1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
4 #include "common/errno.h"
8 #include "rgw_bucket.h"
11 #include "services/svc_user.h"
12 #include "services/svc_meta.h"
14 #define dout_subsys ceph_subsys_rgw
18 extern void op_type_to_str(uint32_t mask
, char *buf
, int len
);
20 static string
key_type_to_str(int key_type
) {
32 static bool char_is_unreserved_url(char c
)
48 static bool validate_access_key(string
& key
)
50 const char *p
= key
.c_str();
52 if (!char_is_unreserved_url(*p
))
59 static void set_err_msg(std::string
*sink
, std::string msg
)
61 if (sink
&& !msg
.empty())
66 * Dump either the full user info or a subset to a formatter.
68 * NOTE: It is the caller's responsibility to ensure that the
69 * formatter is flushed at the correct time.
72 static void dump_subusers_info(Formatter
*f
, RGWUserInfo
&info
)
74 map
<string
, RGWSubUser
>::iterator uiter
;
76 f
->open_array_section("subusers");
77 for (uiter
= info
.subusers
.begin(); uiter
!= info
.subusers
.end(); ++uiter
) {
78 RGWSubUser
& u
= uiter
->second
;
79 f
->open_object_section("user");
81 info
.user_id
.to_str(s
);
82 f
->dump_format("id", "%s:%s", s
.c_str(), u
.name
.c_str());
84 rgw_perm_to_str(u
.perm_mask
, buf
, sizeof(buf
));
85 f
->dump_string("permissions", buf
);
91 static void dump_access_keys_info(Formatter
*f
, RGWUserInfo
&info
)
93 map
<string
, RGWAccessKey
>::iterator kiter
;
94 f
->open_array_section("keys");
95 for (kiter
= info
.access_keys
.begin(); kiter
!= info
.access_keys
.end(); ++kiter
) {
96 RGWAccessKey
& k
= kiter
->second
;
97 const char *sep
= (k
.subuser
.empty() ? "" : ":");
98 const char *subuser
= (k
.subuser
.empty() ? "" : k
.subuser
.c_str());
99 f
->open_object_section("key");
101 info
.user_id
.to_str(s
);
102 f
->dump_format("user", "%s%s%s", s
.c_str(), sep
, subuser
);
103 f
->dump_string("access_key", k
.id
);
104 f
->dump_string("secret_key", k
.key
);
110 static void dump_swift_keys_info(Formatter
*f
, RGWUserInfo
&info
)
112 map
<string
, RGWAccessKey
>::iterator kiter
;
113 f
->open_array_section("swift_keys");
114 for (kiter
= info
.swift_keys
.begin(); kiter
!= info
.swift_keys
.end(); ++kiter
) {
115 RGWAccessKey
& k
= kiter
->second
;
116 const char *sep
= (k
.subuser
.empty() ? "" : ":");
117 const char *subuser
= (k
.subuser
.empty() ? "" : k
.subuser
.c_str());
118 f
->open_object_section("key");
120 info
.user_id
.to_str(s
);
121 f
->dump_format("user", "%s%s%s", s
.c_str(), sep
, subuser
);
122 f
->dump_string("secret_key", k
.key
);
128 static void dump_user_info(Formatter
*f
, RGWUserInfo
&info
,
129 RGWStorageStats
*stats
= NULL
)
131 f
->open_object_section("user_info");
132 encode_json("tenant", info
.user_id
.tenant
, f
);
133 encode_json("user_id", info
.user_id
.id
, f
);
134 encode_json("display_name", info
.display_name
, f
);
135 encode_json("email", info
.user_email
, f
);
136 encode_json("suspended", (int)info
.suspended
, f
);
137 encode_json("max_buckets", (int)info
.max_buckets
, f
);
139 dump_subusers_info(f
, info
);
140 dump_access_keys_info(f
, info
);
141 dump_swift_keys_info(f
, info
);
143 encode_json("caps", info
.caps
, f
);
146 op_type_to_str(info
.op_mask
, buf
, sizeof(buf
));
147 encode_json("op_mask", (const char *)buf
, f
);
148 encode_json("system", (bool)info
.system
, f
);
149 encode_json("admin", (bool)info
.admin
, f
);
150 encode_json("default_placement", info
.default_placement
.name
, f
);
151 encode_json("default_storage_class", info
.default_placement
.storage_class
, f
);
152 encode_json("placement_tags", info
.placement_tags
, f
);
153 encode_json("bucket_quota", info
.quota
.bucket_quota
, f
);
154 encode_json("user_quota", info
.quota
.user_quota
, f
);
155 encode_json("temp_url_keys", info
.temp_url_keys
, f
);
157 string user_source_type
;
158 switch ((RGWIdentityType
)info
.type
) {
160 user_source_type
= "rgw";
163 user_source_type
= "keystone";
166 user_source_type
= "ldap";
169 user_source_type
= "none";
172 user_source_type
= "none";
175 encode_json("type", user_source_type
, f
);
176 encode_json("mfa_ids", info
.mfa_ids
, f
);
178 encode_json("stats", *stats
, f
);
183 static int user_add_helper(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
186 const rgw_user
& uid
= op_state
.get_user_id();
187 std::string user_email
= op_state
.get_user_email();
188 std::string display_name
= op_state
.get_display_name();
190 // fail if the user exists already
191 if (op_state
.has_existing_user()) {
192 if (op_state
.found_by_email
) {
193 set_err_msg(err_msg
, "email: " + user_email
+
194 " is the email address of an existing user");
195 ret
= -ERR_EMAIL_EXIST
;
196 } else if (op_state
.found_by_key
) {
197 set_err_msg(err_msg
, "duplicate key provided");
198 ret
= -ERR_KEY_EXIST
;
200 set_err_msg(err_msg
, "user: " + uid
.to_str() + " exists");
206 // fail if the user_info has already been populated
207 if (op_state
.is_populated()) {
208 set_err_msg(err_msg
, "cannot overwrite already populated user");
212 // fail if the display name was not included
213 if (display_name
.empty()) {
214 set_err_msg(err_msg
, "no display name specified");
221 RGWAccessKeyPool::RGWAccessKeyPool(RGWUser
* usr
)
229 driver
= user
->get_driver();
232 int RGWAccessKeyPool::init(RGWUserAdminOpState
& op_state
)
234 if (!op_state
.is_initialized()) {
235 keys_allowed
= false;
239 const rgw_user
& uid
= op_state
.get_user_id();
240 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
241 keys_allowed
= false;
245 swift_keys
= op_state
.get_swift_keys();
246 access_keys
= op_state
.get_access_keys();
253 RGWUserAdminOpState::RGWUserAdminOpState(rgw::sal::Driver
* driver
)
255 user
= driver
->get_user(rgw_user(RGW_USER_ANON_ID
));
258 void RGWUserAdminOpState::set_user_id(const rgw_user
& id
)
263 user
->get_info().user_id
= id
;
266 void RGWUserAdminOpState::set_subuser(std::string
& _subuser
)
268 if (_subuser
.empty())
271 size_t pos
= _subuser
.find(":");
272 if (pos
!= string::npos
) {
274 tmp_id
.from_str(_subuser
.substr(0, pos
));
275 if (tmp_id
.tenant
.empty()) {
276 user
->get_info().user_id
.id
= tmp_id
.id
;
278 user
->get_info().user_id
= tmp_id
;
280 subuser
= _subuser
.substr(pos
+1);
285 subuser_specified
= true;
288 void RGWUserAdminOpState::set_user_info(RGWUserInfo
& user_info
)
290 user
->get_info() = user_info
;
293 void RGWUserAdminOpState::set_user_version_tracker(RGWObjVersionTracker
& objv_tracker
)
295 user
->get_version_tracker() = objv_tracker
;
298 const rgw_user
& RGWUserAdminOpState::get_user_id()
300 return user
->get_id();
303 RGWUserInfo
& RGWUserAdminOpState::get_user_info()
305 return user
->get_info();
308 map
<std::string
, RGWAccessKey
>* RGWUserAdminOpState::get_swift_keys()
310 return &user
->get_info().swift_keys
;
313 map
<std::string
, RGWAccessKey
>* RGWUserAdminOpState::get_access_keys()
315 return &user
->get_info().access_keys
;
318 map
<std::string
, RGWSubUser
>* RGWUserAdminOpState::get_subusers()
320 return &user
->get_info().subusers
;
323 RGWUserCaps
*RGWUserAdminOpState::get_caps_obj()
325 return &user
->get_info().caps
;
328 std::string
RGWUserAdminOpState::build_default_swift_kid()
330 if (user
->get_id().empty() || subuser
.empty())
334 user
->get_id().to_str(kid
);
341 std::string
RGWUserAdminOpState::generate_subuser() {
342 if (user
->get_id().empty())
345 std::string generated_subuser
;
346 user
->get_id().to_str(generated_subuser
);
347 std::string rand_suffix
;
349 int sub_buf_size
= RAND_SUBUSER_LEN
+ 1;
350 char sub_buf
[RAND_SUBUSER_LEN
+ 1];
352 gen_rand_alphanumeric_upper(g_ceph_context
, sub_buf
, sub_buf_size
);
354 rand_suffix
= sub_buf
;
355 if (rand_suffix
.empty())
358 generated_subuser
.append(rand_suffix
);
359 subuser
= generated_subuser
;
361 return generated_subuser
;
365 * Do a fairly exhaustive search for an existing key matching the parameters
366 * given. Also handles the case where no key type was specified and updates
367 * the operation state if needed.
