Statistics
| Branch: | Tag: | Revision:

root / snf-pithos-app / pithos / api / functions.py @ 2560c061

History | View | Annotate | Download (59.9 kB)

1
# Copyright 2011-2013 GRNET S.A. All rights reserved.
2
#
3
# Redistribution and use in source and binary forms, with or
4
# without modification, are permitted provided that the following
5
# conditions are met:
6
#
7
#   1. Redistributions of source code must retain the above
8
#      copyright notice, this list of conditions and the following
9
#      disclaimer.
10
#
11
#   2. Redistributions in binary form must reproduce the above
12
#      copyright notice, this list of conditions and the following
13
#      disclaimer in the documentation and/or other materials
14
#      provided with the distribution.
15
#
16
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
# POSSIBILITY OF SUCH DAMAGE.
28
#
29
# The views and conclusions contained in the software and
30
# documentation are those of the authors and should not be
31
# interpreted as representing official policies, either expressed
32
# or implied, of GRNET S.A.
33

    
34
from xml.dom import minidom
35

    
36
from django.http import HttpResponse
37
from django.template.loader import render_to_string
38
from django.utils import simplejson as json
39
from django.utils.http import parse_etags
40
from django.utils.encoding import smart_str
41
from django.views.decorators.csrf import csrf_exempt
42

    
43
from astakosclient import AstakosClient
44

    
45
from snf_django.lib import api
46
from snf_django.lib.api import faults
47

    
48
from pithos.api.util import (
49
    json_encode_decimal, rename_meta_key, format_header_key,
50
    printable_header_dict, get_account_headers, put_account_headers,
51
    get_container_headers, put_container_headers, get_object_headers,
52
    put_object_headers, update_manifest_meta, update_sharing_meta,
53
    update_public_meta, validate_modification_preconditions,
54
    validate_matching_preconditions, split_container_object_string,
55
    copy_or_move_object, get_int_parameter, get_content_length,
56
    get_content_range, socket_read_iterator, SaveToBackendHandler,
57
    object_data_response, put_object_block, hashmap_md5, simple_list_response,
58
    api_method, is_uuid, retrieve_uuid, retrieve_uuids,
59
    retrieve_displaynames, Checksum, NoChecksum
60
)
61

    
62
from pithos.api.settings import (UPDATE_MD5, TRANSLATE_UUIDS,
63
                                 SERVICE_TOKEN, ASTAKOS_AUTH_URL)
64

    
65
from pithos.api import settings
66

    
67
from pithos.backends.base import (
68
    NotAllowedError, QuotaError, ContainerNotEmpty, ItemNotExists,
69
    VersionNotExists, ContainerExists, InvalidHash)
70

    
71
from pithos.backends.filter import parse_filters
72

    
73
import logging
74
logger = logging.getLogger(__name__)
75

    
76

    
77
def get_uuids(names):
78
    try:
79
        astakos = AstakosClient(SERVICE_TOKEN, ASTAKOS_AUTH_URL,
80
                                retry=2, use_pool=True, logger=logger)
81
        uuids = astakos.service_get_uuids(names)
82
    except Exception, e:
83
        logger.exception(e)
84
        return {}
85

    
86
    return uuids
87

    
88

    
89
@csrf_exempt
90
def top_demux(request):
91
    if request.method == 'GET':
92
        try:
93
            request.GET['X-Auth-Token']
94
        except KeyError:
95
            try:
96
                request.META['HTTP_X_AUTH_TOKEN']
97
            except KeyError:
98
                return authenticate(request)
99
        return account_list(request)
100
    else:
101
        return api.api_method_not_allowed(request, allowed_methods=['GET'])
102

    
103

    
104
@csrf_exempt
105
def account_demux(request, v_account):
106
    if TRANSLATE_UUIDS:
107
        if not is_uuid(v_account):
108
            uuids = get_uuids([v_account])
109
            if not uuids or not v_account in uuids:
110
                return HttpResponse(status=404)
111
            v_account = uuids[v_account]
112

    
113
    if request.method == 'HEAD':
114
        return account_meta(request, v_account)
115
    elif request.method == 'POST':
116
        return account_update(request, v_account)
117
    elif request.method == 'GET':
118
        return container_list(request, v_account)
119
    else:
120
        return api.api_method_not_allowed(request,
121
                                          allowed_methods=['HEAD',
122
                                                           'POST',
123
                                                           'GET'])
124

    
125

    
126
@csrf_exempt
127
def container_demux(request, v_account, v_container):
128
    if TRANSLATE_UUIDS:
129
        if not is_uuid(v_account):
130
            uuids = get_uuids([v_account])
131
            if not uuids or not v_account in uuids:
132
                return HttpResponse(status=404)
133
            v_account = uuids[v_account]
134

    
135
    if request.method == 'HEAD':
136
        return container_meta(request, v_account, v_container)
137
    elif request.method == 'PUT':
138
        return container_create(request, v_account, v_container)
139
    elif request.method == 'POST':
140
        return container_update(request, v_account, v_container)
141
    elif request.method == 'DELETE':
142
        return container_delete(request, v_account, v_container)
143
    elif request.method == 'GET':
144
        return object_list(request, v_account, v_container)
145
    else:
146
        return api.api_method_not_allowed(request,
147
                                          allowed_methods=['HEAD',
148
                                                           'PUT',
149
                                                           'POST',
150
                                                           'DELETE',
151
                                                           'GET'])
152

    
153

    
154
@csrf_exempt
155
def object_demux(request, v_account, v_container, v_object):
156
    # Helper to avoid placing the token in the URL
157
    # when loading objects from a browser.
158
    if TRANSLATE_UUIDS:
159
        if not is_uuid(v_account):
160
            uuids = get_uuids([v_account])
161
            if not uuids or not v_account in uuids:
162
                return HttpResponse(status=404)
163
            v_account = uuids[v_account]
164

    
165
    if request.method == 'HEAD':
166
        return object_meta(request, v_account, v_container, v_object)
167
    elif request.method == 'GET':
168
        return object_read(request, v_account, v_container, v_object)
169
    elif request.method == 'PUT':
170
        return object_write(request, v_account, v_container, v_object)
171
    elif request.method == 'COPY':
172
        return object_copy(request, v_account, v_container, v_object)
173
    elif request.method == 'MOVE':
174
        return object_move(request, v_account, v_container, v_object)
175
    elif request.method == 'POST':
176
        if request.META.get(
177
                'CONTENT_TYPE', '').startswith('multipart/form-data'):
178
            return object_write_form(request, v_account, v_container, v_object)
179
        return object_update(request, v_account, v_container, v_object)
180
    elif request.method == 'DELETE':
181
        return object_delete(request, v_account, v_container, v_object)
182
    else:
183
        return api.api_method_not_allowed(request, allowed_methods=['HEAD',
184
                                                                    'GET',
185
                                                                    'PUT',
186
                                                                    'COPY',
187
                                                                    'MOVE',
188
                                                                    'POST',
189
                                                                    'DELETE'])
190

    
191

    
192
@api_method('GET', token_required=False, user_required=False, logger=logger)
193
def authenticate(request):
194
    # Normal Response Codes: 204
195
    # Error Response Codes: internalServerError (500),
196
    #                       forbidden (403),
197
    #                       badRequest (400)
198

    
199
    x_auth_user = request.META.get('HTTP_X_AUTH_USER')
200
    x_auth_key = request.META.get('HTTP_X_AUTH_KEY')
201
    if not x_auth_user or not x_auth_key:
202
        raise faults.BadRequest('Missing X-Auth-User or X-Auth-Key header')
203
    response = HttpResponse(status=204)
204

