]> git.proxmox.com Git - ceph.git/blame - ceph/src/rgw/rgw_user.h
projects / ceph.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
import 15.2.0 Octopus source
[ceph.git] / ceph / src / rgw / rgw_user.h
CommitLineData
7c673cae 1// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
9f95a23c 2// vim: ts=8 sw=2 smarttab ft=cpp
7c673cae
FG		 3
4#ifndef CEPH_RGW_USER_H
5#define CEPH_RGW_USER_H
6
7#include <string>
8#include <boost/algorithm/string.hpp>
11fdf7f2 9#include "include/ceph_assert.h"
7c673cae
FG		 10
11#include "include/types.h"
12#include "rgw_common.h"
13#include "rgw_tools.h"
14
7c673cae
FG		 15#include "rgw_string.h"
16
17#include "common/Formatter.h"
18#include "rgw_formats.h"
9f95a23c 19#include "rgw_metadata.h"
7c673cae 20
7c673cae
FG		 21#define RGW_USER_ANON_ID "anonymous"
22
23#define SECRET_KEY_LEN 40
24#define PUBLIC_ID_LEN 20
25#define RAND_SUBUSER_LEN 5
26
27#define XMLNS_AWS_S3 "http://s3.amazonaws.com/doc/2006-03-01/"
28
9f95a23c
TL		 29class RGWUserCtl;
30class RGWBucketCtl;
31class RGWUserBuckets;
32
33class RGWGetUserStats_CB;
34namespace rgw { namespace sal {
35class RGWRadosStore;
36} }
37
7c673cae
FG		 38/**
39 * A string wrapper that includes encode/decode functions
40 * for easily accessing a UID in all forms
41 */
42struct RGWUID
43{
44 rgw_user user_id;
45 void encode(bufferlist& bl) const {
46 string s;
47 user_id.to_str(s);
11fdf7f2
TL		 48 using ceph::encode;
49 encode(s, bl);
7c673cae 50 }
11fdf7f2 51 void decode(bufferlist::const_iterator& bl) {
7c673cae 52 string s;
11fdf7f2
TL		 53 using ceph::decode;
54 decode(s, bl);
7c673cae
FG		 55 user_id.from_str(s);
56 }
57};
58WRITE_CLASS_ENCODER(RGWUID)
59
9f95a23c
TL		 60extern int rgw_user_sync_all_stats(rgw::sal::RGWRadosStore *store, const rgw_user& user_id);
61extern int rgw_user_get_all_buckets_stats(rgw::sal::RGWRadosStore *store, const rgw_user& user_id, map<string, cls_user_bucket_entry>&buckets_usage_map);
c07f9fc5 62
7c673cae
FG		 63/**
64 * Get the anonymous (ie, unauthenticated) user info.
65 */
66extern void rgw_get_anon_user(RGWUserInfo& info);
67
68/**
69 * Save the given user information to storage.
70 * Returns: 0 on success, -ERR# on failure.
71 */
9f95a23c 72extern int rgw_store_user_info(RGWUserCtl *user_ctl,
7c673cae
FG		 73 RGWUserInfo& info,
74 RGWUserInfo *old_info,
75 RGWObjVersionTracker *objv_tracker,
76 real_time mtime,
77 bool exclusive,
9f95a23c 78 map<string, bufferlist> *pattrs = nullptr);
7c673cae
FG		 79
80/**
81 * Given an user_id, finds the user info associated with it.
82 * returns: 0 on success, -ERR# on failure (including nonexistence)
83 */
9f95a23c 84extern int rgw_get_user_info_by_uid(RGWUserCtl *user_ctl,
7c673cae
FG		 85 const rgw_user& user_id,
86 RGWUserInfo& info,
9f95a23c
TL		 87 RGWObjVersionTracker *objv_tracker = nullptr,
88 real_time *pmtime = nullptr,
89 rgw_cache_entry_info *cache_info = nullptr,
90 map<string, bufferlist> *pattrs = nullptr);
7c673cae
FG		 91/**
92 * Given an email, finds the user info associated with it.
