#include "rgw_string.h"
#include "common/async/yield_context.h"
#include "rgw_website.h"
+#include "rgw_object_lock.h"
#include "cls/version/cls_version_types.h"
#include "cls/user/cls_user_types.h"
#include "cls/rgw/cls_rgw_types.h"
#define RGW_ATTR_X_ROBOTS_TAG RGW_ATTR_PREFIX "x-robots-tag"
#define RGW_ATTR_STORAGE_CLASS RGW_ATTR_PREFIX "storage_class"
+/* S3 Object Lock*/
+#define RGW_ATTR_OBJECT_LOCK RGW_ATTR_PREFIX "object-lock"
+#define RGW_ATTR_OBJECT_RETENTION RGW_ATTR_PREFIX "object-retention"
+#define RGW_ATTR_OBJECT_LEGAL_HOLD RGW_ATTR_PREFIX "object-legal-hold"
+
+
#define RGW_ATTR_PG_VER RGW_ATTR_PREFIX "pg_ver"
#define RGW_ATTR_SOURCE_ZONE RGW_ATTR_PREFIX "source_zone"
#define RGW_ATTR_TAGS RGW_ATTR_PREFIX RGW_AMZ_PREFIX "tagging"
#define ERR_NO_SUCH_SUBUSER 2043
#define ERR_MFA_REQUIRED 2044
#define ERR_NO_SUCH_CORS_CONFIGURATION 2045
+#define ERR_NO_SUCH_OBJECT_LOCK_CONFIGURATION 2046
+#define ERR_INVALID_RETENTION_PERIOD 2047
#define ERR_USER_SUSPENDED 2100
#define ERR_INTERNAL_ERROR 2200
#define ERR_NOT_IMPLEMENTED 2201
/* Helper class used for RGWHTTPArgs parsing */
class NameVal
{
- string str;
- string name;
- string val;
+ const std::string str;
+ std::string name;
+ std::string val;
public:
- explicit NameVal(string nv) : str(nv) {}
+ explicit NameVal(const std::string& nv) : str(nv) {}
int parse();
- string& get_name() { return name; }
- string& get_val() { return val; }
+ std::string& get_name() { return name; }
+ std::string& get_val() { return val; }
};
/** Stores the XML arguments associated with the HTTP request in req_state*/
class RGWHTTPArgs {
- string str, empty_str;
- map<string, string> val_map;
- map<string, string> sys_val_map;
- map<string, string> sub_resources;
- bool has_resp_modifier;
- bool admin_subresource_added;
+ std::string str, empty_str;
+ std::map<std::string, std::string> val_map;
+ std::map<std::string, std::string> sys_val_map;
+ std::map<std::string, std::string> sub_resources;
+ bool has_resp_modifier = false;
+ bool admin_subresource_added = false;
public:
- RGWHTTPArgs() : has_resp_modifier(false), admin_subresource_added(false) {}
+ RGWHTTPArgs() = default;
+ explicit RGWHTTPArgs(const std::string& s) {
+ set(s);
+ parse();
+ }
/** Set the arguments; as received */
- void set(string s) {
+ void set(const std::string& s) {
has_resp_modifier = false;
val_map.clear();
sub_resources.clear();
}
/** parse the received arguments */
int parse();
- void append(const string& name, const string& val);
+ void append(const std::string& name, const string& val);
/** Get the value for a specific argument parameter */
- const string& get(const string& name, bool *exists = NULL) const;
+ const string& get(const std::string& name, bool *exists = NULL) const;
boost::optional<const std::string&>
get_optional(const std::string& name) const;
- int get_bool(const string& name, bool *val, bool *exists);
+ int get_bool(const std::string& name, bool *val, bool *exists);
int get_bool(const char *name, bool *val, bool *exists);
void get_bool(const char *name, bool *val, bool def_val);
int get_int(const char *name, int *val, int def_val);
/** Get the value for specific system argument parameter */
- std::string sys_get(const string& name, bool *exists = nullptr) const;
+ std::string sys_get(const std::string& name, bool *exists = nullptr) const;
