Exemplo n.º 1
0
    def _putObjectAcl(self):

        self._LOGGER.info("putting the object acl")

        myDict = XmlToDict(self.getBody()).getDict()

        myList = myDict['AccessControlPolicy']['AccessControlList']['Grant']

        grantList = []
        if not type(myList) is types.DictType:
            for grantDict in myList:
                if not grantDict['Grantee'].has_key('ID'):
                    self._LOGGER.warning(
                        'Putting different ACL from the usal CanonicalID, currently not implemented'
                    )
                    raise RestFSError(errCode.err['NotImplemented']['code'],\
                      errCode.err['NotImplemented']['message'],\
                      errCode.err['NotImplemented']['http'])
                grant = Grant()
                grant.uid = grantDict['Grantee']['ID']
                grant.permission = ACPHelper.s3AclToPerm(
                    grantDict['Permission'])
                grantList.append(grant)
        else:
            grant = Grant()
            grant.uid = myList['Grantee']['ID']
            grant.permission = ACPHelper.s3AclToPerm(myList['Permission'])
            grantList.append(grant)

        self.application.objectSrv.putObjectACL(self.s3Request.BUCKET,
                                                self.s3Request.OBJECT,
                                                self.s3Request.ID_REQUEST,
                                                self.getUser(), grantList)

        return None
Exemplo n.º 2
0
    def _putObjectAcl(self):

        self._LOGGER.info("putting the object acl")

        myDict = XmlToDict(self.getBody()).getDict()

        myList = myDict["AccessControlPolicy"]["AccessControlList"]["Grant"]

        grantList = []
        if not type(myList) is types.DictType:
            for grantDict in myList:
                if not grantDict["Grantee"].has_key("ID"):
                    self._LOGGER.warning("Putting different ACL from the usal CanonicalID, currently not implemented")
                    raise RestFSError(
                        errCode.err["NotImplemented"]["code"],
                        errCode.err["NotImplemented"]["message"],
                        errCode.err["NotImplemented"]["http"],
                    )
                grant = Grant()
                grant.uid = grantDict["Grantee"]["ID"]
                grant.permission = ACPHelper.s3AclToPerm(grantDict["Permission"])
                grantList.append(grant)
        else:
            grant = Grant()
            grant.uid = myList["Grantee"]["ID"]
            grant.permission = ACPHelper.s3AclToPerm(myList["Permission"])
            grantList.append(grant)

        self.application.objectSrv.putObjectACL(
            self.s3Request.BUCKET, self.s3Request.OBJECT, self.s3Request.ID_REQUEST, self.getUser(), grantList
        )

        return None
Exemplo n.º 3
0
    def _getObjectAcl(self):

        self._LOGGER.info("getting the object acl")

        grantList = self.application.objectSrv.getObjectACL(
            self.s3Request.BUCKET, self.s3Request.OBJECT, self.getUser(), self.s3Request.ID_REQUEST
        )

        if len(grantList) == 0:
            return {"AccessControlPolicy": {"Owner": {"ID": self.user.uid, "DisplayName": ""}}}

        # FIXME MOVE IN Service object->Dict convertion
        outList = []
        for grant in grantList:
            grants = ""
            grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">'
            grants += "<ID>%s</ID>" % grant.uid
            grants += "<DisplayName></DisplayName>"
            grants += "</Grantee>"
            grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(grant.permission)
            outList.append(grants)

        self._LOGGER.debug("Outlist : %s" % outList)
        return {
            "AccessControlPolicy": {
                "Owner": {"ID": self.user.uid, "DisplayName": ""},
                "AccessControlList": {"Grant": outList},
            }
        }
Exemplo n.º 4
0
    def _getBucketLogging(self):

        self._LOGGER.info('Getting the logging of the bucket')
        #FIXME move object to dict in service
        loggingList = self.application.bucketSrv.getBucketLogging(self.s3Request.BUCKET,self.getUser(),self.s3Request.ID_REQUEST)
        self._LOGGER.debug('LoggingList : %s' % loggingList)         
        if loggingList == []:
            return {'BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01': None }

        
        outList = []
        if loggingList :
            for grant in loggingList:
                grants = ""
                grants +='<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser>'
                grants += "<ID>%s</ID>" % grant.uid
                grants +='</Grantee>'
                grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(grant.permission)
                outList.append(grants)                     
        self._LOGGER.debug('Outlist : %s' % loggingList) 
          