93 * returns: 0 on success, -ERR# on failure (including nonexistence)
94 */
9f95a23c
TL		 95extern int rgw_get_user_info_by_email(RGWUserCtl *user_ctl,
96 string& email, RGWUserInfo& info,
97 RGWObjVersionTracker *objv_tracker = NULL,
98 real_time *pmtime = nullptr);
7c673cae
FG		 99/**
100 * Given an swift username, finds the user info associated with it.
101 * returns: 0 on success, -ERR# on failure (including nonexistence)
102 */
9f95a23c 103extern int rgw_get_user_info_by_swift(RGWUserCtl *user_ctl,
7c673cae
FG		 104 const string& swift_name,
105 RGWUserInfo& info, /* out */
106 RGWObjVersionTracker *objv_tracker = nullptr,
107 real_time *pmtime = nullptr);
108/**
109 * Given an access key, finds the user info associated with it.
110 * returns: 0 on success, -ERR# on failure (including nonexistence)
111 */
9f95a23c 112extern int rgw_get_user_info_by_access_key(RGWUserCtl *user_ctl,
7c673cae
FG		 113 const std::string& access_key,
114 RGWUserInfo& info,
115 RGWObjVersionTracker* objv_tracker = nullptr,
116 real_time* pmtime = nullptr);
7c673cae 117
7c673cae
FG		 118extern void rgw_perm_to_str(uint32_t mask, char *buf, int len);
119extern uint32_t rgw_str_to_perm(const char *str);
120
d2e6a577
FG		 121extern int rgw_validate_tenant_name(const string& t);
122
7c673cae
FG		 123enum ObjectKeyType {
124 KEY_TYPE_SWIFT,
125 KEY_TYPE_S3,
126 KEY_TYPE_UNDEFINED
127};
128
129enum RGWKeyPoolOp {
130 GENERATE_KEY,
131 MODIFY_KEY
132};
133
134enum RGWUserId {
135 RGW_USER_ID,
136 RGW_SWIFT_USERNAME,
137 RGW_USER_EMAIL,
138 RGW_ACCESS_KEY,
139};
140
d2e6a577
FG		 141/*
142 * An RGWUser class along with supporting classes created
143 * to support the creation of an RESTful administrative API
144 */
7c673cae
FG		 145struct RGWUserAdminOpState {
146 // user attributes
147 RGWUserInfo info;
148 rgw_user user_id;
149 std::string user_email;
150 std::string display_name;
9f95a23c
TL		 151 rgw_user new_user_id;
152 bool overwrite_new_user = false;
7c673cae
FG		 153 int32_t max_buckets;
154 __u8 suspended;
155 __u8 admin;
156 __u8 system;
157 __u8 exclusive;
158 __u8 fetch_stats;
3efd9988 159 __u8 sync_stats;
7c673cae
FG		 160 std::string caps;
161 RGWObjVersionTracker objv;
162 uint32_t op_mask;
163 map<int, string> temp_url_keys;
164
165 // subuser attributes
166 std::string subuser;
167 uint32_t perm_mask;
168
169 // key_attributes
170 std::string id; // access key
171 std::string key; // secret key
172 int32_t key_type;
173
11fdf7f2
TL		 174 std::set<string> mfa_ids;
175
7c673cae
FG		 176 // operation attributes
177 bool existing_user;
178 bool existing_key;
179 bool existing_subuser;
180 bool existing_email;
181 bool subuser_specified;
182 bool gen_secret;
183 bool gen_access;
184 bool gen_subuser;
185 bool id_specified;
186 bool key_specified;
187 bool type_specified;
188 bool key_type_setbycontext; // key type set by user or subuser context
189 bool purge_data;
190 bool purge_keys;
191 bool display_name_specified;
192 bool user_email_specified;
193 bool max_buckets_specified;
194 bool perm_specified;
195 bool op_mask_specified;
196 bool caps_specified;
197 bool suspension_op;
d2e6a577 198 bool admin_specified = false;
7c673cae
FG		 199 bool system_specified;
200 bool key_op;
201 bool temp_url_key_specified;
202 bool found_by_uid;
203 bool found_by_email;
204 bool found_by_key;
11fdf7f2 205 bool mfa_ids_specified;
7c673cae
FG		 206
207 // req parameters
208 bool populated;
209 bool initialized;
210 bool key_params_checked;
211 bool subuser_params_checked;
212 bool user_params_checked;
213
214 bool bucket_quota_specified;
215 bool user_quota_specified;
216
217 RGWQuotaInfo bucket_quota;
218 RGWQuotaInfo user_quota;
219
11fdf7f2
TL		 220 // req parameters for listing user
221 std::string marker;
222 uint32_t max_entries;
9f95a23c
