1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
5 * Ceph - scalable distributed file system
7 * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
8 * Copyright (C) 2015 Yehuda Sadeh <yehuda@redhat.com>
10 * This is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License version 2.1, as published by the Free Software
13 * Foundation. See file COPYING.
17 #ifndef CEPH_RGW_COMMON_H
18 #define CEPH_RGW_COMMON_H
22 #include <boost/algorithm/string.hpp>
23 #include <boost/utility/string_view.hpp>
25 #include "common/ceph_crypto.h"
28 #include "rgw_iam_policy.h"
29 #include "rgw_quota.h"
30 #include "rgw_string.h"
31 #include "common/async/yield_context.h"
32 #include "rgw_website.h"
33 #include "cls/version/cls_version_types.h"
34 #include "cls/user/cls_user_types.h"
35 #include "cls/rgw/cls_rgw_types.h"
36 #include "include/rados/librados.hpp"
42 using ceph::crypto::MD5
;
45 #define RGW_ATTR_PREFIX "user.rgw."
47 #define RGW_HTTP_RGWX_ATTR_PREFIX "RGWX_ATTR_"
48 #define RGW_HTTP_RGWX_ATTR_PREFIX_OUT "Rgwx-Attr-"
50 #define RGW_AMZ_PREFIX "x-amz-"
51 #define RGW_AMZ_META_PREFIX RGW_AMZ_PREFIX "meta-"
52 #define RGW_AMZ_WEBSITE_REDIRECT_LOCATION RGW_AMZ_PREFIX "website-redirect-location"
53 #define RGW_AMZ_TAG_COUNT RGW_AMZ_PREFIX "tagging-count"
55 #define RGW_SYS_PARAM_PREFIX "rgwx-"
57 #define RGW_ATTR_ACL RGW_ATTR_PREFIX "acl"
58 #define RGW_ATTR_LC RGW_ATTR_PREFIX "lc"
59 #define RGW_ATTR_CORS RGW_ATTR_PREFIX "cors"
60 #define RGW_ATTR_ETAG RGW_ATTR_PREFIX "etag"
61 #define RGW_ATTR_BUCKETS RGW_ATTR_PREFIX "buckets"
62 #define RGW_ATTR_META_PREFIX RGW_ATTR_PREFIX RGW_AMZ_META_PREFIX
63 #define RGW_ATTR_CONTENT_TYPE RGW_ATTR_PREFIX "content_type"
64 #define RGW_ATTR_CACHE_CONTROL RGW_ATTR_PREFIX "cache_control"
65 #define RGW_ATTR_CONTENT_DISP RGW_ATTR_PREFIX "content_disposition"
66 #define RGW_ATTR_CONTENT_ENC RGW_ATTR_PREFIX "content_encoding"
67 #define RGW_ATTR_CONTENT_LANG RGW_ATTR_PREFIX "content_language"
68 #define RGW_ATTR_EXPIRES RGW_ATTR_PREFIX "expires"
69 #define RGW_ATTR_DELETE_AT RGW_ATTR_PREFIX "delete_at"
70 #define RGW_ATTR_ID_TAG RGW_ATTR_PREFIX "idtag"
71 #define RGW_ATTR_TAIL_TAG RGW_ATTR_PREFIX "tail_tag"
72 #define RGW_ATTR_SHADOW_OBJ RGW_ATTR_PREFIX "shadow_name"
73 #define RGW_ATTR_MANIFEST RGW_ATTR_PREFIX "manifest"
74 #define RGW_ATTR_USER_MANIFEST RGW_ATTR_PREFIX "user_manifest"
75 #define RGW_ATTR_AMZ_WEBSITE_REDIRECT_LOCATION RGW_ATTR_PREFIX RGW_AMZ_WEBSITE_REDIRECT_LOCATION
76 #define RGW_ATTR_SLO_MANIFEST RGW_ATTR_PREFIX "slo_manifest"
77 /* Information whether an object is SLO or not must be exposed to
78 * user through custom HTTP header named X-Static-Large-Object. */
79 #define RGW_ATTR_SLO_UINDICATOR RGW_ATTR_META_PREFIX "static-large-object"
80 #define RGW_ATTR_X_ROBOTS_TAG RGW_ATTR_PREFIX "x-robots-tag"
81 #define RGW_ATTR_STORAGE_CLASS RGW_ATTR_PREFIX "storage_class"
83 #define RGW_ATTR_PG_VER RGW_ATTR_PREFIX "pg_ver"
84 #define RGW_ATTR_SOURCE_ZONE RGW_ATTR_PREFIX "source_zone"
