) return authenticate(request) else: @@ -109,11 +110,11 @@ def object_demux(request, v_account, v_container, v_object): else: return method_not_allowed(request) -@api_method('GET') +@api_method('GET', user_required=False) def authenticate(request): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) x_auth_user = request.META.get('HTTP_X_AUTH_USER') @@ -127,7 +128,7 @@ def authenticate(request): uri = uri[:uri.find('?')] response['X-Auth-Token'] = x_auth_key - response['X-Storage-Url'] = uri + (uri.endswith('/') and '' or '/') + x_auth_user + response['X-Storage-Url'] = uri + ('' if uri.endswith('/') else '/') + x_auth_user return response @api_method('GET', format_allowed=True) @@ -143,7 +144,7 @@ def account_list(request): if not limit: limit = 10000 - accounts = request.backend.list_accounts(request.user, marker, limit) + accounts = request.backend.list_accounts(request.user_uniq, marker, limit) if request.serialization == 'text': if len(accounts) == 0: @@ -156,16 +157,23 @@ def account_list(request): account_meta = [] for x in accounts: + if x == request.user_uniq: + continue try: - meta = request.backend.get_account_meta(request.user, x) - groups = request.backend.get_account_groups(request.user, x) + meta = request.backend.get_account_meta(request.user_uniq, x, 'pithos') + groups = request.backend.get_account_groups(request.user_uniq, x) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') else: rename_meta_key(meta, 'modified', 'last_modified') rename_meta_key(meta, 'until_timestamp', 'x_account_until_timestamp') - for k, v in groups.iteritems(): - meta['X-Container-Group-' + k] = ','.join(v) + m = dict([(k[15:], v) for k, v in meta.iteritems() if k.startswith('X-Account-Meta-')]) + for k in m: + del(meta['X-Account-Meta-' + k]) + if m: + meta['X-Account-Meta'] = printable_header_dict(m) + if groups: + meta['X-Account-Group'] = printable_header_dict(dict([(k, ','.join(v)) for k, v in groups.iteritems()])) account_meta.append(printable_header_dict(meta)) if request.serialization == 'xml': data = render_to_string('accounts.xml', {'accounts': account_meta}) @@ -179,27 +187,28 @@ def account_list(request): def account_meta(request, v_account): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - meta = request.backend.get_account_meta(request.user, v_account, until) - groups = request.backend.get_account_groups(request.user, v_account) + meta = request.backend.get_account_meta(request.user_uniq, v_account, 'pithos', until) + groups = request.backend.get_account_groups(request.user_uniq, v_account) + policy = request.backend.get_account_policy(request.user_uniq, v_account) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') validate_modification_preconditions(request, meta) response = HttpResponse(status=204) - put_account_headers(response, request.quota, meta, groups) + put_account_headers(response, meta, groups, policy) return response @api_method('POST') def account_update(request, v_account): # Normal Response Codes: 202 # Error Response Codes: serviceUnavailable (503), - # unauthorized (401), + # forbidden (403), # badRequest (400) meta, groups = get_account_headers(request) @@ -208,18 +217,18 @@ def account_update(request, v_account): replace = False if groups: try: - request.backend.update_account_groups(request.user, v_account, + request.backend.update_account_groups(request.user_uniq, v_account, groups, replace) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except ValueError: raise BadRequest('Invalid groups header') if meta or replace: try: - request.backend.update_account_meta(request.user, v_account, meta, - replace) + request.backend.update_account_meta(request.user_uniq, v_account, + 'pithos', meta, replace) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') return HttpResponse(status=202) @api_method('GET', format_allowed=True) @@ -227,20 +236,21 @@ def container_list(request, v_account): # Normal Response Codes: 200, 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - meta = request.backend.get_account_meta(request.user, v_account, until) - groups = request.backend.get_account_groups(request.user, v_account) + meta = request.backend.get_account_meta(request.user_uniq, v_account, 'pithos', until) + groups = request.backend.get_account_groups(request.user_uniq, v_account) + policy = request.backend.get_account_policy(request.user_uniq, v_account) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') validate_modification_preconditions(request, meta) response = HttpResponse() - put_account_headers(response, request.quota, meta, groups) + put_account_headers(response, meta, groups, policy) marker = request.GET.get('marker') limit = get_int_parameter(request.GET.get('limit')) @@ -252,10 +262,10 @@ def container_list(request, v_account): shared = True try: - containers = request.backend.list_containers(request.user, v_account, + containers = request.backend.list_containers(request.user_uniq, v_account, marker, limit, shared, until) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: containers = [] @@ -271,19 +281,24 @@ def container_list(request, v_account): container_meta = [] for x in containers: try: - meta = request.backend.get_container_meta(request.user, v_account, - x, until) - policy = request.backend.get_container_policy(request.user, + meta = request.backend.get_container_meta(request.user_uniq, v_account, + x, 'pithos', until) + policy = request.backend.get_container_policy(request.user_uniq, v_account, x) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: pass else: rename_meta_key(meta, 'modified', 'last_modified') rename_meta_key(meta, 'until_timestamp', 'x_container_until_timestamp') - for k, v in policy.iteritems(): - meta['X-Container-Policy-' + k] = v + m = dict([(k[17:], v) for k, v in meta.iteritems() if k.startswith('X-Container-Meta-')]) + for k in m: + del(meta['X-Container-Meta-' + k]) + if m: + meta['X-Container-Meta'] = printable_header_dict(m) + if policy: + meta['X-Container-Policy'] = printable_header_dict(dict([(k, v) for k, v in policy.iteritems()])) container_meta.append(printable_header_dict(meta)) if request.serialization == 'xml': data = render_to_string('containers.xml', {'account': v_account, 'containers': container_meta}) @@ -298,19 +313,19 @@ def container_meta(request, v_account, v_container): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - meta = request.backend.get_container_meta(request.user, v_account, - v_container, until) - meta['object_meta'] = request.backend.list_object_meta(request.user, - v_account, v_container, until) - policy = request.backend.get_container_policy(request.user, v_account, + meta = request.backend.get_container_meta(request.user_uniq, v_account, + v_container, 'pithos', until) + meta['object_meta'] = request.backend.list_object_meta(request.user_uniq, + v_account, v_container, 'pithos', until) + policy = request.backend.get_container_policy(request.user_uniq, v_account, v_container) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -325,21 +340,16 @@ def container_create(request, v_account, v_container): # Normal Response Codes: 201, 202 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) meta, policy = get_container_headers(request) - try: - if policy and int(policy.get('quota', 0)) > request.quota: - policy['quota'] = request.quota - except: - raise BadRequest('Invalid quota header') try: - request.backend.put_container(request.user, v_account, v_container, policy) + request.backend.put_container(request.user_uniq, v_account, v_container, policy) ret = 201 except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except ValueError: raise BadRequest('Invalid policy header') except NameError: @@ -347,20 +357,20 @@ def container_create(request, v_account, v_container): if ret == 202 and policy: try: - request.backend.update_container_policy(request.user, v_account, + request.backend.update_container_policy(request.user_uniq, v_account, v_container, policy, replace=False) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') except ValueError: raise BadRequest('Invalid policy header') if meta: try: - request.backend.update_container_meta(request.user, v_account, - v_container, meta, replace=False) + request.backend.update_container_meta(request.user_uniq, v_account, + v_container, 'pithos', meta, replace=False) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -371,7 +381,7 @@ def container_update(request, v_account, v_container): # Normal Response Codes: 202 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) meta, policy = get_container_headers(request) @@ -380,25 +390,20 @@ def container_update(request, v_account, v_container): replace = False if policy: try: - if int(policy.get('quota', 0)) > request.quota: - policy['quota'] = request.quota - except: - raise BadRequest('Invalid quota header') - try: - request.backend.update_container_policy(request.user, v_account, + request.backend.update_container_policy(request.user_uniq, v_account, v_container, policy, replace) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') except ValueError: raise BadRequest('Invalid policy header') if meta or replace: try: - request.backend.update_container_meta(request.user, v_account, - v_container, meta, replace) + request.backend.update_container_meta(request.user_uniq, v_account, + v_container, 'pithos', meta, replace) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -425,15 +430,15 @@ def container_delete(request, v_account, v_container): # Error Response Codes: serviceUnavailable (503), # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - request.backend.delete_container(request.user, v_account, v_container, + request.backend.delete_container(request.user_uniq, v_account, v_container, until) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') except