TL		 223 rgw_placement_rule default_placement; // user default placement
224 bool default_placement_specified;
225
226 list<string> placement_tags; // user default placement_tags
227 bool placement_tags_specified;
11fdf7f2
TL		 228
229 void set_access_key(const std::string& access_key) {
7c673cae
FG		 230 if (access_key.empty())
231 return;
232
233 id = access_key;
234 id_specified = true;
235 gen_access = false;
236 key_op = true;
237 }
238
11fdf7f2 239 void set_secret_key(const std::string& secret_key) {
7c673cae
FG		 240 if (secret_key.empty())
241 return;
242
243 key = secret_key;
244 key_specified = true;
245 gen_secret = false;
246 key_op = true;
247 }
248
249 void set_user_id(rgw_user& id) {
250 if (id.empty())
251 return;
252
253 user_id = id;
254 }
255
9f95a23c
TL		 256 void set_new_user_id(rgw_user& id) {
257 if (id.empty())
258 return;
259
260 new_user_id = id;
261 }
262 void set_overwrite_new_user(bool b) {
263 overwrite_new_user = b;
264 }
265
7c673cae 266 void set_user_email(std::string& email) {
c07f9fc5 267 /* always lowercase email address */
7c673cae
FG		 268 boost::algorithm::to_lower(email);
269 user_email = email;
270 user_email_specified = true;
271 }
272
11fdf7f2 273 void set_display_name(const std::string& name) {
7c673cae
FG		 274 if (name.empty())
275 return;
276
277 display_name = name;
278 display_name_specified = true;
279 }
280
281 void set_subuser(std::string& _subuser) {
282 if (_subuser.empty())
283 return;
284
285 size_t pos = _subuser.find(":");
286 if (pos != string::npos) {
287 rgw_user tmp_id;
288 tmp_id.from_str(_subuser.substr(0, pos));
289 if (tmp_id.tenant.empty()) {
290 user_id.id = tmp_id.id;
291 } else {
292 user_id = tmp_id;
293 }
294 subuser = _subuser.substr(pos+1);
295 } else {
296 subuser = _subuser;
297 }
298
299 subuser_specified = true;
300 }
301
11fdf7f2 302 void set_caps(const std::string& _caps) {
7c673cae
FG		 303 if (_caps.empty())
304 return;
305
306 caps = _caps;
307 caps_specified = true;
308 }
309
310 void set_perm(uint32_t perm) {
311 perm_mask = perm;
312 perm_specified = true;
313 }
314
315 void set_op_mask(uint32_t mask) {
316 op_mask = mask;
317 op_mask_specified = true;
318 }
319
320 void set_temp_url_key(const string& key, int index) {
321 temp_url_keys[index] = key;
322 temp_url_key_specified = true;
323 }
324
325 void set_key_type(int32_t type) {
326 key_type = type;
327 type_specified = true;
328 }
329
330 void set_suspension(__u8 is_suspended) {
331 suspended = is_suspended;
332 suspension_op = true;
333 }
334
335 void set_admin(__u8 is_admin) {
336 admin = is_admin;
337 admin_specified = true;
338 }
339
340 void set_system(__u8 is_system) {
341 system = is_system;
342 system_specified = true;
343 }
344
345 void set_exclusive(__u8 is_exclusive) {
346 exclusive = is_exclusive;
347 }
348
349 void set_fetch_stats(__u8 is_fetch_stats) {
350 fetch_stats = is_fetch_stats;
351 }
352
3efd9988
FG		 353 void set_sync_stats(__u8 is_sync_stats) {
354 sync_stats = is_sync_stats;
355 }
356
7c673cae
FG		 357 void set_user_info(RGWUserInfo& user_info) {
358 user_id = user_info.user_id;
359 info = user_info;
360 }
361
362 void set_max_buckets(int32_t mb) {
363 max_buckets = mb;
364 max_buckets_specified = true;
365 }
366
367 void set_gen_access() {
368 gen_access = true;
369 key_op = true;
370 }
371
372 void set_gen_secret() {
373 gen_secret = true;
374 key_op = true;
375 }
376
377 void set_generate_key() {
378 if (id.empty())
379 gen_access = true;
380 if (key.empty())
381 gen_secret = true;
382 key_op = true;
383 }
384
385 void clear_generate_key() {
386 gen_access = false;
387 gen_secret = false;
388 }
389
390 void set_purge_keys() {
391 purge_keys = true;
392 key_op = true;
393 }
394
395 void set_bucket_quota(RGWQuotaInfo& quota) {
396 bucket_quota = quota;
397 bucket_quota_specified = true;
398 }
399