85 #define RGW_ATTR_TAGS RGW_ATTR_PREFIX RGW_AMZ_PREFIX "tagging"
87 #define RGW_ATTR_TEMPURL_KEY1 RGW_ATTR_META_PREFIX "temp-url-key"
88 #define RGW_ATTR_TEMPURL_KEY2 RGW_ATTR_META_PREFIX "temp-url-key-2"
90 /* Account/container quota of the Swift API. */
91 #define RGW_ATTR_QUOTA_NOBJS RGW_ATTR_META_PREFIX "quota-count"
92 #define RGW_ATTR_QUOTA_MSIZE RGW_ATTR_META_PREFIX "quota-bytes"
94 /* Static Web Site of Swift API. */
95 #define RGW_ATTR_WEB_INDEX RGW_ATTR_META_PREFIX "web-index"
96 #define RGW_ATTR_WEB_ERROR RGW_ATTR_META_PREFIX "web-error"
97 #define RGW_ATTR_WEB_LISTINGS RGW_ATTR_META_PREFIX "web-listings"
98 #define RGW_ATTR_WEB_LIST_CSS RGW_ATTR_META_PREFIX "web-listings-css"
99 #define RGW_ATTR_SUBDIR_MARKER RGW_ATTR_META_PREFIX "web-directory-type"
101 #define RGW_ATTR_OLH_PREFIX RGW_ATTR_PREFIX "olh."
103 #define RGW_ATTR_OLH_INFO RGW_ATTR_OLH_PREFIX "info"
104 #define RGW_ATTR_OLH_VER RGW_ATTR_OLH_PREFIX "ver"
105 #define RGW_ATTR_OLH_ID_TAG RGW_ATTR_OLH_PREFIX "idtag"
106 #define RGW_ATTR_OLH_PENDING_PREFIX RGW_ATTR_OLH_PREFIX "pending."
108 #define RGW_ATTR_COMPRESSION RGW_ATTR_PREFIX "compression"
110 #define RGW_ATTR_APPEND_PART_NUM RGW_ATTR_PREFIX "append_part_num"
113 #define RGW_ATTR_IAM_POLICY RGW_ATTR_PREFIX "iam-policy"
114 #define RGW_ATTR_USER_POLICY RGW_ATTR_PREFIX "user-policy"
116 /* RGW File Attributes */
117 #define RGW_ATTR_UNIX_KEY1 RGW_ATTR_PREFIX "unix-key1"
118 #define RGW_ATTR_UNIX1 RGW_ATTR_PREFIX "unix1"
120 #define RGW_ATTR_CRYPT_PREFIX RGW_ATTR_PREFIX "crypt."
121 #define RGW_ATTR_CRYPT_MODE RGW_ATTR_CRYPT_PREFIX "mode"
122 #define RGW_ATTR_CRYPT_KEYMD5 RGW_ATTR_CRYPT_PREFIX "keymd5"
123 #define RGW_ATTR_CRYPT_KEYID RGW_ATTR_CRYPT_PREFIX "keyid"
124 #define RGW_ATTR_CRYPT_KEYSEL RGW_ATTR_CRYPT_PREFIX "keysel"
126 #define RGW_BUCKETS_OBJ_SUFFIX ".buckets"
128 #define RGW_FORMAT_PLAIN 0
129 #define RGW_FORMAT_XML 1
130 #define RGW_FORMAT_JSON 2
131 #define RGW_FORMAT_HTML 3
133 #define RGW_CAP_READ 0x1
134 #define RGW_CAP_WRITE 0x2
135 #define RGW_CAP_ALL (RGW_CAP_READ | RGW_CAP_WRITE)
137 #define RGW_REST_SWIFT 0x1
138 #define RGW_REST_SWIFT_AUTH 0x2
139 #define RGW_REST_S3 0x4
140 #define RGW_REST_WEBSITE 0x8
141 #define RGW_REST_STS 0x10
143 #define RGW_SUSPENDED_USER_AUID (uint64_t)-2
145 #define RGW_OP_TYPE_READ 0x01
146 #define RGW_OP_TYPE_WRITE 0x02
147 #define RGW_OP_TYPE_DELETE 0x04
149 #define RGW_OP_TYPE_MODIFY (RGW_OP_TYPE_WRITE | RGW_OP_TYPE_DELETE)
150 #define RGW_OP_TYPE_ALL (RGW_OP_TYPE_READ | RGW_OP_TYPE_WRITE | RGW_OP_TYPE_DELETE)
152 #define RGW_DEFAULT_MAX_BUCKETS 1000
154 #define RGW_DEFER_TO_BUCKET_ACLS_RECURSE 1
155 #define RGW_DEFER_TO_BUCKET_ACLS_FULL_CONTROL 2
157 #define STATUS_CREATED 1900
158 #define STATUS_ACCEPTED 1901
159 #define STATUS_NO_CONTENT 1902
160 #define STATUS_PARTIAL_CONTENT 1903
161 #define STATUS_REDIRECT 1904
162 #define STATUS_NO_APPLY 1905
163 #define STATUS_APPLIED 1906
165 #define ERR_INVALID_BUCKET_NAME 2000
166 #define ERR_INVALID_OBJECT_NAME 2001
167 #define ERR_NO_SUCH_BUCKET 2002
