def _putObjectAcl(self):
self._LOGGER.info("putting the object acl")
myDict = XmlToDict(self.getBody()).getDict()
myList = myDict['AccessControlPolicy']['AccessControlList']['Grant']
grantList = []
if not type(myList) is types.DictType:
for grantDict in myList:
if not grantDict['Grantee'].has_key('ID'):
self._LOGGER.warning(
'Putting different ACL from the usal CanonicalID, currently not implemented'
)
raise RestFSError(errCode.err['NotImplemented']['code'],\
errCode.err['NotImplemented']['message'],\
errCode.err['NotImplemented']['http'])
grant = Grant()
grant.uid = grantDict['Grantee']['ID']
grant.permission = ACPHelper.s3AclToPerm(
grantDict['Permission'])
grantList.append(grant)
else:
grant = Grant()
grant.uid = myList['Grantee']['ID']
grant.permission = ACPHelper.s3AclToPerm(myList['Permission'])
grantList.append(grant)
self.application.objectSrv.putObjectACL(self.s3Request.BUCKET,
self.s3Request.OBJECT,
self.s3Request.ID_REQUEST,
self.getUser(), grantList)
return None
def _putObjectAcl(self):
self._LOGGER.info("putting the object acl")
myDict = XmlToDict(self.getBody()).getDict()
myList = myDict["AccessControlPolicy"]["AccessControlList"]["Grant"]
grantList = []
if not type(myList) is types.DictType:
for grantDict in myList:
if not grantDict["Grantee"].has_key("ID"):
self._LOGGER.warning("Putting different ACL from the usal CanonicalID, currently not implemented")
raise RestFSError(
errCode.err["NotImplemented"]["code"],
errCode.err["NotImplemented"]["message"],
errCode.err["NotImplemented"]["http"],
)
grant = Grant()
grant.uid = grantDict["Grantee"]["ID"]
grant.permission = ACPHelper.s3AclToPerm(grantDict["Permission"])
grantList.append(grant)
else:
grant = Grant()
grant.uid = myList["Grantee"]["ID"]
grant.permission = ACPHelper.s3AclToPerm(myList["Permission"])
grantList.append(grant)
self.application.objectSrv.putObjectACL(
self.s3Request.BUCKET, self.s3Request.OBJECT, self.s3Request.ID_REQUEST, self.getUser(), grantList
)
return None
def _getObjectAcl(self):
self._LOGGER.info("getting the object acl")
grantList = self.application.objectSrv.getObjectACL(
self.s3Request.BUCKET, self.s3Request.OBJECT, self.getUser(), self.s3Request.ID_REQUEST
)
if len(grantList) == 0:
return {"AccessControlPolicy": {"Owner": {"ID": self.user.uid, "DisplayName": ""}}}
# FIXME MOVE IN Service object->Dict convertion
outList = []
for grant in grantList:
grants = ""
grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">'
grants += "<ID>%s</ID>" % grant.uid
grants += "<DisplayName></DisplayName>"
grants += "</Grantee>"
grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(grant.permission)
outList.append(grants)
self._LOGGER.debug("Outlist : %s" % outList)
return {
"AccessControlPolicy": {
"Owner": {"ID": self.user.uid, "DisplayName": ""},
"AccessControlList": {"Grant": outList},
}
}
def _getBucketLogging(self):
self._LOGGER.info('Getting the logging of the bucket')
#FIXME move object to dict in service
loggingList = self.application.bucketSrv.getBucketLogging(self.s3Request.BUCKET,self.getUser(),self.s3Request.ID_REQUEST)
self._LOGGER.debug('LoggingList : %s' % loggingList)
if loggingList == []:
return {'BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01': None }
outList = []
if loggingList :
for grant in loggingList:
grants = ""
grants +='<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser>'
grants += "<ID>%s</ID>" % grant.uid
grants +='</Grantee>'
grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(grant.permission)
outList.append(grants)
self._LOGGER.debug('Outlist : %s' % loggingList)
return {"BucketLoggingStatus ": {
"LoggingEnabled" : {"TargetBucket": self.fsRequest.BUCKET,
"TargetPrefix": 'valore'},
"TargetGrants": {
"Grant": outList}
}
}
def _putBucketAcl(self,myDict):
self._LOGGER.info('Putting the acl in the bucket')
myList = myDict['AccessControlPolicy']['AccessControlList']['Grant']
grantList = ACPHelper.granteeToGrant(myList)
self.application.bucketSrv.putBucketACL(self.s3Request.BUCKET,self.getUser(), self.s3Request.ID_REQUEST, grantList)
return
def _putBucketAcl(self, myDict):
self._LOGGER.info('Putting the acl in the bucket')
myList = myDict['AccessControlPolicy']['AccessControlList']['Grant']
grantList = ACPHelper.granteeToGrant(myList)
self.application.bucketSrv.putBucketACL(self.s3Request.BUCKET,
self.getUser(),
self.s3Request.ID_REQUEST,
