示例#1
0
文件: cbRequest.py 项目: gugu/nimbus
 def finish(self, request):
     pycb.log(
         logging.INFO,
         "%s %s Reply sent %d %s" % (self.requestId, str(
             datetime.now()), self.responseCode, self.responseMsg))
     pycb.log(logging.INFO, str(self.outGoingHeaders))
     request.finish()
示例#2
0
def main(argv=sys.argv[0:]):
    pycb.config.parse_cmdline(argv)

    cumulus = CumulusRunner()
    pycb.log(logging.INFO, "listening at %s" % (str(cumulus.getListener())))
    cumulus.run()
    return 0
示例#3
0
文件: cbRequest.py 项目: gugu/nimbus
    def sendFile(self, dataObj):
        try:
            etag = dataObj.get_md5()
            if etag == None:
                etag = self.etag
            if etag == None:
                etag = self.calcMd5Sum(dataObj)
                dataObj.set_md5(etag)
            self.setHeader(self.request, 'ETag', '"%s"' % (etag))
            self.setResponseCode(self.request, 200, 'OK')

            fp = dataObj
            d = FileSender().beginFileTransfer(fp, self.request)

            def cbFinished(ignored):
                fp.close()
                self.request.finish()

            d.addErrback(err).addCallback(cbFinished)

        except cbException, (ex):
            ex.sendErrorResponse(self.request, self.requestId)
            traceback.print_exc(file=sys.stdout)
            pycb.log(logging.ERROR, "Error sending file %s" % (str(ex)),
                     traceback)
示例#4
0
文件: cbRequest.py 项目: gugu/nimbus
    def work(self):
        request = self.request
        exists = self.user.exists(self.bucketName)

        if self.acl:
            if not exists:
                raise cbException('NoSuchBucket')
            (perms, data_key) = self.user.get_perms(self.bucketName)
            ndx = perms.find("W")
            if ndx < 0:
                raise cbException('AccessDenied')

            rc = self.grant_public_permissions(self.bucketName,
                                               self.objectName)
            if not rc:
                xml = self.request.content.read()
                pycb.log(logging.INFO, "xml %s" % (xml))
                grants = parse_acl_request(xml)
                for g in grants:
                    pycb.log(logging.INFO, "granting %s to %s" % (g[2], g[0]))
                    self.user.grant(g[0], self.bucketName, perms=g[2])
        else:
            if exists:
                raise cbException('BucketAlreadyExists')
            self.user.put_bucket(self.bucketName)
            self.grant_public_permissions(self.bucketName, self.objectName)

        self.set_common_headers()
        self.setHeader(request, 'Content-Length', 0)
        self.setHeader(request, 'Connection', 'close')
        self.setHeader(request, 'Location', "/" + self.bucketName)
        self.setResponseCode(request, 200, 'OK')

        self.finish(request)
示例#5
0
    def work(self):
        request = self.request
        exists = self.user.exists(self.bucketName)

        if self.acl:
            if not exists:
                raise cbException('NoSuchBucket')
            (perms, data_key) = self.user.get_perms(self.bucketName)
            ndx = perms.find("W")
            if ndx < 0:
                raise cbException('AccessDenied')

            rc = self.grant_public_permissions(self.bucketName, self.objectName)
            if not rc:
                xml = self.request.content.read()
                pycb.log(logging.INFO, "xml %s" % (xml))
                grants = parse_acl_request(xml)
                for g in grants:
                    pycb.log(logging.INFO, "granting %s to %s" % (g[2], g[0]))
                    self.user.grant(g[0], self.bucketName, perms=g[2])
        else:
            if exists:
                raise cbException('BucketAlreadyExists')
            self.user.put_bucket(self.bucketName)
            self.grant_public_permissions(self.bucketName, self.objectName)

        self.set_common_headers()
        self.setHeader(request, 'Content-Length', 0)
        self.setHeader(request, 'Connection', 'close')
        self.setHeader(request, 'Location', "/" + self.bucketName)
        self.setResponseCode(request, 200, 'OK')

        self.finish(request)
示例#6
0
 def get_md5(self):
     pycb.log(logging.INFO, "===== def get_md5 of cbPosixBackend.py")
     if self.hashValue == None:
         v = str(self.md5er.hexdigest()).strip()
         return v
     pycb.log(logging.INFO, "=====## self.hashValue is %s"%self.hashValue)
     return self.hashValue
示例#7
0
 def create_user(self, display_name, id, pw, opts):
     pycb.log(logging.INFO, "===== def create_user of cbAuthzSecurity.py")
     db_obj = DB(con_str=self.con_str)
     user = User(db_obj, friendly=display_name)
     user_alias = user.create_alias(id, "s3", display_name, alias_data=pw)
     db_obj.commit()
     db_obj.close()
示例#8
0
    def list_bucket(self, bucketName, args):
        pycb.log(logging.INFO, "===== def list_bucket of cbAuthzSecurity.py")

        clause = " ORDER BY name"
        prefix = None
        if 'prefix' in args:
            prefix = args['prefix'][0]
            prefix = "%s%%" % (prefix)

        limit = None
        if 'max-keys' in args:
            max_a = args['max-keys']
            limit = int(max_a[0])

