]> git.proxmox.com Git - ceph.git/blob - ceph/src/rgw/rgw_op.h
projects / ceph.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bump version to 18.2.2-pve1
[ceph.git] / ceph / src / rgw / rgw_op.h
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
3
4 /**
5 * All operations via the rados gateway are carried out by
6 * small classes known as RGWOps. This class contains a req_state
7 * and each possible command is a subclass of this with a defined
8 * execute() method that does whatever the subclass name implies.
9 * These subclasses must be further subclassed (by interface type)
10 * to provide additional virtual methods such as send_response or get_params.
11 */
12
13 #pragma once
14
15 #include <limits.h>
16
17 #include <array>
18 #include <memory>
19 #include <string>
20 #include <set>
21 #include <map>
22 #include <vector>
23
24 #include <boost/optional.hpp>
25 #include <boost/utility/in_place_factory.hpp>
26 #include <boost/function.hpp>
27 #include <boost/container/flat_map.hpp>
28 #include <boost/asio/deadline_timer.hpp>
29
30 #include "common/armor.h"
31 #include "common/mime.h"
32 #include "common/utf8.h"
33 #include "common/ceph_json.h"
34 #include "common/ceph_time.h"
35
36 #include "rgw_common.h"
37 #include "rgw_dmclock.h"
38 #include "rgw_sal.h"
39 #include "rgw_user.h"
40 #include "rgw_bucket.h"
41 #include "rgw_acl.h"
42 #include "rgw_cors.h"
43 #include "rgw_quota.h"
44 #include "rgw_putobj.h"
45 #include "rgw_sal.h"
46 #include "rgw_compression_types.h"
47 #include "rgw_log.h"
48
49 #include "rgw_lc.h"
50 #include "rgw_torrent.h"
51 #include "rgw_tag.h"
52 #include "rgw_object_lock.h"
53 #include "cls/rgw/cls_rgw_client.h"
54 #include "rgw_public_access.h"
55 #include "rgw_bucket_encryption.h"
56 #include "rgw_tracer.h"
57
58 #include "services/svc_sys_obj.h"
59 #include "services/svc_tier_rados.h"
60
61 #include "include/ceph_assert.h"
62
63 using ceph::crypto::SHA1;
64
65 struct req_state;
66 class RGWOp;
67 class RGWRados;
68 class RGWMultiCompleteUpload;
69
70
71 namespace rgw {
72 namespace auth {
73 namespace registry {
74
75 class StrategyRegistry;
76
77 }
78 }
79 }
80
81 int rgw_op_get_bucket_policy_from_attr(const DoutPrefixProvider *dpp,
82 CephContext *cct,
83 rgw::sal::Driver* driver,
84 RGWBucketInfo& bucket_info,
85 std::map<std::string, bufferlist>& bucket_attrs,
86 RGWAccessControlPolicy *policy,
87 optional_yield y);
88
89 class RGWHandler {
90 protected:
91 rgw::sal::Driver* driver{nullptr};
92 req_state *s{nullptr};
93
94 int do_init_permissions(const DoutPrefixProvider *dpp, optional_yield y);
95 int do_read_permissions(RGWOp* op, bool only_bucket, optional_yield y);
96
97 public:
98 RGWHandler() {}
99 virtual ~RGWHandler();
100
101 virtual int init(rgw::sal::Driver* driver,
102 req_state* _s,
103 rgw::io::BasicClient* cio);
104
105 virtual int init_permissions(RGWOp*, optional_yield y) {
106 return 0;
107 }
108
109 virtual int retarget(RGWOp* op, RGWOp** new_op, optional_yield) {
110 *new_op = op;
111 return 0;
112 }
113
114 virtual int read_permissions(RGWOp* op, optional_yield y) = 0;
115 virtual int authorize(const DoutPrefixProvider* dpp, optional_yield y) = 0;
116 virtual int postauth_init(optional_yield y) = 0;
117 virtual int error_handler(int err_no, std::string* error_content, optional_yield y);
118 virtual void dump(const std::string& code, const std::string& message) const {}
119
120 virtual bool supports_quota() {
121 return true;
122 }
123 };
124
125
126
127 void rgw_bucket_object_pre_exec(req_state *s);
128
129 namespace dmc = rgw::dmclock;
130
131 std::tuple<int, bufferlist > rgw_rest_read_all_input(req_state *s,
132 const uint64_t max_len,
133 const bool allow_chunked=true);
134
135 template <class T>
136 int rgw_rest_get_json_input(CephContext *cct, req_state *s, T& out,
137 uint64_t max_len, bool *empty)
138 {
139 if (empty)
140 *empty = false;
141
142 int rv = 0;
143 bufferlist data;
144 std::tie(rv, data) = rgw_rest_read_all_input(s, max_len);
145 if (rv < 0) {
146 return rv;
147 }
148
149 if (!data.length()) {
150 if (empty) {
151 *empty = true;
152 }
153
154 return -EINVAL;
155 }
156
157 JSONParser parser;
158
159 if (!parser.parse(data.c_str(), data.length())) {
160 return -EINVAL;
161 }
162
163 try {
164 decode_json_obj(out, &parser);
165 } catch (JSONDecoder::err& e) {
166 return -EINVAL;
167 }
168
169 return 0;
170 }
171
172 /**
173 * Provide the base class for all ops.
174 */
175 class RGWOp : public DoutPrefixProvider {
176 protected:
177 req_state *s;
178 RGWHandler *dialect_handler;
179 rgw::sal::Driver* driver;
180 RGWCORSConfiguration bucket_cors;
181 bool cors_exist;
182 RGWQuota quota;
183 int op_ret;
184 int do_aws4_auth_completion();
185 bool init_called = false;
186
187 virtual int init_quota();
188
189 std::tuple<int, bufferlist> read_all_input(req_state *s,
190 const uint64_t max_len,
191 const bool allow_chunked=true) {
192
193 int rv = 0;
194 bufferlist data;
195 std::tie(rv, data) = rgw_rest_read_all_input(s, max_len);
196 if (rv >= 0) {
197 do_aws4_auth_completion();
198 }
199
200 return std::make_tuple(rv, std::move(data));
201 }
202
203 template <class T>
204 int get_json_input(CephContext *cct, req_state *s, T& out,
205 uint64_t max_len, bool *empty) {
206 int r = rgw_rest_get_json_input(cct, s, out, max_len, empty);
207 if (r >= 0) {
208 do_aws4_auth_completion();
209 }
210 return r;
211 }
212
213 public:
214 RGWOp()
215 : s(nullptr),
216 dialect_handler(nullptr),
217 driver(nullptr),
218 cors_exist(false),
219 op_ret(0) {
220 }
221
222 virtual ~RGWOp() override;
223
224 int get_ret() const { return op_ret; }
225
226 virtual int init_processing(optional_yield y) {
227 if (dialect_handler->supports_quota()) {
228 op_ret = init_quota();
229 if (op_ret < 0)
230 return op_ret;
231 }
232
233 return 0;
234 }
235
236 virtual void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *dialect_handler) {
237 if (init_called) return;
238 this->driver = driver;
239 init_called = true;
240 this->s = s;
241 this->dialect_handler = dialect_handler;
242 }
243 int read_bucket_cors();
244 bool generate_cors_headers(std::string& origin, std::string& method, std::string& headers, std::string& exp_headers, unsigned *max_age);
245
246 virtual int verify_params() { return 0; }
247 virtual bool prefetch_data() { return false; }
248
249 /* Authenticate requester -- verify its identity.
250 *
251 * NOTE: typically the procedure is common across all operations of the same
252 * dialect (S3, Swift API). However, there are significant exceptions in
253 * both APIs: browser uploads, /info and OPTIONS handlers. All of them use
254 * different, specific authentication schema driving the need for per-op
255 * authentication. The alternative is to duplicate parts of the method-
256 * dispatch logic in RGWHandler::authorize() and pollute it with a lot
257 * of special cases. */
258 virtual int verify_requester(const rgw::auth::StrategyRegistry& auth_registry, optional_yield y) {
259 /* TODO(rzarzynski): rename RGWHandler::authorize to generic_authenticate. */
260 return dialect_handler->authorize(this, y);
261 }
262 virtual int verify_permission(optional_yield y) = 0;
263 virtual int verify_op_mask();
264 virtual void pre_exec() {}
265 virtual void execute(optional_yield y) = 0;
266 virtual void send_response() {}
267 virtual void complete() {
268 send_response();
269 }
270 virtual const char* name() const = 0;
271 virtual RGWOpType get_type() { return RGW_OP_UNKNOWN; }
272
273 virtual uint32_t op_mask() { return 0; }
274
275 virtual int error_handler(int err_no, std::string *error_content, optional_yield y);
276
277 // implements DoutPrefixProvider
278 std::ostream& gen_prefix(std::ostream& out) const override;
279 CephContext* get_cct() const override { return s->cct; }
280 unsigned get_subsys() const override { return ceph_subsys_rgw; }
281
282 virtual dmc::client_id dmclock_client() { return dmc::client_id::metadata; }
283 virtual dmc::Cost dmclock_cost() { return 1; }
284 virtual void write_ops_log_entry(rgw_log_entry& entry) const {};
285 };
286
287 class RGWDefaultResponseOp : public RGWOp {
288 public:
289 void send_response() override;
290 };
291
292 class RGWGetObj_Filter : public RGWGetDataCB
293 {
294 protected:
295 RGWGetObj_Filter *next{nullptr};
296 public:
297 RGWGetObj_Filter() {}
298 explicit RGWGetObj_Filter(RGWGetObj_Filter *next): next(next) {}
299 ~RGWGetObj_Filter() override {}
300 /**
301 * Passes data through filter.
302 * Filter can modify content of bl.
303 * When bl_len == 0 , it means 'flush
304 */
305 int handle_data(bufferlist& bl, off_t bl_ofs, off_t bl_len) override {
306 if (next) {
307 return next->handle_data(bl, bl_ofs, bl_len);
308 }
309 return 0;
310 }
311 /**
312 * Flushes any cached data. Used by RGWGetObjFilter.
313 * Return logic same as handle_data.