370 bool RGWAccessKeyPool::check_existing_key(RGWUserAdminOpState
& op_state
)
372 bool existing_key
= false;
374 int key_type
= op_state
.get_key_type();
375 std::string kid
= op_state
.get_access_key();
376 std::map
<std::string
, RGWAccessKey
>::iterator kiter
;
377 std::string swift_kid
= op_state
.build_default_swift_kid();
379 RGWUserInfo dup_info
;
381 if (kid
.empty() && swift_kid
.empty())
386 kiter
= swift_keys
->find(swift_kid
);
388 existing_key
= (kiter
!= swift_keys
->end());
390 op_state
.set_access_key(swift_kid
);
394 kiter
= access_keys
->find(kid
);
395 existing_key
= (kiter
!= access_keys
->end());
399 kiter
= access_keys
->find(kid
);
401 existing_key
= (kiter
!= access_keys
->end());
403 op_state
.set_key_type(KEY_TYPE_S3
);
407 kiter
= swift_keys
->find(kid
);
409 existing_key
= (kiter
!= swift_keys
->end());
411 op_state
.set_key_type(KEY_TYPE_SWIFT
);
415 // handle the case where the access key was not provided in user:key format
416 if (swift_kid
.empty())
419 kiter
= swift_keys
->find(swift_kid
);
421 existing_key
= (kiter
!= swift_keys
->end());
423 op_state
.set_access_key(swift_kid
);
424 op_state
.set_key_type(KEY_TYPE_SWIFT
);
428 op_state
.set_existing_key(existing_key
);
433 int RGWAccessKeyPool::check_op(RGWUserAdminOpState
& op_state
,
434 std::string
*err_msg
)
436 RGWUserInfo dup_info
;
438 if (!op_state
.is_populated()) {
439 set_err_msg(err_msg
, "user info was not populated");
444 set_err_msg(err_msg
, "keys not allowed for this user");
448 int32_t key_type
= op_state
.get_key_type();
450 // if a key type wasn't specified
452 if (op_state
.has_subuser()) {
453 key_type
= KEY_TYPE_SWIFT
;
455 key_type
= KEY_TYPE_S3
;
459 op_state
.set_key_type(key_type
);
461 /* see if the access key was specified */
462 if (key_type
== KEY_TYPE_S3
&& !op_state
.will_gen_access() &&
463 op_state
.get_access_key().empty()) {
464 set_err_msg(err_msg
, "empty access key");
465 return -ERR_INVALID_ACCESS_KEY
;
468 // don't check for secret key because we may be doing a removal
470 if (check_existing_key(op_state
)) {
471 op_state
.set_access_key_exist();
476 // Generate a new random key
477 int RGWAccessKeyPool::generate_key(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
,
478 optional_yield y
, std::string
*err_msg
)
483 std::pair
<std::string
, RGWAccessKey
> key_pair
;
484 RGWAccessKey new_key
;
485 std::unique_ptr
<rgw::sal::User
> duplicate_check
;
487 int key_type
= op_state
.get_key_type();
488 bool gen_access
= op_state
.will_gen_access();
489 bool gen_secret
= op_state
.will_gen_secret();
492 set_err_msg(err_msg
, "access keys not allowed for this user");
496 if (op_state
.has_existing_key()) {
497 set_err_msg(err_msg
, "cannot create existing key");
498 return -ERR_KEY_EXIST
;
502 id
= op_state
.get_access_key();
508 if (driver
->get_user_by_swift(dpp
, id
, y
, &duplicate_check
) >= 0) {
509 set_err_msg(err_msg
, "existing swift key in RGW system:" + id
);
510 return -ERR_KEY_EXIST
;
514 if (driver
->get_user_by_access_key(dpp
, id
, y
, &duplicate_check
) >= 0) {
515 set_err_msg(err_msg
, "existing S3 key in RGW system:" + id
);
516 return -ERR_KEY_EXIST
;
522 if (op_state
.has_subuser()) {
523 //create user and subuser at the same time, user's s3 key should not be set this
524 if (!op_state
.key_type_setbycontext
|| (key_type
== KEY_TYPE_SWIFT
)) {
525 new_key
.subuser
= op_state
.get_subuser();
531 if (op_state
.get_secret_key().empty()) {
532 set_err_msg(err_msg
, "empty secret key");
533 return -ERR_INVALID_SECRET_KEY
;
536 key
= op_state
.get_secret_key();
538 char secret_key_buf
[SECRET_KEY_LEN
+ 1];
539 gen_rand_alphanumeric_plain(g_ceph_context
, secret_key_buf
, sizeof(secret_key_buf
));
540 key
= secret_key_buf
;
543 // Generate the access key
544 if (key_type
== KEY_TYPE_S3
&& gen_access
) {
545 char public_id_buf
[PUBLIC_ID_LEN
+ 1];
548 int id_buf_size
= sizeof(public_id_buf
);
549 gen_rand_alphanumeric_upper(g_ceph_context
, public_id_buf
, id_buf_size
);
551 if (!validate_access_key(id
))
554 } while (!driver
->get_user_by_access_key(dpp
, id
, y
, &duplicate_check
));
557 if (key_type
== KEY_TYPE_SWIFT
) {
558 id
= op_state
.build_default_swift_kid();
560 set_err_msg(err_msg
, "empty swift access key");
561 return -ERR_INVALID_ACCESS_KEY
;
564 // check that the access key doesn't exist
565 if (driver
->get_user_by_swift(dpp
, id
, y
, &duplicate_check
) >= 0) {
566 set_err_msg(err_msg
, "cannot create existing swift key");
567 return -ERR_KEY_EXIST
;
571 // finally create the new key
576 key_pair
.second
= new_key
;
578 if (key_type
== KEY_TYPE_S3
) {
579 access_keys
->insert(key_pair
);
580 } else if (key_type
== KEY_TYPE_SWIFT
) {
581 swift_keys
->insert(key_pair
);
587 // modify an existing key
588 int RGWAccessKeyPool::modify_key(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
591 std::string key
= op_state
.get_secret_key();
592 int key_type
= op_state
.get_key_type();
594 RGWAccessKey modify_key
;
596 pair
<string
, RGWAccessKey
> key_pair
;
597 map
<std::string
, RGWAccessKey
>::iterator kiter
;
601 id
= op_state
.get_access_key();
603 set_err_msg(err_msg
, "no access key specified");
604 return -ERR_INVALID_ACCESS_KEY
;
608 id
= op_state
.build_default_swift_kid();
610 set_err_msg(err_msg
, "no subuser specified");
615 set_err_msg(err_msg
, "invalid key type");
616 return -ERR_INVALID_KEY_TYPE
;
619 if (!op_state
.has_existing_key()) {
620 set_err_msg(err_msg
, "key does not exist");
621 return -ERR_INVALID_ACCESS_KEY
;
626 if (key_type
== KEY_TYPE_SWIFT
) {
628 modify_key
.subuser
= op_state
.get_subuser();
629 } else if (key_type
== KEY_TYPE_S3
) {
630 kiter
= access_keys
->find(id
);
631 if (kiter
!= access_keys
->end()) {
632 modify_key
= kiter
->second
;
636 if (op_state
.will_gen_secret()) {
637 char secret_key_buf
[SECRET_KEY_LEN
+ 1];
638 int key_buf_size
= sizeof(secret_key_buf
);
639 gen_rand_alphanumeric_plain(g_ceph_context
, secret_key_buf
, key_buf_size
);
640 key
= secret_key_buf
;
644 set_err_msg(err_msg
, "empty secret key");
645 return -ERR_INVALID_SECRET_KEY
;
648 // update the access key with the new secret key
649 modify_key
.key
= key
;
651 key_pair
.second
= modify_key
;
654 if (key_type
== KEY_TYPE_S3
) {
655 (*access_keys
)[id
] = modify_key
;
656 } else if (key_type
== KEY_TYPE_SWIFT
) {
657 (*swift_keys
)[id
] = modify_key
;
663 int RGWAccessKeyPool::execute_add(const DoutPrefixProvider
*dpp
,
664 RGWUserAdminOpState
& op_state
,
665 std::string
*err_msg
, bool defer_user_update
,
670 std::string subprocess_msg
;
671 int key_op
= GENERATE_KEY
;
674 if (op_state
.has_existing_key())
679 ret
= generate_key(dpp
, op_state
, y
, &subprocess_msg
);
682 ret
= modify_key(op_state
, &subprocess_msg
);
687 set_err_msg(err_msg
, subprocess_msg
);
691 // store the updated info
692 if (!defer_user_update
)
693 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
701 int RGWAccessKeyPool::add(const DoutPrefixProvider
*dpp
,
702 RGWUserAdminOpState
& op_state
, optional_yield y
,
703 std::string
*err_msg
)
705 return add(dpp
, op_state
, err_msg
, false, y
);
708 int RGWAccessKeyPool::add(const DoutPrefixProvider
*dpp
,
709 RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
710 bool defer_user_update
, optional_yield y
)
713 std::string subprocess_msg
;
715 ret
= check_op(op_state
, &subprocess_msg
);
717 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