        if 'delimiter' in args:
            pass
        if 'key-marker' in args:
            km = args['key-marker'][0]
            clause = " and name > '%s'" % (km)

        try:
            bucket = File.get_file(self.db_obj, bucketName, pynimbusauthz.alias_type_s3)
            iter = bucket.get_all_children(limit=limit, match_str=prefix, clause=clause)
            new_it = itertools.imap(lambda r: _convert_File_to_cbObject(self, r), iter)
            return list(new_it)
        finally:
            self.db_obj.commit()
示例#9
0
 def delete(self):
     try:
         os.unlink(self.metafname)
     except Exception, ex:
         pycb.log(
             logging.WARNING, "error deleting %s %s %s" %
             (self.metafname, str(sys.exc_info()[0]), str(ex)))
示例#10
0
    def allowed_event(self, request, user, requestId, path):
        pycb.log(
            logging.INFO, "Access granted to ID=%s requestId=%s uri=%s" %
            (user.get_id(), requestId, request.uri))
        cbR = self.request_object_factory(request, user, path, requestId)

        cbR.work()
示例#11
0
 def exists(self, bucketName, objectName=None):
     pycb.log(logging.INFO, "===== def exists of cbAuthzSecurity.py")
     try:
         file = self.get_file_obj(bucketName, objectName)
         return file != None
     finally:
         self.db_obj.commit()
示例#12
0
 def get_uf(self, bucketName, objectName=None):
     file = self.get_file_obj(bucketName, objectName)
     if file == None:
         pycb.log(logging.INFO, "b:o not found %s:%s" % (bucketName, str(objectName)))
         raise cbException('NoSuchKey')
     uf = UserFile(file, self.user)
     return uf
示例#13
0
文件: cbRequest.py 项目: xxy-php/code
def perm2string(p):
    pycb.log(logging.INFO, "===== def perm2string of cbRequest.py")
    global perms_strings
    for (k, v) in perms_strings.iteritems():
        if p == v:
            return k
    return None
示例#14
0
 def new_connection(self, request):
     pycb.log(logging.INFO, "===== def new_connection of cbRedirector.py")
     h = None
     self.connection_count = self.connection_count + 1
     if self.connection_count > self.max:
         h = self.get_next_host()
     return h
示例#15
0
 def get_perms(self, bucketName, objectName=None):
     pycb.log(logging.INFO, "===== def get_perms of cbPosixSecurity.py")
     if objectName == None:
         perms = self.getBucketPerms(bucketName)
     else:
         perms = self.getObjectPerms(bucketName, objectName)
     return perms
示例#16
0
 def exists(self, bucketName, objectName=None):
     pycb.log(logging.INFO, "===== def exists of cbPosixSecurity.py")
     if objectName == None:
         f = self.getBucketPermFile(bucketName)
     else:
         f = self.getObjectFile(bucketName, objectName)
     return os.path.exists(f)
示例#17
0
文件: cbRequest.py 项目: xxy-php/code
    def end_copy(self):
        pycb.log(logging.INFO, "===== def end_copy of cbRequest.py")

        try:
            self.user.put_object(self.dst_file, self.dstBucketName, self.dstObjectName)
            self.grant_public_permissions(self.dstBucketName, self.dstObjectName)

            doc = Document()
            cor = doc.createElement("CopyObjectResult")
            doc.appendChild(cor)

            lm = doc.createElement("LastModified")
            cor.appendChild(lm)
            lmText = doc.createTextNode(datetime(*self.src_ctm[:6]).isoformat())
            lm.appendChild(lmText)

            lm = doc.createElement("ETag")
            cor.appendChild(lm)
            lmText = doc.createTextNode(str(self.src_md5))
            lm.appendChild(lmText)

            x = doc.toxml();
            self.setHeader(self.request, 'x-amz-copy-source-version-id', "1")
            self.setHeader(self.request, 'x-amz-version-id', "1")
            self.send_xml(x)
            self.request.finish()

        except cbException, (ex):
            ex.sendErrorResponse(self.request, self.requestId)
            traceback.print_exc(file=sys.stdout)
示例#18
0
 def read_owner_line(self, auth_file):
     pycb.log(logging.INFO, "===== def read_owner_line of cbPosixSecurity.py")
     line = auth_file.readline()
     linea = line.split("::", 1)
     id = linea[0].strip()
     display_name = linea[1].strip()
     return (id, display_name)
示例#19
0
文件: cbRequest.py 项目: xxy-php/code
def getText(nodelist):
    pycb.log(logging.INFO, "===== def getText of cbRequest.py")
    rc = ""
    for node in nodelist:
        if node.nodeType == node.TEXT_NODE:
            rc = rc + node.data
    return rc
示例#20
0
文件: cbRequest.py 项目: xxy-php/code
 def deleteIt(self, data_key):
     pycb.log(logging.INFO, "===== def deleteIt of cbRequest.py")
     request = self.request
     self.set_no_content_header()
     self.bucketIface.delete_object(data_key)
     self.user.delete_object(self.bucketName, self.objectName)
     self.finish(request)
示例#21
0
文件: cbRequest.py 项目: xxy-php/code
    def list_bucket(self):
        pycb.log(logging.INFO, "===== def list_bucket of cbRequest.py")
        dirL = self.user.list_bucket(self.bucketName, self.request.args)
        doc = Document()