    
205
    uri = request.build_absolute_uri()
206
    if '?' in uri:
207
        uri = uri[:uri.find('?')]
208

    
209
    response['X-Auth-Token'] = x_auth_key
210
    response['X-Storage-Url'] = uri + ('' if uri.endswith('/')
211
                                       else '/') + x_auth_user
212
    return response
213

    
214

    
215
@api_method('GET', format_allowed=True, user_required=True, logger=logger,
216
            serializations=["text", "xml", "json"])
217
def account_list(request):
218
    # Normal Response Codes: 200, 204
219
    # Error Response Codes: internalServerError (500),
220
    #                       badRequest (400)
221
    response = HttpResponse()
222

    
223
    marker = request.GET.get('marker')
224
    limit = get_int_parameter(request.GET.get('limit'))
225
    if not limit:
226
        limit = settings.API_LIST_LIMIT
227

    
228
    accounts = request.backend.list_accounts(request.user_uniq, marker, limit)
229

    
230
    if request.serialization == 'text':
231
        if TRANSLATE_UUIDS:
232
            accounts = retrieve_displaynames(
233
                getattr(request, 'token', None), accounts)
234
        if len(accounts) == 0:
235
            # The cloudfiles python bindings expect 200 if json/xml.
236
            response.status_code = 204
237
            return response
238
        response.status_code = 200
239
        response.content = '\n'.join(accounts) + '\n'
240
        return response
241

    
242
    account_meta = []
243
    for x in accounts:
244
        if x == request.user_uniq:
245
            continue
246
        try:
247
            meta = request.backend.get_account_meta(
248
                request.user_uniq, x, 'pithos', include_user_defined=False)
249
            groups = request.backend.get_account_groups(request.user_uniq, x)
250
        except NotAllowedError:
251
            raise faults.Forbidden('Not allowed')
252
        else:
253
            rename_meta_key(meta, 'modified', 'last_modified')
254
            rename_meta_key(
255
                meta, 'until_timestamp', 'x_account_until_timestamp')
256
            if groups:
257
                meta['X-Account-Group'] = printable_header_dict(
258
                    dict([(k, ','.join(v)) for k, v in groups.iteritems()]))
259
            account_meta.append(printable_header_dict(meta))
260

    
261
    if TRANSLATE_UUIDS:
262
        uuids = list(d['name'] for d in account_meta)
263
        catalog = retrieve_displaynames(
264
            getattr(request, 'token', None), uuids, return_dict=True)
265
        for meta in account_meta:
266
            meta['name'] = catalog.get(meta.get('name'))
267

    
268
    if request.serialization == 'xml':
269
        data = render_to_string('accounts.xml', {'accounts': account_meta})
270
    elif request.serialization == 'json':
271
        data = json.dumps(account_meta)
272
    response.status_code = 200
273
    response.content = data
274
    return response
275

    
276

    
277
@api_method('HEAD', user_required=True, logger=logger)
278
def account_meta(request, v_account):
279
    # Normal Response Codes: 204
280
    # Error Response Codes: internalServerError (500),
281
    #                       forbidden (403),
282
    #                       badRequest (400)
283

    
284
    until = get_int_parameter(request.GET.get('until'))
285
    try:
286
        meta = request.backend.get_account_meta(
287
            request.user_uniq, v_account, 'pithos', until)
288
        groups = request.backend.get_account_groups(
289
            request.user_uniq, v_account)
290

    
291
        if TRANSLATE_UUIDS:
292
            for k in groups:
293
                groups[k] = retrieve_displaynames(
294
                    getattr(request, 'token', None), groups[k])
295
        policy = request.backend.get_account_policy(
296
            request.user_uniq, v_account)
297
        logger.debug(policy)
298
    except NotAllowedError:
299
        raise faults.Forbidden('Not allowed')
300

    
301
    validate_modification_preconditions(request, meta)
302

    
303
    response = HttpResponse(status=204)
304
    put_account_headers(response, meta, groups, policy)
305
    return response
306

    
307

    
308
@api_method('POST', user_required=True, logger=logger)
309
def account_update(request, v_account):
310
    # Normal Response Codes: 202
311
    # Error Response Codes: internalServerError (500),
312
    #                       forbidden (403),
313
    #                       badRequest (400)
314

    
315
    meta, groups = get_account_headers(request)
316
    for k in groups:
317
        if TRANSLATE_UUIDS:
318
            try:
319
                groups[k] = retrieve_uuids(
320
                    getattr(request, 'token', None),
321
                    groups[k],
322
                    fail_silently=False)
323
            except ItemNotExists, e:
324
                raise faults.BadRequest(
325
                    'Bad X-Account-Group header value: %s' % e)
326
        else:
327
            try:
328
                retrieve_displaynames(
329
                    getattr(request, 'token', None),
330
                    groups[k],
331
                    fail_silently=False)
332
            except ItemNotExists, e:
333
                raise faults.BadRequest(
334
                    'Bad X-Account-Group header value: %s' % e)
335
    replace = True
336
    if 'update' in request.GET:
337
        replace = False
338
    if groups:
339
        try:
340
            request.backend.update_account_groups(request.user_uniq, v_account,
341
                                                  groups, replace)
342
        except NotAllowedError:
343
            raise faults.Forbidden('Not allowed')
344
        except ValueError:
345
            raise faults.BadRequest('Invalid groups header')
346
    if meta or replace:
347
        try:
348
            request.backend.update_account_meta(request.user_uniq, v_account,
349
                                                'pithos', meta, replace)
350
        except NotAllowedError:
351
            raise faults.Forbidden('Not allowed')
352
    return HttpResponse(status=202)
353

    
354

    
355
@api_method('GET', format_allowed=True, user_required=True, logger=logger,
356
            serializations=["text", "xml", "json"])
357
def container_list(request, v_account):
358
    # Normal Response Codes: 200, 204
359
    # Error Response Codes: internalServerError (500),
360
    #                       itemNotFound (404),
361
    #                       forbidden (403),
362
    #                       badRequest (400)
363

    
364
    until = get_int_parameter(request.GET.get('until'))
365
    try:
366
        meta = request.backend.get_account_meta(
367
            request.user_uniq, v_account, 'pithos', until)
368
        groups = request.backend.get_account_groups(
369
            request.user_uniq, v_account)
370
        policy = request.backend.get_account_policy(
371
            request.user_uniq, v_account)
372
    except NotAllowedError:
373
        raise faults.Forbidden('Not allowed')
374

    
375
    validate_modification_preconditions(request, meta)
376

    
377
    response = HttpResponse()
378
    put_account_headers(response, meta, groups, policy)
379

    
380
    marker = request.GET.get('marker')
381
    limit = get_int_parameter(request.GET.get('limit'))
382
    if not limit:
383
        limit = settings.API_LIST_LIMIT
384

    
385
    shared = False
386
    if 'shared' in request.GET:
387
        shared = True
388

    
389
    public_requested = 'public' in request.GET
390
    public_granted = public_requested and request.user_uniq == v_account
391

    
392
    if public_requested and not public_granted:
393
        raise faults.Forbidden(
394
            'PUblic container listing is not allowed to non path owners')
395

    
396
    try:
397
        containers = request.backend.list_containers(
398
            request.user_uniq, v_account,
399
            marker, limit, shared, until, public_granted)
400
    except NotAllowedError:
401
        raise faults.Forbidden('Not allowed')
402
    except NameError:
403
        containers = []
404

    
405
    if request.serialization == 'text':
406
        if len(containers) == 0:
407
            # The cloudfiles python bindings expect 200 if json/xml.
408
            response.status_code = 204
409
            return response
410
        response.status_code = 200
411
        response.content = '\n'.join(containers) + '\n'
412
        return response
413