721 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
723 set_err_msg(err_msg
, "unable to add access key, " + subprocess_msg
);
730 int RGWAccessKeyPool::execute_remove(const DoutPrefixProvider
*dpp
,
731 RGWUserAdminOpState
& op_state
,
732 std::string
*err_msg
,
733 bool defer_user_update
,
738 int key_type
= op_state
.get_key_type();
739 std::string id
= op_state
.get_access_key();
740 map
<std::string
, RGWAccessKey
>::iterator kiter
;
741 map
<std::string
, RGWAccessKey
> *keys_map
;
743 if (!op_state
.has_existing_key()) {
744 set_err_msg(err_msg
, "unable to find access key, with key type: " +
745 key_type_to_str(key_type
));
746 return -ERR_INVALID_ACCESS_KEY
;
749 if (key_type
== KEY_TYPE_S3
) {
750 keys_map
= access_keys
;
751 } else if (key_type
== KEY_TYPE_SWIFT
) {
752 keys_map
= swift_keys
;
755 set_err_msg(err_msg
, "invalid access key");
756 return -ERR_INVALID_ACCESS_KEY
;
759 kiter
= keys_map
->find(id
);
760 if (kiter
== keys_map
->end()) {
761 set_err_msg(err_msg
, "key not found");
762 return -ERR_INVALID_ACCESS_KEY
;
765 keys_map
->erase(kiter
);
767 if (!defer_user_update
)
768 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
776 int RGWAccessKeyPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
777 std::string
*err_msg
)
779 return remove(dpp
, op_state
, err_msg
, false, y
);
782 int RGWAccessKeyPool::remove(const DoutPrefixProvider
*dpp
,
783 RGWUserAdminOpState
& op_state
,
784 std::string
*err_msg
, bool defer_user_update
,
789 std::string subprocess_msg
;
791 ret
= check_op(op_state
, &subprocess_msg
);
793 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
797 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
799 set_err_msg(err_msg
, "unable to remove access key, " + subprocess_msg
);
806 // remove all keys associated with a subuser
807 int RGWAccessKeyPool::remove_subuser_keys(const DoutPrefixProvider
*dpp
,
808 RGWUserAdminOpState
& op_state
,
809 std::string
*err_msg
,
810 bool defer_user_update
,
815 if (!op_state
.is_populated()) {
816 set_err_msg(err_msg
, "user info was not populated");
820 if (!op_state
.has_subuser()) {
821 set_err_msg(err_msg
, "no subuser specified");
825 std::string swift_kid
= op_state
.build_default_swift_kid();
826 if (swift_kid
.empty()) {
827 set_err_msg(err_msg
, "empty swift access key");
831 map
<std::string
, RGWAccessKey
>::iterator kiter
;
832 map
<std::string
, RGWAccessKey
> *keys_map
;
834 // a subuser can have at most one swift key
835 keys_map
= swift_keys
;
836 kiter
= keys_map
->find(swift_kid
);
837 if (kiter
!= keys_map
->end()) {
838 keys_map
->erase(kiter
);
841 // a subuser may have multiple s3 key pairs
842 std::string subuser_str
= op_state
.get_subuser();
843 keys_map
= access_keys
;
844 RGWUserInfo user_info
= op_state
.get_user_info();
845 auto user_kiter
= user_info
.access_keys
.begin();
846 for (; user_kiter
!= user_info
.access_keys
.end(); ++user_kiter
) {
847 if (user_kiter
->second
.subuser
== subuser_str
) {
848 kiter
= keys_map
->find(user_kiter
->first
);
849 if (kiter
!= keys_map
->end()) {
850 keys_map
->erase(kiter
);
855 if (!defer_user_update
)
856 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
864 RGWSubUserPool::RGWSubUserPool(RGWUser
*usr
)
872 subusers_allowed
= true;
873 driver
= user
->get_driver();
876 int RGWSubUserPool::init(RGWUserAdminOpState
& op_state
)
878 if (!op_state
.is_initialized()) {
879 subusers_allowed
= false;
883 const rgw_user
& uid
= op_state
.get_user_id();
884 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
885 subusers_allowed
= false;
889 subuser_map
= op_state
.get_subusers();
890 if (subuser_map
== NULL
) {
891 subusers_allowed
= false;
895 subusers_allowed
= true;
900 bool RGWSubUserPool::exists(std::string subuser
)
908 if (subuser_map
->count(subuser
))
914 int RGWSubUserPool::check_op(RGWUserAdminOpState
& op_state
,
915 std::string
*err_msg
)
917 bool existing
= false;
918 std::string subuser
= op_state
.get_subuser();
920 if (!op_state
.is_populated()) {
921 set_err_msg(err_msg
, "user info was not populated");
925 if (!subusers_allowed
) {
926 set_err_msg(err_msg
, "subusers not allowed for this user");
930 if (subuser
.empty() && !op_state
.will_gen_subuser()) {
931 set_err_msg(err_msg
, "empty subuser name");
935 if (op_state
.get_subuser_perm() == RGW_PERM_INVALID
) {
936 set_err_msg(err_msg
, "invalid subuser access");
940 //set key type when it not set or set by context
941 if ((op_state
.get_key_type() < 0) || op_state
.key_type_setbycontext
) {
942 op_state
.set_key_type(KEY_TYPE_SWIFT
);
943 op_state
.key_type_setbycontext
= true;
946 // check if the subuser exists
947 if (!subuser
.empty())
948 existing
= exists(subuser
);
950 op_state
.set_existing_subuser(existing
);
955 int RGWSubUserPool::execute_add(const DoutPrefixProvider
*dpp
,
956 RGWUserAdminOpState
& op_state
,
957 std::string
*err_msg
, bool defer_user_update
,
961 std::string subprocess_msg
;
964 std::pair
<std::string
, RGWSubUser
> subuser_pair
;
965 std::string subuser_str
= op_state
.get_subuser();
967 subuser_pair
.first
= subuser_str
;
969 // assumes key should be created
970 if (op_state
.has_key_op()) {
971 ret
= user
->keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
973 set_err_msg(err_msg
, "unable to create subuser key, " + subprocess_msg
);
978 // create the subuser
979 subuser
.name
= subuser_str
;
981 if (op_state
.has_subuser_perm())
982 subuser
.perm_mask
= op_state
.get_subuser_perm();
984 // insert the subuser into user info
985 subuser_pair
.second
= subuser
;
986 subuser_map
->insert(subuser_pair
);
988 // attempt to save the subuser
989 if (!defer_user_update
)
990 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
998 int RGWSubUserPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
999 std::string
*err_msg
)
1001 return add(dpp
, op_state
, err_msg
, false, y
);
1004 int RGWSubUserPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, bool defer_user_update
, optional_yield y
)
1006 std::string subprocess_msg
;
1008 int32_t key_type
= op_state
.get_key_type();
1010 ret
= check_op(op_state
, &subprocess_msg
);
1012 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1016 if (op_state
.get_access_key_exist()) {
1017 set_err_msg(err_msg
, "cannot create existing key");
1018 return -ERR_KEY_EXIST
;
1021 if (key_type
== KEY_TYPE_S3
&& op_state
.get_access_key().empty()) {
1022 op_state
.set_gen_access();
1025 if (op_state
.get_secret_key().empty()) {
1026 op_state
.set_gen_secret();
1029 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1031 set_err_msg(err_msg
, "unable to create subuser, " + subprocess_msg
);
1038 int RGWSubUserPool::execute_remove(const DoutPrefixProvider
*dpp
,
1039 RGWUserAdminOpState
& op_state
,
1040 std::string
*err_msg
, bool defer_user_update
,
1044 std::string subprocess_msg
;
1046 std::string subuser_str
= op_state
.get_subuser();
1048 map
<std::string
, RGWSubUser
>::iterator siter
;
1049 siter
= subuser_map
->find(subuser_str
);
1050 if (siter
== subuser_map
->end()){
1051 set_err_msg(err_msg
, "subuser not found: " + subuser_str
);
1052 return -ERR_NO_SUCH_SUBUSER
;
1054 if (!op_state
.has_existing_subuser()) {
1055 set_err_msg(err_msg
, "subuser not found: " + subuser_str
);
1056 return -ERR_NO_SUCH_SUBUSER
;
1059 // always purge all associate keys
1060 user
->keys
.remove_subuser_keys(dpp