400 void set_user_quota(RGWQuotaInfo& quota) {
401 user_quota = quota;
402 user_quota_specified = true;
403 }
404
11fdf7f2
TL		 405 void set_mfa_ids(const std::set<string>& ids) {
406 mfa_ids = ids;
407 mfa_ids_specified = true;
408 }
409
9f95a23c
TL		 410 void set_default_placement(const rgw_placement_rule& _placement) {
411 default_placement = _placement;
412 default_placement_specified = true;
413 }
414
415 void set_placement_tags(const list<string>& _tags) {
416 placement_tags = _tags;
417 placement_tags_specified = true;
418 }
419
7c673cae
FG		 420 bool is_populated() { return populated; }
421 bool is_initialized() { return initialized; }
422 bool has_existing_user() { return existing_user; }
423 bool has_existing_key() { return existing_key; }
424 bool has_existing_subuser() { return existing_subuser; }
425 bool has_existing_email() { return existing_email; }
426 bool has_subuser() { return subuser_specified; }
427 bool has_key_op() { return key_op; }
428 bool has_caps_op() { return caps_specified; }
429 bool has_suspension_op() { return suspension_op; }
430 bool has_subuser_perm() { return perm_specified; }
431 bool has_op_mask() { return op_mask_specified; }
432 bool will_gen_access() { return gen_access; }
433 bool will_gen_secret() { return gen_secret; }
434 bool will_gen_subuser() { return gen_subuser; }
435 bool will_purge_keys() { return purge_keys; }
436 bool will_purge_data() { return purge_data; }
437 bool will_generate_subuser() { return gen_subuser; }
438 bool has_bucket_quota() { return bucket_quota_specified; }
439 bool has_user_quota() { return user_quota_specified; }
440 void set_populated() { populated = true; }
441 void clear_populated() { populated = false; }
442 void set_initialized() { initialized = true; }
443 void set_existing_user(bool flag) { existing_user = flag; }
444 void set_existing_key(bool flag) { existing_key = flag; }
445 void set_existing_subuser(bool flag) { existing_subuser = flag; }
446 void set_existing_email(bool flag) { existing_email = flag; }
447 void set_purge_data(bool flag) { purge_data = flag; }
448 void set_generate_subuser(bool flag) { gen_subuser = flag; }
449 __u8 get_suspension_status() { return suspended; }
450 int32_t get_key_type() {return key_type; }
451 uint32_t get_subuser_perm() { return perm_mask; }
452 int32_t get_max_buckets() { return max_buckets; }
453 uint32_t get_op_mask() { return op_mask; }
454 RGWQuotaInfo& get_bucket_quota() { return bucket_quota; }
455 RGWQuotaInfo& get_user_quota() { return user_quota; }
11fdf7f2 456 set<string>& get_mfa_ids() { return mfa_ids; }
7c673cae
FG		 457
458 rgw_user& get_user_id() { return user_id; }
459 std::string get_subuser() { return subuser; }
460 std::string get_access_key() { return id; }
461 std::string get_secret_key() { return key; }
462 std::string get_caps() { return caps; }
463 std::string get_user_email() { return user_email; }
464 std::string get_display_name() { return display_name; }
9f95a23c
TL		 465 rgw_user& get_new_uid() { return new_user_id; }
466 bool get_overwrite_new_user() const { return overwrite_new_user; }
7c673cae
FG		 467 map<int, std::string>& get_temp_url_keys() { return temp_url_keys; }
468
469 RGWUserInfo& get_user_info() { return info; }
470
471 map<std::string, RGWAccessKey> *get_swift_keys() { return &info.swift_keys; }
472 map<std::string, RGWAccessKey> *get_access_keys() { return &info.access_keys; }
473 map<std::string, RGWSubUser> *get_subusers() { return &info.subusers; }
474
475 RGWUserCaps *get_caps_obj() { return &info.caps; }
476
477 std::string build_default_swift_kid() {
478 if (user_id.empty() || subuser.empty())
479 return "";
480
481 std::string kid;
482 user_id.to_str(kid);
483 kid.append(":");
484 kid.append(subuser);
485
486 return kid;
487 }
488
489 std::string generate_subuser() {