    
414
    container_meta = []
415
    for x in containers:
416
        try:
417
            meta = request.backend.get_container_meta(
418
                request.user_uniq, v_account,
419
                x, 'pithos', until, include_user_defined=False)
420
            policy = request.backend.get_container_policy(request.user_uniq,
421
                                                          v_account, x)
422
        except NotAllowedError:
423
            raise faults.Forbidden('Not allowed')
424
        except NameError:
425
            pass
426
        else:
427
            rename_meta_key(meta, 'modified', 'last_modified')
428
            rename_meta_key(
429
                meta, 'until_timestamp', 'x_container_until_timestamp')
430
            if policy:
431
                meta['X-Container-Policy'] = printable_header_dict(
432
                    dict([(k, v) for k, v in policy.iteritems()]))
433
            container_meta.append(printable_header_dict(meta))
434
    if request.serialization == 'xml':
435
        data = render_to_string('containers.xml', {'account':
436
                                v_account, 'containers': container_meta})
437
    elif request.serialization == 'json':
438
        data = json.dumps(container_meta)
439
    response.status_code = 200
440
    response.content = data
441
    return response
442

    
443

    
444
@api_method('HEAD', user_required=True, logger=logger)
445
def container_meta(request, v_account, v_container):
446
    # Normal Response Codes: 204
447
    # Error Response Codes: internalServerError (500),
448
    #                       itemNotFound (404),
449
    #                       forbidden (403),
450
    #                       badRequest (400)
451

    
452
    until = get_int_parameter(request.GET.get('until'))
453
    try:
454
        meta = request.backend.get_container_meta(request.user_uniq, v_account,
455
                                                  v_container, 'pithos', until)
456
        meta['object_meta'] = \
457
            request.backend.list_container_meta(request.user_uniq,
458
                                                v_account, v_container,
459
                                                'pithos', until)
460
        policy = request.backend.get_container_policy(
461
            request.user_uniq, v_account,
462
            v_container)
463
    except NotAllowedError:
464
        raise faults.Forbidden('Not allowed')
465
    except ItemNotExists:
466
        raise faults.ItemNotFound('Container does not exist')
467

    
468
    validate_modification_preconditions(request, meta)
469

    
470
    response = HttpResponse(status=204)
471
    put_container_headers(request, response, meta, policy)
472
    return response
473

    
474

    
475
@api_method('PUT', user_required=True, logger=logger)
476
def container_create(request, v_account, v_container):
477
    # Normal Response Codes: 201, 202
478
    # Error Response Codes: internalServerError (500),
479
    #                       itemNotFound (404),
480
    #                       forbidden (403),
481
    #                       badRequest (400)
482

    
483
    meta, policy = get_container_headers(request)
484

    
485
    try:
486
        request.backend.put_container(
487
            request.user_uniq, v_account, v_container, policy)
488
        ret = 201
489
    except NotAllowedError:
490
        raise faults.Forbidden('Not allowed')
491
    except ValueError:
492
        raise faults.BadRequest('Invalid policy header')
493
    except ContainerExists:
494
        ret = 202
495

    
496
    if ret == 202 and policy:
497
        try:
498
            request.backend.update_container_policy(
499
                request.user_uniq, v_account,
500
                v_container, policy, replace=False)
501
        except NotAllowedError:
502
            raise faults.Forbidden('Not allowed')
503
        except ItemNotExists:
504
            raise faults.ItemNotFound('Container does not exist')
505
        except ValueError:
506
            raise faults.BadRequest('Invalid policy header')
507
        except QuotaError, e:
508
            raise faults.RequestEntityTooLarge('Quota error: %s' % e)
509
    if meta:
510
        try:
511
            request.backend.update_container_meta(request.user_uniq, v_account,
512
                                                  v_container, 'pithos',
513
                                                  meta, replace=False)
514
        except NotAllowedError:
515
            raise faults.Forbidden('Not allowed')
516
        except ItemNotExists:
517
            raise faults.ItemNotFound('Container does not exist')
518

    
519
    return HttpResponse(status=ret)
520

    
521

    
522
@api_method('POST', format_allowed=True, user_required=True, logger=logger,
523
            lock_container_path=True)
524
def container_update(request, v_account, v_container):
525
    # Normal Response Codes: 202
526
    # Error Response Codes: internalServerError (500),
527
    #                       itemNotFound (404),
528
    #                       forbidden (403),
529
    #                       badRequest (400)
530

    
531
    meta, policy = get_container_headers(request)
532
    replace = True
533
    if 'update' in request.GET:
534
        replace = False
535
    if policy:
536
        try:
537
            request.backend.update_container_policy(
538
                request.user_uniq, v_account,
539
                v_container, policy, replace)
540
        except NotAllowedError:
541
            raise faults.Forbidden('Not allowed')
542
        except ItemNotExists:
543
            raise faults.ItemNotFound('Container does not exist')
544
        except ValueError:
545
            raise faults.BadRequest('Invalid policy header')
546
        except QuotaError, e:
547
            raise faults.RequestEntityTooLarge('Quota error: %s' % e)
548
    if meta or replace:
549
        try:
550
            request.backend.update_container_meta(request.user_uniq, v_account,
551
                                                  v_container, 'pithos',
552
                                                  meta, replace)
553
        except NotAllowedError:
554
            raise faults.Forbidden('Not allowed')
555
        except ItemNotExists:
556
            raise faults.ItemNotFound('Container does not exist')
557

    
558
    content_length = -1
559
    if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked':
560
        content_length = get_int_parameter(
561
            request.META.get('CONTENT_LENGTH', 0))
562
    content_type = request.META.get('CONTENT_TYPE')
563
    hashmap = []
564
    if (content_type
565
            and content_type == 'application/octet-stream'
566
            and content_length != 0):
567

    
568
        try:
569
            request.backend.can_write_container(request.user_uniq, v_account,
570
                                                v_container)
571
        except NotAllowedError:
572
            raise faults.Forbidden('Not allowed')
573

    
574
        for data in socket_read_iterator(request, content_length,
575
                                         request.backend.block_size):
576
            # TODO: Raise 408 (Request Timeout) if this takes too long.
577
            # TODO: Raise 499 (Client Disconnect) if a length is defined
578
            #       and we stop before getting this much data.
579
            hashmap.append(request.backend.put_block(data))
580

    
581
    response = HttpResponse(status=202)
582
    if hashmap:
583
        response.content = simple_list_response(request, hashmap)
584
    return response
585

    
586

    
587
@api_method('DELETE', user_required=True, logger=logger,
588
            lock_container_path=True)
589
def container_delete(request, v_account, v_container):
590
    # Normal Response Codes: 204
591
    # Error Response Codes: internalServerError (500),
592
    #                       conflict (409),
593
    #                       itemNotFound (404),
594
    #                       forbidden (403),
595
    #                       badRequest (400)
596
    #                       requestentitytoolarge (413)
597

    
598
    until = get_int_parameter(request.GET.get('until'))
599

    
600
    delimiter = request.GET.get('delimiter')
601

    
602
    try:
603
        request.backend.delete_container(
604
            request.user_uniq, v_account, v_container,
605
            until, delimiter=delimiter)
606
    except NotAllowedError:
607
        raise faults.Forbidden('Not allowed')
608
    except ItemNotExists:
609
        raise faults.ItemNotFound('Container does not exist')
610
    except ContainerNotEmpty:
611
        raise faults.Conflict('Container is not empty')
612
    except QuotaError, e:
613
        raise faults.RequestEntityTooLarge('Quota error: %s' % e)
614
    return HttpResponse(status=204)
615

