]> git.proxmox.com Git - ceph.git/blob - ceph/src/rgw/rgw_user.h
projects / ceph.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
update sources to v12.1.0
[ceph.git] / ceph / src / rgw / rgw_user.h
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3
4 #ifndef CEPH_RGW_USER_H
5 #define CEPH_RGW_USER_H
6
7 #include <string>
8 #include <boost/algorithm/string.hpp>
9 #include "include/assert.h"
10
11 #include "include/types.h"
12 #include "rgw_common.h"
13 #include "rgw_tools.h"
14
15 #include "rgw_rados.h"
16
17 #include "rgw_string.h"
18
19 #include "common/Formatter.h"
20 #include "rgw_formats.h"
21
22 #define RGW_USER_ANON_ID "anonymous"
23
24 #define SECRET_KEY_LEN 40
25 #define PUBLIC_ID_LEN 20
26 #define RAND_SUBUSER_LEN 5
27
28 #define XMLNS_AWS_S3 "http://s3.amazonaws.com/doc/2006-03-01/"
29
30 /**
31 * A string wrapper that includes encode/decode functions
32 * for easily accessing a UID in all forms
33 */
34 struct RGWUID
35 {
36 rgw_user user_id;
37 void encode(bufferlist& bl) const {
38 string s;
39 user_id.to_str(s);
40 ::encode(s, bl);
41 }
42 void decode(bufferlist::iterator& bl) {
43 string s;
44 ::decode(s, bl);
45 user_id.from_str(s);
46 }
47 };
48 WRITE_CLASS_ENCODER(RGWUID)
49
50 extern int rgw_user_sync_all_stats(RGWRados *store, const rgw_user& user_id);
51 /**
52 * Get the anonymous (ie, unauthenticated) user info.
53 */
54 extern void rgw_get_anon_user(RGWUserInfo& info);
55
56 /**
57 * Save the given user information to storage.
58 * Returns: 0 on success, -ERR# on failure.
59 */
60 extern int rgw_store_user_info(RGWRados *store,
61 RGWUserInfo& info,
62 RGWUserInfo *old_info,
63 RGWObjVersionTracker *objv_tracker,
64 real_time mtime,
65 bool exclusive,
66 map<string, bufferlist> *pattrs = NULL);
67
68 /**
69 * Given an user_id, finds the user info associated with it.
70 * returns: 0 on success, -ERR# on failure (including nonexistence)
71 */
72 extern int rgw_get_user_info_by_uid(RGWRados *store,
73 const rgw_user& user_id,
74 RGWUserInfo& info,
75 RGWObjVersionTracker *objv_tracker = NULL,
76 real_time *pmtime = NULL,
77 rgw_cache_entry_info *cache_info = NULL,
78 map<string, bufferlist> *pattrs = NULL);
79 /**
80 * Given an email, finds the user info associated with it.
81 * returns: 0 on success, -ERR# on failure (including nonexistence)
82 */
83 extern int rgw_get_user_info_by_email(RGWRados *store, string& email, RGWUserInfo& info,
84 RGWObjVersionTracker *objv_tracker = NULL, real_time *pmtime = NULL);
85 /**
86 * Given an swift username, finds the user info associated with it.
87 * returns: 0 on success, -ERR# on failure (including nonexistence)
88 */
89 extern int rgw_get_user_info_by_swift(RGWRados *store,
90 const string& swift_name,
91 RGWUserInfo& info, /* out */
92 RGWObjVersionTracker *objv_tracker = nullptr,
93 real_time *pmtime = nullptr);
94 /**
95 * Given an access key, finds the user info associated with it.
96 * returns: 0 on success, -ERR# on failure (including nonexistence)
97 */
98 extern int rgw_get_user_info_by_access_key(RGWRados* store,
99 const std::string& access_key,
100 RGWUserInfo& info,
101 RGWObjVersionTracker* objv_tracker = nullptr,
102 real_time* pmtime = nullptr);
103 /**
104 * Get all the custom metadata stored for user specified in @user_id
105 * and put it into @attrs.
106 * Returns: 0 on success, -ERR# on failure.
107 */
108 extern int rgw_get_user_attrs_by_uid(RGWRados *store,
109 const rgw_user& user_id,
110 map<string, bufferlist>& attrs,
111 RGWObjVersionTracker *objv_tracker = NULL);
112 /**
113 * Given an RGWUserInfo, deletes the user and its bucket ACLs.
114 */
115 extern int rgw_delete_user(RGWRados *store, RGWUserInfo& user, RGWObjVersionTracker& objv_tracker);
116 /**
117 * Store a list of the user's buckets, with associated functinos.