490 if (user_id.empty())
491 return "";
492
493 std::string generated_subuser;
494 user_id.to_str(generated_subuser);
495 std::string rand_suffix;
496
497 int sub_buf_size = RAND_SUBUSER_LEN + 1;
498 char sub_buf[RAND_SUBUSER_LEN + 1];
499
11fdf7f2 500 gen_rand_alphanumeric_upper(g_ceph_context, sub_buf, sub_buf_size);
7c673cae
FG		 501
502 rand_suffix = sub_buf;
503 if (rand_suffix.empty())
504 return "";
505
506 generated_subuser.append(rand_suffix);
507 subuser = generated_subuser;
508
509 return generated_subuser;
510 }
511
512 RGWUserAdminOpState() : user_id(RGW_USER_ANON_ID)
513 {
514 max_buckets = RGW_DEFAULT_MAX_BUCKETS;
515 key_type = -1;
516 perm_mask = RGW_PERM_NONE;
517 suspended = 0;
518 admin = 0;
519 system = 0;
520 exclusive = 0;
521 fetch_stats = 0;
522 op_mask = 0;
523
524 existing_user = false;
525 existing_key = false;
526 existing_subuser = false;
527 existing_email = false;
528 subuser_specified = false;
529 caps_specified = false;
530 purge_keys = false;
531 gen_secret = false;
532 gen_access = false;
533 gen_subuser = false;
534 id_specified = false;
535 key_specified = false;
536 type_specified = false;
537 key_type_setbycontext = false;
538 purge_data = false;
539 display_name_specified = false;
540 user_email_specified = false;
541 max_buckets_specified = false;
542 perm_specified = false;
543 op_mask_specified = false;
544 suspension_op = false;
545 system_specified = false;
546 key_op = false;
547 populated = false;
548 initialized = false;
549 key_params_checked = false;
550 subuser_params_checked = false;
551 user_params_checked = false;
552 bucket_quota_specified = false;
553 temp_url_key_specified = false;
554 user_quota_specified = false;
555 found_by_uid = false;
556 found_by_email = false;
557 found_by_key = false;
11fdf7f2 558 mfa_ids_specified = false;
9f95a23c
TL		 559 default_placement_specified = false;
560 placement_tags_specified = false;
11fdf7f2
TL		 561 max_entries = 1000;
562 marker = "";
7c673cae
FG		 563 }
564};
565
566class RGWUser;
567
568class RGWAccessKeyPool
569{
9f95a23c 570 RGWUser *user{nullptr};
7c673cae
FG		 571
572 std::map<std::string, int, ltstr_nocase> key_type_map;
573 rgw_user user_id;
9f95a23c
TL		 574 rgw::sal::RGWRadosStore *store{nullptr};
575 RGWUserCtl *user_ctl{nullptr};
7c673cae 576
9f95a23c
TL		 577 map<std::string, RGWAccessKey> *swift_keys{nullptr};
578 map<std::string, RGWAccessKey> *access_keys{nullptr};
7c673cae
FG		 579
580 // we don't want to allow keys for the anonymous user or a null user
9f95a23c 581 bool keys_allowed{false};
7c673cae
FG		 582
583private:
584 int create_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
585 int generate_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
586 int modify_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
587
588 int check_key_owner(RGWUserAdminOpState& op_state);
589 bool check_existing_key(RGWUserAdminOpState& op_state);
590 int check_op(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
591
592 /* API Contract Fulfilment */
593 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
594 int execute_remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
595 int remove_subuser_keys(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
596
597 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
598 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
599public:
600 explicit RGWAccessKeyPool(RGWUser* usr);
7c673cae
FG		 601
602 int init(RGWUserAdminOpState& op_state);
603
604 /* API Contracted Methods */
605 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
606 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
607
608 friend class RGWUser;
609 friend class RGWSubUserPool;
610};
611
612class RGWSubUserPool
613{
9f95a23c 614 RGWUser *user{nullptr};
7c673cae
FG		 615
616 rgw_user user_id;
9f95a23c