/** see if a parameter is contained in this RGWHTTPArgs */
bool exists(const char *name) const {
bool sub_resource_exists(const char *name) const {
return (sub_resources.find(name) != std::end(sub_resources));
}
- map<string, string>& get_params() {
+ std::map<std::string, std::string>& get_params() {
return val_map;
}
const std::map<std::string, std::string>& get_sub_resources() const {
return has_resp_modifier;
}
void set_system() { /* make all system params visible */
- map<string, string>::iterator iter;
+ std::map<std::string, std::string>::iterator iter;
for (iter = sys_val_map.begin(); iter != sys_val_map.end(); ++iter) {
val_map[iter->first] = iter->second;
}
}
- const string& get_str() {
+ const std::string& get_str() {
return str;
}
}; // RGWHTTPArgs
RGW_OP_GET_USER_POLICY,
RGW_OP_LIST_USER_POLICIES,
RGW_OP_DELETE_USER_POLICY,
+ RGW_OP_PUT_BUCKET_OBJ_LOCK,
+ RGW_OP_GET_BUCKET_OBJ_LOCK,
+ RGW_OP_PUT_OBJ_RETENTION,
+ RGW_OP_GET_OBJ_RETENTION,
+ RGW_OP_PUT_OBJ_LEGAL_HOLD,
+ RGW_OP_GET_OBJ_LEGAL_HOLD,
/* rgw specific */
RGW_OP_ADMIN_SET_METADATA,
RGW_OP_GET_OBJ_LAYOUT,
BUCKET_VERSIONS_SUSPENDED = 0x4,
BUCKET_DATASYNC_DISABLED = 0X8,
BUCKET_MFA_ENABLED = 0X10,
+ BUCKET_OBJ_LOCK_ENABLED = 0X20,
};
enum RGWBucketIndexType {
map<string, uint32_t> mdsearch_config;
+
+
/* resharding */
uint8_t reshard_status;
string new_bucket_instance_id;
+ RGWObjectLock obj_lock;
+
void encode(bufferlist& bl) const {
- ENCODE_START(19, 4, bl);
+ ENCODE_START(20, 4, bl);
encode(bucket, bl);
encode(owner.id, bl);
encode(flags, bl);
encode(mdsearch_config, bl);
encode(reshard_status, bl);
encode(new_bucket_instance_id, bl);
+ if (obj_lock_enabled()) {
+ encode(obj_lock, bl);
+ }
ENCODE_FINISH(bl);
}
void decode(bufferlist::const_iterator& bl) {
- DECODE_START_LEGACY_COMPAT_LEN_32(19, 4, 4, bl);
+ DECODE_START_LEGACY_COMPAT_LEN_32(20, 4, 4, bl);
decode(bucket, bl);
if (struct_v >= 2) {
string s;
decode(reshard_status, bl);
decode(new_bucket_instance_id, bl);
}
+ if (struct_v >= 20 && obj_lock_enabled()) {
+ decode(obj_lock, bl);
+ }
DECODE_FINISH(bl);
}
void dump(Formatter *f) const;
bool versioning_enabled() const { return (versioning_status() & (BUCKET_VERSIONED | BUCKET_VERSIONS_SUSPENDED)) == BUCKET_VERSIONED; }
bool mfa_enabled() const { return (versioning_status() & BUCKET_MFA_ENABLED) != 0; }
bool datasync_flag_enabled() const { return (flags & BUCKET_DATASYNC_DISABLED) == 0; }
+ bool obj_lock_enabled() const { return (flags & BUCKET_OBJ_LOCK_ENABLED) != 0; }
bool has_swift_versioning() const {
/* A bucket may be versioned through one mechanism only. */
const rgw::IAM::Environment& env,
boost::optional<const rgw::auth::Identity&> id,
const uint64_t op,
- const rgw::IAM::ARN& arn);
+ const rgw::ARN& arn);
bool verify_user_permission(const DoutPrefixProvider* dpp,
struct req_state * const s,
RGWAccessControlPolicy * const user_acl,
const vector<rgw::IAM::Policy>& user_policies,
- const rgw::IAM::ARN& res,
+ const rgw::ARN& res,
const uint64_t op);
bool verify_user_permission_no_policy(const DoutPrefixProvider* dpp,
struct req_state * const s,
const int perm);
bool verify_user_permission(const DoutPrefixProvider* dpp,
struct req_state * const s,
- const rgw::IAM::ARN& res,
+ const rgw::ARN& res,
const uint64_t op);
bool verify_user_permission_no_policy(const DoutPrefixProvider* dpp,
struct req_state * const s,