314 */
315 virtual int flush() {
316 if (next) {
317 return next->flush();
318 }
319 return 0;
320 }
321 /**
322 * Allows filter to extend range required for successful filtering
323 */
324 virtual int fixup_range(off_t& ofs, off_t& end) {
325 if (next) {
326 return next->fixup_range(ofs, end);
327 }
328 return 0;
329 }
330 };
331
332 class RGWGetObj : public RGWOp {
333 protected:
334 seed torrent; // get torrent
335 const char *range_str;
336 const char *if_mod;
337 const char *if_unmod;
338 const char *if_match;
339 const char *if_nomatch;
340 uint32_t mod_zone_id;
341 uint64_t mod_pg_ver;
342 off_t ofs;
343 uint64_t total_len;
344 off_t start;
345 off_t end;
346 ceph::real_time mod_time;
347 ceph::real_time lastmod;
348 ceph::real_time unmod_time;
349 ceph::real_time *mod_ptr;
350 ceph::real_time *unmod_ptr;
351 rgw::sal::Attrs attrs;
352 bool get_data;
353 bool partial_content;
354 bool ignore_invalid_range;
355 bool range_parsed;
356 bool skip_manifest;
357 bool skip_decrypt{false};
358 bool sync_cloudtiered{false};
359 utime_t gc_invalidate_time;
360 bool is_slo;
361 std::string lo_etag;
362 bool rgwx_stat; /* extended rgw stat operation */
363 std::string version_id;
364 rgw_zone_set_entry dst_zone_trace;
365
366 // compression attrs
367 RGWCompressionInfo cs_info;
368 off_t first_block, last_block;
369 off_t q_ofs, q_len;
370 bool first_data;
371 uint64_t cur_ofs;
372 bufferlist waiting;
373 uint64_t action = 0;
374
375 bool get_retention;
376 bool get_legal_hold;
377
378 int init_common();
379 public:
380 RGWGetObj() {
381 range_str = NULL;
382 if_mod = NULL;
383 if_unmod = NULL;
384 if_match = NULL;
385 if_nomatch = NULL;
386 mod_zone_id = 0;
387 mod_pg_ver = 0;
388 start = 0;
389 ofs = 0;
390 total_len = 0;
391 end = -1;
392 mod_ptr = NULL;
393 unmod_ptr = NULL;
394 get_data = false;
395 partial_content = false;
396 range_parsed = false;
397 skip_manifest = false;
398 is_slo = false;
399 first_block = 0;
400 last_block = 0;
401 q_ofs = 0;
402 q_len = 0;
403 first_data = true;
404 cur_ofs = 0;
405 get_retention = false;
406 get_legal_hold = false;
407 }
408
409 bool prefetch_data() override;
410
411 void set_get_data(bool get_data) {
412 this->get_data = get_data;
413 }
414
415 int verify_permission(optional_yield y) override;
416 void pre_exec() override;
417 void execute(optional_yield y) override;
418 int parse_range();
419 int read_user_manifest_part(
420 rgw::sal::Bucket* bucket,
421 const rgw_bucket_dir_entry& ent,
422 RGWAccessControlPolicy * const bucket_acl,
423 const boost::optional<rgw::IAM::Policy>& bucket_policy,
424 const off_t start_ofs,
425 const off_t end_ofs,
426 bool swift_slo);
427 int handle_user_manifest(const char *prefix, optional_yield y);
428 int handle_slo_manifest(bufferlist& bl, optional_yield y);
429
430 int get_data_cb(bufferlist& bl, off_t ofs, off_t len);
431
432 virtual int get_params(optional_yield y) = 0;
433 virtual int send_response_data_error(optional_yield y) = 0;
434 virtual int send_response_data(bufferlist& bl, off_t ofs, off_t len) = 0;
435
436 const char* name() const override { return "get_obj"; }
437 RGWOpType get_type() override { return RGW_OP_GET_OBJ; }
438 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
439 virtual bool need_object_expiration() { return false; }
440 /**
441 * calculates filter used to decrypt RGW objects data
442 */
443 virtual int get_decrypt_filter(std::unique_ptr<RGWGetObj_Filter>* filter, RGWGetObj_Filter* cb, bufferlist* manifest_bl) {
444 *filter = nullptr;
445 return 0;
446 }
447
448 // get lua script to run as a "get object" filter
449 int get_lua_filter(std::unique_ptr<RGWGetObj_Filter>* filter,
450 RGWGetObj_Filter* cb);
451
452 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
453 };
454
455 class RGWGetObj_CB : public RGWGetObj_Filter
456 {
457 RGWGetObj *op;
458 public:
459 explicit RGWGetObj_CB(RGWGetObj *_op) : op(_op) {}
460 ~RGWGetObj_CB() override {}
461
462 int handle_data(bufferlist& bl, off_t bl_ofs, off_t bl_len) override {
463 return op->get_data_cb(bl, bl_ofs, bl_len);
464 }
465 };
466
467 class RGWGetObjTags : public RGWOp {
468 protected:
469 bufferlist tags_bl;
470 bool has_tags{false};
471 public:
472 int verify_permission(optional_yield y) override;
473 void execute(optional_yield y) override;
474 void pre_exec() override;
475
476 virtual void send_response_data(bufferlist& bl) = 0;
477 const char* name() const override { return "get_obj_tags"; }
478 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
479 RGWOpType get_type() override { return RGW_OP_GET_OBJ_TAGGING; }
480
481 };
482
483 class RGWPutObjTags : public RGWOp {
484 protected:
485 bufferlist tags_bl;
486 public:
487 int verify_permission(optional_yield y) override;
488 void execute(optional_yield y) override;
489
490 virtual void send_response() override = 0;
491 virtual int get_params(optional_yield y) = 0;
492 const char* name() const override { return "put_obj_tags"; }
493 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
494 RGWOpType get_type() override { return RGW_OP_PUT_OBJ_TAGGING; }
495
496 };
497
498 class RGWDeleteObjTags: public RGWOp {
499 public:
500 void pre_exec() override;
501 int verify_permission(optional_yield y) override;
502 void execute(optional_yield y) override;
503
504 const char* name() const override { return "delete_obj_tags"; }
505 virtual uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
506 RGWOpType get_type() override { return RGW_OP_DELETE_OBJ_TAGGING;}
507 };
508
509 class RGWGetBucketTags : public RGWOp {
510 protected:
511 bufferlist tags_bl;
512 bool has_tags{false};
513 public:
514 int verify_permission(optional_yield y) override;
515 void execute(optional_yield y) override;
516 void pre_exec() override;
517
518 virtual void send_response_data(bufferlist& bl) = 0;
519 const char* name() const override { return "get_bucket_tags"; }
520 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
521 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_TAGGING; }
522 };
523
524 class RGWPutBucketTags : public RGWOp {
525 protected:
526 bufferlist tags_bl;
527 bufferlist in_data;
528 public:
529 int verify_permission(optional_yield y) override;
530 void execute(optional_yield y) override;
531
532 virtual void send_response() override = 0;
533 virtual int get_params(const DoutPrefixProvider *dpp, optional_yield y) = 0;
534 const char* name() const override { return "put_bucket_tags"; }
535 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
536 RGWOpType get_type() override { return RGW_OP_PUT_BUCKET_TAGGING; }
537 };
538
539 class RGWDeleteBucketTags : public RGWOp {
540 public:
541 void pre_exec() override;
542 int verify_permission(optional_yield y) override;
543 void execute(optional_yield y) override;
544
545 const char* name() const override { return "delete_bucket_tags"; }
546 virtual uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
547 RGWOpType get_type() override { return RGW_OP_DELETE_BUCKET_TAGGING;}
548 };
549
550 struct rgw_sync_policy_group;
551
552 class RGWGetBucketReplication : public RGWOp {
553 public:
554 int verify_permission(optional_yield y) override;
555 void execute(optional_yield y) override;
556 void pre_exec() override;
557
558 virtual void send_response_data() = 0;
559 const char* name() const override { return "get_bucket_replication"; }
560 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
561 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_REPLICATION; }
562 };
563
564 class RGWPutBucketReplication : public RGWOp {
565 protected:
566 bufferlist in_data;
567 std::vector<rgw_sync_policy_group> sync_policy_groups;
568 public:
569 int verify_permission(optional_yield y) override;
570 void execute(optional_yield y) override;
571
572 virtual void send_response() override = 0;
573 virtual int get_params(optional_yield y) = 0;
574 const char* name() const override { return "put_bucket_replication"; }
575 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
576 RGWOpType get_type() override { return RGW_OP_PUT_BUCKET_REPLICATION; }
577 };
578
579 class RGWDeleteBucketReplication : public RGWOp {
580 protected:
581 virtual void update_sync_policy(rgw_sync_policy_info *policy) = 0;
582 public:
583 void pre_exec() override;
584 int verify_permission(optional_yield y) override;
585 void execute(optional_yield y) override;
586
587 const char* name() const override { return "delete_bucket_replication"; }
588 virtual uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
589 RGWOpType get_type() override { return RGW_OP_DELETE_BUCKET_REPLICATION;}
590 };
591
592 class RGWBulkDelete : public RGWOp {
593 public:
594 struct acct_path_t {
595 std::string bucket_name;
596 rgw_obj_key obj_key;
597 };
598
599 struct fail_desc_t {
600 int err;
601 acct_path_t path;
602 };
603
604 class Deleter {
605 protected:
606 const DoutPrefixProvider * dpp;
607 unsigned int num_deleted;
608 unsigned int num_unfound;
609 std::list<fail_desc_t> failures;
610
611 rgw::sal::Driver* const driver;
612 req_state * const s;
613
614 public:
615 Deleter(const DoutPrefixProvider* dpp, rgw::sal::Driver* const str, req_state * const s)
616 : dpp(dpp),
617 num_deleted(0),
618 num_unfound(0),
619 driver(str),
620 s(s) {
621 }
622
623 unsigned int get_num_deleted() const {
624 return num_deleted;
625 }
626
627 unsigned int get_num_unfound() const {
628 return num_unfound;
629 }
630
631 const std::list<fail_desc_t> get_failures() const {
632 return failures;
633 }
634
635 bool verify_permission(RGWBucketInfo& binfo,
636 std::map<std::string, bufferlist>& battrs,
637 ACLOwner& bucket_owner /* out */,
638 optional_yield y);
639 bool delete_single(const acct_path_t& path, optional_yield y);
640 bool delete_chunk(const std::list<acct_path_t>& paths, optional_yield y);
641 };
642 /* End of Deleter subclass */
643
644 static const size_t MAX_CHUNK_ENTRIES = 1024;
645
646 protected:
647 std::unique_ptr<Deleter> deleter;
648
649 public:
650 RGWBulkDelete()
651 : deleter(nullptr) {
652 }
653
654 int verify_permission(optional_yield y) override;
655 void pre_exec() override;
656 void execute(optional_yield y) override;
657
658 virtual int get_data(std::list<acct_path_t>& items,
659 bool * is_truncated) = 0;
660 void send_response() override = 0;
661
662 const char* name() const override { return "bulk_delete"; }
663 RGWOpType get_type() override { return RGW_OP_BULK_DELETE; }
664 uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
665 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
666 };
667
668 inline std::ostream& operator<<(std::ostream& out, const RGWBulkDelete::acct_path_t &o) {
669 return out << o.bucket_name << "/" << o.obj_key;
670 }
671
672
673 class RGWBulkUploadOp : public RGWOp {
674 protected:
675 class fail_desc_t {
676 public:
677 fail_desc_t(const int err, std::string path)
678 : err(err),
679 path(std::move(path)) {
680 }