    
616

    
617
@api_method('GET', format_allowed=True, user_required=True, logger=logger,
618
            serializations=["text", "xml", "json"])
619
def object_list(request, v_account, v_container):
620
    # Normal Response Codes: 200, 204
621
    # Error Response Codes: internalServerError (500),
622
    #                       itemNotFound (404),
623
    #                       forbidden (403),
624
    #                       badRequest (400)
625

    
626
    until = get_int_parameter(request.GET.get('until'))
627
    try:
628
        meta = request.backend.get_container_meta(request.user_uniq, v_account,
629
                                                  v_container, 'pithos', until)
630
        meta['object_meta'] = \
631
            request.backend.list_container_meta(request.user_uniq,
632
                                                v_account, v_container,
633
                                                'pithos', until)
634
        policy = request.backend.get_container_policy(
635
            request.user_uniq, v_account,
636
            v_container)
637
    except NotAllowedError:
638
        raise faults.Forbidden('Not allowed')
639
    except ItemNotExists:
640
        raise faults.ItemNotFound('Container does not exist')
641

    
642
    validate_modification_preconditions(request, meta)
643

    
644
    response = HttpResponse()
645
    put_container_headers(request, response, meta, policy)
646

    
647
    path = request.GET.get('path')
648
    prefix = request.GET.get('prefix')
649
    delimiter = request.GET.get('delimiter')
650

    
651
    # Path overrides prefix and delimiter.
652
    virtual = True
653
    if path:
654
        prefix = path
655
        delimiter = '/'
656
        virtual = False
657

    
658
    # Naming policy.
659
    if prefix and delimiter and not prefix.endswith(delimiter):
660
        prefix = prefix + delimiter
661
    if not prefix:
662
        prefix = ''
663
    prefix = prefix.lstrip('/')
664

    
665
    marker = request.GET.get('marker')
666
    limit = get_int_parameter(request.GET.get('limit'))
667
    if not limit:
668
        limit = settings.API_LIST_LIMIT
669

    
670
    keys = request.GET.get('meta')
671
    if keys:
672
        keys = [smart_str(x.strip()) for x in keys.split(',')
673
                if x.strip() != '']
674
        included, excluded, opers = parse_filters(keys)
675
        keys = []
676
        keys += [format_header_key('X-Object-Meta-' + x) for x in included]
677
        keys += ['!' + format_header_key('X-Object-Meta-' + x)
678
                 for x in excluded]
679
        keys += ['%s%s%s' % (format_header_key(
680
            'X-Object-Meta-' + k), o, v) for k, o, v in opers]
681
    else:
682
        keys = []
683

    
684
    shared = False
685
    if 'shared' in request.GET:
686
        shared = True
687

    
688
    public_requested = 'public' in request.GET
689
    public_granted = public_requested and request.user_uniq == v_account
690

    
691
    if public_requested and not public_granted:
692
        raise faults.Forbidden(
693
            'PUblic object listing is not allowed to non path owners')
694

    
695
    if request.serialization == 'text':
696
        try:
697
            objects = request.backend.list_objects(
698
                request.user_uniq, v_account,
699
                v_container, prefix, delimiter, marker,
700
                limit, virtual, 'pithos', keys, shared,
701
                until, None, public_granted)
702
        except NotAllowedError:
703
            raise faults.Forbidden('Not allowed')
704
        except ItemNotExists:
705
            raise faults.ItemNotFound('Container does not exist')
706

    
707
        if len(objects) == 0:
708
            # The cloudfiles python bindings expect 200 if json/xml.
709
            response.status_code = 204
710
            return response
711
        response.status_code = 200
712
        response.content = '\n'.join([x[0] for x in objects]) + '\n'
713
        return response
714

    
715
    try:
716
        objects = request.backend.list_object_meta(
717
            request.user_uniq, v_account, v_container, prefix, delimiter,
718
            marker, limit, virtual, 'pithos', keys, shared, until, None,
719
            public_granted)
720
        object_permissions = {}
721
        object_public = {}
722
        if until is None:
723
            name = '/'.join((v_account, v_container, ''))
724
            name_idx = len(name)
725
            objects_bulk = []
726
            for x in request.backend.list_object_permissions(
727
                    request.user_uniq, v_account, v_container, prefix):
728

    
729
                # filter out objects which are not under the container
730
                if name != x[:name_idx]:
731
                    continue
732
                objects_bulk.append(x[name_idx:])
733

    
734
            if len(objects_bulk) > 0:
735
                object_permissions = \
736
                    request.backend.get_object_permissions_bulk(
737
                        request.user_uniq, v_account, v_container,
738
                        objects_bulk)
739

    
740
            if request.user_uniq == v_account:
741
                # Bring public information only if the request user
742
                # is the object owner
743
                for k, v in request.backend.list_object_public(
744
                        request.user_uniq, v_account,
745
                        v_container, prefix).iteritems():
746
                    object_public[k[name_idx:]] = v
747
    except NotAllowedError:
748
        raise faults.Forbidden('Not allowed')
749
    except ItemNotExists:
750
        raise faults.ItemNotFound('Container does not exist')
751

    
752
    object_meta = []
753
    for meta in objects:
754
        if TRANSLATE_UUIDS:
755
            modified_by = meta.get('modified_by')
756
            if modified_by:
757
                l = retrieve_displaynames(
758
                    getattr(request, 'token', None), [meta['modified_by']])
759
                if l is not None and len(l) == 1:
760
                    meta['modified_by'] = l[0]
761

    
762
        if len(meta) == 1:
763
            # Virtual objects/directories.
764
            object_meta.append(meta)
765
        else:
766
            rename_meta_key(
767
                meta, 'hash', 'x_object_hash')  # Will be replaced by checksum.
768
            rename_meta_key(meta, 'checksum', 'hash')
769
            rename_meta_key(meta, 'type', 'content_type')
770
            rename_meta_key(meta, 'uuid', 'x_object_uuid')
771
            if until is not None and 'modified' in meta:
772
                del(meta['modified'])
773
            else:
774
                rename_meta_key(meta, 'modified', 'last_modified')
775
            rename_meta_key(meta, 'modified_by', 'x_object_modified_by')
776
            rename_meta_key(meta, 'version', 'x_object_version')
777
            rename_meta_key(
778
                meta, 'version_timestamp', 'x_object_version_timestamp')
779
            permissions = object_permissions.get(meta['name'], None)
780
            if permissions:
781
                update_sharing_meta(request, permissions, v_account,
782
                                    v_container, meta['name'], meta)
783
            public_url = object_public.get(meta['name'], None)
784
            if request.user_uniq == v_account:
785
                # Return public information only if the request user
786
                # is the object owner
787
                update_public_meta(public_url, meta)
788
            object_meta.append(printable_header_dict(meta))
789

    
790
    if request.serialization == 'xml':
791
        data = render_to_string(
792
            'objects.xml', {'container': v_container, 'objects': object_meta})
793
    elif request.serialization == 'json':
794
        data = json.dumps(object_meta, default=json_encode_decimal)
795
    response.status_code = 200
796
    response.content = data
797
    return response
798

    
799

    
800
@api_method('HEAD', user_required=True, logger=logger)
801
def object_meta(request, v_account, v_container, v_object):
802
    # Normal Response Codes: 204
803
    # Error Response Codes: internalServerError (500),
804
    #                       itemNotFound (404),
805
    #                       forbidden (403),
806
    #                       badRequest (400)
807

