Revision 890c2065 snf-pithos-app/pithos/api/util.py
b/snf-pithos-app/pithos/api/util.py | ||
---|---|---|
65 | 65 |
BACKEND_QUOTA, BACKEND_VERSIONING, |
66 | 66 |
BACKEND_FREE_VERSIONING, |
67 | 67 |
AUTHENTICATION_URL, AUTHENTICATION_USERS, |
68 |
SERVICE_TOKEN, COOKIE_NAME, USER_INFO_URL,
|
|
68 |
SERVICE_TOKEN, COOKIE_NAME, USER_CATALOG_URL,
|
|
69 | 69 |
RADOS_STORAGE, RADOS_POOL_BLOCKS, |
70 | 70 |
RADOS_POOL_MAPS) |
71 | 71 |
from pithos.backends import connect_backend |
72 | 72 |
from pithos.backends.base import (NotAllowedError, QuotaError, ItemNotExists, |
73 | 73 |
VersionNotExists) |
74 |
from synnefo.lib.astakos import get_user_uuid, get_username |
|
74 |
from synnefo.lib.astakos import (get_user_uuid, get_displayname, |
|
75 |
get_uuids, get_displaynames) |
|
75 | 76 |
|
76 | 77 |
import logging |
77 | 78 |
import re |
... | ... | |
240 | 241 |
if not restricted: |
241 | 242 |
response['X-Object-Hash'] = meta['hash'] |
242 | 243 |
response['X-Object-UUID'] = meta['uuid'] |
243 |
modified_by = retrieve_username(meta['modified_by'])
|
|
244 |
modified_by = retrieve_displayname(meta['modified_by'])
|
|
244 | 245 |
response['X-Object-Modified-By'] = smart_str( |
245 | 246 |
modified_by, strings_only=True) |
246 | 247 |
response['X-Object-Version'] = meta['version'] |
... | ... | |
294 | 295 |
else: |
295 | 296 |
return True |
296 | 297 |
|
297 |
def retrieve_username(uuid):
|
|
298 |
def retrieve_displayname(uuid):
|
|
298 | 299 |
try: |
299 |
return get_username(
|
|
300 |
SERVICE_TOKEN, uuid, USER_INFO_URL, AUTHENTICATION_USERS)
|
|
300 |
return get_displayname(
|
|
301 |
SERVICE_TOKEN, uuid, USER_CATALOG_URL, AUTHENTICATION_USERS)
|
|
301 | 302 |
except: |
302 |
# if it fails just leave the metadata intact
|
|
303 |
# if it fails just leave the input intact
|
|
303 | 304 |
return uuid |
304 | 305 |
|
305 |
def retrieve_uuid(username):
|
|
306 |
if is_uuid(username):
|
|
307 |
return username
|
|
306 |
def retrieve_displaynames(uuids):
|
|
307 |
return get_displaynames(
|
|
308 |
SERVICE_TOKEN, uuids, USER_CATALOG_URL, AUTHENTICATION_USERS)
|
|
308 | 309 |
|
309 |
try: |
|
310 |
return get_user_uuid( |
|
311 |
SERVICE_TOKEN, username, USER_INFO_URL, AUTHENTICATION_USERS) |
|
312 |
except Exception, e: |
|
313 |
if e.args: |
|
314 |
status = e.args[-1] |
|
315 |
if status == 404: |
|
316 |
raise ItemNotExists(username) |
|
317 |
raise |
|
318 |
|
|
319 |
def replace_permissions_username(holder): |
|
310 |
def retrieve_uuid(displayname): |
|
311 |
if is_uuid(displayname): |
|
312 |
return displayname |
|
313 |
|
|
314 |
uuid = get_user_uuid( |
|
315 |
SERVICE_TOKEN, displayname, USER_CATALOG_URL, AUTHENTICATION_USERS) |
|
316 |
if not uuid: |
|
317 |
raise ItemNotExists(displayname) |
|
318 |
return uuid |
|
319 |
|
|
320 |
def retrieve_uuids(displaynames): |
|
321 |
return get_uuids( |
|
322 |
SERVICE_TOKEN, displaynames, USER_CATALOG_URL, AUTHENTICATION_USERS) |
|
323 |
|
|
324 |
def replace_permissions_displayname(holder): |
|
320 | 325 |
try: |
321 | 326 |
# check first for a group permission |
322 | 327 |
account, group = holder.split(':') |
... | ... | |
330 | 335 |
# check first for a group permission |
331 | 336 |
account, group = holder.split(':') |
332 | 337 |
except ValueError: |
333 |
return retrieve_username(holder)
|
|
338 |
return retrieve_displayname(holder)
|
|
334 | 339 |
else: |
335 |
return ':'.join([retrieve_username(account), group])
|
|
340 |
return ':'.join([retrieve_displayname(account), group])
|
|
336 | 341 |
|
337 | 342 |
def update_sharing_meta(request, permissions, v_account, v_container, v_object, meta): |
338 | 343 |
if permissions is None: |
... | ... | |
595 | 600 |
raise BadRequest( |
596 | 601 |
'Bad X-Object-Sharing header value: missing prefix') |
597 | 602 |
|
598 |
# replace username with uuid
|
|
603 |
# replace displayname with uuid
|
|
599 | 604 |
try: |
600 | 605 |
ret['read'] = \ |
601 |
[replace_permissions_username(x) for x in ret.get('read', [])]
|
|
606 |
[replace_permissions_displayname(x) for x in ret.get('read', [])]
|
|
602 | 607 |
ret['write'] = \ |
603 |
[replace_permissions_username(x) for x in ret.get('write', [])]
|
|
608 |
[replace_permissions_displayname(x) for x in ret.get('write', [])]
|
|
604 | 609 |
except ItemNotExists, e: |
605 | 610 |
raise BadRequest( |
606 | 611 |
'Bad X-Object-Sharing header value: unknown account: %s' % e) |
Also available in: Unified diff