grantList)
return
def _copyObject(self):
self._LOGGER.info("coping the object")
self._LOGGER.debug("Bucket-name : %s" % self.s3Request.BUCKET)
self._LOGGER.debug("Object-name : %s" % self.s3Request.OBJECT)
storage_class = "STANDARD"
if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-storage-class"):
storage_class = self.s3Request._AUTH_S3_HEADERS["x-amz-storage-class"]
object_acl = S3ACP.AMZ_PRIVATE
if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-acl"):
object_acl = self.s3Request._AUTH_S3_HEADERS["x-amz-acl"]
self._LOGGER.debug("Object acl : %s" % object_acl)
content_type = None
if self.s3Request._AUTH_S3_HEADERS.has_key("Content-Type"):
content_type = self.s3Request._AUTH_S3_HEADERS["Content-Type"]
self._LOGGER.debug("Object content type : %s" % content_type)
meta_replace = "COPY"
if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-metadata-directive"):
meta_replace = self.s3Request._AUTH_S3_HEADERS["x-amz-metadata-directive"]
meta = None
if meta_replace == "REPLACE":
meta = self.s3Request.getMetaData()
copy_path = urllib.unquote(self.s3Request._AUTH_S3_HEADERS["x-amz-copy-source"])
sourcePosition = copy_path.find("/")
bucket_path = copy_path[:sourcePosition]
object_path = copy_path[sourcePosition + 1 :]
grant = Grant()
grant.uid = self.getUser().uid
grant.permission = ACPHelper.amzToPerm(object_acl)
grantList = [grant]
obj = self.application.objectSrv.copyObject(
self.s3Request.BUCKET,
self.s3Request.OBJECT,
bucket_path,
object_path,
self.getUser(),
self.s3Request.ID_REQUEST,
storage_class,
grantList,
content_type,
meta,
)
return obj
def _copyObject(self):
self._LOGGER.info("coping the object")
self._LOGGER.debug('Bucket-name : %s' % self.s3Request.BUCKET)
self._LOGGER.debug('Object-name : %s' % self.s3Request.OBJECT)
storage_class = "STANDARD"
if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-storage-class'):
storage_class = self.s3Request._AUTH_S3_HEADERS[
'x-amz-storage-class']
object_acl = S3ACP.AMZ_PRIVATE
if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
self._LOGGER.debug('Object acl : %s' % object_acl)
content_type = None
if self.s3Request._AUTH_S3_HEADERS.has_key('Content-Type'):
content_type = self.s3Request._AUTH_S3_HEADERS['Content-Type']
self._LOGGER.debug('Object content type : %s' % content_type)
meta_replace = "COPY"
if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-metadata-directive'):
meta_replace = self.s3Request._AUTH_S3_HEADERS[
'x-amz-metadata-directive']
meta = None
if meta_replace == "REPLACE":
meta = self.s3Request.getMetaData()
copy_path = urllib.unquote(
self.s3Request._AUTH_S3_HEADERS['x-amz-copy-source'])
sourcePosition = copy_path.find('/')
bucket_path = copy_path[:sourcePosition]
object_path = copy_path[sourcePosition + 1:]
grant = Grant()
grant.uid = self.getUser().uid
grant.permission = ACPHelper.amzToPerm(object_acl)
grantList = [grant]
obj = self.application.objectSrv.copyObject(self.s3Request.BUCKET,
self.s3Request.OBJECT,
bucket_path, object_path,
self.getUser(),
self.s3Request.ID_REQUEST,
storage_class, grantList,
content_type, meta)
return obj
def _putObject(self):
self._LOGGER.info("creating the object")
self._LOGGER.debug("Bucket-name : %s" % self.s3Request.BUCKET)
self._LOGGER.debug("Object-name : %s" % self.s3Request.OBJECT)
storage_class = "STANDARD"
if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-storage-class"):
storage_class = self.s3Request._AUTH_S3_HEADERS["x-amz-storage-class"]
object_acl = S3ACP.AMZ_PRIVATE
# if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
# object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
self._LOGGER.debug("Object acl : %s" % object_acl)
content_type = None
if self.s3Request._AUTH_S3_HEADERS.has_key("content-type"):
content_type = self.s3Request._AUTH_S3_HEADERS["content-type"]
self._LOGGER.debug("Object content type : %s" % content_type)
meta = self.s3Request.getMetaData()
acp = ACP()
grant = Grant()
# FIXME user amzToID
grant.uid = self.getUser().uid
grant.permission = ACPHelper.amzToPerm(object_acl)
grantList = [grant]
acp.setByGrants(grantList)
obj = self.application.objectSrv.addObject(
self.s3Request.BUCKET,
self.s3Request.OBJECT,
self.getUser(),
self.s3Request.ID_REQUEST,
storage_class,
acp,
content_type,
meta,
self.getBody(),
)
headers = {}
headers["ETag"] = obj.md5
return headers
def _putObject(self):