    
808
    version = request.GET.get('version')
809
    try:
810
        meta = request.backend.get_object_meta(request.user_uniq, v_account,
811
                                               v_container, v_object,
812
                                               'pithos', version)
813
        if version is None:
814
            permissions = request.backend.get_object_permissions(
815
                request.user_uniq,
816
                v_account, v_container, v_object)
817
            public = request.backend.get_object_public(
818
                request.user_uniq, v_account,
819
                v_container, v_object)
820
        else:
821
            permissions = None
822
            public = None
823
    except NotAllowedError:
824
        raise faults.Forbidden('Not allowed')
825
    except ItemNotExists:
826
        raise faults.ItemNotFound('Object does not exist')
827
    except VersionNotExists:
828
        raise faults.ItemNotFound('Version does not exist')
829

    
830
    update_manifest_meta(request, v_account, meta)
831
    update_sharing_meta(
832
        request, permissions, v_account, v_container, v_object, meta)
833
    if request.user_uniq == v_account:
834
        update_public_meta(public, meta)
835

    
836
    # Evaluate conditions.
837
    validate_modification_preconditions(request, meta)
838
    try:
839
        validate_matching_preconditions(request, meta)
840
    except faults.NotModified:
841
        response = HttpResponse(status=304)
842
        response['ETag'] = meta['hash'] if not UPDATE_MD5 else meta['checksum']
843
        return response
844

    
845
    response = HttpResponse(status=200)
846
    put_object_headers(response, meta, token=getattr(request, 'token', None))
847
    return response
848

    
849

    
850
@api_method('GET', format_allowed=True, user_required=True, logger=logger)
851
def object_read(request, v_account, v_container, v_object):
852
    return _object_read(request, v_account, v_container, v_object)
853

    
854

    
855
def _object_read(request, v_account, v_container, v_object):
856
    # Normal Response Codes: 200, 206
857
    # Error Response Codes: internalServerError (500),
858
    #                       rangeNotSatisfiable (416),
859
    #                       preconditionFailed (412),
860
    #                       itemNotFound (404),
861
    #                       forbidden (403),
862
    #                       badRequest (400),
863
    #                       notModified (304)
864

    
865
    version = request.GET.get('version')
866

    
867
    # Reply with the version list. Do this first, as the object may be deleted.
868
    if version == 'list':
869
        if request.serialization == 'text':
870
            raise faults.BadRequest('No format specified for version list.')
871

    
872
        try:
873
            v = request.backend.list_versions(request.user_uniq, v_account,
874
                                              v_container, v_object)
875
        except NotAllowedError:
876
            raise faults.Forbidden('Not allowed')
877
        except ItemNotExists:
878
            raise faults.ItemNotFound('Object does not exist')
879
        d = {'versions': v}
880
        if request.serialization == 'xml':
881
            d['object'] = v_object
882
            data = render_to_string('versions.xml', d)
883
        elif request.serialization == 'json':
884
            data = json.dumps(d, default=json_encode_decimal)
885

    
886
        response = HttpResponse(data, status=200)
887
        response['Content-Length'] = len(data)
888
        return response
889

    
890
    try:
891
        meta = request.backend.get_object_meta(request.user_uniq, v_account,
892
                                               v_container, v_object,
893
                                               'pithos', version)
894
        if version is None:
895
            permissions = request.backend.get_object_permissions(
896
                request.user_uniq,
897
                v_account, v_container, v_object)
898
            public = request.backend.get_object_public(
899
                request.user_uniq, v_account,
900
                v_container, v_object)
901
        else:
902
            permissions = None
903
            public = None
904
    except NotAllowedError:
905
        raise faults.Forbidden('Not allowed')
906
    except ItemNotExists:
907
        raise faults.ItemNotFound('Object does not exist')
908
    except VersionNotExists:
909
        raise faults.ItemNotFound('Version does not exist')
910

    
911
    update_manifest_meta(request, v_account, meta)
912
    update_sharing_meta(
913
        request, permissions, v_account, v_container, v_object, meta)
914
    if request.user_uniq == v_account:
915
        update_public_meta(public, meta)
916

    
917
    # Evaluate conditions.
918
    validate_modification_preconditions(request, meta)
919
    try:
920
        validate_matching_preconditions(request, meta)
921
    except faults.NotModified:
922
        response = HttpResponse(status=304)
923
        response['ETag'] = meta['hash'] if not UPDATE_MD5 else meta['checksum']
924
        return response
925

    
926
    hashmap_reply = False
927
    if 'hashmap' in request.GET and request.serialization != 'text':
928
        hashmap_reply = True
929

    
930
    sizes = []
931
    hashmaps = []
932
    if 'X-Object-Manifest' in meta and not hashmap_reply:
933
        try:
934
            src_container, src_name = split_container_object_string(
935
                '/' + meta['X-Object-Manifest'])
936
            objects = request.backend.list_objects(
937
                request.user_uniq, v_account,
938
                src_container, prefix=src_name, virtual=False)
939
        except NotAllowedError:
940
            raise faults.Forbidden('Not allowed')
941
        except ValueError:
942
            raise faults.BadRequest('Invalid X-Object-Manifest header')
943
        except ItemNotExists:
944
            raise faults.ItemNotFound('Container does not exist')
945

    
946
        try:
947
            for x in objects:
948
                s, h = \
949
                    request.backend.get_object_hashmap(
950
                        request.user_uniq, v_account, src_container, x[0],
951
                        x[1])
952
                sizes.append(s)
953
                hashmaps.append(h)
954
        except NotAllowedError:
955
            raise faults.Forbidden('Not allowed')
956
        except ItemNotExists:
957
            raise faults.ItemNotFound('Object does not exist')
958
        except VersionNotExists:
959
            raise faults.ItemNotFound('Version does not exist')
960
    else:
961
        try:
962
            s, h = request.backend.get_object_hashmap(
963
                request.user_uniq, v_account,
964
                v_container, v_object, version)
965
            sizes.append(s)
966
            hashmaps.append(h)
967
        except NotAllowedError:
968
            raise faults.Forbidden('Not allowed')
969
        except ItemNotExists:
970
            raise faults.ItemNotFound('Object does not exist')
971
        except VersionNotExists:
972
            raise faults.ItemNotFound('Version does not exist')
973

    
974
    # Reply with the hashmap.
975
    if hashmap_reply:
976
        size = sum(sizes)
977
        hashmap = sum(hashmaps, [])
978
        d = {
979
            'block_size': request.backend.block_size,
980
            'block_hash': request.backend.hash_algorithm,
981
            'bytes': size,
982
            'hashes': hashmap}
983
        if request.serialization == 'xml':
984
            d['object'] = v_object
985
            data = render_to_string('hashes.xml', d)
986
        elif request.serialization == 'json':
987
            data = json.dumps(d)
988

    
989
        response = HttpResponse(data, status=200)
990
        put_object_headers(
991
            response, meta, token=getattr(request, 'token', None))
992
        response['Content-Length'] = len(data)
993
        return response
994

    
995
    request.serialization = 'text'  # Unset.
996
    return object_data_response(request, sizes, hashmaps, meta)
997

    
998

    
999
@api_method('PUT', format_allowed=True, user_required=True, logger=logger,
1000
            lock_container_path=True)
1001
def object_write(request, v_account, v_container, v_object):
1002
    # Normal Response Codes: 201
1003
    # Error Response Codes: internalServerError (500),
1004
    #                       unprocessableEntity (422),
1005
    #                       lengthRequired (411),
1006
    #                       conflict (409),
1007
    #                       itemNotFound (404),
1008
    #                       forbidden (403),
1009
    #                       badRequest (400)
1010
    #                       requestentitytoolarge (413)
1011