TL		 617 rgw::sal::RGWRadosStore *store{nullptr};
618 RGWUserCtl *user_ctl{nullptr};
619 bool subusers_allowed{false};
7c673cae 620
9f95a23c 621 map<string, RGWSubUser> *subuser_map{nullptr};
7c673cae
FG		 622
623private:
624 int check_op(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
625
626 /* API Contract Fulfillment */
627 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
628 int execute_remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
629 int execute_modify(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
630
631 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
632 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
633 int modify(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
634public:
635 explicit RGWSubUserPool(RGWUser *user);
7c673cae
FG		 636
637 bool exists(std::string subuser);
638 int init(RGWUserAdminOpState& op_state);
639
640 /* API contracted methods */
641 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
642 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
643 int modify(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
644
645 friend class RGWUser;
646};
647
648class RGWUserCapPool
649{
9f95a23c
TL		 650 RGWUserCaps *caps{nullptr};
651 bool caps_allowed{false};
652 RGWUser *user{nullptr};
7c673cae
FG		 653
654private:
655 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
656 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
657
658public:
659 explicit RGWUserCapPool(RGWUser *user);
7c673cae
FG		 660
661 int init(RGWUserAdminOpState& op_state);
662
663 /* API contracted methods */
664 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
665 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
666
667 friend class RGWUser;
668};
669
670class RGWUser
671{
672
673private:
674 RGWUserInfo old_info;
9f95a23c
TL		 675 rgw::sal::RGWRadosStore *store{nullptr};
676 RGWUserCtl *user_ctl{nullptr};
7c673cae
FG		 677
678 rgw_user user_id;
9f95a23c 679 bool info_stored{false};
7c673cae
FG		 680
681 void set_populated() { info_stored = true; }
682 void clear_populated() { info_stored = false; }
683 bool is_populated() { return info_stored; }
684
685 int check_op(RGWUserAdminOpState& req, std::string *err_msg);
686 int update(RGWUserAdminOpState& op_state, std::string *err_msg);
687
688 void clear_members();
689 void init_default();
690
691 /* API Contract Fulfillment */
692 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg);
9f95a23c
TL		 693 int execute_remove(RGWUserAdminOpState& op_state,
694 std::string *err_msg, optional_yield y);
7c673cae 695 int execute_modify(RGWUserAdminOpState& op_state, std::string *err_msg);
9f95a23c 696 int execute_rename(RGWUserAdminOpState& op_state, std::string *err_msg);
7c673cae
FG		 697
698public:
699 RGWUser();
7c673cae 700
9f95a23c 701 int init(rgw::sal::RGWRadosStore *storage, RGWUserAdminOpState& op_state);
7c673cae 702
9f95a23c 703 int init_storage(rgw::sal::RGWRadosStore *storage);
7c673cae
FG		 704 int init(RGWUserAdminOpState& op_state);
705 int init_members(RGWUserAdminOpState& op_state);
706
9f95a23c
TL		 707 rgw::sal::RGWRadosStore *get_store() { return store; }
708 RGWUserCtl *get_user_ctl() { return user_ctl; }
7c673cae
FG		 709
710 /* API Contracted Members */
711 RGWUserCapPool caps;
712 RGWAccessKeyPool keys;
713 RGWSubUserPool subusers;
714
715 /* API Contracted Methods */
716 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
9f95a23c
TL		 717
718 int remove(RGWUserAdminOpState& op_state, optional_yield y, std::string *err_msg = NULL);
719
720 int rename(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
7c673cae
FG		 721
722 /* remove an already populated RGWUser */
723 int remove(std::string *err_msg = NULL);
724
725 int modify(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
726