IndexError: @@ -445,19 +450,19 @@ def object_list(request, v_account, v_container): # Normal Response Codes: 200, 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - meta = request.backend.get_container_meta(request.user, v_account, - v_container, until) - meta['object_meta'] = request.backend.list_object_meta(request.user, - v_account, v_container, until) - policy = request.backend.get_container_policy(request.user, v_account, + meta = request.backend.get_container_meta(request.user_uniq, v_account, + v_container, 'pithos', until) + meta['object_meta'] = request.backend.list_object_meta(request.user_uniq, + v_account, v_container, 'pithos', until) + policy = request.backend.get_container_policy(request.user_uniq, v_account, v_container) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -491,9 +496,12 @@ def object_list(request, v_account, v_container): keys = request.GET.get('meta') if keys: - keys = keys.split(',') - l = [smart_str(x) for x in keys if x.strip() != ''] - keys = [format_header_key('X-Object-Meta-' + x.strip()) for x in l] + keys = [smart_str(x.strip()) for x in keys.split(',') if x.strip() != ''] + included, excluded, opers = parse_filters(keys) + keys = [] + keys += [format_header_key('X-Object-Meta-' + x) for x in included] + keys += [format_header_key('!X-Object-Meta-' + x) for x in excluded] + keys += ['%s%s%s' % (format_header_key('X-Object-Meta-' + k), o, v) for k, o, v in opers] else: keys = [] @@ -502,11 +510,11 @@ def object_list(request, v_account, v_container): shared = True try: - objects = request.backend.list_objects(request.user, v_account, + objects = request.backend.list_objects(request.user_uniq, v_account, v_container, prefix, delimiter, marker, - limit, virtual, keys, shared, until) + limit, virtual, 'pithos', keys, shared, until) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') @@ -526,32 +534,39 @@ def object_list(request, v_account, v_container): object_meta.append({'subdir': x[0]}) else: try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, x[0], x[1]) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, x[0], 'pithos', x[1]) if until is None: permissions = request.backend.get_object_permissions( - request.user, v_account, v_container, x[0]) - public = request.backend.get_object_public(request.user, + request.user_uniq, v_account, v_container, x[0]) + public = request.backend.get_object_public(request.user_uniq, v_account, v_container, x[0]) else: permissions = None public = None except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: pass else: + rename_meta_key(meta, 'hash', 'x_object_hash') # Will be replaced by ETag. + rename_meta_key(meta, 'ETag', 'hash') rename_meta_key(meta, 'modified', 'last_modified') rename_meta_key(meta, 'modified_by', 'x_object_modified_by') rename_meta_key(meta, 'version', 'x_object_version') rename_meta_key(meta, 'version_timestamp', 'x_object_version_timestamp') + m = dict([(k[14:], v) for k, v in meta.iteritems() if k.startswith('X-Object-Meta-')]) + for k in m: + del(meta['X-Object-Meta-' + k]) + if m: + meta['X-Object-Meta'] = printable_header_dict(m) update_sharing_meta(request, permissions, v_account, v_container, x[0], meta) update_public_meta(public, meta) object_meta.append(printable_header_dict(meta)) if request.serialization == 'xml': data = render_to_string('objects.xml', {'container': v_container, 'objects': object_meta}) elif request.serialization == 'json': - data = json.dumps(object_meta) + data = json.dumps(object_meta, default=json_encode_decimal) response.status_code = 200 response.content = data return response @@ -561,23 +576,23 @@ def object_meta(request, v_account, v_container, v_object): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) version = request.GET.get('version') try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object, version) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos', version) if version is None: - permissions = request.backend.get_object_permissions(request.user, + permissions = request.backend.get_object_permissions(request.user_uniq, v_account, v_container, v_object) - public = request.backend.get_object_public(request.user, v_account, + public = request.backend.get_object_public(request.user_uniq, v_account, v_container, v_object) else: permissions = None public = None except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') except IndexError: @@ -593,7 +608,7 @@ def object_meta(request, v_account, v_container, v_object): validate_matching_preconditions(request, meta) except NotModified: response = HttpResponse(status=304) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] return response response = HttpResponse(status=200) @@ -607,7 +622,7 @@ def object_read(request, v_account, v_container, v_object): # rangeNotSatisfiable (416), # preconditionFailed (412), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400), # notModified (304) @@ -619,34 +634,34 @@ def object_read(request, v_account, v_container, v_object): raise BadRequest('No format specified for version list.') try: - v = request.backend.list_versions(request.user, v_account, + v = request.backend.list_versions(request.user_uniq, v_account, v_container, v_object) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') d = {'versions': v} if request.serialization == 'xml': d['object'] = v_object data = render_to_string('versions.xml', d) elif request.serialization == 'json': - data = json.dumps(d) + data = json.dumps(d, default=json_encode_decimal) response = HttpResponse(data, status=200) response['Content-Length'] = len(data) return response try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object, version) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos', version) if version is None: - permissions = request.backend.get_object_permissions(request.user, + permissions = request.backend.get_object_permissions(request.user_uniq, v_account, v_container, v_object) - public = request.backend.get_object_public(request.user, v_account, + public = request.backend.get_object_public(request.user_uniq, v_account, v_container, v_object) else: permissions = None public = None except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') except IndexError: @@ -662,7 +677,7 @@ def object_read(request, v_account, v_container, v_object): validate_matching_preconditions(request, meta) except NotModified: response = HttpResponse(status=304) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] return response sizes = [] @@ -670,10 +685,10 @@ def object_read(request, v_account, v_container, v_object): if 'X-Object-Manifest' in meta: try: src_container, src_name = split_container_object_string('/' + meta['X-Object-Manifest']) - objects = request.backend.list_objects(request.user, v_account, + objects = request.backend.list_objects(request.user_uniq, v_account, src_container, prefix=src_name, virtual=False) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except ValueError: raise BadRequest('Invalid X-Object-Manifest header') except NameError: @@ -681,24 +696,24 @@ def object_read(request, v_account, v_container, v_object): try: for x in objects: - s, h = request.backend.get_object_hashmap(request.user, + s, h = request.backend.get_object_hashmap(request.user_uniq, v_account, src_container, x[0], x[1]) sizes.append(s) hashmaps.append(h) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') except IndexError: raise ItemNotFound('Version does not exist') else: try: - s, h = request.backend.get_object_hashmap(request.user, v_account, + s, h = request.backend.get_object_hashmap(request.user_uniq, v_account, v_container, v_object, version) sizes.append(s) hashmaps.append(h) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') except IndexError: @@ -735,28 +750,28 @@ def object_write(request, v_account, v_container, v_object): # lengthRequired (411), # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) # Evaluate conditions. if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos') except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: meta = {} validate_matching_preconditions(request, meta) - copy_from = smart_unicode(request.META.get('HTTP_X_COPY_FROM'), strings_only=True) - move_from = smart_unicode(request.META.get('HTTP_X_MOVE_FROM'), strings_only=True) + copy_from = request.META.get('HTTP_X_COPY_FROM') + move_from = request.META.get('HTTP_X_MOVE_FROM') if copy_from or move_from: content_length = get_content_length(request) # Required by the API. - src_account = smart_unicode(request.META.get('HTTP_X_SOURCE_ACCOUNT'), strings_only=True) + src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT') if not src_account: - src_account = request.user + src_account = request.user_uniq if move_from: try: src_container, src_name = split_container_object_string(move_from) @@ -814,7 +829,7 @@ def object_write(request, v_account, v_container, v_object): except: raise BadRequest('Invalid data formatting') - meta.update({'hash': hashmap_hash(request, hashmap)}) # Update ETag. + meta.update({'ETag': hashmap_hash(request, hashmap)}) # Update ETag. else: md5 = hashlib.md5() size = 0 @@ -827,17 +842,17 @@ def object_write(request, v_account, v_container, v_object): hashmap.append(request.backend.put_block(data)) md5.update(data) - meta['hash'] = md5.hexdigest().lower() + meta['ETag'] = md5.hexdigest().lower() etag = request.META.get('HTTP_ETAG') - if etag and parse_etags(etag)[0].lower() != meta['hash']: + if etag and parse_etags(etag)[0].lower() != meta['ETag']: raise UnprocessableEntity('Object ETag does not match') try: - version_id = request.backend.update_object_hashmap(request.user, - v_account, v_container, v_object, size, hashmap, meta, - True, permissions) + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, size, hashmap, + 