        # Create the <wml> base element
        xList = doc.createElement("ListBucketResult")
        xList.setAttribute("xmlns", "http://doc.s3.amazonaws.com/2006-03-01")
        doc.appendChild(xList)

        # Create the main <card> element
        xName = doc.createElement("Name")
        xList.appendChild(xName)
        xNameText = doc.createTextNode(str(self.bucketName))
        xName.appendChild(xNameText)

        xIsTruncated = doc.createElement("IsTruncated")
        xList.appendChild(xIsTruncated)
        xIsTText = doc.createTextNode('false')
        xIsTruncated.appendChild(xIsTText)

        for obj in dirL:
            xObj = obj.create_xml_element(doc)
            xList.appendChild(xObj)

        x = doc.toxml();

        self.send_xml(x)
        self.finish(self.request)
示例#22
0
 def seek(self, offset, whence=None):
     pycb.log(logging.INFO, "===== def seek of cbPosixBackend.py")
     self.seek_count = self.seek_count + 1
     pycb.log(logging.WARNING, "Someone is seeking %s %d :: %d" % (self.fname, offset, self.seek_count), tb=traceback)
     if self.seek_count > 1:
         raise cbException('InternalError')
     return self.file.seek(offset, whence)
示例#23
0
 def get_info(self, bucketName, objectName=None):
     pycb.log(logging.INFO, "===== def get_info of cbAuthzSecurity.py")
     try:
         file = self.get_file_obj(bucketName, objectName)
         return (file.get_size(), file.get_creation_time(), file.get_md5sum())
     finally:
         self.db_obj.commit()
示例#24
0
 def delete_object(self, bucketName, objectName):
     pycb.log(logging.INFO, "===== def delete_object of cbAuthzSecurity.py")
     try:
         file = self.get_file_obj(bucketName, objectName)
         file.delete()
     finally:
         self.db_obj.commit()
示例#25
0
 def read(self, size=None):
     pycb.log(logging.INFO, "===== def read of cbPosixBackend.py")
     if size == None:
         st = self.file.read(self.blockSize)
     else:
         st = self.file.read(size)
     self.md5er.update(st)
     return st
示例#26
0
 def get_my_buckets(self):
     pycb.log(logging.INFO, "===== def get_my_buckets of cbAuthzSecurity.py")
     try:
         file_iterater = File.get_user_files(self.db_obj, self.user, root=True)
         new_it = itertools.imap(lambda r: _convert_bucket_to_cbObject(self, r), file_iterater)
         return list(new_it)
     finally:
         self.db_obj.commit()
示例#27
0
 def get_uf(self, bucketName, objectName=None):
     file = self.get_file_obj(bucketName, objectName)
     if file == None:
         pycb.log(logging.INFO,
                  "b:o not found %s:%s" % (bucketName, str(objectName)))
         raise cbException('NoSuchKey')
     uf = UserFile(file, self.user)
     return uf
示例#28
0
    def get_remaining_quota(self):
        pycb.log(logging.INFO, "===== def get_remaining_quota of cbAuthzSecurity.py")
        quota = self.user.get_quota()
        if quota == User.UNLIMITED:
            return User.UNLIMITED

        u = self.user.get_quota_usage()
        return quota - u
示例#29
0
def main(argv=sys.argv[0:]):
    pycb.config.parse_cmdline(argv)