681
682 const int err;
683 const std::string path;
684 };
685
686 static constexpr std::array<int, 2> terminal_errors = {
687 { -EACCES, -EPERM }
688 };
689
690 /* FIXME: boost::container::small_vector<fail_desc_t, 4> failures; */
691 std::vector<fail_desc_t> failures;
692 size_t num_created;
693
694 class StreamGetter;
695 class DecoratedStreamGetter;
696 class AlignedStreamGetter;
697
698 virtual std::unique_ptr<StreamGetter> create_stream() = 0;
699 virtual void send_response() override = 0;
700
701 boost::optional<std::pair<std::string, rgw_obj_key>>
702 parse_path(const std::string_view& path);
703
704 std::pair<std::string, std::string>
705 handle_upload_path(req_state *s);
706
707 bool handle_file_verify_permission(RGWBucketInfo& binfo,
708 const rgw_obj& obj,
709 std::map<std::string, ceph::bufferlist>& battrs,
710 ACLOwner& bucket_owner /* out */,
711 optional_yield y);
712 int handle_file(std::string_view path,
713 size_t size,
714 AlignedStreamGetter& body,
715 optional_yield y);
716
717 int handle_dir_verify_permission(optional_yield y);
718 int handle_dir(std::string_view path, optional_yield y);
719
720 public:
721 RGWBulkUploadOp()
722 : num_created(0) {
723 }
724
725 void init(rgw::sal::Driver* const driver,
726 req_state* const s,
727 RGWHandler* const h) override;
728
729 int verify_permission(optional_yield y) override;
730 void pre_exec() override;
731 void execute(optional_yield y) override;
732
733 const char* name() const override { return "bulk_upload"; }
734
735 RGWOpType get_type() override {
736 return RGW_OP_BULK_UPLOAD;
737 }
738
739 uint32_t op_mask() override {
740 return RGW_OP_TYPE_WRITE;
741 }
742 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
743 }; /* RGWBulkUploadOp */
744
745
746 class RGWBulkUploadOp::StreamGetter {
747 public:
748 StreamGetter() = default;
749 virtual ~StreamGetter() = default;
750
751 virtual ssize_t get_at_most(size_t want, ceph::bufferlist& dst) = 0;
752 virtual ssize_t get_exactly(size_t want, ceph::bufferlist& dst) = 0;
753 }; /* End of nested subclass StreamGetter */
754
755
756 class RGWBulkUploadOp::DecoratedStreamGetter : public StreamGetter {
757 StreamGetter& decoratee;
758
759 protected:
760 StreamGetter& get_decoratee() {
761 return decoratee;
762 }
763
764 public:
765 explicit DecoratedStreamGetter(StreamGetter& decoratee)
766 : decoratee(decoratee) {
767 }
768 virtual ~DecoratedStreamGetter() = default;
769
770 ssize_t get_at_most(const size_t want, ceph::bufferlist& dst) override {
771 return get_decoratee().get_at_most(want, dst);
772 }
773
774 ssize_t get_exactly(const size_t want, ceph::bufferlist& dst) override {
775 return get_decoratee().get_exactly(want, dst);
776 }
777 }; /* RGWBulkUploadOp::DecoratedStreamGetter */
778
779
780 class RGWBulkUploadOp::AlignedStreamGetter
781 : public RGWBulkUploadOp::DecoratedStreamGetter {
782 size_t position;
783 size_t length;
784 size_t alignment;
785
786 public:
787 template <typename U>
788 AlignedStreamGetter(const size_t position,
789 const size_t length,
790 const size_t alignment,
791 U&& decoratee)
792 : DecoratedStreamGetter(std::forward<U>(decoratee)),
793 position(position),
794 length(length),
795 alignment(alignment) {
796 }
797 virtual ~AlignedStreamGetter();
798 ssize_t get_at_most(size_t want, ceph::bufferlist& dst) override;
799 ssize_t get_exactly(size_t want, ceph::bufferlist& dst) override;
800 }; /* RGWBulkUploadOp::AlignedStreamGetter */
801
802
803 struct RGWUsageStats {
804 uint64_t bytes_used = 0;
805 uint64_t bytes_used_rounded = 0;
806 uint64_t buckets_count = 0;
807 uint64_t objects_count = 0;
808 };
809
810 #define RGW_LIST_BUCKETS_LIMIT_MAX 10000
811
812 class RGWListBuckets : public RGWOp {
813 protected:
814 bool sent_data;
815 std::string marker;
816 std::string end_marker;
817 int64_t limit;
818 uint64_t limit_max;
819 bool is_truncated;
820
821 RGWUsageStats global_stats;
822 std::map<std::string, RGWUsageStats> policies_stats;
823
824 virtual uint64_t get_default_max() const {
825 return 1000;
826 }
827
828 public:
829 RGWListBuckets()
830 : sent_data(false),
831 limit(RGW_LIST_BUCKETS_LIMIT_MAX),
832 limit_max(RGW_LIST_BUCKETS_LIMIT_MAX),
833 is_truncated(false) {
834 }
835
836 int verify_permission(optional_yield y) override;
837 void execute(optional_yield y) override;
838
839 virtual int get_params(optional_yield y) = 0;
840 virtual void handle_listing_chunk(rgw::sal::BucketList&& buckets) {
841 /* The default implementation, used by e.g. S3, just generates a new
842 * part of listing and sends it client immediately. Swift can behave
843 * differently: when the reverse option is requested, all incoming
844 * instances of RGWBucketList are buffered and finally reversed. */
845 return send_response_data(buckets);
846 }
847 virtual void send_response_begin(bool has_buckets) = 0;
848 virtual void send_response_data(rgw::sal::BucketList& buckets) = 0;
849 virtual void send_response_end() = 0;
850 void send_response() override {}
851
852 virtual bool should_get_stats() { return false; }
853 virtual bool supports_account_metadata() { return false; }
854
855 const char* name() const override { return "list_buckets"; }
856 RGWOpType get_type() override { return RGW_OP_LIST_BUCKETS; }
857 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
858 }; // class RGWListBuckets
859
860 class RGWGetUsage : public RGWOp {
861 protected:
862 bool sent_data;
863 std::string start_date;
864 std::string end_date;
865 int show_log_entries;
866 int show_log_sum;
867 std::map<std::string, bool> categories;
868 std::map<rgw_user_bucket, rgw_usage_log_entry> usage;
869 std::map<std::string, rgw_usage_log_entry> summary_map;
870 std::map<std::string, bucket_meta_entry> buckets_usage;
871 cls_user_header header;
872 RGWStorageStats stats;
873 public:
874 RGWGetUsage() : sent_data(false), show_log_entries(true), show_log_sum(true){
875 }
876
877 int verify_permission(optional_yield y) override;
878 void execute(optional_yield y) override;
879
880 virtual int get_params(optional_yield y) = 0;
881 void send_response() override {}
882
883 virtual bool should_get_stats() { return false; }
884
885 const char* name() const override { return "get_self_usage"; }
886 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
887 };
888
889 class RGWStatAccount : public RGWOp {
890 protected:
891 RGWUsageStats global_stats;
892 std::map<std::string, RGWUsageStats> policies_stats;
893
894 public:
895 RGWStatAccount() = default;
896
897 int verify_permission(optional_yield y) override;
898 void execute(optional_yield y) override;
899
900 void send_response() override = 0;
901 const char* name() const override { return "stat_account"; }
902 RGWOpType get_type() override { return RGW_OP_STAT_ACCOUNT; }
903 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
904 };
905
906 class RGWListBucket : public RGWOp {
907 protected:
908 std::string prefix;
909 rgw_obj_key marker;
910 rgw_obj_key next_marker;
911 rgw_obj_key end_marker;
912 std::string max_keys;
913 std::string delimiter;
914 std::string encoding_type;
915 bool list_versions;
916 int max;
917 std::vector<rgw_bucket_dir_entry> objs;
918 std::map<std::string, bool> common_prefixes;
919
920 int default_max;
921 bool is_truncated;
922 bool allow_unordered;
923
924 int shard_id;
925
926 int parse_max_keys();
927
928 public:
929 RGWListBucket() : list_versions(false), max(0),
930 default_max(0), is_truncated(false),
931 allow_unordered(false), shard_id(-1) {}
932 int verify_permission(optional_yield y) override;
933 void pre_exec() override;
934 void execute(optional_yield y) override;
935
936 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
937 RGWOp::init(driver, s, h);
938 }
939 virtual int get_params(optional_yield y) = 0;
940 void send_response() override = 0;
941 const char* name() const override { return "list_bucket"; }
942 RGWOpType get_type() override { return RGW_OP_LIST_BUCKET; }
943 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
944 virtual bool need_container_stats() { return false; }
945 };
946
947 class RGWGetBucketLogging : public RGWOp {
948 public:
949 RGWGetBucketLogging() {}
950 int verify_permission(optional_yield y) override;
951 void execute(optional_yield) override { }
952
953 void send_response() override = 0;
954 const char* name() const override { return "get_bucket_logging"; }
955 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_LOGGING; }
956 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
957 };
958
959 class RGWGetBucketLocation : public RGWOp {
960 public:
961 RGWGetBucketLocation() {}
962 ~RGWGetBucketLocation() override {}
963 int verify_permission(optional_yield y) override;
964 void execute(optional_yield) override { }
965
966 void send_response() override = 0;
967 const char* name() const override { return "get_bucket_location"; }
968 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_LOCATION; }
969 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
970 };
971
972 class RGWGetBucketVersioning : public RGWOp {
973 protected:
974 bool versioned{false};
975 bool versioning_enabled{false};
976 bool mfa_enabled{false};
977 public:
978 RGWGetBucketVersioning() = default;
979
980 int verify_permission(optional_yield y) override;
981 void pre_exec() override;
982 void execute(optional_yield y) override;
983
984 void send_response() override = 0;
985 const char* name() const override { return "get_bucket_versioning"; }
986 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_VERSIONING; }
987 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
988 };
989
990 enum BucketVersionStatus {
991 VersioningStatusInvalid = -1,
992 VersioningNotChanged = 0,
993 VersioningEnabled = 1,
994 VersioningSuspended =2,
995 };
996
997 class RGWSetBucketVersioning : public RGWOp {
998 protected:
999 int versioning_status;
1000 bool mfa_set_status{false};
1001 bool mfa_status{false};
1002 bufferlist in_data;
1003 public:
1004 RGWSetBucketVersioning() : versioning_status(VersioningNotChanged) {}
1005
1006 int verify_permission(optional_yield y) override;
1007 void pre_exec() override;
1008 void execute(optional_yield y) override;
1009
1010 virtual int get_params(optional_yield y) { return 0; }
1011
1012 void send_response() override = 0;
1013 const char* name() const override { return "set_bucket_versioning"; }
1014 RGWOpType get_type() override { return RGW_OP_SET_BUCKET_VERSIONING; }
1015 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1016 };
1017
1018 class RGWGetBucketWebsite : public RGWOp {
1019 public:
1020 RGWGetBucketWebsite() {}
1021
1022 int verify_permission(optional_yield y) override;
1023 void pre_exec() override;
1024 void execute(optional_yield y) override;
1025
1026 void send_response() override = 0;
1027 const char* name() const override { return "get_bucket_website"; }
1028 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_WEBSITE; }