    
1012
    # Evaluate conditions.
1013
    if (request.META.get('HTTP_IF_MATCH')
1014
            or request.META.get('HTTP_IF_NONE_MATCH')):
1015
        try:
1016
            meta = request.backend.get_object_meta(
1017
                request.user_uniq, v_account,
1018
                v_container, v_object, 'pithos')
1019
        except NotAllowedError:
1020
            raise faults.Forbidden('Not allowed')
1021
        except NameError:
1022
            meta = {}
1023
        validate_matching_preconditions(request, meta)
1024

    
1025
    copy_from = request.META.get('HTTP_X_COPY_FROM')
1026
    move_from = request.META.get('HTTP_X_MOVE_FROM')
1027
    if copy_from or move_from:
1028
        delimiter = request.GET.get('delimiter')
1029
        content_length = get_content_length(request)  # Required by the API.
1030

    
1031
        src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT')
1032

    
1033
        if not src_account:
1034
            src_account = request.user_uniq
1035
        else:
1036
            if TRANSLATE_UUIDS:
1037
                try:
1038
                    src_account = retrieve_uuid(
1039
                        getattr(request, 'token', None), src_account)
1040
                except ItemNotExists:
1041
                    faults.ItemNotFound('Invalid source account')
1042

    
1043
        if move_from:
1044
            try:
1045
                src_container, src_name = split_container_object_string(
1046
                    move_from)
1047
            except ValueError:
1048
                raise faults.BadRequest('Invalid X-Move-From header')
1049
            version_id = copy_or_move_object(
1050
                request, src_account, src_container, src_name,
1051
                v_account, v_container, v_object,
1052
                move=True, delimiter=delimiter)
1053
        else:
1054
            try:
1055
                src_container, src_name = split_container_object_string(
1056
                    copy_from)
1057
            except ValueError:
1058
                raise faults.BadRequest('Invalid X-Copy-From header')
1059
            version_id = copy_or_move_object(
1060
                request, src_account, src_container, src_name,
1061
                v_account, v_container, v_object,
1062
                move=False, delimiter=delimiter)
1063
        response = HttpResponse(status=201)
1064
        response['X-Object-Version'] = version_id
1065
        return response
1066

    
1067
    content_type, meta, permissions, public = get_object_headers(request)
1068
    content_length = -1
1069
    if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked':
1070
        content_length = get_content_length(request)
1071
    # Should be BadRequest, but API says otherwise.
1072
    if content_type is None:
1073
        raise faults.LengthRequired('Missing Content-Type header')
1074

    
1075
    if 'hashmap' in request.GET:
1076
        if request.serialization not in ('json', 'xml'):
1077
            raise faults.BadRequest('Invalid hashmap format')
1078

    
1079
        data = ''
1080
        for block in socket_read_iterator(request, content_length,
1081
                                          request.backend.block_size):
1082
            data = '%s%s' % (data, block)
1083

    
1084
        if request.serialization == 'json':
1085
            d = json.loads(data)
1086
            if not hasattr(d, '__getitem__'):
1087
                raise faults.BadRequest('Invalid data formating')
1088
            try:
1089
                hashmap = d['hashes']
1090
                size = int(d['bytes'])
1091
            except:
1092
                raise faults.BadRequest('Invalid data formatting')
1093
        elif request.serialization == 'xml':
1094
            try:
1095
                xml = minidom.parseString(data)
1096
                obj = xml.getElementsByTagName('object')[0]
1097
                size = int(obj.attributes['bytes'].value)
1098

    
1099
                hashes = xml.getElementsByTagName('hash')
1100
                hashmap = []
1101
                for hash in hashes:
1102
                    hashmap.append(hash.firstChild.data)
1103
            except:
1104
                raise faults.BadRequest('Invalid data formatting')
1105

    
1106
        checksum = ''  # Do not set to None (will copy previous value).
1107
    else:
1108
        etag = request.META.get('HTTP_ETAG')
1109
        checksum_compute = Checksum() if etag or UPDATE_MD5 else NoChecksum()
1110
        size = 0
1111
        hashmap = []
1112
        for data in socket_read_iterator(request, content_length,
1113
                                         request.backend.block_size):
1114
            # TODO: Raise 408 (Request Timeout) if this takes too long.
1115
            # TODO: Raise 499 (Client Disconnect) if a length is defined
1116
            #       and we stop before getting this much data.
1117
            size += len(data)
1118
            hashmap.append(request.backend.put_block(data))
1119
            checksum_compute.update(data)
1120

    
1121
        checksum = checksum_compute.hexdigest()
1122
        if etag and parse_etags(etag)[0].lower() != checksum:
1123
            raise faults.UnprocessableEntity('Object ETag does not match')
1124

    
1125
    try:
1126
        version_id, merkle = request.backend.update_object_hashmap(
1127
            request.user_uniq, v_account, v_container, v_object, size,
1128
            content_type, hashmap, checksum, 'pithos', meta, True, permissions
1129
        )
1130
    except NotAllowedError:
1131
        raise faults.Forbidden('Not allowed')
1132
    except IndexError, e:
1133
        missing_blocks = e.data
1134
        response = HttpResponse(status=409)
1135
        response.content = simple_list_response(request, missing_blocks)
1136
        return response
1137
    except ItemNotExists:
1138
        raise faults.ItemNotFound('Container does not exist')
1139
    except ValueError:
1140
        raise faults.BadRequest('Invalid sharing header')
1141
    except QuotaError, e:
1142
        raise faults.RequestEntityTooLarge('Quota error: %s' % e)
1143
    except InvalidHash, e:
1144
        raise faults.BadRequest('Invalid hash: %s' % e)
1145
    if not checksum and UPDATE_MD5:
1146
        # Update the MD5 after the hashmap, as there may be missing hashes.
1147
        checksum = hashmap_md5(request.backend, hashmap, size)
1148
        try:
1149
            request.backend.update_object_checksum(request.user_uniq,
1150
                                                   v_account, v_container,
1151
                                                   v_object, version_id,
1152
                                                   checksum)
1153
        except NotAllowedError:
1154
            raise faults.Forbidden('Not allowed')
1155
    if public is not None:
1156
        try:
1157
            request.backend.update_object_public(request.user_uniq, v_account,
1158
                                                 v_container, v_object, public)
1159
        except NotAllowedError:
1160
            raise faults.Forbidden('Not allowed')
1161
        except ItemNotExists:
1162
            raise faults.ItemNotFound('Object does not exist')
1163

    
1164
    response = HttpResponse(status=201)
1165
    response['ETag'] = merkle if not UPDATE_MD5 else checksum
1166
    response['X-Object-Version'] = version_id
1167
    return response
1168

    
1169

    
1170
@api_method('POST', user_required=True, logger=logger,
1171
            lock_container_path=True)
1172
def object_write_form(request, v_account, v_container, v_object):
1173
    # Normal Response Codes: 201
1174
    # Error Response Codes: internalServerError (500),
1175
    #                       itemNotFound (404),
1176
    #                       forbidden (403),
1177
    #                       badRequest (400)
1178
    #                       requestentitytoolarge (413)
1179

    
1180
    request.upload_handlers = [SaveToBackendHandler(request)]
1181
    if 'X-Object-Data' not in request.FILES:
1182
        raise faults.BadRequest('Missing X-Object-Data field')
1183
    file = request.FILES['X-Object-Data']
1184