118 */
119
120 /*
121 * remove the different indexes
122 */
123 extern int rgw_remove_key_index(RGWRados *store, RGWAccessKey& access_key);
124 extern int rgw_remove_uid_index(RGWRados *store, rgw_user& uid);
125 extern int rgw_remove_email_index(RGWRados *store, string& email);
126 extern int rgw_remove_swift_name_index(RGWRados *store, string& swift_name);
127
128 /*
129 * An RGWUser class along with supporting classes created
130 * to support the creation of an RESTful administrative API
131 */
132
133 extern void rgw_perm_to_str(uint32_t mask, char *buf, int len);
134 extern uint32_t rgw_str_to_perm(const char *str);
135
136 enum ObjectKeyType {
137 KEY_TYPE_SWIFT,
138 KEY_TYPE_S3,
139 KEY_TYPE_UNDEFINED
140 };
141
142 enum RGWKeyPoolOp {
143 GENERATE_KEY,
144 MODIFY_KEY
145 };
146
147 enum RGWUserId {
148 RGW_USER_ID,
149 RGW_SWIFT_USERNAME,
150 RGW_USER_EMAIL,
151 RGW_ACCESS_KEY,
152 };
153
154 struct RGWUserAdminOpState {
155 // user attributes
156 RGWUserInfo info;
157 rgw_user user_id;
158 std::string user_email;
159 std::string display_name;
160 int32_t max_buckets;
161 __u8 suspended;
162 __u8 admin;
163 __u8 system;
164 __u8 exclusive;
165 __u8 fetch_stats;
166 std::string caps;
167 RGWObjVersionTracker objv;
168 uint32_t op_mask;
169 map<int, string> temp_url_keys;
170
171 // subuser attributes
172 std::string subuser;
173 uint32_t perm_mask;
174
175 // key_attributes
176 std::string id; // access key
177 std::string key; // secret key
178 int32_t key_type;
179
180 // operation attributes
181 bool existing_user;
182 bool existing_key;
183 bool existing_subuser;
184 bool existing_email;
185 bool subuser_specified;
186 bool gen_secret;
187 bool gen_access;
188 bool gen_subuser;
189 bool id_specified;
190 bool key_specified;
191 bool type_specified;
192 bool key_type_setbycontext; // key type set by user or subuser context
193 bool purge_data;
194 bool purge_keys;
195 bool display_name_specified;
196 bool user_email_specified;
197 bool max_buckets_specified;
198 bool perm_specified;
199 bool op_mask_specified;
200 bool caps_specified;
201 bool suspension_op;
202 bool admin_specified;
203 bool system_specified;
204 bool key_op;
205 bool temp_url_key_specified;
206 bool found_by_uid;
207 bool found_by_email;
208 bool found_by_key;
209
210 // req parameters
211 bool populated;
212 bool initialized;
213 bool key_params_checked;
214 bool subuser_params_checked;
215 bool user_params_checked;
216
217 bool bucket_quota_specified;
218 bool user_quota_specified;
219
220 RGWQuotaInfo bucket_quota;
221 RGWQuotaInfo user_quota;
222
223 void set_access_key(std::string& access_key) {
224 if (access_key.empty())
225 return;
226
227 id = access_key;
228 id_specified = true;
229 gen_access = false;
230 key_op = true;
231 }
232
233 void set_secret_key(std::string& secret_key) {
234 if (secret_key.empty())
235 return;
236
237 key = secret_key;
238 key_specified = true;
239 gen_secret = false;
240 key_op = true;
241 }
242
243 void set_user_id(rgw_user& id) {
244 if (id.empty())
245 return;
246
247 user_id = id;
248 }
249
250 void set_user_email(std::string& email) {
251 if (email.empty())
252 return;
253
254 /* always lowercase email address */
255 boost::algorithm::to_lower(email);
256 user_email = email;
257 user_email_specified = true;
258 }
259
260 void set_display_name(std::string& name) {
261 if (name.empty())
262 return;
263
264 display_name = name;
265 display_name_specified = true;
266 }
267
268 void set_subuser(std::string& _subuser) {
269 if (_subuser.empty())
270 return;
271
272 size_t pos = _subuser.find(":");
273 if (pos != string::npos) {
274 rgw_user tmp_id;
275 tmp_id.from_str(_subuser.substr(0, pos));
276 if (tmp_id.tenant.empty()) {
277 user_id.id = tmp_id.id;
278 } else {
279 user_id = tmp_id;
280 }
281 subuser = _subuser.substr(pos+1);
282 } else {
283 subuser = _subuser;
284 }
285
286 subuser_specified = true;
287 }
288
289 void set_caps(std::string& _caps) {
290 if (_caps.empty())
291 return;
292
293 caps = _caps;
294 caps_specified = true;
295 }
296
297 void set_perm(uint32_t perm) {
298 perm_mask = perm;
299 perm_specified = true;
300 }
301
302 void set_op_mask(uint32_t mask) {
303 op_mask = mask;
304 op_mask_specified = true;
305 }
306
307 void set_temp_url_key(const string& key, int index) {
308 temp_url_keys[index] = key;
309 temp_url_key_specified = true;