1029 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1030 };
1031
1032 class RGWSetBucketWebsite : public RGWOp {
1033 protected:
1034 bufferlist in_data;
1035 RGWBucketWebsiteConf website_conf;
1036 public:
1037 RGWSetBucketWebsite() {}
1038
1039 int verify_permission(optional_yield y) override;
1040 void pre_exec() override;
1041 void execute(optional_yield y) override;
1042
1043 virtual int get_params(optional_yield y) { return 0; }
1044
1045 void send_response() override = 0;
1046 const char* name() const override { return "set_bucket_website"; }
1047 RGWOpType get_type() override { return RGW_OP_SET_BUCKET_WEBSITE; }
1048 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1049 };
1050
1051 class RGWDeleteBucketWebsite : public RGWOp {
1052 public:
1053 RGWDeleteBucketWebsite() {}
1054
1055 int verify_permission(optional_yield y) override;
1056 void pre_exec() override;
1057 void execute(optional_yield y) override;
1058
1059 void send_response() override = 0;
1060 const char* name() const override { return "delete_bucket_website"; }
1061 RGWOpType get_type() override { return RGW_OP_SET_BUCKET_WEBSITE; }
1062 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1063 };
1064
1065 class RGWStatBucket : public RGWOp {
1066 protected:
1067 std::unique_ptr<rgw::sal::Bucket> bucket;
1068
1069 public:
1070 int verify_permission(optional_yield y) override;
1071 void pre_exec() override;
1072 void execute(optional_yield y) override;
1073
1074 void send_response() override = 0;
1075 const char* name() const override { return "stat_bucket"; }
1076 RGWOpType get_type() override { return RGW_OP_STAT_BUCKET; }
1077 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1078 };
1079
1080 class RGWCreateBucket : public RGWOp {
1081 protected:
1082 RGWAccessControlPolicy policy;
1083 std::string location_constraint;
1084 rgw_placement_rule placement_rule;
1085 RGWBucketInfo info;
1086 obj_version ep_objv;
1087 bool has_cors;
1088 bool relaxed_region_enforcement;
1089 bool obj_lock_enabled;
1090 RGWCORSConfiguration cors_config;
1091 boost::optional<std::string> swift_ver_location;
1092 std::map<std::string, buffer::list> attrs;
1093 std::set<std::string> rmattr_names;
1094
1095 bufferlist in_data;
1096
1097 virtual bool need_metadata_upload() const { return false; }
1098
1099 public:
1100 RGWCreateBucket() : has_cors(false), relaxed_region_enforcement(false), obj_lock_enabled(false) {}
1101
1102 void emplace_attr(std::string&& key, buffer::list&& bl) {
1103 attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */
1104 }
1105
1106 int verify_permission(optional_yield y) override;
1107 void pre_exec() override;
1108 void execute(optional_yield y) override;
1109 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1110 RGWOp::init(driver, s, h);
1111 policy.set_ctx(s->cct);
1112 relaxed_region_enforcement =
1113 s->cct->_conf.get_val<bool>("rgw_relaxed_region_enforcement");
1114 }
1115 virtual int get_params(optional_yield y) { return 0; }
1116 void send_response() override = 0;
1117 const char* name() const override { return "create_bucket"; }
1118 RGWOpType get_type() override { return RGW_OP_CREATE_BUCKET; }
1119 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1120 };
1121
1122 class RGWDeleteBucket : public RGWOp {
1123 protected:
1124 RGWObjVersionTracker objv_tracker;
1125
1126 public:
1127 RGWDeleteBucket() {}
1128
1129 int verify_permission(optional_yield y) override;
1130 void pre_exec() override;
1131 void execute(optional_yield y) override;
1132
1133 void send_response() override = 0;
1134 const char* name() const override { return "delete_bucket"; }
1135 RGWOpType get_type() override { return RGW_OP_DELETE_BUCKET; }
1136 uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
1137 };
1138
1139 struct rgw_slo_entry {
1140 std::string path;
1141 std::string etag;
1142 uint64_t size_bytes;
1143
1144 rgw_slo_entry() : size_bytes(0) {}
1145
1146 void encode(bufferlist& bl) const {
1147 ENCODE_START(1, 1, bl);
1148 encode(path, bl);
1149 encode(etag, bl);
1150 encode(size_bytes, bl);
1151 ENCODE_FINISH(bl);
1152 }
1153
1154 void decode(bufferlist::const_iterator& bl) {
1155 DECODE_START(1, bl);
1156 decode(path, bl);
1157 decode(etag, bl);
1158 decode(size_bytes, bl);
1159 DECODE_FINISH(bl);
1160 }
1161
1162 void decode_json(JSONObj *obj);
1163 };
1164 WRITE_CLASS_ENCODER(rgw_slo_entry)
1165
1166 struct RGWSLOInfo {
1167 std::vector<rgw_slo_entry> entries;
1168 uint64_t total_size;
1169
1170 /* in memory only */
1171 bufferlist raw_data;
1172
1173 RGWSLOInfo() : total_size(0) {}
1174 ~RGWSLOInfo() {}
1175
1176 void encode(bufferlist& bl) const {
1177 ENCODE_START(1, 1, bl);
1178 encode(entries, bl);
1179 encode(total_size, bl);
1180 ENCODE_FINISH(bl);
1181 }
1182
1183 void decode(bufferlist::const_iterator& bl) {
1184 DECODE_START(1, bl);
1185 decode(entries, bl);
1186 decode(total_size, bl);
1187 DECODE_FINISH(bl);
1188 }
1189 };
1190 WRITE_CLASS_ENCODER(RGWSLOInfo)
1191
1192 class RGWPutObj : public RGWOp {
1193 protected:
1194 seed torrent;
1195 off_t ofs;
1196 const char *supplied_md5_b64;
1197 const char *supplied_etag;
1198 const char *if_match;
1199 const char *if_nomatch;
1200 std::string copy_source;
1201 const char *copy_source_range;
1202 RGWBucketInfo copy_source_bucket_info;
1203 std::string copy_source_tenant_name;
1204 std::string copy_source_bucket_name;
1205 std::string copy_source_object_name;
1206 std::string copy_source_version_id;
1207 off_t copy_source_range_fst;
1208 off_t copy_source_range_lst;
1209 std::string etag;
1210 bool chunked_upload;
1211 RGWAccessControlPolicy policy;
1212 std::unique_ptr <RGWObjTags> obj_tags;
1213 const char *dlo_manifest;
1214 RGWSLOInfo *slo_info;
1215 rgw::sal::Attrs attrs;
1216 ceph::real_time mtime;
1217 uint64_t olh_epoch;
1218 std::string version_id;
1219 bufferlist bl_aux;
1220 std::map<std::string, std::string> crypt_http_responses;
1221 std::string user_data;
1222
1223 std::string multipart_upload_id;
1224 std::string multipart_part_str;
1225 int multipart_part_num = 0;
1226 jspan multipart_trace;
1227
1228 boost::optional<ceph::real_time> delete_at;
1229 //append obj
1230 bool append;
1231 uint64_t position;
1232 uint64_t cur_accounted_size;
1233
1234 //object lock
1235 RGWObjectRetention *obj_retention;
1236 RGWObjectLegalHold *obj_legal_hold;
1237
1238 public:
1239 RGWPutObj() : ofs(0),
1240 supplied_md5_b64(NULL),
1241 supplied_etag(NULL),
1242 if_match(NULL),
1243 if_nomatch(NULL),
1244 copy_source_range(NULL),
1245 copy_source_range_fst(0),
1246 copy_source_range_lst(0),
1247 chunked_upload(0),
1248 dlo_manifest(NULL),
1249 slo_info(NULL),
1250 olh_epoch(0),
1251 append(false),
1252 position(0),
1253 cur_accounted_size(0),
1254 obj_retention(nullptr),
1255 obj_legal_hold(nullptr) {}
1256
1257 ~RGWPutObj() override {
1258 delete slo_info;
1259 delete obj_retention;
1260 delete obj_legal_hold;
1261 }
1262
1263 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1264 RGWOp::init(driver, s, h);
1265 policy.set_ctx(s->cct);
1266 }
1267
1268 virtual int init_processing(optional_yield y) override;
1269
1270 void emplace_attr(std::string&& key, buffer::list&& bl) {
1271 attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */
1272 }
1273
1274 int verify_permission(optional_yield y) override;
1275 void pre_exec() override;
1276 void execute(optional_yield y) override;
1277
1278 /* this is for cases when copying data from other object */
1279 virtual int get_decrypt_filter(std::unique_ptr<RGWGetObj_Filter>* filter,
1280 RGWGetObj_Filter* cb,
1281 std::map<std::string, bufferlist>& attrs,
1282 bufferlist* manifest_bl) {
1283 *filter = nullptr;
1284 return 0;
1285 }
1286 virtual int get_encrypt_filter(std::unique_ptr<rgw::sal::DataProcessor> *filter,
1287 rgw::sal::DataProcessor *cb) {
1288 return 0;
1289 }
1290
1291 // get lua script to run as a "put object" filter
1292 int get_lua_filter(std::unique_ptr<rgw::sal::DataProcessor>* filter,
1293 rgw::sal::DataProcessor* cb);
1294
1295 int get_data_cb(bufferlist& bl, off_t bl_ofs, off_t bl_len);
1296 int get_data(const off_t fst, const off_t lst, bufferlist& bl);
1297
1298 virtual int get_params(optional_yield y) = 0;
1299 virtual int get_data(bufferlist& bl) = 0;
1300 void send_response() override = 0;
1301 const char* name() const override { return "put_obj"; }
1302 RGWOpType get_type() override { return RGW_OP_PUT_OBJ; }
1303 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1304 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
1305 };
1306
1307 class RGWPostObj : public RGWOp {
1308 protected:
1309 off_t min_len;
1310 off_t max_len;
1311 int len;
1312 off_t ofs;
1313 const char *supplied_md5_b64;
1314 const char *supplied_etag;
1315 std::string etag;
1316 RGWAccessControlPolicy policy;
1317 std::map<std::string, bufferlist> attrs;
1318 boost::optional<ceph::real_time> delete_at;
1319
1320 /* Must be called after get_data() or the result is undefined. */
1321 virtual std::string get_current_filename() const = 0;
1322 virtual std::string get_current_content_type() const = 0;
1323 virtual bool is_next_file_to_upload() {
1324 return false;
1325 }
1326 public:
1327 RGWPostObj() : min_len(0),
1328 max_len(LLONG_MAX),
1329 len(0),
1330 ofs(0),
1331 supplied_md5_b64(nullptr),
1332 supplied_etag(nullptr) {
1333 }
1334
1335 void emplace_attr(std::string&& key, buffer::list&& bl) {
1336 attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */
1337 }
1338
1339 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1340 RGWOp::init(driver, s, h);
1341 policy.set_ctx(s->cct);
1342 }
1343
1344 int verify_permission(optional_yield y) override;
1345 void pre_exec() override;
1346 void execute(optional_yield y) override;
1347
1348 virtual int get_encrypt_filter(std::unique_ptr<rgw::sal::DataProcessor> *filter,
1349 rgw::sal::DataProcessor *cb) {
1350 return 0;
1351 }
1352 virtual int get_params(optional_yield y) = 0;
1353 virtual int get_data(ceph::bufferlist& bl, bool& again) = 0;
1354 void send_response() override = 0;
1355 const char* name() const override { return "post_obj"; }
1356 RGWOpType get_type() override { return RGW_OP_POST_OBJ; }
1357 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1358 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
1359 };
1360
1361 class RGWPutMetadataAccount : public RGWOp {
1362 protected:
1363 std::set<std::string> rmattr_names;
1364 std::map<std::string, bufferlist> attrs, orig_attrs;
1365 std::map<int, std::string> temp_url_keys;
1366 RGWQuotaInfo new_quota;
1367 bool new_quota_extracted;
1368
1369 RGWAccessControlPolicy policy;
1370 bool has_policy;
1371
1372 public:
1373 RGWPutMetadataAccount()
1374 : new_quota_extracted(false),
1375 has_policy(false) {
1376 }
1377
1378 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1379 RGWOp::init(driver, s, h);
1380 policy.set_ctx(s->cct);
1381 }