, op_state
, &subprocess_msg
, true, y
);
1062 // remove the subuser from the user info
1063 subuser_map
->erase(siter
);
1065 // attempt to save the subuser
1066 if (!defer_user_update
)
1067 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1075 int RGWSubUserPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1076 std::string
*err_msg
)
1078 return remove(dpp
, op_state
, err_msg
, false, y
);
1081 int RGWSubUserPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1082 bool defer_user_update
, optional_yield y
)
1084 std::string subprocess_msg
;
1087 ret
= check_op(op_state
, &subprocess_msg
);
1089 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1093 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1095 set_err_msg(err_msg
, "unable to remove subuser, " + subprocess_msg
);
1102 int RGWSubUserPool::execute_modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, bool defer_user_update
, optional_yield y
)
1105 std::string subprocess_msg
;
1106 std::map
<std::string
, RGWSubUser
>::iterator siter
;
1107 std::pair
<std::string
, RGWSubUser
> subuser_pair
;
1109 std::string subuser_str
= op_state
.get_subuser();
1112 if (!op_state
.has_existing_subuser()) {
1113 set_err_msg(err_msg
, "subuser does not exist");
1114 return -ERR_NO_SUCH_SUBUSER
;
1117 subuser_pair
.first
= subuser_str
;
1119 siter
= subuser_map
->find(subuser_str
);
1120 subuser
= siter
->second
;
1122 if (op_state
.has_key_op()) {
1123 ret
= user
->keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
1125 set_err_msg(err_msg
, "unable to create subuser keys, " + subprocess_msg
);
1130 if (op_state
.has_subuser_perm())
1131 subuser
.perm_mask
= op_state
.get_subuser_perm();
1133 subuser_pair
.second
= subuser
;
1135 subuser_map
->erase(siter
);
1136 subuser_map
->insert(subuser_pair
);
1138 // attempt to save the subuser
1139 if (!defer_user_update
)
1140 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1148 int RGWSubUserPool::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1150 return RGWSubUserPool::modify(dpp
, op_state
, y
, err_msg
, false);
1153 int RGWSubUserPool::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
, bool defer_user_update
)
1155 std::string subprocess_msg
;
1160 ret
= check_op(op_state
, &subprocess_msg
);
1162 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1166 ret
= execute_modify(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1168 set_err_msg(err_msg
, "unable to modify subuser, " + subprocess_msg
);
1175 RGWUserCapPool::RGWUserCapPool(RGWUser
*usr
)
1181 caps_allowed
= true;
1184 int RGWUserCapPool::init(RGWUserAdminOpState
& op_state
)
1186 if (!op_state
.is_initialized()) {
1187 caps_allowed
= false;
1191 const rgw_user
& uid
= op_state
.get_user_id();
1192 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
1193 caps_allowed
= false;
1197 caps
= op_state
.get_caps_obj();
1199 caps_allowed
= false;
1200 return -ERR_INVALID_CAP
;
1203 caps_allowed
= true;
1208 int RGWUserCapPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1209 std::string
*err_msg
)
1211 return add(dpp
, op_state
, err_msg
, false, y
);
1214 int RGWUserCapPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1215 bool defer_save
, optional_yield y
)
1218 std::string caps_str
= op_state
.get_caps();
1220 if (!op_state
.is_populated()) {
1221 set_err_msg(err_msg
, "user info was not populated");
1225 if (!caps_allowed
) {
1226 set_err_msg(err_msg
, "caps not allowed for this user");
1230 if (caps_str
.empty()) {
1231 set_err_msg(err_msg
, "empty user caps");
1232 return -ERR_INVALID_CAP
;
1235 int r
= caps
->add_from_string(caps_str
);
1237 set_err_msg(err_msg
, "unable to add caps: " + caps_str
);
1242 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1250 int RGWUserCapPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1251 std::string
*err_msg
)
1253 return remove(dpp
, op_state
, err_msg
, false, y
);
1256 int RGWUserCapPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1257 bool defer_save
, optional_yield y
)
1261 std::string caps_str
= op_state
.get_caps();
1263 if (!op_state
.is_populated()) {
1264 set_err_msg(err_msg
, "user info was not populated");
1268 if (!caps_allowed
) {
1269 set_err_msg(err_msg
, "caps not allowed for this user");
1273 if (caps_str
.empty()) {
1274 set_err_msg(err_msg
, "empty user caps");
1275 return -ERR_INVALID_CAP
;
1278 int r
= caps
->remove_from_string(caps_str
);
1280 set_err_msg(err_msg
, "unable to remove caps: " + caps_str
);
1285 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1293 RGWUser::RGWUser() : caps(this), keys(this), subusers(this)
1298 int RGWUser::init(const DoutPrefixProvider
*dpp
, rgw::sal::Driver
* _driver
,
1299 RGWUserAdminOpState
& op_state
, optional_yield y
)
1302 int ret
= init_storage(_driver
);
1306 ret
= init(dpp
, op_state
, y
);
1313 void RGWUser::init_default()
1315 // use anonymous user info as a placeholder
1316 rgw_get_anon_user(old_info
);
1317 user_id
= RGW_USER_ANON_ID
;
1322 int RGWUser::init_storage(rgw::sal::Driver
* _driver
)
1333 keys
= RGWAccessKeyPool(this);
1334 caps
= RGWUserCapPool(this);
1335 subusers
= RGWSubUserPool(this);
1340 int RGWUser::init(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
)
1343 std::string swift_user
;
1344 user_id
= op_state
.get_user_id();
1345 std::string user_email
= op_state
.get_user_email();
1346 std::string access_key
= op_state
.get_access_key();
1347 std::string subuser
= op_state
.get_subuser();
1349 int key_type
= op_state
.get_key_type();
1350 if (key_type
== KEY_TYPE_SWIFT
) {
1351 swift_user
= op_state
.get_access_key();
1355 std::unique_ptr
<rgw::sal::User
> user
;
1359 if (user_id
.empty() && !subuser
.empty()) {
1360 size_t pos
= subuser
.find(':');
1361 if (pos
!= string::npos
) {
1362 user_id
= subuser
.substr(0, pos
);
1363 op_state
.set_user_id(user_id
);
1367 if (!user_id
.empty() && (user_id
.compare(RGW_USER_ANON_ID
) != 0)) {
1368 user
= driver
->get_user(user_id
);
1369 found
= (user
->load_user(dpp
, y
) >= 0);
1370 op_state
.found_by_uid
= found
;
1372 if (driver
->ctx()->_conf
.get_val
<bool>("rgw_user_unique_email")) {
1373 if (!user_email
.empty() && !found
) {
1374 found
= (driver
->get_user_by_email(dpp
, user_email
, y
, &user
) >= 0);
1375 op_state
.found_by_email
= found
;
1378 if (!swift_user
.empty() && !found
) {
1379 found
= (driver
->get_user_by_swift(dpp
, swift_user
, y
, &user
) >= 0);
1380 op_state
.found_by_key
= found
;
1382 if (!access_key
.empty() && !found
) {
1383 found
= (driver
->get_user_by_access_key(dpp
, access_key
, y
, &user
) >= 0);
1384 op_state
.found_by_key
= found
;
1387 op_state
.set_existing_user(found
);
1389 op_state
.set_user_info(user
->get_info());
1390 op_state
.set_populated();
1391 op_state
.objv
= user
->get_version_tracker();
1392 op_state
.set_user_version_tracker(user
->get_version_tracker());
1394 old_info
= user
->get_info();
1398 if (user_id
.empty()) {
1399 user_id
= user
->get_id();
1401 op_state
.set_initialized();
1403 // this may have been called by a helper object
1404 int ret
= init_members(op_state
);
1411 int RGWUser::init_members(RGWUserAdminOpState
& op_state
)
1415 ret
= keys
.init(op_state
);
1419 ret
= subusers
.init(op_state
);
1423 ret
= caps
.init(op_state
);
1430 int RGWUser::update(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1434 std::string subprocess_msg
;