    
1185
    checksum = file.etag
1186
    try:
1187
        version_id, merkle = request.backend.update_object_hashmap(
1188
            request.user_uniq, v_account, v_container, v_object, file.size,
1189
            file.content_type, file.hashmap, checksum, 'pithos', {}, True
1190
        )
1191
    except NotAllowedError:
1192
        raise faults.Forbidden('Not allowed')
1193
    except ItemNotExists:
1194
        raise faults.ItemNotFound('Container does not exist')
1195
    except QuotaError, e:
1196
        raise faults.RequestEntityTooLarge('Quota error: %s' % e)
1197

    
1198
    response = HttpResponse(status=201)
1199
    response['ETag'] = merkle if not UPDATE_MD5 else checksum
1200
    response['X-Object-Version'] = version_id
1201
    response.content = checksum
1202
    return response
1203

    
1204

    
1205
@api_method('COPY', format_allowed=True, user_required=True, logger=logger,
1206
            lock_container_path=True)
1207
def object_copy(request, v_account, v_container, v_object):
1208
    # Normal Response Codes: 201
1209
    # Error Response Codes: internalServerError (500),
1210
    #                       itemNotFound (404),
1211
    #                       forbidden (403),
1212
    #                       badRequest (400)
1213
    #                       requestentitytoolarge (413)
1214

    
1215
    dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT')
1216
    if not dest_account:
1217
        dest_account = request.user_uniq
1218
    dest_path = request.META.get('HTTP_DESTINATION')
1219
    if not dest_path:
1220
        raise faults.BadRequest('Missing Destination header')
1221
    try:
1222
        dest_container, dest_name = split_container_object_string(dest_path)
1223
    except ValueError:
1224
        raise faults.BadRequest('Invalid Destination header')
1225

    
1226
    # Evaluate conditions.
1227
    if (request.META.get('HTTP_IF_MATCH')
1228
            or request.META.get('HTTP_IF_NONE_MATCH')):
1229
        src_version = request.META.get('HTTP_X_SOURCE_VERSION')
1230
        try:
1231
            meta = request.backend.get_object_meta(
1232
                request.user_uniq, v_account,
1233
                v_container, v_object, 'pithos', src_version)
1234
        except NotAllowedError:
1235
            raise faults.Forbidden('Not allowed')
1236
        except (ItemNotExists, VersionNotExists):
1237
            raise faults.ItemNotFound('Container or object does not exist')
1238
        validate_matching_preconditions(request, meta)
1239

    
1240
    delimiter = request.GET.get('delimiter')
1241

    
1242
    version_id = copy_or_move_object(request, v_account, v_container, v_object,
1243
                                     dest_account, dest_container, dest_name,
1244
                                     move=False, delimiter=delimiter)
1245
    response = HttpResponse(status=201)
1246
    response['X-Object-Version'] = version_id
1247
    return response
1248

    
1249

    
1250
@api_method('MOVE', format_allowed=True, user_required=True, logger=logger,
1251
            lock_container_path=True)
1252
def object_move(request, v_account, v_container, v_object):
1253
    # Normal Response Codes: 201
1254
    # Error Response Codes: internalServerError (500),
1255
    #                       itemNotFound (404),
1256
    #                       forbidden (403),
1257
    #                       badRequest (400)
1258
    #                       requestentitytoolarge (413)
1259

    
1260
    dest_account = request.META.get('HTTP_DESTINATION_ACCOUNT')
1261
    if not dest_account:
1262
        dest_account = request.user_uniq
1263
    dest_path = request.META.get('HTTP_DESTINATION')
1264
    if not dest_path:
1265
        raise faults.BadRequest('Missing Destination header')
1266
    try:
1267
        dest_container, dest_name = split_container_object_string(dest_path)
1268
    except ValueError:
1269
        raise faults.BadRequest('Invalid Destination header')
1270

    
1271
    # Evaluate conditions.
1272
    if (request.META.get('HTTP_IF_MATCH')
1273
            or request.META.get('HTTP_IF_NONE_MATCH')):
1274
        try:
1275
            meta = request.backend.get_object_meta(
1276
                request.user_uniq, v_account,
1277
                v_container, v_object, 'pithos')
1278
        except NotAllowedError:
1279
            raise faults.Forbidden('Not allowed')
1280
        except ItemNotExists:
1281
            raise faults.ItemNotFound('Container or object does not exist')
1282
        validate_matching_preconditions(request, meta)
1283

    
1284
    delimiter = request.GET.get('delimiter')
1285

    
1286
    version_id = copy_or_move_object(request, v_account, v_container, v_object,
1287
                                     dest_account, dest_container, dest_name,
1288
                                     move=True, delimiter=delimiter)
1289
    response = HttpResponse(status=201)
1290
    response['X-Object-Version'] = version_id
1291
    return response
1292

    
1293

    
1294
@api_method('POST', format_allowed=True, user_required=True, logger=logger,
1295
            lock_container_path=True)
1296
def object_update(request, v_account, v_container, v_object):
1297
    # Normal Response Codes: 202, 204
1298
    # Error Response Codes: internalServerError (500),
1299
    #                       conflict (409),
1300
    #                       itemNotFound (404),
1301
    #                       forbidden (403),
1302
    #                       badRequest (400)
1303

    
1304
    content_type, meta, permissions, public = get_object_headers(request)
1305

    
1306
    try:
1307
        prev_meta = request.backend.get_object_meta(
1308
            request.user_uniq, v_account,
1309
            v_container, v_object, 'pithos')
1310
    except NotAllowedError:
1311
        raise faults.Forbidden('Not allowed')
1312
    except ItemNotExists:
1313
        raise faults.ItemNotFound('Object does not exist')
1314

    
1315
    # Evaluate conditions.
1316
    if (request.META.get('HTTP_IF_MATCH')
1317
            or request.META.get('HTTP_IF_NONE_MATCH')):
1318
        validate_matching_preconditions(request, prev_meta)
1319

    
1320
    replace = True
1321
    if 'update' in request.GET:
1322
        replace = False
1323

    
1324
    # A Content-Type or X-Source-Object header indicates data updates.
1325
    src_object = request.META.get('HTTP_X_SOURCE_OBJECT')
1326
    if ((not content_type or content_type != 'application/octet-stream')
1327
            and not src_object):
1328
        response = HttpResponse(status=202)
1329

    
1330
        # Do permissions first, as it may fail easier.
1331
        if permissions is not None:
1332
            try:
1333
                request.backend.update_object_permissions(
1334
                    request.user_uniq, v_account, v_container, v_object,
1335
                    permissions)
1336
            except NotAllowedError:
1337
                raise faults.Forbidden('Not allowed')
1338
            except ItemNotExists:
1339
                raise faults.ItemNotFound('Object does not exist')
1340
            except ValueError:
1341
                raise faults.BadRequest('Invalid sharing header')
1342
        if public is not None:
1343
            try:
1344
                request.backend.update_object_public(
1345
                    request.user_uniq, v_account,
1346
                    v_container, v_object, public)
1347
            except NotAllowedError:
1348
                raise faults.Forbidden('Not allowed')
1349
            except ItemNotExists:
1350
                raise faults.ItemNotFound('Object does not exist')
1351
        if meta or replace:
1352
            try:
1353
                version_id = request.backend.update_object_meta(
1354
                    request.user_uniq,
1355
                    v_account, v_container, v_object, 'pithos', meta, replace)
1356
            except NotAllowedError:
1357
                raise faults.Forbidden('Not allowed')
1358
            except ItemNotExists:
1359
                raise faults.ItemNotFound('Object does not exist')
1360
            response['X-Object-Version'] = version_id
1361