310 }
311
312 void set_key_type(int32_t type) {
313 key_type = type;
314 type_specified = true;
315 }
316
317 void set_suspension(__u8 is_suspended) {
318 suspended = is_suspended;
319 suspension_op = true;
320 }
321
322 void set_admin(__u8 is_admin) {
323 admin = is_admin;
324 admin_specified = true;
325 }
326
327 void set_system(__u8 is_system) {
328 system = is_system;
329 system_specified = true;
330 }
331
332 void set_exclusive(__u8 is_exclusive) {
333 exclusive = is_exclusive;
334 }
335
336 void set_fetch_stats(__u8 is_fetch_stats) {
337 fetch_stats = is_fetch_stats;
338 }
339
340 void set_user_info(RGWUserInfo& user_info) {
341 user_id = user_info.user_id;
342 info = user_info;
343 }
344
345 void set_max_buckets(int32_t mb) {
346 max_buckets = mb;
347 max_buckets_specified = true;
348 }
349
350 void set_gen_access() {
351 gen_access = true;
352 key_op = true;
353 }
354
355 void set_gen_secret() {
356 gen_secret = true;
357 key_op = true;
358 }
359
360 void set_generate_key() {
361 if (id.empty())
362 gen_access = true;
363 if (key.empty())
364 gen_secret = true;
365 key_op = true;
366 }
367
368 void clear_generate_key() {
369 gen_access = false;
370 gen_secret = false;
371 }
372
373 void set_purge_keys() {
374 purge_keys = true;
375 key_op = true;
376 }
377
378 void set_bucket_quota(RGWQuotaInfo& quota) {
379 bucket_quota = quota;
380 bucket_quota_specified = true;
381 }
382
383 void set_user_quota(RGWQuotaInfo& quota) {
384 user_quota = quota;
385 user_quota_specified = true;
386 }
387
388 bool is_populated() { return populated; }
389 bool is_initialized() { return initialized; }
390 bool has_existing_user() { return existing_user; }
391 bool has_existing_key() { return existing_key; }
392 bool has_existing_subuser() { return existing_subuser; }
393 bool has_existing_email() { return existing_email; }
394 bool has_subuser() { return subuser_specified; }
395 bool has_key_op() { return key_op; }
396 bool has_caps_op() { return caps_specified; }
397 bool has_suspension_op() { return suspension_op; }
398 bool has_subuser_perm() { return perm_specified; }
399 bool has_op_mask() { return op_mask_specified; }
400 bool will_gen_access() { return gen_access; }
401 bool will_gen_secret() { return gen_secret; }
402 bool will_gen_subuser() { return gen_subuser; }
403 bool will_purge_keys() { return purge_keys; }
404 bool will_purge_data() { return purge_data; }
405 bool will_generate_subuser() { return gen_subuser; }
406 bool has_bucket_quota() { return bucket_quota_specified; }
407 bool has_user_quota() { return user_quota_specified; }
408 void set_populated() { populated = true; }
409 void clear_populated() { populated = false; }
410 void set_initialized() { initialized = true; }
411 void set_existing_user(bool flag) { existing_user = flag; }
412 void set_existing_key(bool flag) { existing_key = flag; }
413 void set_existing_subuser(bool flag) { existing_subuser = flag; }
414 void set_existing_email(bool flag) { existing_email = flag; }
415 void set_purge_data(bool flag) { purge_data = flag; }
416 void set_generate_subuser(bool flag) { gen_subuser = flag; }
417 __u8 get_suspension_status() { return suspended; }
418 int32_t get_key_type() {return key_type; }
419 uint32_t get_subuser_perm() { return perm_mask; }
420 int32_t get_max_buckets() { return max_buckets; }
421 uint32_t get_op_mask() { return op_mask; }
422 RGWQuotaInfo& get_bucket_quota() { return bucket_quota; }
423 RGWQuotaInfo& get_user_quota() { return user_quota; }
424
425 rgw_user& get_user_id() { return user_id; }
426 std::string get_subuser() { return subuser; }
427 std::string get_access_key() { return id; }
428 std::string get_secret_key() { return key; }
429 std::string get_caps() { return caps; }
430 std::string get_user_email() { return user_email; }
431 std::string get_display_name() { return display_name; }
432 map<int, std::string>& get_temp_url_keys() { return temp_url_keys; }
433
434 RGWUserInfo& get_user_info() { return info; }
435
436 map<std::string, RGWAccessKey> *get_swift_keys() { return &info.swift_keys; }
437 map<std::string, RGWAccessKey> *get_access_keys() { return &info.access_keys; }
438 map<std::string, RGWSubUser> *get_subusers() { return &info.subusers; }
439
440 RGWUserCaps *get_caps_obj() { return &info.caps; }
441
442 std::string build_default_swift_kid() {