      
        return {"BucketLoggingStatus ": {
             "LoggingEnabled"  :  {"TargetBucket": self.fsRequest.BUCKET,
                                   "TargetPrefix": 'valore'},
                                   "TargetGrants": {
                                                    "Grant": outList}
             }
         }
Exemplo n.º 5
0
 def _putBucketAcl(self,myDict):
     
     self._LOGGER.info('Putting the acl in the bucket')
     myList = myDict['AccessControlPolicy']['AccessControlList']['Grant'] 
     grantList = ACPHelper.granteeToGrant(myList)     
     self.application.bucketSrv.putBucketACL(self.s3Request.BUCKET,self.getUser(), self.s3Request.ID_REQUEST, grantList)
     
     return
Exemplo n.º 6
0
    def _putBucketAcl(self, myDict):

        self._LOGGER.info('Putting the acl in the bucket')
        myList = myDict['AccessControlPolicy']['AccessControlList']['Grant']
        grantList = ACPHelper.granteeToGrant(myList)
        self.application.bucketSrv.putBucketACL(self.s3Request.BUCKET,
                                                self.getUser(),
                                                self.s3Request.ID_REQUEST,
                                                grantList)

        return
Exemplo n.º 7
0
    def _copyObject(self):
        self._LOGGER.info("coping the object")

        self._LOGGER.debug("Bucket-name : %s" % self.s3Request.BUCKET)
        self._LOGGER.debug("Object-name : %s" % self.s3Request.OBJECT)

        storage_class = "STANDARD"
        if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-storage-class"):
            storage_class = self.s3Request._AUTH_S3_HEADERS["x-amz-storage-class"]

        object_acl = S3ACP.AMZ_PRIVATE
        if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-acl"):
            object_acl = self.s3Request._AUTH_S3_HEADERS["x-amz-acl"]
        self._LOGGER.debug("Object acl : %s" % object_acl)

        content_type = None
        if self.s3Request._AUTH_S3_HEADERS.has_key("Content-Type"):
            content_type = self.s3Request._AUTH_S3_HEADERS["Content-Type"]
        self._LOGGER.debug("Object content type : %s" % content_type)

        meta_replace = "COPY"
        if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-metadata-directive"):
            meta_replace = self.s3Request._AUTH_S3_HEADERS["x-amz-metadata-directive"]

        meta = None
        if meta_replace == "REPLACE":
            meta = self.s3Request.getMetaData()

        copy_path = urllib.unquote(self.s3Request._AUTH_S3_HEADERS["x-amz-copy-source"])
        sourcePosition = copy_path.find("/")
        bucket_path = copy_path[:sourcePosition]
        object_path = copy_path[sourcePosition + 1 :]

        grant = Grant()
        grant.uid = self.getUser().uid
        grant.permission = ACPHelper.amzToPerm(object_acl)
        grantList = [grant]

        obj = self.application.objectSrv.copyObject(
            self.s3Request.BUCKET,
            self.s3Request.OBJECT,
            bucket_path,
            object_path,
            self.getUser(),
            self.s3Request.ID_REQUEST,
            storage_class,
            grantList,
            content_type,
            meta,
        )

        return obj
Exemplo n.º 8
0
    def _copyObject(self):
        self._LOGGER.info("coping the object")

        self._LOGGER.debug('Bucket-name : %s' % self.s3Request.BUCKET)
        self._LOGGER.debug('Object-name : %s' % self.s3Request.OBJECT)

        storage_class = "STANDARD"
        if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-storage-class'):
            storage_class = self.s3Request._AUTH_S3_HEADERS[
                'x-amz-storage-class']

        object_acl = S3ACP.AMZ_PRIVATE
        if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
            object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
        self._LOGGER.debug('Object acl : %s' % object_acl)

        content_type = None
        if self.s3Request._AUTH_S3_HEADERS.has_key('Content-Type'):
            content_type = self.s3Request._AUTH_S3_HEADERS['Content-Type']
        self._LOGGER.debug('Object content type : %s' % content_type)

        meta_replace = "COPY"
        if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-metadata-directive'):
            meta_replace = self.s3Request._AUTH_S3_HEADERS[
                'x-amz-metadata-directive']

        meta = None
        if meta_replace == "REPLACE":
            meta = self.s3Request.getMetaData()