self._LOGGER.info("creating the object")
self._LOGGER.debug('Bucket-name : %s' % self.s3Request.BUCKET)
self._LOGGER.debug('Object-name : %s' % self.s3Request.OBJECT)
storage_class = "STANDARD"
if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-storage-class'):
storage_class = self.s3Request._AUTH_S3_HEADERS[
'x-amz-storage-class']
object_acl = S3ACP.AMZ_PRIVATE
#if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
# object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
self._LOGGER.debug('Object acl : %s' % object_acl)
content_type = None
if self.s3Request._AUTH_S3_HEADERS.has_key('content-type'):
content_type = self.s3Request._AUTH_S3_HEADERS['content-type']
self._LOGGER.debug('Object content type : %s' % content_type)
meta = self.s3Request.getMetaData()
acp = ACP()
grant = Grant()
#FIXME user amzToID
grant.uid = self.getUser().uid
grant.permission = ACPHelper.amzToPerm(object_acl)
grantList = [grant]
acp.setByGrants(grantList)
obj = self.application.objectSrv.addObject(self.s3Request.BUCKET,
self.s3Request.OBJECT,
self.getUser(),
self.s3Request.ID_REQUEST,
storage_class, acp,
content_type, meta,
self.getBody())
headers = {}
headers["ETag"] = obj.md5
return headers
def _getObjectAcl(self):
self._LOGGER.info("getting the object acl")
grantList = self.application.objectSrv.getObjectACL(
self.s3Request.BUCKET, self.s3Request.OBJECT, self.getUser(),
self.s3Request.ID_REQUEST)
if len(grantList) == 0:
return {
"AccessControlPolicy": {
"Owner": {
"ID": self.user.uid,
"DisplayName": ""
}
}
}
#FIXME MOVE IN Service object->Dict convertion
outList = []
for grant in grantList:
grants = ""
grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">'
grants += "<ID>%s</ID>" % grant.uid
grants += "<DisplayName></DisplayName>"
grants += '</Grantee>'
grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(
grant.permission)
outList.append(grants)
self._LOGGER.debug('Outlist : %s' % outList)
return {
"AccessControlPolicy": {
"Owner": {
"ID": self.user.uid,
"DisplayName": ""
},
"AccessControlList": {
"Grant": outList
}
}
}
def write(self, path, data_handler, offset, fh):
print '#################'
print '##### WRITE ###'
print '#################'
uid, gid, context = fuse_get_context()
xattr = self.listxattr(path)
object_acl = S3ACP.ACL_FULL_CONTROL
acp = ACP()
grant = Grant()
grant.uid = uid
grant.permission = ACPHelper.s3AclToPerm(object_acl)
grantList = [grant]
acp.setByGrants(grantList)
storage_class="STANDARD"
content_type=None
self.cache.write(options.root_bucket, path, uid, gid, context, storage_class, object_acl ,content_type, xattr, data_handler)
self.data[path] = self.data[path][:offset] + data_handler
self.files[path]['st_size'] = len(self.data[path])
return len(data_handler)
def _getBucketLogging(self):
self._LOGGER.info('Getting the logging of the bucket')
#FIXME move object to dict in service
loggingList = self.application.bucketSrv.getBucketLogging(
self.s3Request.BUCKET, self.getUser(), self.s3Request.ID_REQUEST)
self._LOGGER.debug('LoggingList : %s' % loggingList)
if loggingList == []:
return {
'BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01':
None
}
outList = []
if loggingList:
for grant in loggingList:
grants = ""
grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser>'
grants += "<ID>%s</ID>" % grant.uid
grants += '</Grantee>'
grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(
grant.permission)
outList.append(grants)
self._LOGGER.debug('Outlist : %s' % loggingList)
return {
"BucketLoggingStatus ": {
"LoggingEnabled": {
"TargetBucket": self.fsRequest.BUCKET,
"TargetPrefix": 'valore'
},
"TargetGrants": {
"Grant": outList
}
}
}
def putBucket(self, bucket_name, user, session, amz, location):
# service operation for search
self._LOGGER.info("Creating the bucket")
self._LOGGER.debug('Bucket-name : %s' % bucket_name)
context = ''
if user.id == 0:
self._LOGGER.warning(
'The user have not privileges to create the bucket')
raise RestFSError(errCode.err['AuthorizationDeny']['code'],\
errCode.err['AuthorizationDeny']['message'],\
errCode.err['AuthorizationDeny']['http'])
res = self.res.findBucket(bucket_name)
if res > 0:
self._LOGGER.warning(
'The bucket you have tried to create already exists')
raise RestFSError(errCode.err['BucketAlreadyExists']['code'],\
errCode.err['BucketAlreadyExists']['message'],\
errCode.err['BucketAlreadyExists']['http'])