443 if (user_id.empty() || subuser.empty())
444 return "";
445
446 std::string kid;
447 user_id.to_str(kid);
448 kid.append(":");
449 kid.append(subuser);
450
451 return kid;
452 }
453
454 std::string generate_subuser() {
455 if (user_id.empty())
456 return "";
457
458 std::string generated_subuser;
459 user_id.to_str(generated_subuser);
460 std::string rand_suffix;
461
462 int sub_buf_size = RAND_SUBUSER_LEN + 1;
463 char sub_buf[RAND_SUBUSER_LEN + 1];
464
465 if (gen_rand_alphanumeric_upper(g_ceph_context, sub_buf, sub_buf_size) < 0)
466 return "";
467
468 rand_suffix = sub_buf;
469 if (rand_suffix.empty())
470 return "";
471
472 generated_subuser.append(rand_suffix);
473 subuser = generated_subuser;
474
475 return generated_subuser;
476 }
477
478 RGWUserAdminOpState() : user_id(RGW_USER_ANON_ID)
479 {
480 max_buckets = RGW_DEFAULT_MAX_BUCKETS;
481 key_type = -1;
482 perm_mask = RGW_PERM_NONE;
483 suspended = 0;
484 admin = 0;
485 system = 0;
486 exclusive = 0;
487 fetch_stats = 0;
488 op_mask = 0;
489
490 existing_user = false;
491 existing_key = false;
492 existing_subuser = false;
493 existing_email = false;
494 subuser_specified = false;
495 caps_specified = false;
496 purge_keys = false;
497 gen_secret = false;
498 gen_access = false;
499 gen_subuser = false;
500 id_specified = false;
501 key_specified = false;
502 type_specified = false;
503 key_type_setbycontext = false;
504 purge_data = false;
505 display_name_specified = false;
506 user_email_specified = false;
507 max_buckets_specified = false;
508 perm_specified = false;
509 op_mask_specified = false;
510 suspension_op = false;
511 system_specified = false;
512 key_op = false;
513 populated = false;
514 initialized = false;
515 key_params_checked = false;
516 subuser_params_checked = false;
517 user_params_checked = false;
518 bucket_quota_specified = false;
519 temp_url_key_specified = false;
520 user_quota_specified = false;
521 found_by_uid = false;
522 found_by_email = false;
523 found_by_key = false;
524 }
525 };
526
527 class RGWUser;
528
529 class RGWAccessKeyPool
530 {
531 RGWUser *user;
532
533 std::map<std::string, int, ltstr_nocase> key_type_map;
534 rgw_user user_id;
535 RGWRados *store;
536
537 map<std::string, RGWAccessKey> *swift_keys;
538 map<std::string, RGWAccessKey> *access_keys;
539
540 // we don't want to allow keys for the anonymous user or a null user
541 bool keys_allowed;
542
543 private:
544 int create_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
545 int generate_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
546 int modify_key(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
547
548 int check_key_owner(RGWUserAdminOpState& op_state);
549 bool check_existing_key(RGWUserAdminOpState& op_state);
550 int check_op(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
551
552 /* API Contract Fulfilment */
553 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
554 int execute_remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
555 int remove_subuser_keys(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
556
557 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
558 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
559 public:
560 explicit RGWAccessKeyPool(RGWUser* usr);
561 ~RGWAccessKeyPool();
562
563 int init(RGWUserAdminOpState& op_state);
564
565 /* API Contracted Methods */
566 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
567 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
568
569 friend class RGWUser;
570 friend class RGWSubUserPool;
571 };
572
573 class RGWSubUserPool
574 {
575 RGWUser *user;
576
577 rgw_user user_id;
578 RGWRados *store;
579 bool subusers_allowed;
580
581 map<string, RGWSubUser> *subuser_map;
582
583 private:
584 int check_op(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
585
586 /* API Contract Fulfillment */
587 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
588 int execute_remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
589 int execute_modify(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
590
591 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
592 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
593 int modify(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
594 public:
595 explicit RGWSubUserPool(RGWUser *user);
596 ~RGWSubUserPool();
597