168 #define ERR_METHOD_NOT_ALLOWED 2003
169 #define ERR_INVALID_DIGEST 2004
170 #define ERR_BAD_DIGEST 2005
171 #define ERR_UNRESOLVABLE_EMAIL 2006
172 #define ERR_INVALID_PART 2007
173 #define ERR_INVALID_PART_ORDER 2008
174 #define ERR_NO_SUCH_UPLOAD 2009
175 #define ERR_REQUEST_TIMEOUT 2010
176 #define ERR_LENGTH_REQUIRED 2011
177 #define ERR_REQUEST_TIME_SKEWED 2012
178 #define ERR_BUCKET_EXISTS 2013
179 #define ERR_BAD_URL 2014
180 #define ERR_PRECONDITION_FAILED 2015
181 #define ERR_NOT_MODIFIED 2016
182 #define ERR_INVALID_UTF8 2017
183 #define ERR_UNPROCESSABLE_ENTITY 2018
184 #define ERR_TOO_LARGE 2019
185 #define ERR_TOO_MANY_BUCKETS 2020
186 #define ERR_INVALID_REQUEST 2021
187 #define ERR_TOO_SMALL 2022
188 #define ERR_NOT_FOUND 2023
189 #define ERR_PERMANENT_REDIRECT 2024
190 #define ERR_LOCKED 2025
191 #define ERR_QUOTA_EXCEEDED 2026
192 #define ERR_SIGNATURE_NO_MATCH 2027
193 #define ERR_INVALID_ACCESS_KEY 2028
194 #define ERR_MALFORMED_XML 2029
195 #define ERR_USER_EXIST 2030
196 #define ERR_NOT_SLO_MANIFEST 2031
197 #define ERR_EMAIL_EXIST 2032
198 #define ERR_KEY_EXIST 2033
199 #define ERR_INVALID_SECRET_KEY 2034
200 #define ERR_INVALID_KEY_TYPE 2035
201 #define ERR_INVALID_CAP 2036
202 #define ERR_INVALID_TENANT_NAME 2037
203 #define ERR_WEBSITE_REDIRECT 2038
204 #define ERR_NO_SUCH_WEBSITE_CONFIGURATION 2039
205 #define ERR_AMZ_CONTENT_SHA256_MISMATCH 2040
206 #define ERR_NO_SUCH_LC 2041
207 #define ERR_NO_SUCH_USER 2042
208 #define ERR_NO_SUCH_SUBUSER 2043
209 #define ERR_MFA_REQUIRED 2044
210 #define ERR_NO_SUCH_CORS_CONFIGURATION 2045
211 #define ERR_USER_SUSPENDED 2100
212 #define ERR_INTERNAL_ERROR 2200
213 #define ERR_NOT_IMPLEMENTED 2201
214 #define ERR_SERVICE_UNAVAILABLE 2202
215 #define ERR_ROLE_EXISTS 2203
216 #define ERR_MALFORMED_DOC 2204
217 #define ERR_NO_ROLE_FOUND 2205
218 #define ERR_DELETE_CONFLICT 2206
219 #define ERR_NO_SUCH_BUCKET_POLICY 2207
220 #define ERR_INVALID_LOCATION_CONSTRAINT 2208
221 #define ERR_TAG_CONFLICT 2209
222 #define ERR_INVALID_TAG 2210
223 #define ERR_ZERO_IN_URL 2211
224 #define ERR_MALFORMED_ACL_ERROR 2212
225 #define ERR_ZONEGROUP_DEFAULT_PLACEMENT_MISCONFIGURATION 2213
226 #define ERR_INVALID_ENCRYPTION_ALGORITHM 2214
227 #define ERR_INVALID_CORS_RULES_ERROR 2215
228 #define ERR_NO_CORS_FOUND 2216
229 #define ERR_INVALID_WEBSITE_ROUTING_RULES_ERROR 2217
230 #define ERR_RATE_LIMITED 2218
231 #define ERR_POSITION_NOT_EQUAL_TO_LENGTH 2219
232 #define ERR_OBJECT_NOT_APPENDABLE 2220
233 #define ERR_INVALID_BUCKET_STATE 2221
235 #define ERR_BUSY_RESHARDING 2300
236 #define ERR_NO_SUCH_ENTITY 2301
239 #define ERR_PACKED_POLICY_TOO_LARGE 2400
240 #define ERR_INVALID_IDENTITY_TOKEN 2401
243 #define UINT32_MAX (0xffffffffu)
248 typedef void *RGWAccessHandle
;
250 /* size should be the required string size + 1 */
251 int gen_rand_base64(CephContext
*cct
, char *dest
, int size
);
252 void gen_rand_alphanumeric(CephContext
*cct
, char *dest
, int size
);
253 void gen_rand_alphanumeric_lower(CephContext
*cct