    try:
        cumulus = CumulusRunner()
    except Exception, ex:
        pycb.log(logging.ERROR, "error starting the server, check that the port is not already taken: %s" % (str(ex)), tb=traceback)
        raise ex
示例#30
0
def _convert_bucket_to_cbObject(user, file):
    pycb.log(logging.INFO, "===== def _convert_bucket_to_cbObject of cbAuthzSecurity.py")
    tm = file.get_creation_time()
    size = -1 
    key = file.get_name()
    display_name = file.get_name()
    obj = cbObject(tm, size, key, display_name, user)
    return obj
示例#31
0
def merge_permissions(p1, p2):
    pycb.log(logging.INFO, "===== def merge_permissions of cbAuthzSecurity.py")
    perms = p2
    for i in range(0, len(p1)):
        ndx = p2.find(p1[i])
        if ndx < 0:
            perms = perms + p1[i]
    return perms
示例#32
0
 def send_xml(self, x):
     xLen = len(x)
     self.set_common_headers()
     self.setHeader(self.request, 'Content-Length', str(xLen))
     self.setHeader(self.request, 'Connection', 'close')
     self.setResponseCode(self.request, 200, 'OK')
     self.request.write(x)
     pycb.log(logging.INFO, "Sent %s" % (x))
示例#33
0
文件: cbRequest.py 项目: gugu/nimbus
 def send_xml(self, x):
     xLen = len(x)
     self.set_common_headers()
     self.setHeader(self.request, 'Content-Length', str(xLen))
     self.setHeader(self.request, 'Connection', 'close')
     self.setResponseCode(self.request, 200, 'OK')
     self.request.write(x)
     pycb.log(logging.INFO, "Sent %s" % (x))
示例#34
0
 def get_user_id_by_display(self, display_name):
     pycb.log(logging.INFO, "===== def get_user_id_by_display of cbAuthzSecurity.py")
     db_obj = DB(con_str=self.con_str)
     a_it = UserAlias.find_alias_by_friendly(db_obj, display_name)
     a_list = list(a_it)
     if len(a_list) < 1:
         return None
     alias = a_list[0]
     return alias.get_name()
示例#35
0
 def seek(self, offset, whence=None):
     self.seek_count = self.seek_count + 1
     pycb.log(logging.WARNING,
              "Someone is seeking %s %d :: %d" %
              (self.fname, offset, self.seek_count),
              tb=traceback)
     if self.seek_count > 1:
         raise cbException('InternalError')
     return self.file.seek(offset, whence)
示例#36
0
文件: cbRequest.py 项目: xxy-php/code
 def set_common_headers(self):
     pycb.log(logging.INFO, "===== def set_common_headers of cbRequest.py")
     amzid2 = str(uuid.uuid1()).replace("-", "")
     self.setHeader(self.request, 'x-amz-id-2', amzid2)
     self.setHeader(self.request,'x-amz-request-id', self.requestId)
     self.setHeader(self.request, 'Server', "cumulus")
     tm = datetime.utcnow()
     tmstr = tm.strftime("%a, %d %b %Y %H:%M:%S GMT")
     self.setHeader(self.request, 'date', tmstr)
示例#37
0
    def work(self):
        dataObj = self.request.content
        exists = self.user.exists(self.bucketName, self.objectName)
        if self.acl:
            if not exists:
                raise cbException('NoSuchKey')
            (perms, data_key) = self.user.get_perms(self.bucketName, self.objectName)
            ndx = perms.find("W")
            if ndx < 0:
                raise cbException('AccessDenied')

            rc = self.grant_public_permissions(self.bucketName, self.objectName)
            if not rc:
                xml = self.request.content.read()
                grants = parse_acl_request(xml)
                for g in grants:
                    pycb.log(logging.INFO, "granting %s to %s" % (g[2], g[0]))
                    self.user.grant(g[0], self.bucketName, self.objectName, perms=g[2])

            self.set_common_headers()
            self.setHeader(self.request, 'Content-Length', 0)
            self.setHeader(self.request, 'Connection', 'close')
            self.setHeader(self.request, 'Location', "/" + self.bucketName)
            self.setResponseCode(self.request, 200, 'OK')
            self.finish(self.request)
        else:
            (bperms, bdata_key) = self.user.get_perms(self.bucketName)
            ndx = bperms.find("w")
            if ndx < 0:
                raise cbException('AccessDenied')

            file_size = 0
            if exists:
                (perms, data_key) = self.user.get_perms(self.bucketName, self.objectName)
                ndx = perms.find("w")
                if ndx < 0:
                    raise cbException('AccessDenied')

                # make sure they can write to the bucket
                (perms, data_key) = self.user.get_perms(self.bucketName)
                ndx = perms.find("w")
                if ndx < 0:
                    raise cbException('AccessDenied')
                (file_size, ctm, md5) = self.user.get_info(self.bucketName, self.objectName)

            # gotta decide quota, if existed should get credit for the
            # existing size
            remaining_quota = self.user.get_remaining_quota()
            if remaining_quota != User.UNLIMITED:
                new_file_len = int(self.request.getHeader('content-length'))
                if remaining_quota + file_size < new_file_len:
                    pycb.log(logging.INFO, "user %s did not pass quota.  file size %d quota %d" % (self.user, new_file_len, remaining_quota))
                    raise cbException('AccountProblem')

            obj = self.request.content
            self.recvObject(self.request, obj)
示例#38
0
    def __init__(self, request, user, bucketName, objName, requestId, bucketIface):
        cbRequest.__init__(self, request, user, requestId, bucketIface)
        ndx = objName.find("cumulus:/")
        if ndx >= 0:
            pycb.log(logging.ERROR, "someone tried to make a key named cumulus://... why would someone do that? %d" % (ndx))
            raise cbException('InvalidURI')

        self.checkMD5 = None
        self.bucketName = bucketName
        self.objectName = objName
示例#39
0
文件: cbRequest.py 项目: timf/nimbus
    def __init__(self, request, user, bucketName, objName, requestId, bucketIface):
        cbRequest.__init__(self, request, user, requestId, bucketIface)
        ndx = objName.find("cumulus:/")
        if ndx >= 0:
            pycb.log(logging.ERROR, "someone tried to make a key named cumulus://... why would someone do that? %d" % (ndx))
            raise cbException('InvalidURI')

        self.checkMD5 = None
        self.bucketName = bucketName
        self.objectName = objName
示例#40
0
def init_redirector(req, bucketName, objectName):
    redir_host = pycb.config.redirector.new_connection(req)
    req.notifyFinish().addBoth(end_redirector, req)