727 /* retrieve info from an existing user in the RGW system */
728 int info(RGWUserAdminOpState& op_state, RGWUserInfo& fetched_info, std::string *err_msg = NULL);
729
730 /* info from an already populated RGWUser */
731 int info (RGWUserInfo& fetched_info, std::string *err_msg = NULL);
732
11fdf7f2
TL		 733 /* list the existing users */
734 int list(RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
735
7c673cae
FG		 736 friend class RGWAccessKeyPool;
737 friend class RGWSubUserPool;
738 friend class RGWUserCapPool;
739};
740
11fdf7f2 741/* Wrappers for admin API functionality */
7c673cae
FG		 742
743class RGWUserAdminOp_User
744{
745public:
9f95a23c 746 static int list(rgw::sal::RGWRadosStore *store,
11fdf7f2
TL		 747 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
748
9f95a23c 749 static int info(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 750 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
751
9f95a23c 752 static int create(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 753 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
754
9f95a23c 755 static int modify(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 756 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
757
9f95a23c
TL		 758 static int remove(rgw::sal::RGWRadosStore *store,
759 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher, optional_yield y);
7c673cae
FG		 760};
761
762class RGWUserAdminOp_Subuser
763{
764public:
9f95a23c 765 static int create(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 766 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
767
9f95a23c 768 static int modify(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 769 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
770
9f95a23c 771 static int remove(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 772 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
773};
774
775class RGWUserAdminOp_Key
776{
777public:
9f95a23c 778 static int create(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 779 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
780
9f95a23c 781 static int remove(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 782 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
783};
784
785class RGWUserAdminOp_Caps
786{
787public:
9f95a23c 788 static int add(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 789 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
790
9f95a23c 791 static int remove(rgw::sal::RGWRadosStore *store,
7c673cae
FG		 792 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
793};
794
9f95a23c
TL		 795struct RGWUserCompleteInfo {
796 RGWUserInfo info;
797 map<string, bufferlist> attrs;
798 bool has_attrs{false};
799
800 void dump(Formatter * const f) const {
801 info.dump(f);
802 encode_json("attrs", attrs, f);
803 }
804
805 void decode_json(JSONObj *obj) {
806 decode_json_obj(info, obj);
807 has_attrs = JSONDecoder::decode_json("attrs", attrs, obj);
808 }
809};
810
811class RGWUserMetadataObject : public RGWMetadataObject {
812 RGWUserCompleteInfo uci;
813public:
814 RGWUserMetadataObject() {}
815 RGWUserMetadataObject(const RGWUserCompleteInfo& _uci, const obj_version& v, real_time m)
816 : uci(_uci) {
817 objv = v;
818 mtime = m;
819 }
820
821 void dump(Formatter *f) const override {
822 uci.dump(f);
823 }
824
825 RGWUserCompleteInfo& get_uci() {
826 return uci;
827 }
828};
829
830class RGWUserMetadataHandler;
831
832class RGWUserCtl
833{
834 struct Svc {
835 RGWSI_Zone *zone{nullptr};
836 RGWSI_User *user{nullptr};
837 } svc;
838
839 struct Ctl {
840 RGWBucketCtl *bucket{nullptr};
841 } ctl;
842
843 RGWUserMetadataHandler *umhandler;
844 RGWSI_MetaBackend_Handler *be_handler{nullptr};
845
846public:
847 RGWUserCtl(RGWSI_Zone *zone_svc,
848 RGWSI_User *user_svc,
849 RGWUserMetadataHandler *_umhandler);
850