1382 int init_processing(optional_yield y) override;
1383 int verify_permission(optional_yield y) override;
1384 void pre_exec() override { }
1385 void execute(optional_yield y) override;
1386
1387 virtual int get_params(optional_yield y) = 0;
1388 void send_response() override = 0;
1389 virtual void filter_out_temp_url(std::map<std::string, bufferlist>& add_attrs,
1390 const std::set<std::string>& rmattr_names,
1391 std::map<int, std::string>& temp_url_keys);
1392 const char* name() const override { return "put_account_metadata"; }
1393 RGWOpType get_type() override { return RGW_OP_PUT_METADATA_ACCOUNT; }
1394 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1395 };
1396
1397 class RGWPutMetadataBucket : public RGWOp {
1398 protected:
1399 rgw::sal::Attrs attrs;
1400 std::set<std::string> rmattr_names;
1401 bool has_policy, has_cors;
1402 uint32_t policy_rw_mask;
1403 RGWAccessControlPolicy policy;
1404 RGWCORSConfiguration cors_config;
1405 rgw_placement_rule placement_rule;
1406 boost::optional<std::string> swift_ver_location;
1407
1408 public:
1409 RGWPutMetadataBucket()
1410 : has_policy(false), has_cors(false), policy_rw_mask(0)
1411 {}
1412
1413 void emplace_attr(std::string&& key, buffer::list&& bl) {
1414 attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */
1415 }
1416
1417 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1418 RGWOp::init(driver, s, h);
1419 policy.set_ctx(s->cct);
1420 }
1421
1422 int verify_permission(optional_yield y) override;
1423 void pre_exec() override;
1424 void execute(optional_yield y) override;
1425
1426 virtual int get_params(optional_yield y) = 0;
1427 void send_response() override = 0;
1428 const char* name() const override { return "put_bucket_metadata"; }
1429 RGWOpType get_type() override { return RGW_OP_PUT_METADATA_BUCKET; }
1430 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1431 };
1432
1433 class RGWPutMetadataObject : public RGWOp {
1434 protected:
1435 RGWAccessControlPolicy policy;
1436 boost::optional<ceph::real_time> delete_at;
1437 const char *dlo_manifest;
1438
1439 public:
1440 RGWPutMetadataObject()
1441 : dlo_manifest(NULL)
1442 {}
1443
1444 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1445 RGWOp::init(driver, s, h);
1446 policy.set_ctx(s->cct);
1447 }
1448 int verify_permission(optional_yield y) override;
1449 void pre_exec() override;
1450 void execute(optional_yield y) override;
1451
1452 virtual int get_params(optional_yield y) = 0;
1453 void send_response() override = 0;
1454 const char* name() const override { return "put_obj_metadata"; }
1455 RGWOpType get_type() override { return RGW_OP_PUT_METADATA_OBJECT; }
1456 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1457 virtual bool need_object_expiration() { return false; }
1458 };
1459
1460 class RGWDeleteObj : public RGWOp {
1461 protected:
1462 bool delete_marker;
1463 bool multipart_delete;
1464 std::string version_id;
1465 ceph::real_time unmod_since; /* if unmodified since */
1466 bool no_precondition_error;
1467 std::unique_ptr<RGWBulkDelete::Deleter> deleter;
1468 bool bypass_perm;
1469 bool bypass_governance_mode;
1470
1471 public:
1472 RGWDeleteObj()
1473 : delete_marker(false),
1474 multipart_delete(false),
1475 no_precondition_error(false),
1476 deleter(nullptr),
1477 bypass_perm(true),
1478 bypass_governance_mode(false) {
1479 }
1480
1481 int verify_permission(optional_yield y) override;
1482 void pre_exec() override;
1483 void execute(optional_yield y) override;
1484 int handle_slo_manifest(bufferlist& bl, optional_yield y);
1485
1486 virtual int get_params(optional_yield y) { return 0; }
1487 void send_response() override = 0;
1488 const char* name() const override { return "delete_obj"; }
1489 RGWOpType get_type() override { return RGW_OP_DELETE_OBJ; }
1490 uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
1491 virtual bool need_object_expiration() { return false; }
1492 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
1493 };
1494
1495 class RGWCopyObj : public RGWOp {
1496 protected:
1497 RGWAccessControlPolicy dest_policy;
1498 const char *if_mod;
1499 const char *if_unmod;
1500 const char *if_match;
1501 const char *if_nomatch;
1502 // Required or it is not a copy operation
1503 std::string_view copy_source;
1504 // Not actually required
1505 std::optional<std::string_view> md_directive;
1506
1507 off_t ofs;
1508 off_t len;
1509 off_t end;
1510 ceph::real_time mod_time;
1511 ceph::real_time unmod_time;
1512 ceph::real_time *mod_ptr;
1513 ceph::real_time *unmod_ptr;
1514 rgw::sal::Attrs attrs;
1515 std::unique_ptr<rgw::sal::Bucket> src_bucket;
1516 ceph::real_time src_mtime;
1517 ceph::real_time mtime;
1518 rgw::sal::AttrsMod attrs_mod;
1519 std::string source_zone;
1520 std::string etag;
1521
1522 off_t last_ofs;
1523
1524 std::string version_id;
1525 uint64_t olh_epoch;
1526
1527 boost::optional<ceph::real_time> delete_at;
1528 bool copy_if_newer;
1529
1530 bool need_to_check_storage_class = false;
1531
1532 //object lock
1533 RGWObjectRetention *obj_retention;
1534 RGWObjectLegalHold *obj_legal_hold;
1535
1536 int init_common();
1537
1538 public:
1539 RGWCopyObj() {
1540 if_mod = NULL;
1541 if_unmod = NULL;
1542 if_match = NULL;
1543 if_nomatch = NULL;
1544 ofs = 0;
1545 len = 0;
1546 end = -1;
1547 mod_ptr = NULL;
1548 unmod_ptr = NULL;
1549 attrs_mod = rgw::sal::ATTRSMOD_NONE;
1550 last_ofs = 0;
1551 olh_epoch = 0;
1552 copy_if_newer = false;
1553 obj_retention = nullptr;
1554 obj_legal_hold = nullptr;
1555 }
1556
1557 ~RGWCopyObj() override {
1558 delete obj_retention;
1559 delete obj_legal_hold;
1560 }
1561
1562 static bool parse_copy_location(const std::string_view& src,
1563 std::string& bucket_name,
1564 rgw_obj_key& object,
1565 req_state *s);
1566
1567 void emplace_attr(std::string&& key, buffer::list&& bl) {
1568 attrs.emplace(std::move(key), std::move(bl));
1569 }
1570
1571 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1572 RGWOp::init(driver, s, h);
1573 dest_policy.set_ctx(s->cct);
1574 }
1575 int init_processing(optional_yield y) override;
1576 int verify_permission(optional_yield y) override;
1577 void pre_exec() override;
1578 void execute(optional_yield y) override;
1579 void progress_cb(off_t ofs);
1580
1581 virtual int check_storage_class(const rgw_placement_rule& src_placement) {
1582 return 0;
1583 }
1584
1585 virtual int init_dest_policy() { return 0; }
1586 virtual int get_params(optional_yield y) = 0;
1587 virtual void send_partial_response(off_t ofs) {}
1588 void send_response() override = 0;
1589 const char* name() const override { return "copy_obj"; }
1590 RGWOpType get_type() override { return RGW_OP_COPY_OBJ; }
1591 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1592 dmc::client_id dmclock_client() override { return dmc::client_id::data; }
1593 };
1594
1595 class RGWGetACLs : public RGWOp {
1596 protected:
1597 std::string acls;
1598
1599 public:
1600 RGWGetACLs() {}
1601
1602 int verify_permission(optional_yield y) override;
1603 void pre_exec() override;
1604 void execute(optional_yield y) override;
1605
1606 void send_response() override = 0;
1607 const char* name() const override { return "get_acls"; }
1608 RGWOpType get_type() override { return RGW_OP_GET_ACLS; }
1609 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1610 };
1611
1612 class RGWPutACLs : public RGWOp {
1613 protected:
1614 bufferlist data;
1615 ACLOwner owner;
1616
1617 public:
1618 RGWPutACLs() {}
1619 ~RGWPutACLs() override {}
1620
1621 int verify_permission(optional_yield y) override;
1622 void pre_exec() override;
1623 void execute(optional_yield y) override;
1624
1625 virtual int get_policy_from_state(rgw::sal::Driver* driver, req_state *s, std::stringstream& ss) { return 0; }
1626 virtual int get_params(optional_yield y) = 0;
1627 void send_response() override = 0;
1628 const char* name() const override { return "put_acls"; }
1629 RGWOpType get_type() override { return RGW_OP_PUT_ACLS; }
1630 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1631 };
1632
1633 class RGWGetLC : public RGWOp {
1634 protected:
1635
1636 public:
1637 RGWGetLC() { }
1638 ~RGWGetLC() override { }
1639
1640 int verify_permission(optional_yield y) override;
1641 void pre_exec() override;
1642 void execute(optional_yield) override = 0;
1643
1644 void send_response() override = 0;
1645 const char* name() const override { return "get_lifecycle"; }
1646 RGWOpType get_type() override { return RGW_OP_GET_LC; }
1647 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1648 };
1649
1650 class RGWPutLC : public RGWOp {
1651 protected:
1652 bufferlist data;
1653 const char *content_md5;
1654 std::string cookie;
1655
1656 public:
1657 RGWPutLC() {
1658 content_md5 = nullptr;
1659 }
1660 ~RGWPutLC() override {}
1661
1662 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *dialect_handler) override {
1663 static constexpr std::size_t COOKIE_LEN = 16;
1664 char buf[COOKIE_LEN + 1];
1665
1666 RGWOp::init(driver, s, dialect_handler);
1667 gen_rand_alphanumeric(s->cct, buf, sizeof(buf) - 1);
1668 cookie = buf;
1669 }
1670
1671 int verify_permission(optional_yield y) override;
1672 void pre_exec() override;
1673 void execute(optional_yield y) override;
1674
1675 // virtual int get_policy_from_state(RGWRados* driver, req_state *s, std::stringstream& ss) { return 0; }
1676 virtual int get_params(optional_yield y) = 0;
1677 void send_response() override = 0;
1678 const char* name() const override { return "put_lifecycle"; }
1679 RGWOpType get_type() override { return RGW_OP_PUT_LC; }
1680 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1681 };
1682
1683 class RGWDeleteLC : public RGWOp {
1684 public:
1685 RGWDeleteLC() = default;
1686 int verify_permission(optional_yield y) override;
1687 void pre_exec() override;
1688 void execute(optional_yield y) override;
1689
1690 void send_response() override = 0;
1691 const char* name() const override { return "delete_lifecycle"; }
1692 RGWOpType get_type() override { return RGW_OP_DELETE_LC; }
1693 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1694 };
1695
1696 class RGWGetCORS : public RGWOp {
1697 protected:
1698
1699 public:
1700 RGWGetCORS() {}
1701
1702 int verify_permission(optional_yield y) override;
1703 void execute(optional_yield y) override;
1704
1705 void send_response() override = 0;
1706 const char* name() const override { return "get_cors"; }
1707 RGWOpType get_type() override { return RGW_OP_GET_CORS; }
1708 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1709 };
1710
1711 class RGWPutCORS : public RGWOp {
1712 protected:
1713 bufferlist cors_bl;
1714 bufferlist in_data;
1715
1716 public:
1717 RGWPutCORS() {}
1718 ~RGWPutCORS() override {}
1719
1720 int verify_permission(optional_yield y) override;
1721 void execute(optional_yield y) override;
1722
1723 virtual int get_params(optional_yield y) = 0;
1724 void send_response() override = 0;