1435 rgw::sal::User
* user
= op_state
.get_user();
1438 set_err_msg(err_msg
, "couldn't initialize storage");
1442 // if op_state.op_access_keys is not empty most recent keys have been fetched from master zone
1443 if(!op_state
.op_access_keys
.empty()) {
1444 auto user_access_keys
= op_state
.get_access_keys();
1445 *(user_access_keys
) = op_state
.op_access_keys
;
1448 RGWUserInfo
*pold_info
= (is_populated() ? &old_info
: nullptr);
1450 ret
= user
->store_user(dpp
, y
, false, pold_info
);
1451 op_state
.objv
= user
->get_version_tracker();
1452 op_state
.set_user_version_tracker(user
->get_version_tracker());
1455 set_err_msg(err_msg
, "unable to store user info");
1459 old_info
= user
->get_info();
1465 int RGWUser::check_op(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
1468 const rgw_user
& uid
= op_state
.get_user_id();
1470 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
1471 set_err_msg(err_msg
, "unable to perform operations on the anonymous user");
1475 if (is_populated() && user_id
.compare(uid
) != 0) {
1476 set_err_msg(err_msg
, "user id mismatch, operation id: " + uid
.to_str()
1477 + " does not match: " + user_id
.to_str());
1482 ret
= rgw_validate_tenant_name(uid
.tenant
);
1484 set_err_msg(err_msg
,
1485 "invalid tenant only alphanumeric and _ characters are allowed");
1489 //set key type when it not set or set by context
1490 if ((op_state
.get_key_type() < 0) || op_state
.key_type_setbycontext
) {
1491 op_state
.set_key_type(KEY_TYPE_S3
);
1492 op_state
.key_type_setbycontext
= true;
1498 // update swift_keys with new user id
1499 static void rename_swift_keys(const rgw_user
& user
,
1500 std::map
<std::string
, RGWAccessKey
>& keys
)
1502 std::string user_id
;
1503 user
.to_str(user_id
);
1505 auto modify_keys
= std::move(keys
);
1506 for ([[maybe_unused
]] auto& [k
, key
] : modify_keys
) {
1507 std::string id
= user_id
+ ":" + key
.subuser
;
1509 keys
[id
] = std::move(key
);
1513 int RGWUser::execute_rename(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1516 bool populated
= op_state
.is_populated();
1518 if (!op_state
.has_existing_user() && !populated
) {
1519 set_err_msg(err_msg
, "user not found");
1524 ret
= init(dpp
, op_state
, y
);
1526 set_err_msg(err_msg
, "unable to retrieve user info");
1531 std::unique_ptr
<rgw::sal::User
> old_user
= driver
->get_user(op_state
.get_user_info().user_id
);
1532 std::unique_ptr
<rgw::sal::User
> new_user
= driver
->get_user(op_state
.get_new_uid());
1533 if (old_user
->get_tenant() != new_user
->get_tenant()) {
1534 set_err_msg(err_msg
, "users have to be under the same tenant namespace "
1535 + old_user
->get_tenant() + " != " + new_user
->get_tenant());
1539 // create a stub user and write only the uid index and buckets object
1540 std::unique_ptr
<rgw::sal::User
> user
;
1541 user
= driver
->get_user(new_user
->get_id());
1543 const bool exclusive
= !op_state
.get_overwrite_new_user(); // overwrite if requested
1545 ret
= user
->store_user(dpp
, y
, exclusive
);
1546 if (ret
== -EEXIST
) {
1547 set_err_msg(err_msg
, "user name given by --new-uid already exists");
1551 set_err_msg(err_msg
, "unable to store new user info");
1555 RGWAccessControlPolicy policy_instance
;
1556 policy_instance
.create_default(new_user
->get_id(), old_user
->get_display_name());
1558 //unlink and link buckets to new user
1560 CephContext
*cct
= driver
->ctx();
1561 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
1562 rgw::sal::BucketList buckets
;
1565 ret
= old_user
->list_buckets(dpp
, marker
, "", max_buckets
, false, buckets
, y
);
1567 set_err_msg(err_msg
, "unable to list user buckets");
1571 auto& m
= buckets
.get_buckets();
1573 for (auto it
= m
.begin(); it
!= m
.end(); ++it
) {
1574 auto& bucket
= it
->second
;
1577 ret
= bucket
->load_bucket(dpp
, y
);
1579 set_err_msg(err_msg
, "failed to fetch bucket info for bucket=" + bucket
->get_name());
1583 ret
= bucket
->set_acl(dpp
, policy_instance
, y
);
1585 set_err_msg(err_msg
, "failed to set acl on bucket " + bucket
->get_name());
1589 ret
= rgw_chown_bucket_and_objects(driver
, bucket
.get(), new_user
.get(),
1590 std::string(), nullptr, dpp
, y
);
1592 set_err_msg(err_msg
, "failed to run bucket chown" + cpp_strerror(-ret
));
1597 } while (buckets
.is_truncated());
1599 // update the 'stub user' with all of the other fields and rewrite all of the
1600 // associated index objects
1601 RGWUserInfo
& user_info
= op_state
.get_user_info();
1602 user_info
.user_id
= new_user
->get_id();
1603 op_state
.objv
= user
->get_version_tracker();
1604 op_state
.set_user_version_tracker(user
->get_version_tracker());
1606 rename_swift_keys(new_user
->get_id(), user_info
.swift_keys
);
1608 return update(dpp
, op_state
, err_msg
, y
);
1611 int RGWUser::execute_add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1614 const rgw_user
& uid
= op_state
.get_user_id();
1615 std::string user_email
= op_state
.get_user_email();
1616 std::string display_name
= op_state
.get_display_name();
1618 // set the user info
1619 RGWUserInfo user_info
;
1621 user_info
.user_id
= user_id
;
1622 user_info
.display_name
= display_name
;
1623 user_info
.type
= TYPE_RGW
;
1625 if (!user_email
.empty())
1626 user_info
.user_email
= user_email
;
1628 CephContext
*cct
= driver
->ctx();
1629 if (op_state
.max_buckets_specified
) {
1630 user_info
.max_buckets
= op_state
.get_max_buckets();
1632 user_info
.max_buckets
=
1633 cct
->_conf
.get_val
<int64_t>("rgw_user_max_buckets");
1636 user_info
.suspended
= op_state
.get_suspension_status();
1637 user_info
.admin
= op_state
.admin
;
1638 user_info
.system
= op_state
.system
;
1640 if (op_state
.op_mask_specified
)
1641 user_info
.op_mask
= op_state
.get_op_mask();
1643 if (op_state
.has_bucket_quota()) {
1644 user_info
.quota
.bucket_quota
= op_state
.get_bucket_quota();
1646 rgw_apply_default_bucket_quota(user_info
.quota
.bucket_quota
, cct
->_conf
);
1649 if (op_state
.temp_url_key_specified
) {
1650 map
<int, string
>::iterator iter
;
1651 for (iter
= op_state
.temp_url_keys
.begin();
1652 iter
!= op_state
.temp_url_keys
.end(); ++iter
) {
1653 user_info
.temp_url_keys
[iter
->first
] = iter
->second
;
1657 if (op_state
.has_user_quota()) {
1658 user_info
.quota
.user_quota
= op_state
.get_user_quota();
1660 rgw_apply_default_user_quota(user_info
.quota
.user_quota
, cct
->_conf
);
1663 if (op_state
.default_placement_specified
) {
1664 user_info
.default_placement
= op_state
.default_placement
;
1667 if (op_state
.placement_tags_specified
) {
1668 user_info
.placement_tags
= op_state
.placement_tags
;
1671 // update the request
1672 op_state
.set_user_info(user_info
);
1673 op_state
.set_populated();
1675 // update the helper objects
1676 int ret
= init_members(op_state
);
1678 set_err_msg(err_msg
, "unable to initialize user");
1682 // see if we need to add an access key
1683 std::string subprocess_msg
;
1684 bool defer_user_update
= true;
1685 if (op_state
.has_key_op()) {
1686 ret
= keys
.add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1688 set_err_msg(err_msg
, "unable to create access key, " + subprocess_msg
);
1693 // see if we need to add some caps
1694 if (op_state
.has_caps_op()) {
1695 ret
= caps
.add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1697 set_err_msg(err_msg
, "unable to add user capabilities, " + subprocess_msg
);
1702 ret
= update(dpp
, op_state