'pithos', meta, True, permissions) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except IndexError, e: raise Conflict('\n'.join(e.data) + '\n') except NameError: @@ -846,17 +861,19 @@ def object_write(request, v_account, v_container, v_object): raise BadRequest('Invalid sharing header') except AttributeError, e: raise Conflict('\n'.join(e.data) + '\n') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') if public is not None: try: - request.backend.update_object_public(request.user, v_account, + request.backend.update_object_public(request.user_uniq, v_account, v_container, v_object, public) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') response = HttpResponse(status=201) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] response['X-Object-Version'] = version_id return response @@ -865,36 +882,31 @@ def object_write_form(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) + request.upload_handlers = [SaveToBackendHandler(request)] if not request.FILES.has_key('X-Object-Data'): raise BadRequest('Missing X-Object-Data field') file = request.FILES['X-Object-Data'] meta = {} meta['Content-Type'] = file.content_type - - md5 = hashlib.md5() - size = 0 - hashmap = [] - for data in file.chunks(request.backend.block_size): - size += len(data) - hashmap.append(request.backend.put_block(data)) - md5.update(data) - - meta['hash'] = md5.hexdigest().lower() + meta['ETag'] = file.etag try: - version_id = request.backend.update_object_hashmap(request.user, - v_account, v_container, v_object, size, hashmap, meta, True) + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, file.size, file.hashmap, + 'pithos', meta, True) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') response = HttpResponse(status=201) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] response['X-Object-Version'] = version_id return response @@ -903,13 +915,13 @@ def object_copy(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - dest_account = smart_unicode(request.META.get('HTTP_DESTINATION_ACCOUNT'), strings_only=True) + dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT') if not dest_account: - dest_account = request.user - dest_path = smart_unicode(request.META.get('HTTP_DESTINATION'), strings_only=True) + dest_account = request.user_uniq + dest_path = request.META.get('HTTP_DESTINATION') if not dest_path: raise BadRequest('Missing Destination header') try: @@ -921,10 +933,10 @@ def object_copy(request, v_account, v_container, v_object): if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): src_version = request.META.get('HTTP_X_SOURCE_VERSION') try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object, src_version) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos', src_version) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except (NameError, IndexError): raise ItemNotFound('Container or object does not exist') validate_matching_preconditions(request, meta) @@ -940,13 +952,13 @@ def object_move(request, v_account, v_container, v_object): # Normal Response Codes: 201 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) - dest_account = smart_unicode(request.META.get('HTTP_DESTINATION_ACCOUNT'), strings_only=True) + dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT') if not dest_account: - dest_account = request.user - dest_path = smart_unicode(request.META.get('HTTP_DESTINATION'), strings_only=True) + dest_account = request.user_uniq + dest_path = request.META.get('HTTP_DESTINATION') if not dest_path: raise BadRequest('Missing Destination header') try: @@ -957,10 +969,10 @@ def object_move(request, v_account, v_container, v_object): # Evaluate conditions. if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): try: - meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object) + meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos') except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container or object does not exist') validate_matching_preconditions(request, meta) @@ -977,7 +989,7 @@ def object_update(request, v_account, v_container, v_object): # Error Response Codes: serviceUnavailable (503), # conflict (409), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) meta, permissions, public = get_object_headers(request) content_type = meta.get('Content-Type') @@ -985,10 +997,10 @@ def object_update(request, v_account, v_container, v_object): del(meta['Content-Type']) # Do not allow changing the Content-Type. try: - prev_meta = request.backend.get_object_meta(request.user, v_account, - v_container, v_object) + prev_meta = request.backend.get_object_meta(request.user_uniq, v_account, + v_container, v_object, 'pithos') except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') @@ -996,12 +1008,12 @@ def object_update(request, v_account, v_container, v_object): if request.META.get('HTTP_IF_MATCH') or request.META.get('HTTP_IF_NONE_MATCH'): validate_matching_preconditions(request, prev_meta) - # If