1725 const char* name() const override { return "put_cors"; }
1726 RGWOpType get_type() override { return RGW_OP_PUT_CORS; }
1727 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1728 };
1729
1730 class RGWDeleteCORS : public RGWOp {
1731 protected:
1732
1733 public:
1734 RGWDeleteCORS() {}
1735
1736 int verify_permission(optional_yield y) override;
1737 void execute(optional_yield y) override;
1738
1739 void send_response() override = 0;
1740 const char* name() const override { return "delete_cors"; }
1741 RGWOpType get_type() override { return RGW_OP_DELETE_CORS; }
1742 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1743 };
1744
1745 class RGWOptionsCORS : public RGWOp {
1746 protected:
1747 RGWCORSRule *rule;
1748 const char *origin, *req_hdrs, *req_meth;
1749
1750 public:
1751 RGWOptionsCORS() : rule(NULL), origin(NULL),
1752 req_hdrs(NULL), req_meth(NULL) {
1753 }
1754
1755 int verify_permission(optional_yield y) override {return 0;}
1756 int validate_cors_request(RGWCORSConfiguration *cc);
1757 void execute(optional_yield y) override;
1758 void get_response_params(std::string& allowed_hdrs, std::string& exp_hdrs, unsigned *max_age);
1759 void send_response() override = 0;
1760 const char* name() const override { return "options_cors"; }
1761 RGWOpType get_type() override { return RGW_OP_OPTIONS_CORS; }
1762 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1763 };
1764
1765 class RGWPutBucketEncryption : public RGWOp {
1766 protected:
1767 RGWBucketEncryptionConfig bucket_encryption_conf;
1768 bufferlist data;
1769 public:
1770 RGWPutBucketEncryption() = default;
1771 ~RGWPutBucketEncryption() {}
1772
1773 int get_params(optional_yield y);
1774 int verify_permission(optional_yield y) override;
1775 void execute(optional_yield y) override;
1776 const char* name() const override { return "put_bucket_encryption"; }
1777 RGWOpType get_type() override { return RGW_OP_PUT_BUCKET_ENCRYPTION; }
1778 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1779 };
1780
1781 class RGWGetBucketEncryption : public RGWOp {
1782 protected:
1783 RGWBucketEncryptionConfig bucket_encryption_conf;
1784 public:
1785 RGWGetBucketEncryption() {}
1786
1787 int get_params(optional_yield y);
1788 int verify_permission(optional_yield y) override;
1789 void execute(optional_yield y) override;
1790 const char* name() const override { return "get_bucket_encryption"; }
1791 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_ENCRYPTION; }
1792 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1793 };
1794
1795 class RGWDeleteBucketEncryption : public RGWOp {
1796 protected:
1797 RGWBucketEncryptionConfig bucket_encryption_conf;
1798 public:
1799 RGWDeleteBucketEncryption() {}
1800
1801 int get_params(optional_yield y);
1802 int verify_permission(optional_yield y) override;
1803 void execute(optional_yield y) override;
1804 const char* name() const override { return "delete_bucket_encryption"; }
1805 RGWOpType get_type() override { return RGW_OP_DELETE_BUCKET_ENCRYPTION; }
1806 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1807 };
1808
1809 class RGWGetRequestPayment : public RGWOp {
1810 protected:
1811 bool requester_pays;
1812
1813 public:
1814 RGWGetRequestPayment() : requester_pays(0) {}
1815
1816 int verify_permission(optional_yield y) override;
1817 void pre_exec() override;
1818 void execute(optional_yield y) override;
1819
1820 void send_response() override = 0;
1821 const char* name() const override { return "get_request_payment"; }
1822 RGWOpType get_type() override { return RGW_OP_GET_REQUEST_PAYMENT; }
1823 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1824 };
1825
1826 class RGWSetRequestPayment : public RGWOp {
1827 protected:
1828 bool requester_pays;
1829 bufferlist in_data;
1830 public:
1831 RGWSetRequestPayment() : requester_pays(false) {}
1832
1833 int verify_permission(optional_yield y) override;
1834 void pre_exec() override;
1835 void execute(optional_yield y) override;
1836
1837 virtual int get_params(optional_yield y) { return 0; }
1838
1839 void send_response() override = 0;
1840 const char* name() const override { return "set_request_payment"; }
1841 RGWOpType get_type() override { return RGW_OP_SET_REQUEST_PAYMENT; }
1842 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1843 };
1844
1845 class RGWInitMultipart : public RGWOp {
1846 protected:
1847 std::string upload_id;
1848 RGWAccessControlPolicy policy;
1849 ceph::real_time mtime;
1850 jspan multipart_trace;
1851
1852 public:
1853 RGWInitMultipart() {}
1854
1855 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1856 RGWOp::init(driver, s, h);
1857 policy.set_ctx(s->cct);
1858 }
1859 int verify_permission(optional_yield y) override;
1860 void pre_exec() override;
1861 void execute(optional_yield y) override;
1862
1863 virtual int get_params(optional_yield y) = 0;
1864 void send_response() override = 0;
1865 const char* name() const override { return "init_multipart"; }
1866 RGWOpType get_type() override { return RGW_OP_INIT_MULTIPART; }
1867 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1868 virtual int prepare_encryption(std::map<std::string, bufferlist>& attrs) { return 0; }
1869 };
1870
1871 class RGWCompleteMultipart : public RGWOp {
1872 protected:
1873 std::string upload_id;
1874 std::string etag;
1875 std::string version_id;
1876 bufferlist data;
1877 std::unique_ptr<rgw::sal::MPSerializer> serializer;
1878 jspan multipart_trace;
1879
1880 public:
1881 RGWCompleteMultipart() {}
1882 ~RGWCompleteMultipart() = default;
1883
1884 int verify_permission(optional_yield y) override;
1885 void pre_exec() override;
1886 void execute(optional_yield y) override;
1887 bool check_previously_completed(const RGWMultiCompleteUpload* parts);
1888 void complete() override;
1889
1890 virtual int get_params(optional_yield y) = 0;
1891 void send_response() override = 0;
1892 const char* name() const override { return "complete_multipart"; }
1893 RGWOpType get_type() override { return RGW_OP_COMPLETE_MULTIPART; }
1894 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
1895 };
1896
1897 class RGWAbortMultipart : public RGWOp {
1898 protected:
1899 jspan multipart_trace;
1900 public:
1901 RGWAbortMultipart() {}
1902
1903 int verify_permission(optional_yield y) override;
1904 void pre_exec() override;
1905 void execute(optional_yield y) override;
1906
1907 void send_response() override = 0;
1908 const char* name() const override { return "abort_multipart"; }
1909 RGWOpType get_type() override { return RGW_OP_ABORT_MULTIPART; }
1910 uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
1911 };
1912
1913 class RGWListMultipart : public RGWOp {
1914 protected:
1915 std::string upload_id;
1916 std::unique_ptr<rgw::sal::MultipartUpload> upload;
1917 int max_parts;
1918 int marker;
1919 RGWAccessControlPolicy policy;
1920 bool truncated;
1921 rgw_placement_rule* placement;
1922
1923 public:
1924 RGWListMultipart() {
1925 max_parts = 1000;
1926 marker = 0;
1927 truncated = false;
1928 }
1929
1930 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1931 RGWOp::init(driver, s, h);
1932 policy = RGWAccessControlPolicy(s->cct);
1933 }
1934 int verify_permission(optional_yield y) override;
1935 void pre_exec() override;
1936 void execute(optional_yield y) override;
1937
1938 virtual int get_params(optional_yield y) = 0;
1939 void send_response() override = 0;
1940 const char* name() const override { return "list_multipart"; }
1941 RGWOpType get_type() override { return RGW_OP_LIST_MULTIPART; }
1942 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1943 };
1944
1945 class RGWListBucketMultiparts : public RGWOp {
1946 protected:
1947 std::string prefix;
1948 std::string marker_meta;
1949 std::string marker_key;
1950 std::string marker_upload_id;
1951 std::string next_marker_key;
1952 std::string next_marker_upload_id;
1953 int max_uploads;
1954 std::string delimiter;
1955 std::vector<std::unique_ptr<rgw::sal::MultipartUpload>> uploads;
1956 std::map<std::string, bool> common_prefixes;
1957 bool is_truncated;
1958 int default_max;
1959 bool encode_url {false};
1960
1961 public:
1962 RGWListBucketMultiparts() {
1963 max_uploads = 0;
1964 is_truncated = false;
1965 default_max = 0;
1966 }
1967
1968 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
1969 RGWOp::init(driver, s, h);
1970 max_uploads = default_max;
1971 }
1972
1973 int verify_permission(optional_yield y) override;
1974 void pre_exec() override;
1975 void execute(optional_yield y) override;
1976
1977 virtual int get_params(optional_yield y) = 0;
1978 void send_response() override = 0;
1979 const char* name() const override { return "list_bucket_multiparts"; }
1980 RGWOpType get_type() override { return RGW_OP_LIST_BUCKET_MULTIPARTS; }
1981 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
1982 };
1983
1984
1985 class RGWGetCrossDomainPolicy : public RGWOp {
1986 public:
1987 RGWGetCrossDomainPolicy() = default;
1988 ~RGWGetCrossDomainPolicy() override = default;
1989
1990 int verify_permission(optional_yield) override {
1991 return 0;
1992 }
1993
1994 void execute(optional_yield) override {
1995 op_ret = 0;
1996 }
1997
1998 const char* name() const override { return "get_crossdomain_policy"; }
1999
2000 RGWOpType get_type() override {
2001 return RGW_OP_GET_CROSS_DOMAIN_POLICY;
2002 }
2003
2004 uint32_t op_mask() override {
2005 return RGW_OP_TYPE_READ;
2006 }
2007 };
2008
2009
2010 class RGWGetHealthCheck : public RGWOp {
2011 public:
2012 RGWGetHealthCheck() = default;
2013 ~RGWGetHealthCheck() override = default;
2014
2015 int verify_permission(optional_yield) override {
2016 return 0;
2017 }
2018
2019 void execute(optional_yield y) override;
2020
2021 const char* name() const override { return "get_health_check"; }
2022
2023 RGWOpType get_type() override {
2024 return RGW_OP_GET_HEALTH_CHECK;
2025 }
2026
2027 uint32_t op_mask() override {
2028 return RGW_OP_TYPE_READ;
2029 }
2030 };
2031
2032
2033 class RGWDeleteMultiObj : public RGWOp {
2034 /**
2035 * Handles the deletion of an individual object and uses
2036 * set_partial_response to record the outcome.
2037 */
2038 void handle_individual_object(const rgw_obj_key& o,
2039 optional_yield y,
2040 boost::asio::deadline_timer *formatter_flush_cond);
2041
2042 /**
2043 * When the request is being executed in a coroutine, performs
2044 * the actual formatter flushing and is responsible for the
2045 * termination condition (when when all partial object responses
2046 * have been sent). Note that the formatter flushing must be handled
2047 * on the coroutine that invokes the execute method vs. the
2048 * coroutines that are spawned to handle individual objects because
2049 * the flush logic uses a yield context that was captured
2050 * and saved on the req_state vs. one that is passed on the stack.
2051 * This is a no-op in the case where we're not executing as a coroutine.