, char *dest
, int size
);
254 void gen_rand_alphanumeric_upper(CephContext
*cct
, char *dest
, int size
);
255 void gen_rand_alphanumeric_no_underscore(CephContext
*cct
, char *dest
, int size
);
256 void gen_rand_alphanumeric_plain(CephContext
*cct
, char *dest
, int size
);
257 void gen_rand_alphanumeric_lower(CephContext
*cct
, string
*str
, int length
);
259 enum RGWIntentEvent
{
269 /** Store error returns for output at a different point in the program */
273 bool is_clear() const;
275 friend std::ostream
& operator<<(std::ostream
& oss
, const rgw_err
&err
);
279 std::string err_code
;
285 /* Helper class used for RGWHTTPArgs parsing */
292 explicit NameVal(string nv
) : str(nv
) {}
296 string
& get_name() { return name
; }
297 string
& get_val() { return val
; }
300 /** Stores the XML arguments associated with the HTTP request in req_state*/
302 string str
, empty_str
;
303 map
<string
, string
> val_map
;
304 map
<string
, string
> sys_val_map
;
305 map
<string
, string
> sub_resources
;
306 bool has_resp_modifier
;
307 bool admin_subresource_added
;
309 RGWHTTPArgs() : has_resp_modifier(false), admin_subresource_added(false) {}
311 /** Set the arguments; as received */
313 has_resp_modifier
= false;
315 sub_resources
.clear();
318 /** parse the received arguments */
320 void append(const string
& name
, const string
& val
);
321 /** Get the value for a specific argument parameter */
322 const string
& get(const string
& name
, bool *exists
= NULL
) const;
323 boost::optional
<const std::string
&>
324 get_optional(const std::string
& name
) const;
325 int get_bool(const string
& name
, bool *val
, bool *exists
);
326 int get_bool(const char *name
, bool *val
, bool *exists
);
327 void get_bool(const char *name
, bool *val
, bool def_val
);
328 int get_int(const char *name
, int *val
, int def_val
);
330 /** Get the value for specific system argument parameter */
331 std::string
sys_get(const string
& name
, bool *exists
= nullptr) const;
333 /** see if a parameter is contained in this RGWHTTPArgs */
334 bool exists(const char *name
) const {
335 return (val_map
.find(name
) != std::end(val_map
));
337 bool sub_resource_exists(const char *name
) const {
338 return (sub_resources
.find(name
) != std::end(sub_resources
));
340 map
<string
, string
>& get_params() {
343 const std::map
<std::string
, std::string
>& get_sub_resources() const {
344 return sub_resources
;
346 unsigned get_num_params() const {
347 return val_map
.size();
349 bool has_response_modifier() const {
350 return has_resp_modifier
;
352 void set_system() { /* make all system params visible */
353 map
<string
, string
>::iterator iter
;
354 for (iter
= sys_val_map
.begin(); iter
!= sys_val_map
.end(); ++iter
) {
355 val_map
[iter
->first
] = iter
->second
;
358 const string
& get_str() {
363 const char *rgw_conf_get(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, const char *def_val
);
364 int rgw_conf_get_int(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, int def_val