    if redir_host:
        pycb.log(logging.INFO, "REDIRECT %s" % (redir_host))
        ex = cbException('TemporaryRedirect')
        req.setHeader('location', "http://%s%s" % (redir_host, req.uri))
        ex.add_custom_xml("Bucket", bucketName)
        ex.add_custom_xml("Endpoint", redir_host)
        raise ex
示例#41
0
 def grant(self, user_id, bucketName, objectName=None, perms="Rr"):
     (o_perms, key) = self.getPerms(bucketName, objectName)
     ndx = o_perms.find("W")
     if ndx < 0:
         raise cbException('AccessDenied')
     if objectName == None:
         f = self.getBucketPermFile(bucketName)
     else:
         f = self.getObjectFile(bucketName, objectName)
     self.add_perms(f, user_id, perms)
     pycb.log(logging.INFO, "granted: %s to %s" % (perms, user_id))
示例#42
0
文件: cbRequest.py 项目: gugu/nimbus
    def check_permissions(self):
        srcExists = self.user.exists(self.srcBucketName, self.srcObjectName)
        if not srcExists:
            raise cbException('NoSuchKey')
        (perms, src_data_key) = self.user.get_perms(self.srcBucketName,
                                                    self.srcObjectName)
        # make sure that we can read the source
        ndx = perms.find("r")
        if ndx < 0:
            raise cbException('AccessDenied')

        # make sure we can write to the destination
        dstExists = self.user.exists(self.dstBucketName, self.dstObjectName)

        (bperms, bdata_key) = self.user.get_perms(self.dstBucketName)
        ndx = bperms.find("w")
        if ndx < 0:
            raise cbException('AccessDenied')

        dst_data_key = None
        dst_size = 0
        if dstExists:
            (perms,
             dst_data_key) = self.user.get_perms(self.dstBucketName,
                                                 self.dstObjectName)
            ndx = perms.find("w")
            if ndx < 0:
                raise cbException('AccessDenied')

            (dst_size, ctm, md5) = self.user.get_info(self.dstBucketName,
                                                      self.dstObjectName)
        (src_size, self.src_ctm,
         self.src_md5) = self.user.get_info(self.srcBucketName,
                                            self.srcObjectName)

        # check the quota
        remaining_quota = self.user.get_remaining_quota()
        if remaining_quota != User.UNLIMITED:
            if remaining_quota < src_size - dst_size:
                pycb.log(
                    logging.INFO,
                    "user %s did not pass quota.  file size %d quota %d" %
                    (self.user, src_size, remaining_quota))
                raise cbException('AccountProblem')

        # if we get to here we are allowed to do the copy
        if dst_data_key == None:
            self.dst_file = self.bucketIface.put_object(
                self.dstBucketName, self.dstObjectName)
        else:
            self.dst_file = self.bucketIface.get_object(dst_data_key)
        self.dst_file.set_delete_on_close(True)
        self.src_file = self.bucketIface.get_object(src_data_key)
示例#43
0
文件: cbRequest.py 项目: timf/nimbus
    def __init__(self, request, user, requestId, bucketIface, srcBucket, srcObject, dstBucket, dstObject):

        cbRequest.__init__(self, request, user, requestId, bucketIface)

        ndx = dstObject.find("cumulus:/")
        if ndx >= 0:
            pycb.log(logging.ERROR, "someone tried to make a key named cumulus://... why would someone do that? %d" % (ndx))
            raise cbException('InvalidURI')

        self.dstBucketName = dstBucket
        self.dstObjectName = dstObject
        self.srcBucketName = srcBucket
        self.srcObjectName = srcObject
示例#44
0
    def get_user(self, id):
        usr_ath_filename = getPosixAuthDir() + id
        if os.path.exists(usr_ath_filename) == 0:
            ex = cbException('InvalidAccessKeyId')
            pycb.log(logging.ERROR, "could not open: %s" % (usr_ath_filename))
            raise ex

        auth_file = open(usr_ath_filename, 'r')
        key = auth_file.readline()
        key = key.strip()
        display_name = auth_file.readline()
        display_name = display_name.strip()
        auth_file.close()
        return cbPosixUserObject(id, display_name, key)
示例#45
0
    def __init__(self):
        self.done = False
        self.cb = CBService()
        self.site = CumulusSite(self.cb)

        # figure out if we need http of https
        if pycb.config.use_https:
            pycb.log(logging.INFO, "using https")
            sslContext = ssl.DefaultOpenSSLContextFactory(
                pycb.config.https_key, pycb.config.https_cert)
            self.iconnector = reactor.listenSSL(self.cb.get_port(), self.site,
                                                sslContext)
        else:
            pycb.log(logging.INFO, "using http")
            self.iconnector = reactor.listenTCP(self.cb.get_port(), self.site)
示例#46
0
 def put_bucket(self, bucketName, perms="RWrw"):
     rc = 'InvalidBucketName'
     rc_msg = "Failed to delete"
     try:
         f = self.getBucketPermFile(bucketName)
         d = self.getBucketDir(bucketName)
         os.mkdir(d)
         self.setowner_perms(f, bucketName, perms)
         pycb.log(logging.INFO, "created bucket %s" % (bucketName))
         return d
     except OSError, (OsEx):
         if OsEx.errno == errno.EEXIST:
             rc = 'BucketAlreadyExists'
         elif OsEx.errno == errno.EINVAL:
             rc = 'InvalidBucketName'
         pycb.log(logging.ERROR, "%s %s %s" % (rc, d, str(OsEx)))
示例#47
0
    def close(self):
        hashValue = self.get_md5()
        if hashValue != None:
            try:
                mFile = open(self.metafname, 'w')
                mFile.write(hashValue)
                mFile.close()
            except:
                pass