, err_msg
, y
);
1709 int RGWUser::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1711 std::string subprocess_msg
;
1712 int ret
= user_add_helper(op_state
, &subprocess_msg
);
1714 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1718 ret
= check_op(op_state
, &subprocess_msg
);
1720 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1724 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, y
);
1726 set_err_msg(err_msg
, "unable to create user, " + subprocess_msg
);
1733 int RGWUser::rename(RGWUserAdminOpState
& op_state
, optional_yield y
, const DoutPrefixProvider
*dpp
, std::string
*err_msg
)
1735 std::string subprocess_msg
;
1738 ret
= check_op(op_state
, &subprocess_msg
);
1740 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1744 ret
= execute_rename(dpp
, op_state
, &subprocess_msg
, y
);
1746 set_err_msg(err_msg
, "unable to rename user, " + subprocess_msg
);
1753 int RGWUser::execute_remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1757 bool purge_data
= op_state
.will_purge_data();
1758 rgw::sal::User
* user
= op_state
.get_user();
1760 if (!op_state
.has_existing_user()) {
1761 set_err_msg(err_msg
, "user does not exist");
1765 rgw::sal::BucketList buckets
;
1767 CephContext
*cct
= driver
->ctx();
1768 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
1770 ret
= user
->list_buckets(dpp
, marker
, string(), max_buckets
, false, buckets
, y
);
1772 set_err_msg(err_msg
, "unable to read user bucket info");
1776 auto& m
= buckets
.get_buckets();
1777 if (!m
.empty() && !purge_data
) {
1778 set_err_msg(err_msg
, "must specify purge data to remove user with buckets");
1779 return -EEXIST
; // change to code that maps to 409: conflict
1782 for (auto it
= m
.begin(); it
!= m
.end(); ++it
) {
1783 ret
= it
->second
->remove_bucket(dpp
, true, false, nullptr, y
);
1785 set_err_msg(err_msg
, "unable to delete user data");
1792 } while (buckets
.is_truncated());
1794 ret
= user
->remove_user(dpp
, y
);
1796 set_err_msg(err_msg
, "unable to remove user from RADOS");
1800 op_state
.clear_populated();
1806 int RGWUser::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1808 std::string subprocess_msg
;
1811 ret
= check_op(op_state
, &subprocess_msg
);
1813 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1817 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, y
);
1819 set_err_msg(err_msg
, "unable to remove user, " + subprocess_msg
);
1826 int RGWUser::execute_modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1828 bool populated
= op_state
.is_populated();
1830 std::string subprocess_msg
;
1831 std::string op_email
= op_state
.get_user_email();
1832 std::string display_name
= op_state
.get_display_name();
1834 RGWUserInfo user_info
;
1835 std::unique_ptr
<rgw::sal::User
> duplicate_check
;
1837 // ensure that the user info has been populated or is populate-able
1838 if (!op_state
.has_existing_user() && !populated
) {
1839 set_err_msg(err_msg
, "user not found");
1843 // if the user hasn't already been populated...attempt to
1845 ret
= init(dpp
, op_state
, y
);
1847 set_err_msg(err_msg
, "unable to retrieve user info");
1852 // ensure that we can modify the user's attributes
1853 if (user_id
.compare(RGW_USER_ANON_ID
) == 0) {
1854 set_err_msg(err_msg
, "unable to modify anonymous user's info");
1858 user_info
= old_info
;
1860 std::string old_email
= old_info
.user_email
;
1861 if (!op_email
.empty()) {
1862 // make sure we are not adding a duplicate email
1863 if (old_email
!= op_email
) {
1864 ret
= driver
->get_user_by_email(dpp
, op_email
, y
, &duplicate_check
);
1865 if (ret
>= 0 && duplicate_check
->get_id().compare(user_id
) != 0) {
1866 set_err_msg(err_msg
, "cannot add duplicate email");
1867 return -ERR_EMAIL_EXIST
;
1870 user_info
.user_email
= op_email
;
1871 } else if (op_email
.empty() && op_state
.user_email_specified
) {
1872 ldpp_dout(dpp
, 10) << "removing email index: " << user_info
.user_email
<< dendl
;
1873 /* will be physically removed later when calling update() */
1874 user_info
.user_email
.clear();
1877 // update the remaining user info
1878 if (!display_name
.empty())
1879 user_info
.display_name
= display_name
;
1881 if (op_state
.max_buckets_specified
)
1882 user_info
.max_buckets
= op_state
.get_max_buckets();
1884 if (op_state
.admin_specified
)
1885 user_info
.admin
= op_state
.admin
;
1887 if (op_state
.system_specified
)
1888 user_info
.system
= op_state
.system
;
1890 if (op_state
.temp_url_key_specified
) {
1891 map
<int, string
>::iterator iter
;
1892 for (iter
= op_state
.temp_url_keys
.begin();
1893 iter
!= op_state
.temp_url_keys
.end(); ++iter
) {
1894 user_info
.temp_url_keys
[iter
->first
] = iter
->second
;
1898 if (op_state
.op_mask_specified
)
1899 user_info
.op_mask
= op_state
.get_op_mask();
1901 if (op_state
.has_bucket_quota())
1902 user_info
.quota
.bucket_quota
= op_state
.get_bucket_quota();
1904 if (op_state
.has_user_quota())
1905 user_info
.quota
.user_quota
= op_state
.get_user_quota();
1907 if (op_state
.has_suspension_op()) {
1908 __u8 suspended
= op_state
.get_suspension_status();
1909 user_info
.suspended
= suspended
;
1911 rgw::sal::BucketList buckets
;
1913 if (user_id
.empty()) {
1914 set_err_msg(err_msg
, "empty user id passed...aborting");
1919 CephContext
*cct
= driver
->ctx();
1920 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
1921 std::unique_ptr
<rgw::sal::User
> user
= driver
->get_user(user_id
);
1923 ret
= user
->list_buckets(dpp
, marker
, string(), max_buckets
, false, buckets
, y
);
1925 set_err_msg(err_msg
, "could not get buckets for uid: " + user_id
.to_str());
1929 auto& m
= buckets
.get_buckets();
1931 vector
<rgw_bucket
> bucket_names
;
1932 for (auto iter
= m
.begin(); iter
!= m
.end(); ++iter
) {
1933 auto& bucket
= iter
->second
;
1934 bucket_names
.push_back(bucket
->get_key());
1936 marker
= iter
->first
;
1939 ret
= driver
->set_buckets_enabled(dpp
, bucket_names
, !suspended
);
1941 set_err_msg(err_msg
, "failed to modify bucket");
1945 } while (buckets
.is_truncated());
1948 if (op_state
.mfa_ids_specified
) {
1949 user_info
.mfa_ids
= op_state
.mfa_ids
;
1952 if (op_state
.default_placement_specified
) {
1953 user_info
.default_placement
= op_state
.default_placement
;
1956 if (op_state
.placement_tags_specified
) {
1957 user_info
.placement_tags
= op_state
.placement_tags
;
1960 op_state
.set_user_info(user_info
);
1962 // if we're supposed to modify keys, do so
1963 if (op_state
.has_key_op()) {
1964 ret
= keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
1966 set_err_msg(err_msg
, "unable to create or modify keys, " + subprocess_msg
);
1971 ret
= update(dpp
, op_state
, err_msg
, y
);
1978 int RGWUser::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1980 std::string subprocess_msg
;
1983 ret
= check_op(op_state
, &subprocess_msg
);
1985 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1989 ret
= execute_modify(dpp
, op_state
, &subprocess_msg
, y
);
1991 set_err_msg(err_msg
, "unable to modify user, " + subprocess_msg
);
1998 int RGWUser::info(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, RGWUserInfo
& fetched_info
,
1999 optional_yield y
, std::string
*err_msg
)
2001 int ret
= init(dpp
, op_state
, y
);
2003 set_err_msg(err_msg
, "unable to fetch user info");
2007 fetched_info
= op_state
.get_user_info();
2012 int RGWUser::info(RGWUserInfo