851 void init(RGWBucketCtl *bucket_ctl) {
852 ctl.bucket = bucket_ctl;
853 }
854
855 RGWBucketCtl *get_bucket_ctl() {
856 return ctl.bucket;
857 }
858
859 struct GetParams {
860 RGWObjVersionTracker *objv_tracker{nullptr};
861 ceph::real_time *mtime{nullptr};
862 rgw_cache_entry_info *cache_info{nullptr};
863 map<string, bufferlist> *attrs{nullptr};
864
865 GetParams() {}
866
867 GetParams& set_objv_tracker(RGWObjVersionTracker *_objv_tracker) {
868 objv_tracker = _objv_tracker;
869 return *this;
870 }
871
872 GetParams& set_mtime(ceph::real_time *_mtime) {
873 mtime = _mtime;
874 return *this;
875 }
876
877 GetParams& set_cache_info(rgw_cache_entry_info *_cache_info) {
878 cache_info = _cache_info;
879 return *this;
880 }
881
882 GetParams& set_attrs(map<string, bufferlist> *_attrs) {
883 attrs = _attrs;
884 return *this;
885 }
886 };
887
888 struct PutParams {
889 RGWUserInfo *old_info{nullptr};
890 RGWObjVersionTracker *objv_tracker{nullptr};
891 ceph::real_time mtime;
892 bool exclusive{false};
893 map<string, bufferlist> *attrs{nullptr};
894
895 PutParams() {}
896
897 PutParams& set_old_info(RGWUserInfo *_info) {
898 old_info = _info;
899 return *this;
900 }
901
902 PutParams& set_objv_tracker(RGWObjVersionTracker *_objv_tracker) {
903 objv_tracker = _objv_tracker;
904 return *this;
905 }
906
907 PutParams& set_mtime(const ceph::real_time& _mtime) {
908 mtime = _mtime;
909 return *this;
910 }
911
912 PutParams& set_exclusive(bool _exclusive) {
913 exclusive = _exclusive;
914 return *this;
915 }
916
917 PutParams& set_attrs(map<string, bufferlist> *_attrs) {
918 attrs = _attrs;
919 return *this;
920 }
921 };
922
923 struct RemoveParams {
924 RGWObjVersionTracker *objv_tracker{nullptr};
925
926 RemoveParams() {}
927
928 RemoveParams& set_objv_tracker(RGWObjVersionTracker *_objv_tracker) {
929 objv_tracker = _objv_tracker;
930 return *this;
931 }
932 };
933
934 int get_info_by_uid(const rgw_user& uid, RGWUserInfo *info,
935 optional_yield y, const GetParams& params = {});
936 int get_info_by_email(const string& email, RGWUserInfo *info,
937 optional_yield y, const GetParams& params = {});
938 int get_info_by_swift(const string& swift_name, RGWUserInfo *info,
939 optional_yield y, const GetParams& params = {});
940 int get_info_by_access_key(const string& access_key, RGWUserInfo *info,
941 optional_yield y, const GetParams& params = {});
942
943 int get_attrs_by_uid(const rgw_user& user_id,
944 map<string, bufferlist> *attrs,
945 optional_yield y,
946 RGWObjVersionTracker *objv_tracker = nullptr);
947
948 int store_info(const RGWUserInfo& info, optional_yield y,
949 const PutParams& params = {});
950 int remove_info(const RGWUserInfo& info, optional_yield y,
951 const RemoveParams& params = {});
952
953 int add_bucket(const rgw_user& user,
954 const rgw_bucket& bucket,
955 ceph::real_time creation_time);
956 int remove_bucket(const rgw_user& user,
957 const rgw_bucket& bucket);
958 int list_buckets(const rgw_user& user,
959 const string& marker,
960 const string& end_marker,
961 uint64_t max,
962 bool need_stats,
963 RGWUserBuckets *buckets,
964 bool *is_truncated,
965 uint64_t default_max = 1000);
966
967 int flush_bucket_stats(const rgw_user& user,
968 const RGWBucketEnt& ent);
969 int complete_flush_stats(const rgw_user& user);
970 int reset_stats(const rgw_user& user);
971 int read_stats(const rgw_user& user, RGWStorageStats *stats,
972 ceph::real_time *last_stats_sync = nullptr, /* last time a full stats sync completed */
973 ceph::real_time *last_stats_update = nullptr); /* last time a stats update was done */
974 int read_stats_async(const rgw_user& user, RGWGetUserStats_CB *ctx);
975};
976
977class RGWUserMetaHandlerAllocator {
978public:
979 static RGWMetadataHandler *alloc(RGWSI_User *user_svc);
980};
7c673cae 981
7c673cae
FG		 982
983#endif
Ceph