        copy_path = urllib.unquote(
            self.s3Request._AUTH_S3_HEADERS['x-amz-copy-source'])
        sourcePosition = copy_path.find('/')
        bucket_path = copy_path[:sourcePosition]
        object_path = copy_path[sourcePosition + 1:]

        grant = Grant()
        grant.uid = self.getUser().uid
        grant.permission = ACPHelper.amzToPerm(object_acl)
        grantList = [grant]

        obj = self.application.objectSrv.copyObject(self.s3Request.BUCKET,
                                                    self.s3Request.OBJECT,
                                                    bucket_path, object_path,
                                                    self.getUser(),
                                                    self.s3Request.ID_REQUEST,
                                                    storage_class, grantList,
                                                    content_type, meta)

        return obj
Exemplo n.º 9
0
    def _putObject(self):

        self._LOGGER.info("creating the object")

        self._LOGGER.debug("Bucket-name : %s" % self.s3Request.BUCKET)
        self._LOGGER.debug("Object-name : %s" % self.s3Request.OBJECT)

        storage_class = "STANDARD"
        if self.s3Request._AUTH_S3_HEADERS.has_key("x-amz-storage-class"):
            storage_class = self.s3Request._AUTH_S3_HEADERS["x-amz-storage-class"]

        object_acl = S3ACP.AMZ_PRIVATE
        # if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
        #    object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
        self._LOGGER.debug("Object acl : %s" % object_acl)

        content_type = None
        if self.s3Request._AUTH_S3_HEADERS.has_key("content-type"):
            content_type = self.s3Request._AUTH_S3_HEADERS["content-type"]
        self._LOGGER.debug("Object content type : %s" % content_type)

        meta = self.s3Request.getMetaData()

        acp = ACP()
        grant = Grant()
        # FIXME user amzToID
        grant.uid = self.getUser().uid
        grant.permission = ACPHelper.amzToPerm(object_acl)
        grantList = [grant]
        acp.setByGrants(grantList)

        obj = self.application.objectSrv.addObject(
            self.s3Request.BUCKET,
            self.s3Request.OBJECT,
            self.getUser(),
            self.s3Request.ID_REQUEST,
            storage_class,
            acp,
            content_type,
            meta,
            self.getBody(),
        )
        headers = {}

        headers["ETag"] = obj.md5

        return headers
Exemplo n.º 10
0
    def _putObject(self):

        self._LOGGER.info("creating the object")

        self._LOGGER.debug('Bucket-name : %s' % self.s3Request.BUCKET)
        self._LOGGER.debug('Object-name : %s' % self.s3Request.OBJECT)

        storage_class = "STANDARD"
        if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-storage-class'):
            storage_class = self.s3Request._AUTH_S3_HEADERS[
                'x-amz-storage-class']

        object_acl = S3ACP.AMZ_PRIVATE
        #if self.s3Request._AUTH_S3_HEADERS.has_key('x-amz-acl'):
        #    object_acl = self.s3Request._AUTH_S3_HEADERS['x-amz-acl']
        self._LOGGER.debug('Object acl : %s' % object_acl)

        content_type = None
        if self.s3Request._AUTH_S3_HEADERS.has_key('content-type'):
            content_type = self.s3Request._AUTH_S3_HEADERS['content-type']
        self._LOGGER.debug('Object content type : %s' % content_type)

        meta = self.s3Request.getMetaData()

        acp = ACP()
        grant = Grant()
        #FIXME user amzToID
        grant.uid = self.getUser().uid
        grant.permission = ACPHelper.amzToPerm(object_acl)
        grantList = [grant]
        acp.setByGrants(grantList)

        obj = self.application.objectSrv.addObject(self.s3Request.BUCKET,
                                                   self.s3Request.OBJECT,
                                                   self.getUser(),
                                                   self.s3Request.ID_REQUEST,
                                                   storage_class, acp,
                                                   content_type, meta,
                                                   self.getBody())
        headers = {}

        headers["ETag"] = obj.md5

        return headers
Exemplo n.º 11
0
    def _getObjectAcl(self):

        self._LOGGER.info("getting the object acl")

        grantList = self.application.objectSrv.getObjectACL(
            self.s3Request.BUCKET, self.s3Request.OBJECT, self.getUser(),
            self.s3Request.ID_REQUEST)

        if len(grantList) == 0:
            return {
                "AccessControlPolicy": {
                    "Owner": {
                        "ID": self.user.uid,
                        "DisplayName": ""
                    }
                }
            }