2052 */
2053 void wait_flush(optional_yield y,
2054 boost::asio::deadline_timer *formatter_flush_cond,
2055 std::function<bool()> predicate);
2056
2057 protected:
2058 std::vector<delete_multi_obj_entry> ops_log_entries;
2059 bufferlist data;
2060 rgw::sal::Bucket* bucket;
2061 bool quiet;
2062 bool status_dumped;
2063 bool acl_allowed = false;
2064 bool bypass_perm;
2065 bool bypass_governance_mode;
2066
2067 public:
2068 RGWDeleteMultiObj() {
2069 quiet = false;
2070 status_dumped = false;
2071 bypass_perm = true;
2072 bypass_governance_mode = false;
2073 }
2074
2075 int verify_permission(optional_yield y) override;
2076 void pre_exec() override;
2077 void execute(optional_yield y) override;
2078
2079 virtual int get_params(optional_yield y) = 0;
2080 virtual void send_status() = 0;
2081 virtual void begin_response() = 0;
2082 virtual void send_partial_response(const rgw_obj_key& key, bool delete_marker,
2083 const std::string& marker_version_id, int ret,
2084 boost::asio::deadline_timer *formatter_flush_cond) = 0;
2085 virtual void end_response() = 0;
2086 const char* name() const override { return "multi_object_delete"; }
2087 RGWOpType get_type() override { return RGW_OP_DELETE_MULTI_OBJ; }
2088 uint32_t op_mask() override { return RGW_OP_TYPE_DELETE; }
2089
2090 void write_ops_log_entry(rgw_log_entry& entry) const override;
2091 };
2092
2093 class RGWInfo: public RGWOp {
2094 public:
2095 RGWInfo() = default;
2096 ~RGWInfo() override = default;
2097
2098 int verify_permission(optional_yield) override { return 0; }
2099 const char* name() const override { return "get info"; }
2100 RGWOpType get_type() override { return RGW_OP_GET_INFO; }
2101 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2102 };
2103
2104 extern int rgw_build_bucket_policies(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver,
2105 req_state* s, optional_yield y);
2106 extern int rgw_build_object_policies(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver,
2107 req_state *s, bool prefetch_data, optional_yield y);
2108 extern void rgw_build_iam_environment(rgw::sal::Driver* driver,
2109 req_state* s);
2110 extern std::vector<rgw::IAM::Policy> get_iam_user_policy_from_attr(CephContext* cct,
2111 std::map<std::string, bufferlist>& attrs,
2112 const std::string& tenant);
2113
2114 inline int get_system_versioning_params(req_state *s,
2115 uint64_t *olh_epoch,
2116 std::string *version_id)
2117 {
2118 if (!s->system_request) {
2119 return 0;
2120 }
2121
2122 if (olh_epoch) {
2123 std::string epoch_str = s->info.args.get(RGW_SYS_PARAM_PREFIX "versioned-epoch");
2124 if (!epoch_str.empty()) {
2125 std::string err;
2126 *olh_epoch = strict_strtol(epoch_str.c_str(), 10, &err);
2127 if (!err.empty()) {
2128 ldpp_subdout(s, rgw, 0) << "failed to parse versioned-epoch param"
2129 << dendl;
2130 return -EINVAL;
2131 }
2132 }
2133 }
2134
2135 if (version_id) {
2136 *version_id = s->info.args.get(RGW_SYS_PARAM_PREFIX "version-id");
2137 }
2138
2139 return 0;
2140 } /* get_system_versioning_params */
2141
2142 static inline void format_xattr(std::string &xattr)
2143 {
2144 /* If the extended attribute is not valid UTF-8, we encode it using
2145 * quoted-printable encoding.
2146 */
2147 if ((check_utf8(xattr.c_str(), xattr.length()) != 0) ||
2148 (check_for_control_characters(xattr.c_str(), xattr.length()) != 0)) {
2149 static const char MIME_PREFIX_STR[] = "=?UTF-8?Q?";
2150 static const int MIME_PREFIX_LEN = sizeof(MIME_PREFIX_STR) - 1;
2151 static const char MIME_SUFFIX_STR[] = "?=";
2152 static const int MIME_SUFFIX_LEN = sizeof(MIME_SUFFIX_STR) - 1;
2153 int mlen = mime_encode_as_qp(xattr.c_str(), NULL, 0);
2154 char *mime = new char[MIME_PREFIX_LEN + mlen + MIME_SUFFIX_LEN + 1];
2155 strcpy(mime, MIME_PREFIX_STR);
2156 mime_encode_as_qp(xattr.c_str(), mime + MIME_PREFIX_LEN, mlen);
2157 strcpy(mime + MIME_PREFIX_LEN + (mlen - 1), MIME_SUFFIX_STR);
2158 xattr.assign(mime);
2159 delete [] mime;
2160 }
2161 } /* format_xattr */
2162
2163 /**
2164 * Get the HTTP request metadata out of the req_state as a
2165 * map(<attr_name, attr_contents>, where attr_name is RGW_ATTR_PREFIX.HTTP_NAME)
2166 * s: The request state
2167 * attrs: will be filled up with attrs mapped as <attr_name, attr_contents>
2168 * On success returns 0.
2169 * On failure returns a negative error code.
2170 *
2171 */
2172 inline int rgw_get_request_metadata(const DoutPrefixProvider *dpp,
2173 CephContext* const cct,
2174 struct req_info& info,
2175 std::map<std::string, ceph::bufferlist>& attrs,
2176 const bool allow_empty_attrs = true)
2177 {
2178 static const std::set<std::string> blocklisted_headers = {
2179 "x-amz-server-side-encryption-customer-algorithm",
2180 "x-amz-server-side-encryption-customer-key",
2181 "x-amz-server-side-encryption-customer-key-md5",
2182 "x-amz-storage-class"
2183 };
2184
2185 size_t valid_meta_count = 0;
2186 for (auto& kv : info.x_meta_map) {
2187 const std::string& name = kv.first;
2188 std::string& xattr = kv.second;
2189
2190 if (blocklisted_headers.count(name) == 1) {
2191 ldpp_subdout(dpp, rgw, 10) << "skipping x>> " << name << dendl;
2192 continue;
2193 } else if (allow_empty_attrs || !xattr.empty()) {
2194 ldpp_subdout(dpp, rgw, 10) << "x>> " << name << ":" << xattr << dendl;
2195 format_xattr(xattr);
2196
2197 std::string attr_name(RGW_ATTR_PREFIX);
2198 attr_name.append(name);
2199
2200 /* Check roughly whether we aren't going behind the limit on attribute
2201 * name. Passing here doesn't guarantee that an OSD will accept that
2202 * as ObjectStore::get_max_attr_name_length() can set the limit even
2203 * lower than the "osd_max_attr_name_len" configurable. */
2204 const auto max_attr_name_len = cct->_conf->rgw_max_attr_name_len;
2205 if (max_attr_name_len && attr_name.length() > max_attr_name_len) {
2206 return -ENAMETOOLONG;
2207 }
2208
2209 /* Similar remarks apply to the check for value size. We're veryfing
2210 * it early at the RGW's side as it's being claimed in /info. */
2211 const auto max_attr_size = cct->_conf->rgw_max_attr_size;
2212 if (max_attr_size && xattr.length() > max_attr_size) {
2213 return -EFBIG;
2214 }
2215
2216 /* Swift allows administrators to limit the number of metadats items
2217 * send _in a single request_. */
2218 const auto max_attrs_num_in_req = cct->_conf->rgw_max_attrs_num_in_req;
2219 if (max_attrs_num_in_req &&
2220 ++valid_meta_count > max_attrs_num_in_req) {
2221 return -E2BIG;
2222 }
2223
2224 auto rval = attrs.emplace(std::move(attr_name), ceph::bufferlist());
2225 /* At the moment the value of the freshly created attribute key-value
2226 * pair is an empty bufferlist. */
2227
2228 ceph::bufferlist& bl = rval.first->second;
2229 bl.append(xattr.c_str(), xattr.size() + 1);
2230 }
2231 }
2232
2233 return 0;
2234 } /* rgw_get_request_metadata */
2235
2236 inline void encode_delete_at_attr(boost::optional<ceph::real_time> delete_at,
2237 std::map<std::string, bufferlist>& attrs)
2238 {
2239 if (delete_at == boost::none) {
2240 return;
2241 }
2242
2243 bufferlist delatbl;
2244 encode(*delete_at, delatbl);
2245 attrs[RGW_ATTR_DELETE_AT] = delatbl;
2246 } /* encode_delete_at_attr */
2247
2248 inline void encode_obj_tags_attr(RGWObjTags* obj_tags, std::map<std::string, bufferlist>& attrs)
2249 {
2250 if (obj_tags == nullptr){
2251 // we assume the user submitted a tag format which we couldn't parse since
2252 // this wouldn't be parsed later by get/put obj tags, lets delete if the
2253 // attr was populated
2254 return;
2255 }
2256
2257 bufferlist tagsbl;
2258 obj_tags->encode(tagsbl);
2259 attrs[RGW_ATTR_TAGS] = tagsbl;
2260 }
2261
2262 inline int encode_dlo_manifest_attr(const char * const dlo_manifest,
2263 std::map<std::string, bufferlist>& attrs)
2264 {
2265 std::string dm = dlo_manifest;
2266
2267 if (dm.find('/') == std::string::npos) {
2268 return -EINVAL;
2269 }
2270
2271 bufferlist manifest_bl;
2272 manifest_bl.append(dlo_manifest, strlen(dlo_manifest) + 1);
2273 attrs[RGW_ATTR_USER_MANIFEST] = manifest_bl;
2274
2275 return 0;
2276 } /* encode_dlo_manifest_attr */
2277
2278 inline void complete_etag(MD5& hash, std::string *etag)
2279 {
2280 char etag_buf[CEPH_CRYPTO_MD5_DIGESTSIZE];
2281 char etag_buf_str[CEPH_CRYPTO_MD5_DIGESTSIZE * 2 + 16];
2282
2283 hash.Final((unsigned char *)etag_buf);
2284 buf_to_hex((const unsigned char *)etag_buf, CEPH_CRYPTO_MD5_DIGESTSIZE,
2285 etag_buf_str);
2286
2287 *etag = etag_buf_str;
2288 } /* complete_etag */
2289
2290 using boost::container::flat_map;
2291
2292 class RGWGetAttrs : public RGWOp {
2293 public:
2294 using get_attrs_t = flat_map<std::string, std::optional<buffer::list>>;
2295 protected:
2296 get_attrs_t attrs;
2297
2298 public:
2299 RGWGetAttrs()
2300 {}
2301
2302 virtual ~RGWGetAttrs() {}
2303
2304 void emplace_key(std::string&& key) {
2305 attrs.emplace(std::move(key), std::nullopt);
2306 }
2307
2308 int verify_permission(optional_yield y);
2309 void pre_exec();
2310 void execute(optional_yield y);
2311
2312 virtual int get_params() = 0;
2313 virtual void send_response() = 0;
2314 virtual const char* name() const { return "get_attrs"; }
2315 virtual RGWOpType get_type() { return RGW_OP_GET_ATTRS; }
2316 virtual uint32_t op_mask() { return RGW_OP_TYPE_READ; }
2317 }; /* RGWGetAttrs */
2318
2319 class RGWSetAttrs : public RGWOp {
2320 protected:
2321 std::map<std::string, buffer::list> attrs;
2322
2323 public:
2324 RGWSetAttrs() {}
2325 ~RGWSetAttrs() override {}
2326
2327 void emplace_attr(std::string&& key, buffer::list&& bl) {
2328 attrs.emplace(std::move(key), std::move(bl));
2329 }
2330
2331 int verify_permission(optional_yield y) override;
2332 void pre_exec() override;
2333 void execute(optional_yield y) override;
2334
2335 virtual int get_params(optional_yield y) = 0;
2336 void send_response() override = 0;
2337 const char* name() const override { return "set_attrs"; }
2338 RGWOpType get_type() override { return RGW_OP_SET_ATTRS; }
2339 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2340 };
2341
2342 class RGWRMAttrs : public RGWOp {
2343 protected:
2344 rgw::sal::Attrs attrs;
2345
2346 public:
2347 RGWRMAttrs()
2348 {}
2349
2350 virtual ~RGWRMAttrs() {}
2351
2352 void emplace_key(std::string&& key) {
2353 attrs.emplace(std::move(key), buffer::list());
2354 }
2355
2356 int verify_permission(optional_yield y);
2357 void pre_exec();
2358 void execute(optional_yield y);
2359
2360 virtual int get_params() = 0;
2361 virtual void send_response() = 0;
2362 virtual const char* name() const { return "rm_attrs"; }
2363 virtual RGWOpType get_type() { return RGW_OP_DELETE_ATTRS; }
2364 virtual uint32_t op_mask() { return RGW_OP_TYPE_DELETE; }
2365 }; /* RGWRMAttrs */
2366
2367 class RGWGetObjLayout : public RGWOp {
2368 public:
2369 RGWGetObjLayout() {
2370 }
2371
2372 int check_caps(RGWUserCaps& caps) {
2373 return caps.check_cap("admin", RGW_CAP_READ);
2374 }
2375 int verify_permission(optional_yield) override {