);
365 bool rgw_conf_get_bool(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, bool def_val
);
372 int enable_usage_log
;
373 uint8_t defer_to_bucket_acls
;
374 void init(CephContext
*cct
);
379 defer_to_bucket_acls(0) {
384 std::map
<string
, string
, ltstr_nocase
> env_map
;
387 void init(CephContext
*cct
);
388 void init(CephContext
*cct
, char **envp
);
389 void set(std::string name
, std::string val
);
390 const char *get(const char *name
, const char *def_val
= nullptr) const;
391 int get_int(const char *name
, int def_val
= 0) const;
392 bool get_bool(const char *name
, bool def_val
= 0);
393 size_t get_size(const char *name
, size_t def_val
= 0) const;
394 bool exists(const char *name
) const;
395 bool exists_prefix(const char *prefix
) const;
396 void remove(const char *name
);
397 const std::map
<string
, string
, ltstr_nocase
>& get_map() const { return env_map
; }
398 int get_enable_ops_log() const {
399 return conf
.enable_ops_log
;
402 int get_enable_usage_log() const {
403 return conf
.enable_usage_log
;
406 int get_defer_to_bucket_acls() const {
407 return conf
.defer_to_bucket_acls
;
411 // return true if the connection is secure. this either means that the
412 // connection arrived via ssl, or was forwarded as https by a trusted proxy
413 bool rgw_transport_is_secure(CephContext
*cct
, const RGWEnv
& env
);
432 RGW_OP_GET_BUCKET_LOGGING
,
433 RGW_OP_GET_BUCKET_LOCATION
,
434 RGW_OP_GET_BUCKET_VERSIONING
,
435 RGW_OP_SET_BUCKET_VERSIONING
,
436 RGW_OP_GET_BUCKET_WEBSITE
,
437 RGW_OP_SET_BUCKET_WEBSITE
,
439 RGW_OP_CREATE_BUCKET
,
440 RGW_OP_DELETE_BUCKET
,
444 RGW_OP_PUT_METADATA_ACCOUNT
,
445 RGW_OP_PUT_METADATA_BUCKET
,
446 RGW_OP_PUT_METADATA_OBJECT
,
456 RGW_OP_GET_REQUEST_PAYMENT
,
457 RGW_OP_SET_REQUEST_PAYMENT
,
458 RGW_OP_INIT_MULTIPART
,
459 RGW_OP_COMPLETE_MULTIPART
,
460 RGW_OP_ABORT_MULTIPART
,
461 RGW_OP_LIST_MULTIPART
,
462 RGW_OP_LIST_BUCKET_MULTIPARTS
,
463 RGW_OP_DELETE_MULTI_OBJ
,
466 RGW_OP_GET_CROSS_DOMAIN_POLICY
,
467 RGW_OP_GET_HEALTH_CHECK
,
474 RGW_OP_PUT_ROLE_POLICY
,
475 RGW_OP_GET_ROLE_POLICY
,
476 RGW_OP_LIST_ROLE_POLICIES
,
477 RGW_OP_DELETE_ROLE_POLICY
,
478 RGW_OP_PUT_BUCKET_POLICY
,
479 RGW_OP_GET_BUCKET_POLICY
,
480 RGW_OP_DELETE_BUCKET_POLICY
,
481 RGW_OP_PUT_OBJ_TAGGING
,
482 RGW_OP_GET_OBJ_TAGGING
,
483 RGW_OP_DELETE_OBJ_TAGGING
,
487 RGW_OP_PUT_USER_POLICY
,
488 RGW_OP_GET_USER_POLICY
,
489 RGW_OP_LIST_USER_POLICIES
,
490 RGW_OP_DELETE_USER_POLICY
,
492 RGW_OP_ADMIN_SET_METADATA
,
493 RGW_OP_GET_OBJ_LAYOUT
,
495 RGW_OP_METADATA_SEARCH
,
496 RGW_OP_CONFIG_BUCKET_META_SEARCH
,
497 RGW_OP_GET_BUCKET_META_SEARCH
,
498 RGW_OP_DEL_BUCKET_META_SEARCH
,
501 RGW_STS_GET_SESSION_TOKEN
,
502 RGW_STS_ASSUME_ROLE_WEB_IDENTITY
,
504 RGW_OP_PUBSUB_TOPIC_CREATE
,
505 RGW_OP_PUBSUB_TOPICS_LIST
,
506 RGW_OP_PUBSUB_TOPIC_GET
,
507 RGW_OP_PUBSUB_TOPIC_DELETE
,
508 RGW_OP_PUBSUB_SUB_CREATE
,
509 RGW_OP_PUBSUB_SUB_GET
,
510 RGW_OP_PUBSUB_SUB_DELETE
,
511 RGW_OP_PUBSUB_SUB_PULL
,
512 RGW_OP_PUBSUB_SUB_ACK
,