598 bool exists(std::string subuser);
599 int init(RGWUserAdminOpState& op_state);
600
601 /* API contracted methods */
602 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
603 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
604 int modify(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
605
606 friend class RGWUser;
607 };
608
609 class RGWUserCapPool
610 {
611 RGWUserCaps *caps;
612 bool caps_allowed;
613 RGWUser *user;
614
615 private:
616 int add(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
617 int remove(RGWUserAdminOpState& op_state, std::string *err_msg, bool defer_save);
618
619 public:
620 explicit RGWUserCapPool(RGWUser *user);
621 ~RGWUserCapPool();
622
623 int init(RGWUserAdminOpState& op_state);
624
625 /* API contracted methods */
626 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
627 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
628
629 friend class RGWUser;
630 };
631
632 class RGWUser
633 {
634
635 private:
636 RGWUserInfo old_info;
637 RGWRados *store;
638
639 rgw_user user_id;
640 bool info_stored;
641
642 void set_populated() { info_stored = true; }
643 void clear_populated() { info_stored = false; }
644 bool is_populated() { return info_stored; }
645
646 int check_op(RGWUserAdminOpState& req, std::string *err_msg);
647 int update(RGWUserAdminOpState& op_state, std::string *err_msg);
648
649 void clear_members();
650 void init_default();
651
652 /* API Contract Fulfillment */
653 int execute_add(RGWUserAdminOpState& op_state, std::string *err_msg);
654 int execute_remove(RGWUserAdminOpState& op_state, std::string *err_msg);
655 int execute_modify(RGWUserAdminOpState& op_state, std::string *err_msg);
656
657 public:
658 RGWUser();
659 ~RGWUser();
660
661 int init(RGWRados *storage, RGWUserAdminOpState& op_state);
662
663 int init_storage(RGWRados *storage);
664 int init(RGWUserAdminOpState& op_state);
665 int init_members(RGWUserAdminOpState& op_state);
666
667 RGWRados *get_store() { return store; }
668
669 /* API Contracted Members */
670 RGWUserCapPool caps;
671 RGWAccessKeyPool keys;
672 RGWSubUserPool subusers;
673
674 /* API Contracted Methods */
675 int add(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
676 int remove(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
677
678 /* remove an already populated RGWUser */
679 int remove(std::string *err_msg = NULL);
680
681 int modify(RGWUserAdminOpState& op_state, std::string *err_msg = NULL);
682
683 /* retrieve info from an existing user in the RGW system */
684 int info(RGWUserAdminOpState& op_state, RGWUserInfo& fetched_info, std::string *err_msg = NULL);
685
686 /* info from an already populated RGWUser */
687 int info (RGWUserInfo& fetched_info, std::string *err_msg = NULL);
688
689 friend class RGWAccessKeyPool;
690 friend class RGWSubUserPool;
691 friend class RGWUserCapPool;
692 };
693
694 /* Wrapers for admin API functionality */
695
696 class RGWUserAdminOp_User
697 {
698 public:
699 static int info(RGWRados *store,
700 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
701
702 static int create(RGWRados *store,
703 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
704
705 static int modify(RGWRados *store,
706 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
707
708 static int remove(RGWRados *store,
709 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
710 };
711
712 class RGWUserAdminOp_Subuser
713 {
714 public:
715 static int create(RGWRados *store,
716 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
717
718 static int modify(RGWRados *store,
719 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
720
721 static int remove(RGWRados *store,
722 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
723 };
724
725 class RGWUserAdminOp_Key
726 {
727 public:
728 static int create(RGWRados *store,
729 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
730
731 static int remove(RGWRados *store,
732 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
733 };
734
735 class RGWUserAdminOp_Caps
736 {
737 public:
738 static int add(RGWRados *store,
739 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
740
741 static int remove(RGWRados *store,
742 RGWUserAdminOpState& op_state, RGWFormatterFlusher& flusher);
743 };
744
745 class RGWMetadataManager;
746
747 extern void rgw_user_init(RGWRados *store);
748
749 #endif
Ceph