        try:
            self.file.close()
        except Exception, ex:
            pycb.log(logging.WARNING,
                     "error closing data object %s %s" %
                     (self.fname, sys.exc_info()[0]),
                     tb=traceback)
示例#48
0
    def sendErrorResponse(self, request, requestId):

        try:
            request.setHeader('x-amz-request-id', str(requestId))
            request.setHeader('x-amz-id-2:', str(uuid.uuid1()))

            request.setResponseCode(self.httpCode, self.httpDesc)
            # Create the minidom document
            xml = self.make_xml_string(request.path, requestId)
            request.write(xml)
            request.finish()

            return xml
        except:
            # XXX LOG ERROR
            pycb.log(logging.ERROR, sys.exc_info()[0], traceback)
            return cbException.panicError
示例#49
0
def authorize(headers, message_type, path, uri):

    sent_auth = headers['authorization']
    auth_A = sent_auth.split(':')
    auth_hash = auth_A[1]
    id = auth_A[0].split()[1].strip()
    user = pycb.config.auth.get_user(id)
    key = user.get_password()

    pycb.log(logging.INFO, "AUTHORIZING %s %s %s" % (message_type, path, headers))
    b64_hmac = pycb.get_auth_hash(key, message_type, path, headers, uri)

    if auth_hash == b64_hmac:
        return user
    pycb.log(logging.ERROR, "%s %s %s" % (key, b64_hmac, auth_hash))
    ec = 'AccessDenied'
    ex = cbException(ec)
    raise ex
示例#50
0
    def get_next_host(self):
        try:
            hosts = []
            f = open(self.host_file, "r")
            for l in f.readlines():
                hosts.append(l.strip())
            f.close()

            my_host = "%s:%d" % (pycb.config.hostname, pycb.config.port)
            for i in range(0, 5):
                ndx = random.randint(0, len(hosts)-1)
                h = hosts[ndx]
                pycb.log(logging.INFO, "redirector found %s, my host %s" % (h, my_host))
                if h != my_host:
                    return h
            return None
        except Exception, ex:
            pycb.log(logging.ERROR, "get next host error %s" % (str(ex)))
            return None
示例#51
0
文件: cbRequest.py 项目: timf/nimbus
    def endGet(self, dataObj):
        try:
            eTag = dataObj.get_md5()
            mSum = base64.encodestring(base64.b16decode(eTag.upper()))
            self.checkMD5 = mSum

            pycb.log(logging.INFO, "sent %s etag %s" % (self.objectName, self.checkMD5))
            self.setHeader(self.request, 'ETag', '"%s"' % (eTag))

            # now that we have the file set delete on close to false
            # it will now be safe to deal with dropped connections
            # without having large files left around
            dataObj.set_delete_on_close(False)
            # dataObj.close() do no need to close for now.  twisted will
            # do this for us
            self.user.put_object(dataObj, self.bucketName, self.objectName)
            self.grant_public_permissions(self.bucketName, self.objectName)

            self.finish(self.request)
        except cbException, (ex):
            ex.sendErrorResponse(self.request, self.requestId)
示例#52
0
    def list_bucket(self, bucketIface, bucketName, args):
        d = self.getBucketDir(bucketName)
        if not os.path.isdir(d):
            pycb.log(logging.ERROR, "did not find %s" % (d))
            raise cbException('NoSuchBucket')

        if 'prefix' in args:
            p = args['prefix'][0]
            p = self.hashFile(p)
            prefix = d + "/" + p + "*"
        else:
            prefix = d + "/" + "*"

        dir_list = glob.glob(prefix)
        if 'max-keys' in args:
            max_a = args['max-keys']
            max = int(max_a[0])
        else:
            max = len(dir_list) + 1

        results = []
        for f in dir_list:
            if len(results) >= max:
                break

            file = f.replace(d, "")
            st = os.stat(f)
            if stat.S_ISREG(st.st_mode):
                # XXX just pick the size of the first one
                dir_list = os.listdir(d)
                if len(dir_list) > 0:
                    data_key = self.getDataKey(d + "/" + dir_list[0])
                    size = bucketIface.getSize(data_key)
                    tm = bucketIface.getModTime(data_key)
                    key = self.unhashFile(file)
                    display_name = key
                    obj = cbObject(tm, size, key, display_name, self)
                    results.append(obj)

        return results
示例#53
0
    def get_my_buckets(self):
        d = getPosixBuckerMetaDir()
        dir_list = os.listdir(d)

        results = []
        for f in dir_list:
            file = d + "/" + f
            st = os.stat(file)
            tm = time.gmtime(st.st_ctime)
            size = -1
            try:
                if self.isOwner(f):
                    mds = bucketIFace.getMD5(data_key)
                    obj = cbObject(tm, size, f, f, self, md5sum=mds)
                    results.append(obj)
            except:
                traceback.print_exc(file=sys.stdout)
                pycb.log(logging.WARNING,
                         "error checking ownership of %s" % (f),
                         tb=traceback)