replacing, keep previous values of 'Content-Type' and 'hash'. + # If replacing, keep previous values of 'Content-Type' and 'ETag'. replace = True if 'update' in request.GET: replace = False if replace: - for k in ('Content-Type', 'hash'): + for k in ('Content-Type', 'ETag'): if k in prev_meta: meta[k] = prev_meta[k] @@ -1013,10 +1025,10 @@ def object_update(request, v_account, v_container, v_object): # Do permissions first, as it may fail easier. if permissions is not None: try: - request.backend.update_object_permissions(request.user, + request.backend.update_object_permissions(request.user_uniq, v_account, v_container, v_object, permissions) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') except ValueError: @@ -1025,18 +1037,18 @@ def object_update(request, v_account, v_container, v_object): raise Conflict('\n'.join(e.data) + '\n') if public is not None: try: - request.backend.update_object_public(request.user, v_account, + request.backend.update_object_public(request.user_uniq, v_account, v_container, v_object, public) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') if meta or replace: try: - version_id = request.backend.update_object_meta(request.user, - v_account, v_container, v_object, meta, replace) + version_id = request.backend.update_object_meta(request.user_uniq, + v_account, v_container, v_object, 'pithos', meta, replace) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') response['X-Object-Version'] = version_id @@ -1054,10 +1066,10 @@ def object_update(request, v_account, v_container, v_object): raise RangeNotSatisfiable('Invalid Content-Range header') try: - size, hashmap = request.backend.get_object_hashmap(request.user, + size, hashmap = request.backend.get_object_hashmap(request.user_uniq, v_account, v_container, v_object) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') @@ -1067,18 +1079,16 @@ def object_update(request, v_account, v_container, v_object): elif offset > size: raise RangeNotSatisfiable('Supplied offset is beyond object limits') if src_object: - src_account = smart_unicode(request.META.get('HTTP_X_SOURCE_ACCOUNT'), strings_only=True) + src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT') if not src_account: - src_account = request.user + src_account = request.user_uniq src_container, src_name = split_container_object_string(src_object) - src_container = smart_unicode(src_container, strings_only=True) - src_name = smart_unicode(src_name, strings_only=True) src_version = request.META.get('HTTP_X_SOURCE_VERSION') try: - src_size, src_hashmap = request.backend.get_object_hashmap(request.user, + src_size, src_hashmap = request.backend.get_object_hashmap(request.user_uniq, src_account, src_container, src_name, src_version) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Source object does not exist') @@ -1158,30 +1168,32 @@ def object_update(request, v_account, v_container, v_object): if dest_bytes is not None and dest_bytes < size: size = dest_bytes hashmap = hashmap[:(int((size - 1) / request.backend.block_size) + 1)] - meta.update({'hash': hashmap_hash(request, hashmap)}) # Update ETag. + meta.update({'ETag': hashmap_hash(request, hashmap)}) # Update ETag. try: - version_id = request.backend.update_object_hashmap(request.user, - v_account, v_container, v_object, size, hashmap, meta, - replace, permissions) + version_id = request.backend.update_object_hashmap(request.user_uniq, + v_account, v_container, v_object, size, hashmap, + 'pithos', meta, replace, permissions) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Container does not exist') except ValueError: raise BadRequest('Invalid sharing header') except AttributeError, e: raise Conflict('\n'.join(e.data) + '\n') + except QuotaError: + raise RequestEntityTooLarge('Quota exceeded') if public is not None: try: - request.backend.update_object_public(request.user, v_account, + request.backend.update_object_public(request.user_uniq, v_account, v_container, v_object, public) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') response = HttpResponse(status=204) - response['ETag'] = meta['hash'] + response['ETag'] = meta['ETag'] response['X-Object-Version'] = version_id return response @@ -1190,15 +1202,15 @@ def object_delete(request, v_account, v_container, v_object): # Normal Response Codes: 204 # Error Response Codes: serviceUnavailable (503), # itemNotFound (404), - # unauthorized (401), + # forbidden (403), # badRequest (400) until = get_int_parameter(request.GET.get('until')) try: - request.backend.delete_object(request.user, v_account, v_container, + request.backend.delete_object(request.user_uniq, v_account, v_container, v_object, until) except NotAllowedError: - raise Unauthorized('Access denied') + raise Forbidden('Not allowed') except NameError: raise ItemNotFound('Object does not exist') return HttpResponse(status=204)