        #FIXME MOVE IN Service object->Dict convertion
        outList = []
        for grant in grantList:
            grants = ""
            grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser">'
            grants += "<ID>%s</ID>" % grant.uid
            grants += "<DisplayName></DisplayName>"
            grants += '</Grantee>'
            grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(
                grant.permission)
            outList.append(grants)

        self._LOGGER.debug('Outlist : %s' % outList)
        return {
            "AccessControlPolicy": {
                "Owner": {
                    "ID": self.user.uid,
                    "DisplayName": ""
                },
                "AccessControlList": {
                    "Grant": outList
                }
            }
        }
Exemplo n.º 12
0
 def write(self, path, data_handler, offset, fh):
     print '#################'
     print '##### WRITE  ###'
     print '#################'
     uid, gid, context = fuse_get_context()
     xattr = self.listxattr(path)
     object_acl = S3ACP.ACL_FULL_CONTROL
     acp = ACP()
     grant = Grant() 
     grant.uid = uid  
     grant.permission = ACPHelper.s3AclToPerm(object_acl)
     grantList = [grant]
     acp.setByGrants(grantList)
     storage_class="STANDARD"
     content_type=None
     self.cache.write(options.root_bucket, path, uid, gid, context, storage_class, object_acl ,content_type, xattr,  data_handler)
     
     self.data[path] = self.data[path][:offset] + data_handler
     self.files[path]['st_size'] = len(self.data[path])
     return len(data_handler)
Exemplo n.º 13
0
    def _getBucketLogging(self):

        self._LOGGER.info('Getting the logging of the bucket')
        #FIXME move object to dict in service
        loggingList = self.application.bucketSrv.getBucketLogging(
            self.s3Request.BUCKET, self.getUser(), self.s3Request.ID_REQUEST)
        self._LOGGER.debug('LoggingList : %s' % loggingList)
        if loggingList == []:
            return {
                'BucketLoggingStatus xmlns="http://doc.s3.amazonaws.com/2006-03-01':
                None
            }

        outList = []
        if loggingList:
            for grant in loggingList:
                grants = ""
                grants += '<Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="CanonicalUser>'
                grants += "<ID>%s</ID>" % grant.uid
                grants += '</Grantee>'
                grants += "<Permission>%s</Permission>" % ACPHelper.permToS3Acl(
                    grant.permission)
                outList.append(grants)
        self._LOGGER.debug('Outlist : %s' % loggingList)

        return {
            "BucketLoggingStatus ": {
                "LoggingEnabled": {
                    "TargetBucket": self.fsRequest.BUCKET,
                    "TargetPrefix": 'valore'
                },
                "TargetGrants": {
                    "Grant": outList
                }
            }
        }
Exemplo n.º 14
0
    def putBucket(self, bucket_name, user, session, amz, location):
        # service operation for search
        self._LOGGER.info("Creating the bucket")
        self._LOGGER.debug('Bucket-name : %s' % bucket_name)

        context = ''
        if user.id == 0:
            self._LOGGER.warning(
                'The user have not privileges to create the bucket')
            raise RestFSError(errCode.err['AuthorizationDeny']['code'],\
                              errCode.err['AuthorizationDeny']['message'],\
                              errCode.err['AuthorizationDeny']['http'])
        res = self.res.findBucket(bucket_name)

        if res > 0:
            self._LOGGER.warning(
                'The bucket you have tried to create already exists')
            raise RestFSError(errCode.err['BucketAlreadyExists']['code'],\
                              errCode.err['BucketAlreadyExists']['message'],\
                              errCode.err['BucketAlreadyExists']['http'])

        # How many bucket can create ?
        num = self.res.getCountBucketByOwner(user.uid)
        self._LOGGER.debug('Bucket-number created : %s' % num)
        mymax = User.max_buckets
        self._LOGGER.debug('Bucket-number max the user can create : %s' %
                           mymax)

        if num > mymax:
            self._LOGGER.warning(
                'The user has reached the limit of the buckets to create')
            raise RestFSError(errCode.err['LimitBucketsReached']['code'],\
                              errCode.err['LimitBucketsReached']['message'],\
                              errCode.err['LimitBucketsReached']['http'])