        return results
示例#54
0
    def get_perms(self, bucketName, objectName=None):
        global authed_user
        global public_user
        try:
            ufa = authed_user.get_uf(bucketName, objectName)
            ufp = public_user.get_uf(bucketName, objectName)
            p1 = ufa.get_perms(force=True)
            p2 = ufp.get_perms(force=True)
            gperms = merge_permissions(p1, p2)
        except:
            pycb.log(logging.ERROR,
                     "error getting global permissions %s" %
                     (sys.exc_info()[0]),
                     tb=traceback)
            gperms = ""

        try:
            uf = self.get_uf(bucketName, objectName)
            p = uf.get_perms(force=True)
            p = merge_permissions(p, gperms)
            return (p, uf.get_file().get_data_key())
        finally:
            self.db_obj.commit()
示例#55
0
文件: cbRequest.py 项目: timf/nimbus
    def work(self):
        dataObj = self.request.content
        exists = self.user.exists(self.bucketName, self.objectName)
        if self.acl:
            if not exists:
                raise cbException('NoSuchKey')
            (perms, data_key) = self.user.get_perms(self.bucketName, self.objectName)
            ndx = perms.find("W")
            if ndx < 0:
                raise cbException('AccessDenied')

            rc = self.grant_public_permissions(self.bucketName, self.objectName)
            if not rc:
                xml = self.request.content.read()
                pycb.log(logging.ERROR, "acl xml %s" % (xml))
                grants = parse_acl_request(xml)
                for g in grants:
                    pycb.log(logging.INFO, "granting %s to %s" % (g[2], g[0]))
                    self.user.grant(g[0], self.bucketName, self.objectName, perms=g[2])

            self.set_common_headers()
            self.setHeader(self.request, 'Content-Length', 0)
            self.setHeader(self.request, 'Connection', 'close')
            self.setHeader(self.request, 'Location', "/" + self.bucketName)
            self.setResponseCode(self.request, 200, 'OK')
            self.finish(self.request)
        else:
            (bperms, bdata_key) = self.user.get_perms(self.bucketName)
            ndx = bperms.find("w")
            if ndx < 0:
                raise cbException('AccessDenied')

            file_size = 0
            if exists:
                (perms, data_key) = self.user.get_perms(self.bucketName, self.objectName)
                ndx = perms.find("w")
                if ndx < 0:
                    raise cbException('AccessDenied')

                # make sure they can write to the bucket
                (perms, data_key) = self.user.get_perms(self.bucketName)
                ndx = perms.find("w")
                if ndx < 0:
                    raise cbException('AccessDenied')
                (file_size, ctm, md5) = self.user.get_info(self.bucketName, self.objectName)

            # gotta decide quota, if existed should get credit for the
            # existing size
            remaining_quota = self.user.get_remaining_quota()
            if remaining_quota != User.UNLIMITED:
                new_file_len = int(self.request.getHeader('content-length'))
                if remaining_quota + file_size < new_file_len:
                    pycb.log(logging.INFO, "user %s did not pass quota.  file size %d quota %d" % (self.user, new_file_len, remaining_quota))
                    raise cbException('AccountProblem')

            obj = self.request.content
            self.recvObject(self.request, obj)
示例#56
0
    def request_object_factory(self, request, user, path, requestId):
        pycb.log(logging.INFO, "path %s" % (path))
        # handle the one service operation
        if path == "/":
            if request.method == 'GET':
                cbR = cbGetService(request, user, requestId,
                                   pycb.config.bucket)
                return cbR
            raise cbException('InvalidArgument')

        (bucketName, objectName) = path_to_bucket_object(path)
        init_redirector(request, bucketName, objectName)

        pycb.log(
            logging.INFO, "path %s bucket %s object %s" %
            (path, bucketName, str(objectName)))
        if request.method == 'GET':
            if objectName == None:
                cbR = cbGetBucket(request, user, bucketName, requestId,
                                  pycb.config.bucket)
            else:
                cbR = cbGetObject(request, user, bucketName, objectName,
                                  requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'PUT':
            if objectName == None:
                cbR = cbPutBucket(request, user, bucketName, requestId,
                                  pycb.config.bucket)
            else:
                args = request.getAllHeaders()
                if 'x-amz-copy-source' in args:
                    (srcBucketName, srcObjectName) = path_to_bucket_object(
                        args['x-amz-copy-source'])
                    cbR = cbCopyObject(request, user, requestId,
                                       pycb.config.bucket, srcBucketName,
                                       srcObjectName, bucketName, objectName)
                else:
                    cbR = cbPutObject(request, user, bucketName, objectName,
                                      requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'POST':
            pycb.log(logging.ERROR, "Nothing to handle POST")
        elif request.method == 'DELETE':
            if objectName == None:
                cbR = cbDeleteBucket(request, user, bucketName, requestId,
                                     pycb.config.bucket)
            else:
                cbR = cbDeleteObject(request, user, bucketName, objectName,
                                     requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'HEAD' and objectName != None:
            cbR = cbHeadObject(request, user, bucketName, objectName,
                               requestId, pycb.config.bucket)
            return cbR

        raise cbException('InvalidArgument')
示例#57
0
class CBService(resource.Resource):
    isLeaf = True

    def __init__(self):
        pass

    def get_port(self):
        return pycb.config.port

    # amazon uses some smaller num generator, might have to match theres
    # for clients that make assumptions
    def next_request_id(self):
        return str(uuid.uuid1()).replace("-", "")