    
1362
        return response
1363

    
1364
    # Single range update. Range must be in Content-Range.
1365
    # Based on: http://code.google.com/p/gears/wiki/ContentRangePostProposal
1366
    # (with the addition that '*' is allowed for the range - will append).
1367
    content_range = request.META.get('HTTP_CONTENT_RANGE')
1368
    if not content_range:
1369
        raise faults.BadRequest('Missing Content-Range header')
1370
    ranges = get_content_range(request)
1371
    if not ranges:
1372
        raise faults.RangeNotSatisfiable('Invalid Content-Range header')
1373

    
1374
    try:
1375
        size, hashmap = \
1376
            request.backend.get_object_hashmap(
1377
                request.user_uniq, v_account, v_container, v_object)
1378
    except NotAllowedError:
1379
        raise faults.Forbidden('Not allowed')
1380
    except ItemNotExists:
1381
        raise faults.ItemNotFound('Object does not exist')
1382

    
1383
    offset, length, total = ranges
1384
    if offset is None:
1385
        offset = size
1386
    elif offset > size:
1387
        raise faults.RangeNotSatisfiable(
1388
            'Supplied offset is beyond object limits')
1389
    if src_object:
1390
        src_account = request.META.get('HTTP_X_SOURCE_ACCOUNT')
1391
        if not src_account:
1392
            src_account = request.user_uniq
1393
        try:
1394
            src_container, src_name = split_container_object_string(src_object)
1395
        except ValueError:
1396
            raise faults.BadRequest('Invalid source object')
1397

    
1398
        try:
1399
            src_version = request.META.get('HTTP_X_SOURCE_VERSION')
1400
            src_size, src_hashmap = request.backend.get_object_hashmap(
1401
                request.user_uniq,
1402
                src_account, src_container, src_name, src_version)
1403
        except NotAllowedError:
1404
            raise faults.Forbidden('Not allowed')
1405
        except ItemNotExists:
1406
            raise faults.ItemNotFound('Source object does not exist')
1407

    
1408
        if length is None:
1409
            length = src_size
1410
        elif length > src_size:
1411
            raise faults.BadRequest(
1412
                'Object length is smaller than range length')
1413
    else:
1414
        # Require either a Content-Length, or 'chunked' Transfer-Encoding.
1415
        content_length = -1
1416
        if request.META.get('HTTP_TRANSFER_ENCODING') != 'chunked':
1417
            content_length = get_content_length(request)
1418

    
1419
        if length is None:
1420
            length = content_length
1421
        else:
1422
            if content_length == -1:
1423
                # TODO: Get up to length bytes in chunks.
1424
                length = content_length
1425
            elif length != content_length:
1426
                raise faults.BadRequest(
1427
                    'Content length does not match range length')
1428
    if (total is not None
1429
            and (total != size or offset >= size
1430
                 or (length > 0 and offset + length > size))):
1431
        raise faults.RangeNotSatisfiable(
1432
            'Supplied range will change provided object limits')
1433

    
1434
    dest_bytes = request.META.get('HTTP_X_OBJECT_BYTES')
1435
    if dest_bytes is not None:
1436
        dest_bytes = get_int_parameter(dest_bytes)
1437
        if dest_bytes is None:
1438
            raise faults.BadRequest('Invalid X-Object-Bytes header')
1439

    
1440
    if src_object:
1441
        if offset % request.backend.block_size == 0:
1442
            # Update the hashes only.
1443
            sbi = 0
1444
            while length > 0:
1445
                bi = int(offset / request.backend.block_size)
1446
                bl = min(length, request.backend.block_size)
1447
                if bi < len(hashmap):
1448
                    if bl == request.backend.block_size:
1449
                        hashmap[bi] = src_hashmap[sbi]
1450
                    else:
1451
                        data = request.backend.get_block(src_hashmap[sbi])
1452
                        hashmap[bi] = request.backend.update_block(
1453
                            hashmap[bi], data[:bl], 0)
1454
                else:
1455
                    hashmap.append(src_hashmap[sbi])
1456
                offset += bl
1457
                length -= bl
1458
                sbi += 1
1459
        else:
1460
            data = ''
1461
            sbi = 0
1462
            while length > 0:
1463
                if sbi < len(src_hashmap):
1464
                    data += request.backend.get_block(src_hashmap[sbi])
1465
                if length < request.backend.block_size:
1466
                    data = data[:length]
1467
                bytes = put_object_block(request, hashmap, data, offset)
1468
                offset += bytes
1469
                data = data[bytes:]
1470
                length -= bytes
1471
                sbi += 1
1472
    else:
1473
        data = ''
1474
        for d in socket_read_iterator(request, length,
1475
                                      request.backend.block_size):
1476
            # TODO: Raise 408 (Request Timeout) if this takes too long.
1477
            # TODO: Raise 499 (Client Disconnect) if a length is defined
1478
            #       and we stop before getting this much data.
1479
            data += d
1480
            bytes = put_object_block(request, hashmap, data, offset)
1481
            offset += bytes
1482
            data = data[bytes:]
1483
        if len(data) > 0:
1484
            bytes = put_object_block(request, hashmap, data, offset)
1485
            offset += bytes
1486

    
1487
    if offset > size:
1488
        size = offset
1489
    if dest_bytes is not None and dest_bytes < size:
1490
        size = dest_bytes
1491
        hashmap = hashmap[:(int((size - 1) / request.backend.block_size) + 1)]
1492
    checksum = hashmap_md5(
1493
        request.backend, hashmap, size) if UPDATE_MD5 else ''
1494
    try:
1495
        version_id, merkle = request.backend.update_object_hashmap(
1496
            request.user_uniq, v_account, v_container, v_object, size,
1497
            prev_meta['type'], hashmap, checksum, 'pithos', meta, replace,
1498
            permissions
1499
        )
1500
    except NotAllowedError:
1501
        raise faults.Forbidden('Not allowed')
1502
    except ItemNotExists:
1503
        raise faults.ItemNotFound('Container does not exist')
1504
    except ValueError:
1505
        raise faults.BadRequest('Invalid sharing header')
1506
    except QuotaError, e:
1507
        raise faults.RequestEntityTooLarge('Quota error: %s' % e)
1508
    if public is not None:
1509
        try:
1510
            request.backend.update_object_public(request.user_uniq, v_account,
1511
                                                 v_container, v_object, public)
1512
        except NotAllowedError:
1513
            raise faults.Forbidden('Not allowed')
1514
        except ItemNotExists:
1515
            raise faults.ItemNotFound('Object does not exist')
1516

    
1517
    response = HttpResponse(status=204)
1518
    response['ETag'] = merkle if not UPDATE_MD5 else checksum
1519
    response['X-Object-Version'] = version_id
1520
    return response
1521

    
1522

    
1523
@api_method('DELETE', user_required=True, logger=logger,
1524
            lock_container_path=True)
1525
def object_delete(request, v_account, v_container, v_object):
1526
    # Normal Response Codes: 204
1527
    # Error Response Codes: internalServerError (500),
1528
    #                       itemNotFound (404),
1529
    #                       forbidden (403),
1530
    #                       badRequest (400)
1531
    #                       requestentitytoolarge (413)
1532

    
1533
    until = get_int_parameter(request.GET.get('until'))
1534
    delimiter = request.GET.get('delimiter')
1535

    
1536
    try:
1537
        request.backend.delete_object(
1538
            request.user_uniq, v_account, v_container,
1539
            v_object, until, delimiter=delimiter)
1540
    except NotAllowedError:
1541
        raise faults.Forbidden('Not allowed')
1542
    except ItemNotExists:
1543
        raise faults.ItemNotFound('Object does not exist')
1544
    except QuotaError, e:
1545
        raise faults.RequestEntityTooLarge('Quota error: %s' % e)
1546
    return HttpResponse(status=204)