& fetched_info
, std::string
*err_msg
)
2014 if (!is_populated()) {
2015 set_err_msg(err_msg
, "no user info saved");
2019 fetched_info
= old_info
;
2024 int RGWUser::list(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, RGWFormatterFlusher
& flusher
)
2026 Formatter
*formatter
= flusher
.get_formatter();
2027 void *handle
= nullptr;
2028 std::string metadata_key
= "user";
2029 if (op_state
.max_entries
> 1000) {
2030 op_state
.max_entries
= 1000;
2033 int ret
= driver
->meta_list_keys_init(dpp
, metadata_key
, op_state
.marker
, &handle
);
2038 bool truncated
= false;
2043 // open the result object section
2044 formatter
->open_object_section("result");
2046 // open the user id list array section
2047 formatter
->open_array_section("keys");
2049 std::list
<std::string
> keys
;
2050 left
= op_state
.max_entries
- count
;
2051 ret
= driver
->meta_list_keys_next(dpp
, handle
, left
, keys
, &truncated
);
2052 if (ret
< 0 && ret
!= -ENOENT
) {
2054 } if (ret
!= -ENOENT
) {
2055 for (std::list
<std::string
>::iterator iter
= keys
.begin(); iter
!= keys
.end(); ++iter
) {
2056 formatter
->dump_string("key", *iter
);
2060 } while (truncated
&& left
> 0);
2061 // close user id list section
2062 formatter
->close_section();
2064 formatter
->dump_bool("truncated", truncated
);
2065 formatter
->dump_int("count", count
);
2067 formatter
->dump_string("marker", driver
->meta_get_marker(handle
));
2070 // close result object section
2071 formatter
->close_section();
2073 driver
->meta_list_keys_complete(handle
);
2079 int RGWUserAdminOp_User::list(const DoutPrefixProvider
*dpp
, rgw::sal::Driver
* driver
, RGWUserAdminOpState
& op_state
,
2080 RGWFormatterFlusher
& flusher
)
2084 int ret
= user
.init_storage(driver
);
2088 ret
= user
.list(dpp
, op_state
, flusher
);
2095 int RGWUserAdminOp_User::info(const DoutPrefixProvider
*dpp
,
2096 rgw::sal::Driver
* driver
, RGWUserAdminOpState
& op_state
,
2097 RGWFormatterFlusher
& flusher
,
2102 std::unique_ptr
<rgw::sal::User
> ruser
;
2104 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2108 if (!op_state
.has_existing_user())
2109 return -ERR_NO_SUCH_USER
;
2111 Formatter
*formatter
= flusher
.get_formatter();
2113 ret
= user
.info(info
, NULL
);
2117 ruser
= driver
->get_user(info
.user_id
);
2119 if (op_state
.sync_stats
) {
2120 ret
= rgw_user_sync_all_stats(dpp
, driver
, ruser
.get(), y
);
2126 RGWStorageStats stats
;
2127 RGWStorageStats
*arg_stats
= NULL
;
2128 if (op_state
.fetch_stats
) {
2129 int ret
= ruser
->read_stats(dpp
, y
, &stats
);
2130 if (ret
< 0 && ret
!= -ENOENT
) {
2140 dump_user_info(formatter
, info
, arg_stats
);
2147 int RGWUserAdminOp_User::create(const DoutPrefixProvider
*dpp
,
2148 rgw::sal::Driver
* driver
,
2149 RGWUserAdminOpState
& op_state
,
2150 RGWFormatterFlusher
& flusher
, optional_yield y
)
2154 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2158 Formatter
*formatter
= flusher
.get_formatter();
2160 ret
= user
.add(dpp
, op_state
, y
, NULL
);
2163 ret
= -ERR_USER_EXIST
;
2167 ret
= user
.info(info
, NULL
);
2174 dump_user_info(formatter
, info
);
2181 int RGWUserAdminOp_User::modify(const DoutPrefixProvider
*dpp
,
2182 rgw::sal::Driver
* driver
,
2183 RGWUserAdminOpState
& op_state
,
2184 RGWFormatterFlusher
& flusher
, optional_yield y
)
2188 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2191 Formatter
*formatter
= flusher
.get_formatter();
2193 ret
= user
.modify(dpp
, op_state
, y
, NULL
);
2196 ret
= -ERR_NO_SUCH_USER
;
2200 ret
= user
.info(info
, NULL
);
2207 dump_user_info(formatter
, info
);
2214 int RGWUserAdminOp_User::remove(const DoutPrefixProvider
*dpp
,
2215 rgw::sal::Driver
* driver
, RGWUserAdminOpState
& op_state
,
2216 RGWFormatterFlusher
& flusher
, optional_yield y
)
2220 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2225 ret
= user
.remove(dpp
, op_state
, y
, NULL
);
2228 ret
= -ERR_NO_SUCH_USER
;
2232 int RGWUserAdminOp_Subuser::create(const DoutPrefixProvider
*dpp
,
2233 rgw::sal::Driver
* driver
,
2234 RGWUserAdminOpState
& op_state
,
2235 RGWFormatterFlusher
& flusher
,
2240 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2244 if (!op_state
.has_existing_user())
2245 return -ERR_NO_SUCH_USER
;
2247 Formatter
*formatter
= flusher
.get_formatter();
2249 ret
= user
.subusers
.add(dpp
, op_state
, y
, NULL
);
2253 ret
= user
.info(info
, NULL
);
2260 dump_subusers_info(formatter
, info
);
2267 int RGWUserAdminOp_Subuser::modify(const DoutPrefixProvider
*dpp
,
2268 rgw::sal::Driver
* driver
, RGWUserAdminOpState
& op_state
,
2269 RGWFormatterFlusher
& flusher
, optional_yield y
)
2273 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2277 if (!op_state
.has_existing_user())
2278 return -ERR_NO_SUCH_USER
;
2280 Formatter
*formatter
= flusher
.get_formatter();
2282 ret
= user
.subusers
.modify(dpp
, op_state
, y
, NULL
);
2286 ret
= user
.info(info
, NULL
);
2293 dump_subusers_info(formatter
, info
);
2300 int RGWUserAdminOp_Subuser::remove(const DoutPrefixProvider
*dpp
,
2301 rgw::sal::Driver
* driver
,
2302 RGWUserAdminOpState
& op_state
,
2303 RGWFormatterFlusher
& flusher
,
2308 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2313 if (!op_state
.has_existing_user())
2314 return -ERR_NO_SUCH_USER
;
2316 ret
= user
.subusers
.remove(dpp
, op_state
, y
, NULL
);
2323 int RGWUserAdminOp_Key::create(const DoutPrefixProvider
*dpp
,
2324 rgw::sal::Driver
* driver
, RGWUserAdminOpState
& op_state
,
2325 RGWFormatterFlusher
& flusher
,
2330 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2334 if (!op_state
.has_existing_user())
2335 return -ERR_NO_SUCH_USER
;
2337 Formatter
*formatter
= flusher
.get_formatter();
2339 ret
= user
.keys
.add(dpp
, op_state
, y
, NULL
);
2343 ret
= user
.info(info
, NULL
);
2350 int key_type
= op_state
.get_key_type();
2352 if (key_type
== KEY_TYPE_SWIFT
)
2353 dump_swift_keys_info(formatter
, info
);
2355 else if (key_type
== KEY_TYPE_S3
)
2356 dump_access_keys_info(formatter
, info
);
2364 int RGWUserAdminOp_Key::remove(const DoutPrefixProvider
*dpp
,
2365 rgw::sal::Driver
* driver
,
2366 RGWUserAdminOpState
& op_state
,
2367 RGWFormatterFlusher
& flusher
,
2372 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2376 if (!op_state
.has_existing_user())
2377 return -ERR_NO_SUCH_USER
;
2380 ret
= user
.keys
.remove(dpp
, op_state
, y
, NULL
);
2387 int RGWUserAdminOp_Caps::add(const DoutPrefixProvider
*dpp
,
2388 rgw::sal::Driver
* driver
,
2389 RGWUserAdminOpState
& op_state
,
2390 RGWFormatterFlusher
& flusher
, optional_yield y
)
2394 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2398 if (!op_state
.has_existing_user())
2399 return -ERR_NO_SUCH_USER
;
2401 Formatter
*formatter
= flusher
.get_formatter();
2403 ret
= user
.caps
.add(dpp
, op_state
, y
, NULL
);
2407 ret
= user
.info(info
, NULL
);
2414 info
.caps
.dump(formatter
);
2422 int RGWUserAdminOp_Caps::remove(const DoutPrefixProvider
*dpp
,
2423 rgw::sal::Driver
* driver
,
2424 RGWUserAdminOpState
& op_state
,
2425 RGWFormatterFlusher
& flusher
, optional_yield y
)
2429 int ret
= user
.init(dpp
, driver
, op_state
, y
);
2433 if (!op_state
.has_existing_user())
2434 return -ERR_NO_SUCH_USER
;
2436 Formatter
*formatter
= flusher
.get_formatter();
2438 ret
= user
.caps
.remove(dpp
, op_state
, y
, NULL
);
2442 ret
= user
.info(info
, NULL
);
2449 info
.caps
.dump(formatter
);