513 RGW_OP_PUBSUB_NOTIF_CREATE
,
514 RGW_OP_PUBSUB_NOTIF_DELETE
,
515 RGW_OP_PUBSUB_NOTIF_LIST
,
518 class RGWAccessControlPolicy
;
521 struct RGWAccessKey
{
522 string id
; // AccessKey
523 string key
; // SecretKey
527 RGWAccessKey(std::string _id
, std::string _key
)
528 : id(std::move(_id
)), key(std::move(_key
)) {}
530 void encode(bufferlist
& bl
) const {
531 ENCODE_START(2, 2, bl
);
538 void decode(bufferlist::const_iterator
& bl
) {
539 DECODE_START_LEGACY_COMPAT_LEN_32(2, 2, 2, bl
);
545 void dump(Formatter
*f
) const;
546 void dump_plain(Formatter
*f
) const;
547 void dump(Formatter
*f
, const string
& user
, bool swift
) const;
548 static void generate_test_instances(list
<RGWAccessKey
*>& o
);
550 void decode_json(JSONObj
*obj
);
551 void decode_json(JSONObj
*obj
, bool swift
);
553 WRITE_CLASS_ENCODER(RGWAccessKey
)
559 RGWSubUser() : perm_mask(0) {}
560 void encode(bufferlist
& bl
) const {
561 ENCODE_START(2, 2, bl
);
563 encode(perm_mask
, bl
);
567 void decode(bufferlist::const_iterator
& bl
) {
568 DECODE_START_LEGACY_COMPAT_LEN_32(2, 2, 2, bl
);
570 decode(perm_mask
, bl
);
573 void dump(Formatter
*f
) const;
574 void dump(Formatter
*f
, const string
& user
) const;
575 static void generate_test_instances(list
<RGWSubUser
*>& o
);
577 void decode_json(JSONObj
*obj
);
579 WRITE_CLASS_ENCODER(RGWSubUser
)
583 map
<string
, uint32_t> caps
;
585 int get_cap(const string
& cap
, string
& type
, uint32_t *perm
);
586 int add_cap(const string
& cap
);
587 int remove_cap(const string
& cap
);
589 static int parse_cap_perm(const string
& str
, uint32_t *perm
);
590 int add_from_string(const string
& str
);
591 int remove_from_string(const string
& str
);
593 void encode(bufferlist
& bl
) const {
594 ENCODE_START(1, 1, bl
);
598 void decode(bufferlist::const_iterator
& bl
) {
603 int check_cap(const string
& cap
, uint32_t perm
);
604 bool is_valid_cap_type(const string
& tp
);
605 void dump(Formatter
*f
) const;
606 void dump(Formatter
*f
, const char *name
) const;
608 void decode_json(JSONObj
*obj
);
610 WRITE_CLASS_ENCODER(RGWUserCaps
)
612 void encode_json(const char *name
, const obj_version
& v
, Formatter
*f
);
613 void encode_json(const char *name
, const RGWUserCaps
& val
, Formatter
*f
);
615 void decode_json_obj(obj_version
& v
, JSONObj
*obj
);
629 static string RGW_STORAGE_CLASS_STANDARD
= "STANDARD";
631 struct rgw_placement_rule
{
633 std::string storage_class
;
635 rgw_placement_rule() {}
636 rgw_placement_rule(const string
& _n
, const string
& _sc
) : name(_n
), storage_class(_sc
) {}
637 rgw_placement_rule(const rgw_placement_rule
& _r
, const string
& _sc
) : name(_r
.name
) {
641 storage_class
= _r
.storage_class
;
646 return name
.empty() && storage_class
.empty();
649 void inherit_from(const rgw_placement_rule
& r
) {
653 if (storage_class
.empty()) {
654 storage_class
= r
.storage_class
;
660 storage_class
.clear();
663 void init(const string
& n
, const string
& c
) {
668 static const string
& get_canonical_storage_class(const string