    #  figure out if the operation is targeted at a service, bucket, or


    #  object
    def request_object_factory(self, request, user, path, requestId):
        pycb.log(logging.INFO, "path %s" % (path))
        # handle the one service operation
        if path == "/":
            if request.method == 'GET':
                cbR = cbGetService(request, user, requestId, pycb.config.bucket)
                return cbR
            raise cbException('InvalidArgument')

        (bucketName, objectName) = path_to_bucket_object(path)
        init_redirector(request, bucketName, objectName)

        pycb.log(logging.INFO, "path %s bucket %s object %s" % (path, bucketName, str(objectName)))
        if request.method == 'GET':
            if objectName == None:
                cbR = cbGetBucket(request, user, bucketName, requestId, pycb.config.bucket)
            else:
                cbR = cbGetObject(request, user, bucketName, objectName, requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'PUT':
            if objectName == None:
                cbR = cbPutBucket(request, user, bucketName, requestId, pycb.config.bucket)
            else:
                args = request.getAllHeaders()
                if 'x-amz-copy-source' in args:
                    (srcBucketName, srcObjectName) = path_to_bucket_object(args['x-amz-copy-source'])
                    cbR = cbCopyObject(request, user, requestId, pycb.config.bucket, srcBucketName, srcObjectName, bucketName, objectName)
                else:
                    cbR = cbPutObject(request, user, bucketName, objectName, requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'POST':
            pycb.log(logging.ERROR, "Nothing to handle POST")
        elif request.method == 'DELETE':
            if objectName == None:
                cbR = cbDeleteBucket(request, user, bucketName, requestId, pycb.config.bucket)
            else:
                cbR = cbDeleteObject(request, user, bucketName, objectName, requestId, pycb.config.bucket)
            return cbR
        elif request.method == 'HEAD' and objectName != None:
            cbR = cbHeadObject(request, user, bucketName, objectName, requestId, pycb.config.bucket)
            return cbR

        raise cbException('InvalidArgument')

    # everything does through here to localize access control
    def process_event(self, request):
        try:
            rPath = createPath(request.getAllHeaders(), request.path)
 
            requestId = self.next_request_id()

            pycb.log(logging.INFO, "%s %s Incoming" % (requestId, str(datetime.now())))
            pycb.log(logging.INFO, "%s %s" % (requestId, str(request)))
            pycb.log(logging.INFO, "%s %s" % (requestId, rPath))
            pycb.log(logging.INFO, "%s %s" %(requestId, request.getAllHeaders()))
            pycb.log(logging.INFO, "request URI %s method %s %s" %(request.uri, request.method, str(request.args)))

            user = authorize(request.getAllHeaders(), request.method, rPath, request.uri)
            self.allowed_event(request, user, requestId, rPath)
        except cbException, ex:
            eMsg = ex.sendErrorResponse(request, requestId)
            pycb.log(logging.ERROR, eMsg, traceback)
        except Exception, ex2:
            traceback.print_exc(file=sys.stdout)
            gdEx = cbException('InternalError')
            eMsg = gdEx.sendErrorResponse(request, requestId)
            pycb.log(logging.ERROR, eMsg, traceback)
示例#58
0
    def process_event(self, request):
        try:
            rPath = createPath(request.getAllHeaders(), request.path)
 
            requestId = self.next_request_id()

            pycb.log(logging.INFO, "%s %s Incoming" % (requestId, str(datetime.now())))
            pycb.log(logging.INFO, "%s %s" % (requestId, str(request)))
            pycb.log(logging.INFO, "%s %s" % (requestId, rPath))
            pycb.log(logging.INFO, "%s %s" %(requestId, request.getAllHeaders()))
            pycb.log(logging.INFO, "request URI %s method %s %s" %(request.uri, request.method, str(request.args)))

            user = authorize(request.getAllHeaders(), request.method, rPath, request.uri)
            self.allowed_event(request, user, requestId, rPath)
        except cbException, ex:
            eMsg = ex.sendErrorResponse(request, requestId)
            pycb.log(logging.ERROR, eMsg, traceback)
示例#59
0
        return self.iconnector.getHost()

    def get_port(self):
        l = self.getListener()
        return l.port

    def run(self):
        reactor.suggestThreadPoolSize(10)
        reactor.run()

    def stop(self):
        self.iconnector.stopListening()


def main(argv=sys.argv[0:]):
    pycb.config.parse_cmdline(argv)

    try:
        cumulus = CumulusRunner()
    except Exception, ex:
        pycb.log(logging.ERROR, "error starting the server, check that the port is not already taken: %s" % (str(ex)), tb=traceback)
        raise ex
    pycb.log(logging.INFO, "listening at %s" % (str(cumulus.getListener())))
    cumulus.run()
    return 0

if __name__ == "__main__":
    rc = main()
    sys.exit(rc)