2456 class RGWUserMetadataHandler
: public RGWMetadataHandler_GenericMetaBE
{
2459 RGWSI_User
*user
{nullptr};
2462 RGWUserMetadataHandler(RGWSI_User
*user_svc
) {
2463 base_init(user_svc
->ctx(), user_svc
->get_be_handler());
2464 svc
.user
= user_svc
;
2467 ~RGWUserMetadataHandler() {}
2469 string
get_type() override
{ return "user"; }
2471 int do_get(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
, RGWMetadataObject
**obj
, optional_yield y
, const DoutPrefixProvider
*dpp
) override
{
2472 RGWUserCompleteInfo uci
;
2473 RGWObjVersionTracker objv_tracker
;
2476 rgw_user user
= RGWSI_User::user_from_meta_key(entry
);
2478 int ret
= svc
.user
->read_user_info(op
->ctx(), user
, &uci
.info
, &objv_tracker
,
2479 &mtime
, nullptr, &uci
.attrs
,
2485 RGWUserMetadataObject
*mdo
= new RGWUserMetadataObject(uci
, objv_tracker
.read_version
, mtime
);
2491 RGWMetadataObject
*get_meta_obj(JSONObj
*jo
, const obj_version
& objv
, const ceph::real_time
& mtime
) override
{
2492 RGWUserCompleteInfo uci
;
2495 decode_json_obj(uci
, jo
);
2496 } catch (JSONDecoder::err
& e
) {
2500 return new RGWUserMetadataObject(uci
, objv
, mtime
);
2503 int do_put(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2504 RGWMetadataObject
*obj
,
2505 RGWObjVersionTracker
& objv_tracker
,
2506 optional_yield y
, const DoutPrefixProvider
*dpp
,
2507 RGWMDLogSyncType type
, bool from_remote_zone
) override
;
2509 int do_remove(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
, RGWObjVersionTracker
& objv_tracker
,
2510 optional_yield y
, const DoutPrefixProvider
*dpp
) override
{
2513 rgw_user user
= RGWSI_User::user_from_meta_key(entry
);
2515 int ret
= svc
.user
->read_user_info(op
->ctx(), user
, &info
, nullptr,
2516 nullptr, nullptr, nullptr,
2522 return svc
.user
->remove_user_info(op
->ctx(), info
, &objv_tracker
,
2527 class RGWMetadataHandlerPut_User
: public RGWMetadataHandlerPut_SObj
2529 RGWUserMetadataHandler
*uhandler
;
2530 RGWUserMetadataObject
*uobj
;
2532 RGWMetadataHandlerPut_User(RGWUserMetadataHandler
*_handler
,
2533 RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2534 RGWMetadataObject
*obj
, RGWObjVersionTracker
& objv_tracker
,
2536 RGWMDLogSyncType type
, bool from_remote_zone
) : RGWMetadataHandlerPut_SObj(_handler
, op
, entry
, obj
, objv_tracker
, y
, type
, from_remote_zone
),
2537 uhandler(_handler
) {
2538 uobj
= static_cast<RGWUserMetadataObject
*>(obj
);
2541 int put_checked(const DoutPrefixProvider
*dpp
) override
;
2544 int RGWUserMetadataHandler::do_put(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2545 RGWMetadataObject
*obj
,
2546 RGWObjVersionTracker
& objv_tracker
,
2547 optional_yield y
, const DoutPrefixProvider
*dpp
,
2548 RGWMDLogSyncType type
, bool from_remote_zone
)
2550 RGWMetadataHandlerPut_User
put_op(this, op
, entry
, obj
, objv_tracker
, y
, type
, from_remote_zone
);
2551 return do_put_operate(&put_op
, dpp
);
2554 int RGWMetadataHandlerPut_User::put_checked(const DoutPrefixProvider
*dpp
)
2556 RGWUserMetadataObject
*orig_obj
= static_cast<RGWUserMetadataObject
*>(old_obj
);
2557 RGWUserCompleteInfo
& uci
= uobj
->get_uci();
2559 map
<string
, bufferlist
> *pattrs
{nullptr};
2560 if (uci
.has_attrs
) {
2561 pattrs
= &uci
.attrs
;
2564 RGWUserInfo
*pold_info
= (orig_obj
? &orig_obj
->get_uci().info
: nullptr);
2566 auto mtime
= obj
->get_mtime();
2568 int ret
= uhandler
->svc
.user
->store_user_info(op
->ctx(), uci
.info
, pold_info
,
2569 &objv_tracker
, mtime
,
2570 false, pattrs
, y
, dpp
);
2575 return STATUS_APPLIED
;
2579 RGWUserCtl::RGWUserCtl(RGWSI_Zone
*zone_svc
,
2580 RGWSI_User
*user_svc
,
2581 RGWUserMetadataHandler
*_umhandler
) : umhandler(_umhandler
) {
2582 svc
.zone
= zone_svc
;
2583 svc
.user
= user_svc
;
2584 be_handler
= umhandler
->get_be_handler();
2588 class optional_default
2590 const std::optional
<T
>& opt
;
2591 std::optional
<T
> def
;
2594 optional_default(const std::optional
<T
>& _o
) : opt(_o
) {
2603 const T
*operator->() {
2607 const T
& operator*() {
2612 int RGWUserCtl::get_info_by_uid(const DoutPrefixProvider
*dpp
,
2613 const rgw_user
& uid
,
2616 const GetParams
& params
)
2619 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2620 return svc
.user
->read_user_info(op
->ctx(),
2623 params
.objv_tracker
,
2632 int RGWUserCtl::get_info_by_email(const DoutPrefixProvider
*dpp
,
2633 const string
& email
,
2636 const GetParams
& params
)
2638 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2639 return svc
.user
->get_user_info_by_email(op
->ctx(), email
,
2641 params
.objv_tracker
,
2648 int RGWUserCtl::get_info_by_swift(const DoutPrefixProvider
*dpp
,
2649 const string
& swift_name
,
2652 const GetParams
& params
)
2654 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2655 return svc
.user
->get_user_info_by_swift(op
->ctx(), swift_name
,
2657 params
.objv_tracker
,
2664 int RGWUserCtl::get_info_by_access_key(const DoutPrefixProvider
*dpp
,
2665 const string
& access_key
,
2668 const GetParams
& params
)
2670 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2671 return svc
.user
->get_user_info_by_access_key(op
->ctx(), access_key
,
2673 params
.objv_tracker
,
2680 int RGWUserCtl::get_attrs_by_uid(const DoutPrefixProvider
*dpp
,
2681 const rgw_user
& user_id
,
2682 map
<string
, bufferlist
> *pattrs
,
2684 RGWObjVersionTracker
*objv_tracker
)
2686 RGWUserInfo user_info
;
2688 return get_info_by_uid(dpp
, user_id
, &user_info
, y
, RGWUserCtl::GetParams()
2690 .set_objv_tracker(objv_tracker
));
2693 int RGWUserCtl::store_info(const DoutPrefixProvider
*dpp
,
2694 const RGWUserInfo
& info
, optional_yield y
,
2695 const PutParams
& params
)
2697 string key
= RGWSI_User::get_meta_key(info
.user_id
);
2699 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2700 return svc
.user
->store_user_info(op
->ctx(), info
,
2702 params
.objv_tracker
,
2711 int RGWUserCtl::remove_info(const DoutPrefixProvider
*dpp
,
2712 const RGWUserInfo
& info
, optional_yield y
,
2713 const RemoveParams
& params
)
2716 string key
= RGWSI_User::get_meta_key(info
.user_id
);
2718 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2719 return svc
.user
->remove_user_info(op
->ctx(), info
,
2720 params
.objv_tracker
,
2725 int RGWUserCtl::list_buckets(const DoutPrefixProvider
*dpp
,
2726 const rgw_user
& user
,
2727 const string
& marker
,
2728 const string
& end_marker
,
2731 RGWUserBuckets
*buckets
,
2734 uint64_t default_max
)
2740 int ret
= svc
.user
->list_buckets(dpp
, user
, marker
, end_marker
,
2741 max
, buckets
, is_truncated
, y
);
2746 map
<string
, RGWBucketEnt
>& m
= buckets
->get_buckets();
2747 ret
= ctl
.bucket
->read_buckets_stats(m
, y
, dpp
);
2748 if (ret
< 0 && ret
!= -ENOENT
) {
2749 ldpp_dout(dpp
, 0) << "ERROR: could not get stats for buckets" << dendl
;
2756 int RGWUserCtl::read_stats(const DoutPrefixProvider
*dpp
,
2757 const rgw_user
& user
, RGWStorageStats
*stats
,
2759 ceph::real_time
*last_stats_sync
,
2760 ceph::real_time
*last_stats_update
)
2762 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2763 return svc
.user
->read_stats(dpp
, op
->ctx(), user
, stats
,
2764 last_stats_sync
, last_stats_update
, y
);
2768 RGWMetadataHandler
*RGWUserMetaHandlerAllocator::alloc(RGWSI_User
*user_svc
) {
2769 return new RGWUserMetadataHandler(user_svc
);
2772 void rgw_user::dump(Formatter
*f
) const
2774 ::encode_json("user", *this, f
);