& storage_class
) {
669 if (storage_class
.empty()) {
670 return RGW_STORAGE_CLASS_STANDARD
;
672 return storage_class
;
675 const string
& get_storage_class() const {
676 return get_canonical_storage_class(storage_class
);
679 int compare(const rgw_placement_rule
& r
) const {
680 int c
= name
.compare(r
.name
);
684 return get_storage_class().compare(r
.get_storage_class());
687 bool operator==(const rgw_placement_rule
& r
) const {
688 return (name
== r
.name
&&
689 get_storage_class() == r
.get_storage_class());
692 bool operator!=(const rgw_placement_rule
& r
) const {
693 return !(*this == r
);
696 void encode(bufferlist
& bl
) const {
697 /* no ENCODE_START/END due to backward compatibility */
698 std::string s
= to_str();
702 void decode(bufferlist::const_iterator
& bl
) {
708 std::string
to_str() const {
709 if (standard_storage_class()) {
712 return to_str_explicit();
715 std::string
to_str_explicit() const {
716 return name
+ "/" + storage_class
;
719 void from_str(const std::string
& s
) {
720 size_t pos
= s
.find("/");
721 if (pos
== std::string::npos
) {
723 storage_class
.clear();
726 name
= s
.substr(0, pos
);
727 storage_class
= s
.substr(pos
+ 1);
730 bool standard_storage_class() const {
731 return storage_class
.empty() || storage_class
== RGW_STORAGE_CLASS_STANDARD
;
734 WRITE_CLASS_ENCODER(rgw_placement_rule
)
736 void encode_json(const char *name
, const rgw_placement_rule
& val
, ceph::Formatter
*f
);
737 void decode_json_obj(rgw_placement_rule
& v
, JSONObj
*obj
);
739 inline ostream
& operator<<(ostream
& out
, const rgw_placement_rule
& rule
) {
740 return out
<< rule
.to_str();
747 map
<string
, RGWAccessKey
> access_keys
;
748 map
<string
, RGWAccessKey
> swift_keys
;
749 map
<string
, RGWSubUser
> subusers
;
756 rgw_placement_rule default_placement
;
757 list
<string
> placement_tags
;
758 RGWQuotaInfo bucket_quota
;
759 map
<int, string
> temp_url_keys
;
760 RGWQuotaInfo user_quota
;
763 string assumed_role_arn
;
767 max_buckets(RGW_DEFAULT_MAX_BUCKETS
),
768 op_mask(RGW_OP_TYPE_ALL
),
774 RGWAccessKey
* get_key(const string
& access_key
) {
775 if (access_keys
.empty())
778 auto k
= access_keys
.find(access_key
);
779 if (k
== access_keys
.end())
785 void encode(bufferlist
& bl
) const {
786 ENCODE_START(21, 9, bl
);
787 encode((uint64_t)0, bl
); // old auid
790 if (!access_keys
.empty()) {
791 map
<string
, RGWAccessKey
>::const_iterator iter
= access_keys
.begin();
792 const RGWAccessKey
& k
= iter
->second
;
796 encode(access_key
, bl
);
797 encode(secret_key
, bl
);
798 encode(display_name
, bl
);
799 encode(user_email
, bl
);
802 if (!swift_keys
.empty()) {
803 map
<string
, RGWAccessKey
>::const_iterator iter
= swift_keys
.begin();
804 const RGWAccessKey
& k
= iter
->second
;
808 encode(swift_name
, bl
);
809 encode(swift_key
, bl
);
810 encode(user_id
.id
, bl
);
811 encode(access_keys
, bl
);
812 encode(subusers
, bl
);
813 encode(suspended
, bl
);
814 encode(swift_keys
, bl
);
815 encode(max_buckets
, bl
);