# How many bucket can create ?
num = self.res.getCountBucketByOwner(user.uid)
self._LOGGER.debug('Bucket-number created : %s' % num)
mymax = User.max_buckets
self._LOGGER.debug('Bucket-number max the user can create : %s' %
mymax)
if num > mymax:
self._LOGGER.warning(
'The user has reached the limit of the buckets to create')
raise RestFSError(errCode.err['LimitBucketsReached']['code'],\
errCode.err['LimitBucketsReached']['message'],\
errCode.err['LimitBucketsReached']['http'])
#check policy
#FIX
if res > 0:
self._LOGGER.warning('The policy document specified is invalid')
raise RestFSError(errCode.err['InvalidPolicyDocument']['code'],\
errCode.err['InvalidPolicyDocument']['message'],\
errCode.err['InvalidPolicyDocument']['http'])
#check location
loc = self.res.getRegionList()
if not location:
location = "EU"
elif location not in loc:
self._LOGGER.warning(
'The region/location the user specified was not found')
raise RestFSError(errCode.err['RegionNotFound']['code'],\
errCode.err['RegionNotFound']['message'],\
errCode.err['RegionNotFound']['http'])
#Find cluster
# Set Administration privileges ..
# Make registration of the new Bucket
# Resource manager operation
self.res.addBucket(bucket_name, user.uid)
# Convert S3 Permission to RestFs Permission
acp = ACP()
grant = Grant()
grant.permission = ACPHelper.amzToPerm(amz)
grant.uid = user.uid
grantList = [grant]
acp.setByGrants(grantList)
#FIX ME
gid = ''
self.meta.createBucket(bucket_name, acp, location, user.uid, gid,
context)
#Storage operation
self.storage.createBucket(bucket_name, context)
#Close the transaction, put bucket online
self.res.setBucketStatus(bucket_name, 2, context)
def putBucket(self,bucket_name, user, session, amz, location):
# service operation for search
self._LOGGER.info("Creating the bucket")
self._LOGGER.debug('Bucket-name : %s' % bucket_name)
context = ''
if user.id == 0 :
self._LOGGER.warning('The user have not privileges to create the bucket')
raise RestFSError(errCode.err['AuthorizationDeny']['code'],\
errCode.err['AuthorizationDeny']['message'],\
errCode.err['AuthorizationDeny']['http'])
res = self.res.findBucket(bucket_name)
if res > 0:
self._LOGGER.warning('The bucket you have tried to create already exists')
raise RestFSError(errCode.err['BucketAlreadyExists']['code'],\
errCode.err['BucketAlreadyExists']['message'],\
errCode.err['BucketAlreadyExists']['http'])
# How many bucket can create ?
num = self.res.getCountBucketByOwner(user.uid)
self._LOGGER.debug('Bucket-number created : %s' % num)
mymax = User.max_buckets
self._LOGGER.debug('Bucket-number max the user can create : %s' % mymax)
if num > mymax:
self._LOGGER.warning('The user has reached the limit of the buckets to create')
raise RestFSError(errCode.err['LimitBucketsReached']['code'],\
errCode.err['LimitBucketsReached']['message'],\
errCode.err['LimitBucketsReached']['http'])
#check policy
#FIX
if res > 0:
self._LOGGER.warning('The policy document specified is invalid')
raise RestFSError(errCode.err['InvalidPolicyDocument']['code'],\
errCode.err['InvalidPolicyDocument']['message'],\
errCode.err['InvalidPolicyDocument']['http'])
#check location
loc = self.res.getRegionList()
if not location:
location = "EU"
elif location not in loc:
self._LOGGER.warning('The region/location the user specified was not found')
raise RestFSError(errCode.err['RegionNotFound']['code'],\
errCode.err['RegionNotFound']['message'],\
errCode.err['RegionNotFound']['http'])
#Find cluster
# Set Administration privileges ..
# Make registration of the new Bucket
# Resource manager operation
self.res.addBucket(bucket_name,user.uid)
# Convert S3 Permission to RestFs Permission
acp = ACP()
grant = Grant()
grant.permission = ACPHelper.amzToPerm(amz)
grant.uid = user.uid
grantList = [grant]
acp.setByGrants(grantList)
#FIX ME
gid = ''
self.meta.createBucket(bucket_name,acp,location,user.uid, gid,context)
#Storage operation
self.storage.createBucket(bucket_name,context)
#Close the transaction, put bucket online
self.res.setBucketStatus(bucket_name,2,context)