        #check policy
        #FIX

        if res > 0:
            self._LOGGER.warning('The policy document specified is invalid')
            raise RestFSError(errCode.err['InvalidPolicyDocument']['code'],\
                              errCode.err['InvalidPolicyDocument']['message'],\
                              errCode.err['InvalidPolicyDocument']['http'])

        #check location
        loc = self.res.getRegionList()
        if not location:
            location = "EU"
        elif location not in loc:
            self._LOGGER.warning(
                'The region/location the user specified was not found')
            raise RestFSError(errCode.err['RegionNotFound']['code'],\
                              errCode.err['RegionNotFound']['message'],\
                              errCode.err['RegionNotFound']['http'])

        #Find cluster

        # Set Administration privileges ..
        # Make registration of the new Bucket
        # Resource manager operation
        self.res.addBucket(bucket_name, user.uid)

        # Convert S3 Permission to RestFs Permission
        acp = ACP()
        grant = Grant()
        grant.permission = ACPHelper.amzToPerm(amz)
        grant.uid = user.uid
        grantList = [grant]
        acp.setByGrants(grantList)
        #FIX ME
        gid = ''

        self.meta.createBucket(bucket_name, acp, location, user.uid, gid,
                               context)

        #Storage operation
        self.storage.createBucket(bucket_name, context)

        #Close the transaction, put bucket online
        self.res.setBucketStatus(bucket_name, 2, context)
Exemplo n.º 15
0
    def putBucket(self,bucket_name, user, session, amz, location):
        # service operation for search 
        self._LOGGER.info("Creating the bucket")
        self._LOGGER.debug('Bucket-name : %s' % bucket_name) 
        
        context = ''
        if user.id == 0 :
            self._LOGGER.warning('The user have not privileges to create the bucket')
            raise RestFSError(errCode.err['AuthorizationDeny']['code'],\
                              errCode.err['AuthorizationDeny']['message'],\
                              errCode.err['AuthorizationDeny']['http'])
        res = self.res.findBucket(bucket_name)
        
        if res > 0:
            self._LOGGER.warning('The bucket you have tried to create already exists')
            raise RestFSError(errCode.err['BucketAlreadyExists']['code'],\
                              errCode.err['BucketAlreadyExists']['message'],\
                              errCode.err['BucketAlreadyExists']['http']) 

        # How many bucket can create ? 
        num = self.res.getCountBucketByOwner(user.uid)
        self._LOGGER.debug('Bucket-number created : %s' % num) 
        mymax = User.max_buckets
        self._LOGGER.debug('Bucket-number max the user can create : %s' % mymax) 


        if num > mymax:
            self._LOGGER.warning('The user has reached the limit of the buckets to create')
            raise RestFSError(errCode.err['LimitBucketsReached']['code'],\
                              errCode.err['LimitBucketsReached']['message'],\
                              errCode.err['LimitBucketsReached']['http'])    

        #check policy
        #FIX

        if res > 0:
            self._LOGGER.warning('The policy document specified is invalid')
            raise RestFSError(errCode.err['InvalidPolicyDocument']['code'],\
                              errCode.err['InvalidPolicyDocument']['message'],\
                              errCode.err['InvalidPolicyDocument']['http'])

        #check location
        loc = self.res.getRegionList()
        if not location:
            location = "EU"
        elif location not in loc:
            self._LOGGER.warning('The region/location the user specified was not found')
            raise RestFSError(errCode.err['RegionNotFound']['code'],\
                              errCode.err['RegionNotFound']['message'],\
                              errCode.err['RegionNotFound']['http'])

        
        #Find cluster
    
        # Set Administration privileges .. 
        # Make registration of the new Bucket
        # Resource manager operation
        self.res.addBucket(bucket_name,user.uid)
               
        # Convert S3 Permission to RestFs Permission
        acp = ACP()
        grant = Grant()
        grant.permission = ACPHelper.amzToPerm(amz)
        grant.uid = user.uid
        grantList = [grant]
        acp.setByGrants(grantList)
        #FIX ME
        gid = ''
      
        self.meta.createBucket(bucket_name,acp,location,user.uid, gid,context)
        
        #Storage operation
        self.storage.createBucket(bucket_name,context)
        
        #Close the transaction, put bucket online
        self.res.setBucketStatus(bucket_name,2,context)