Revision e809b989 docs/source/devguide.rst
| b/docs/source/devguide.rst | ||
|---|---|---|
| 27 | 27 |
========================= ================================ |
| 28 | 28 |
Revision Description |
| 29 | 29 |
========================= ================================ |
| 30 |
0.8 (Jan 24, 2012) Update allowed versioning values.
|
|
| 30 |
0.8 (Feb 9, 2012) Update allowed versioning values.
|
|
| 31 | 31 |
\ Change policy/meta formatting in JSON/XML replies. |
| 32 | 32 |
\ Document that all non-ASCII characters in headers should be URL-encoded. |
| 33 | 33 |
\ Support metadata-based queries when listing objects at the container level. |
| ... | ... | |
| 37 | 37 |
\ Note that ``/login`` will only work if an external authentication system is defined. |
| 38 | 38 |
\ Include option to ignore Content-Type on ``COPY``/``MOVE``. |
| 39 | 39 |
\ Use format parameter for conflict (409) and uploaded hash list (container level) replies. |
| 40 |
\ Change permissions model. |
|
| 40 | 41 |
0.7 (Nov 21, 2011) Suggest upload/download methods using hashmaps. |
| 41 | 42 |
\ Propose syncing algorithm. |
| 42 | 43 |
\ Support cross-account object copy and move. |
| ... | ... | |
| 863 | 864 |
Return Code Description |
| 864 | 865 |
============================== ============================== |
| 865 | 866 |
201 (Created) The object has been created |
| 866 |
409 (Conflict) The object can not be created from the provided hashmap, or there are conflicting permissions (a list of missing hashes, or a list of conflicting sharing paths will be included in the reply)
|
|
| 867 |
409 (Conflict) The object can not be created from the provided hashmap (a list of missing hashes will be included in the reply)
|
|
| 867 | 868 |
411 (Length Required) Missing ``Content-Length`` or ``Content-Type`` in the request |
| 868 | 869 |
413 (Request Entity Too Large) Insufficient quota to complete the request |
| 869 | 870 |
422 (Unprocessable Entity) The MD5 checksum of the data written to the storage system does not match the (optionally) supplied ETag value |
| ... | ... | |
| 913 | 914 |
Return Code Description |
| 914 | 915 |
============================== ============================== |
| 915 | 916 |
201 (Created) The object has been created |
| 916 |
409 (Conflict) There are conflicting permissions (a list of conflicting sharing paths will be included in the reply) |
|
| 917 | 917 |
413 (Request Entity Too Large) Insufficient quota to complete the request |
| 918 | 918 |
============================== ============================== |
| 919 | 919 |
|
| ... | ... | |
| 991 | 991 |
============================== ============================== |
| 992 | 992 |
202 (Accepted) The request has been accepted (not a data update) |
| 993 | 993 |
204 (No Content) The request succeeded (data updated) |
| 994 |
409 (Conflict) There are conflicting permissions (a list of conflicting sharing paths will be included in the reply) |
|
| 995 | 994 |
411 (Length Required) Missing ``Content-Length`` in the request |
| 996 | 995 |
413 (Request Entity Too Large) Insufficient quota to complete the request |
| 997 | 996 |
416 (Range Not Satisfiable) The supplied range is invalid |
| ... | ... | |
| 1045 | 1044 |
Sharing and Public Objects |
| 1046 | 1045 |
^^^^^^^^^^^^^^^^^^^^^^^^^^ |
| 1047 | 1046 |
|
| 1048 |
Read and write control in Pithos is managed by setting appropriate permissions with the ``X-Object-Sharing`` header. The permissions are applied using prefix-based inheritance. Thus, each set of authorization directives is applied to all objects sharing the same prefix with the object where the corresponding ``X-Object-Sharing`` header is defined. For simplicity, nested/overlapping permissions are not allowed. Setting ``X-Object-Sharing`` will fail, if the object is already "covered", or another object with a longer common-prefix name already has permissions. When retrieving an object, the ``X-Object-Shared-By`` header reports where it gets its permissions from. If not present, the object is the actual source of authorization directives.
|
|
| 1047 |
Read and write control in Pithos is managed by setting appropriate permissions with the ``X-Object-Sharing`` header. The permissions are applied using directory-based inheritance. A directory is an object with the corresponding content type. The default delimiter is ``/``. Thus, each set of authorization directives is applied to all objects in the directory object where the corresponding ``X-Object-Sharing`` header is defined. If there are nested/overlapping permissions, the closest to the object is applied. When retrieving an object, the ``X-Object-Shared-By`` header reports where it gets its permissions from. If not present, the object is the actual source of authorization directives.
|
|
| 1049 | 1048 |
|
| 1050 | 1049 |
A user may ``GET`` another account or container. The result will include a limited reply, containing only the allowed containers or objects respectively. A top-level request with an authentication token, will return a list of allowed accounts, so the user can easily find out which other users share objects. The ``X-Object-Allowed-To`` header lists the actions allowed on an object, if it does not belong to the requesting user. |
| 1051 | 1050 |
|
Also available in: Unified diff