2376 return check_caps(s->user->get_info().caps);
2377 }
2378 void pre_exec() override;
2379 void execute(optional_yield y) override;
2380
2381 const char* name() const override { return "get_obj_layout"; }
2382 virtual RGWOpType get_type() override { return RGW_OP_GET_OBJ_LAYOUT; }
2383 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2384 };
2385
2386 class RGWPutBucketPolicy : public RGWOp {
2387 bufferlist data;
2388 public:
2389 RGWPutBucketPolicy() = default;
2390 ~RGWPutBucketPolicy() {
2391 }
2392 void send_response() override;
2393 int verify_permission(optional_yield y) override;
2394 uint32_t op_mask() override {
2395 return RGW_OP_TYPE_WRITE;
2396 }
2397 void execute(optional_yield y) override;
2398 int get_params(optional_yield y);
2399 const char* name() const override { return "put_bucket_policy"; }
2400 RGWOpType get_type() override {
2401 return RGW_OP_PUT_BUCKET_POLICY;
2402 }
2403 };
2404
2405 class RGWGetBucketPolicy : public RGWOp {
2406 buffer::list policy;
2407 public:
2408 RGWGetBucketPolicy() = default;
2409 void send_response() override;
2410 int verify_permission(optional_yield y) override;
2411 uint32_t op_mask() override {
2412 return RGW_OP_TYPE_READ;
2413 }
2414 void execute(optional_yield y) override;
2415 const char* name() const override { return "get_bucket_policy"; }
2416 RGWOpType get_type() override {
2417 return RGW_OP_GET_BUCKET_POLICY;
2418 }
2419 };
2420
2421 class RGWDeleteBucketPolicy : public RGWOp {
2422 public:
2423 RGWDeleteBucketPolicy() = default;
2424 void send_response() override;
2425 int verify_permission(optional_yield y) override;
2426 uint32_t op_mask() override {
2427 return RGW_OP_TYPE_WRITE;
2428 }
2429 void execute(optional_yield y) override;
2430 int get_params(optional_yield y);
2431 const char* name() const override { return "delete_bucket_policy"; }
2432 RGWOpType get_type() override {
2433 return RGW_OP_DELETE_BUCKET_POLICY;
2434 }
2435 };
2436
2437 class RGWPutBucketObjectLock : public RGWOp {
2438 protected:
2439 bufferlist data;
2440 bufferlist obj_lock_bl;
2441 RGWObjectLock obj_lock;
2442 public:
2443 RGWPutBucketObjectLock() = default;
2444 ~RGWPutBucketObjectLock() {}
2445 int verify_permission(optional_yield y) override;
2446 void pre_exec() override;
2447 void execute(optional_yield y) override;
2448 virtual void send_response() override = 0;
2449 virtual int get_params(optional_yield y) = 0;
2450 const char* name() const override { return "put_bucket_object_lock"; }
2451 RGWOpType get_type() override { return RGW_OP_PUT_BUCKET_OBJ_LOCK; }
2452 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2453 };
2454
2455 class RGWGetBucketObjectLock : public RGWOp {
2456 public:
2457 int verify_permission(optional_yield y) override;
2458 void pre_exec() override;
2459 void execute(optional_yield y) override;
2460 virtual void send_response() override = 0;
2461 const char* name() const override {return "get_bucket_object_lock"; }
2462 RGWOpType get_type() override { return RGW_OP_GET_BUCKET_OBJ_LOCK; }
2463 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2464 };
2465
2466 class RGWPutObjRetention : public RGWOp {
2467 protected:
2468 bufferlist data;
2469 RGWObjectRetention obj_retention;
2470 bool bypass_perm;
2471 bool bypass_governance_mode;
2472 public:
2473 RGWPutObjRetention():bypass_perm(true), bypass_governance_mode(false) {}
2474 int verify_permission(optional_yield y) override;
2475 void pre_exec() override;
2476 void execute(optional_yield y) override;
2477 virtual void send_response() override = 0;
2478 virtual int get_params(optional_yield y) = 0;
2479 const char* name() const override { return "put_obj_retention"; }
2480 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2481 RGWOpType get_type() override { return RGW_OP_PUT_OBJ_RETENTION; }
2482 };
2483
2484 class RGWGetObjRetention : public RGWOp {
2485 protected:
2486 RGWObjectRetention obj_retention;
2487 public:
2488 int verify_permission(optional_yield y) override;
2489 void pre_exec() override;
2490 void execute(optional_yield y) override;
2491 virtual void send_response() override = 0;
2492 const char* name() const override {return "get_obj_retention"; }
2493 RGWOpType get_type() override { return RGW_OP_GET_OBJ_RETENTION; }
2494 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2495 };
2496
2497 class RGWPutObjLegalHold : public RGWOp {
2498 protected:
2499 bufferlist data;
2500 RGWObjectLegalHold obj_legal_hold;
2501 public:
2502 int verify_permission(optional_yield y) override;
2503 void pre_exec() override;
2504 void execute(optional_yield y) override;
2505 virtual void send_response() override = 0;
2506 virtual int get_params(optional_yield y) = 0;
2507 const char* name() const override { return "put_obj_legal_hold"; }
2508 uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2509 RGWOpType get_type() override { return RGW_OP_PUT_OBJ_LEGAL_HOLD; }
2510 };
2511
2512 class RGWGetObjLegalHold : public RGWOp {
2513 protected:
2514 RGWObjectLegalHold obj_legal_hold;
2515 public:
2516 int verify_permission(optional_yield y) override;
2517 void pre_exec() override;
2518 void execute(optional_yield y) override;
2519 virtual void send_response() override = 0;
2520 const char* name() const override {return "get_obj_legal_hold"; }
2521 RGWOpType get_type() override { return RGW_OP_GET_OBJ_LEGAL_HOLD; }
2522 uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2523 };
2524
2525
2526 class RGWConfigBucketMetaSearch : public RGWOp {
2527 protected:
2528 std::map<std::string, uint32_t> mdsearch_config;
2529 public:
2530 RGWConfigBucketMetaSearch() {}
2531
2532 int verify_permission(optional_yield y) override;
2533 void pre_exec() override;
2534 void execute(optional_yield y) override;
2535
2536 virtual int get_params(optional_yield y) = 0;
2537 const char* name() const override { return "config_bucket_meta_search"; }
2538 virtual RGWOpType get_type() override { return RGW_OP_CONFIG_BUCKET_META_SEARCH; }
2539 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2540 };
2541
2542 class RGWGetBucketMetaSearch : public RGWOp {
2543 public:
2544 RGWGetBucketMetaSearch() {}
2545
2546 int verify_permission(optional_yield y) override;
2547 void pre_exec() override;
2548 void execute(optional_yield) override {}
2549
2550 const char* name() const override { return "get_bucket_meta_search"; }
2551 virtual RGWOpType get_type() override { return RGW_OP_GET_BUCKET_META_SEARCH; }
2552 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2553 };
2554
2555 class RGWDelBucketMetaSearch : public RGWOp {
2556 public:
2557 RGWDelBucketMetaSearch() {}
2558
2559 int verify_permission(optional_yield y) override;
2560 void pre_exec() override;
2561 void execute(optional_yield y) override;
2562
2563 const char* name() const override { return "delete_bucket_meta_search"; }
2564 virtual RGWOpType delete_type() { return RGW_OP_DEL_BUCKET_META_SEARCH; }
2565 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2566 };
2567
2568 class RGWGetClusterStat : public RGWOp {
2569 protected:
2570 RGWClusterStat stats_op;
2571 public:
2572 RGWGetClusterStat() {}
2573
2574 void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override {
2575 RGWOp::init(driver, s, h);
2576 }
2577 int verify_permission(optional_yield) override {return 0;}
2578 virtual void send_response() override = 0;
2579 virtual int get_params(optional_yield y) = 0;
2580 void execute(optional_yield y) override;
2581 const char* name() const override { return "get_cluster_stat"; }
2582 dmc::client_id dmclock_client() override { return dmc::client_id::admin; }
2583 };
2584
2585 class RGWGetBucketPolicyStatus : public RGWOp {
2586 protected:
2587 bool isPublic {false};
2588 public:
2589 int verify_permission(optional_yield y) override;
2590 const char* name() const override { return "get_bucket_policy_status"; }
2591 virtual RGWOpType get_type() override { return RGW_OP_GET_BUCKET_POLICY_STATUS; }
2592 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2593 void execute(optional_yield y) override;
2594 dmc::client_id dmclock_client() override { return dmc::client_id::metadata; }
2595 };
2596
2597 class RGWPutBucketPublicAccessBlock : public RGWOp {
2598 protected:
2599 bufferlist data;
2600 PublicAccessBlockConfiguration access_conf;
2601 public:
2602 int verify_permission(optional_yield y) override;
2603 const char* name() const override { return "put_bucket_public_access_block";}
2604 virtual RGWOpType get_type() override { return RGW_OP_PUT_BUCKET_PUBLIC_ACCESS_BLOCK; }
2605 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2606 int get_params(optional_yield y);
2607 void execute(optional_yield y) override;
2608 dmc::client_id dmclock_client() override { return dmc::client_id::metadata; }
2609 };
2610
2611 class RGWGetBucketPublicAccessBlock : public RGWOp {
2612 protected:
2613 PublicAccessBlockConfiguration access_conf;
2614 public:
2615 int verify_permission(optional_yield y) override;
2616 const char* name() const override { return "get_bucket_public_access_block";}
2617 virtual RGWOpType get_type() override { return RGW_OP_GET_BUCKET_PUBLIC_ACCESS_BLOCK; }
2618 virtual uint32_t op_mask() override { return RGW_OP_TYPE_READ; }
2619 int get_params(optional_yield y);
2620 void execute(optional_yield y) override;
2621 dmc::client_id dmclock_client() override { return dmc::client_id::metadata; }
2622 };
2623
2624 class RGWDeleteBucketPublicAccessBlock : public RGWOp {
2625 protected:
2626 PublicAccessBlockConfiguration access_conf;
2627 public:
2628 int verify_permission(optional_yield y) override;
2629 const char* name() const override { return "delete_bucket_public_access_block";}
2630 virtual RGWOpType get_type() override { return RGW_OP_DELETE_BUCKET_PUBLIC_ACCESS_BLOCK; }
2631 virtual uint32_t op_mask() override { return RGW_OP_TYPE_WRITE; }
2632 int get_params(optional_yield y);
2633 void execute(optional_yield y) override;
2634 void send_response() override;
2635 dmc::client_id dmclock_client() override { return dmc::client_id::metadata; }
2636 };
2637
2638 inline int parse_value_and_bound(
2639 const std::string &input,
2640 int &output,
2641 const long lower_bound,
2642 const long upper_bound,
2643 const long default_val)
2644 {
2645 if (!input.empty()) {
2646 char *endptr;
2647 output = strtol(input.c_str(), &endptr, 10);
2648 if (endptr) {
2649 if (endptr == input.c_str()) return -EINVAL;
2650 while (*endptr && isspace(*endptr)) // ignore white space
2651 endptr++;
2652 if (*endptr) {
2653 return -EINVAL;
2654 }
2655 }
2656 if(output > upper_bound) {
2657 output = upper_bound;
2658 }
2659 if(output < lower_bound) {
2660 output = lower_bound;
2661 }
2662 } else {
2663 output = default_val;
2664 }
2665
2666 return 0;
2667 }
2668
2669 int rgw_policy_from_attrset(const DoutPrefixProvider *dpp,
2670 CephContext *cct,
2671 std::map<std::string, bufferlist>& attrset,
2672 RGWAccessControlPolicy *policy);
Ceph