819 encode(default_placement
, bl
);
820 encode(placement_tags
, bl
);
821 encode(bucket_quota
, bl
);
822 encode(temp_url_keys
, bl
);
823 encode(user_quota
, bl
);
824 encode(user_id
.tenant
, bl
);
828 encode(assumed_role_arn
, bl
);
831 void decode(bufferlist::const_iterator
& bl
) {
832 DECODE_START_LEGACY_COMPAT_LEN_32(20, 9, 9, bl
);
835 decode(old_auid
, bl
);
839 decode(access_key
, bl
);
840 decode(secret_key
, bl
);
845 access_keys
[access_key
] = k
;
847 decode(display_name
, bl
);
848 decode(user_email
, bl
);
849 /* We populate swift_keys map later nowadays, but we have to decode. */
852 if (struct_v
>= 3) decode(swift_name
, bl
);
853 if (struct_v
>= 4) decode(swift_key
, bl
);
855 decode(user_id
.id
, bl
);
857 user_id
.id
= access_key
;
859 decode(access_keys
, bl
);
860 decode(subusers
, bl
);
864 decode(suspended
, bl
);
867 decode(swift_keys
, bl
);
869 if (struct_v
>= 10) {
870 decode(max_buckets
, bl
);
872 max_buckets
= RGW_DEFAULT_MAX_BUCKETS
;
874 if (struct_v
>= 11) {
877 if (struct_v
>= 12) {
880 op_mask
= RGW_OP_TYPE_ALL
;
882 if (struct_v
>= 13) {
884 decode(default_placement
, bl
);
885 decode(placement_tags
, bl
); /* tags of allowed placement rules */
887 if (struct_v
>= 14) {
888 decode(bucket_quota
, bl
);
890 if (struct_v
>= 15) {
891 decode(temp_url_keys
, bl
);
893 if (struct_v
>= 16) {
894 decode(user_quota
, bl
);
896 if (struct_v
>= 17) {
897 decode(user_id
.tenant
, bl
);
899 user_id
.tenant
.clear();
901 if (struct_v
>= 18) {
904 if (struct_v
>= 19) {
907 if (struct_v
>= 20) {
910 if (struct_v
>= 21) {
911 decode(assumed_role_arn
, bl
);
915 void dump(Formatter
*f
) const;
916 static void generate_test_instances(list
<RGWUserInfo
*>& o
);
918 void decode_json(JSONObj
*obj
);
920 WRITE_CLASS_ENCODER(RGWUserInfo
)
926 rgw_pool() = default;
927 rgw_pool(const rgw_pool
& _p
) : name(_p
.name
), ns(_p
.ns
) {}
928 rgw_pool(rgw_pool
&&) = default;
929 rgw_pool(const string
& _s
) {
932 rgw_pool(const string
& _name
, const string
& _ns
) : name(_name
), ns(_ns
) {}
934 string
to_str() const;
935 void from_str(const string
& s
);
937 void init(const string
& _s
) {
945 int compare(const rgw_pool
& p
) const {
946 int r
= name
.compare(p
.name
);
950 return ns
.compare(p
.ns
);
953 void encode(bufferlist
& bl
) const {
954 ENCODE_START(10, 10, bl
);
960 void decode_from_bucket(bufferlist::const_iterator
& bl
);
962 void decode(bufferlist::const_iterator
& bl
) {
963 DECODE_START_LEGACY_COMPAT_LEN(10, 3, 3, bl
);
970 * note that rgw_pool can be used where rgw_bucket was used before
971 * therefore we inherit rgw_bucket's old versions. However, we only
972 * need the first field from rgw_bucket. unless we add more fields
973 * in which case we'll need to look at struct_v, and check the actual
974 * version. Anything older than 10 needs to be treated as old rgw_bucket
984 rgw_pool
& operator=(const rgw_pool
&) = default;
986 bool operator==(const rgw_pool
& p
) const {
987 return (compare(p
) == 0);
989 bool operator!=(const rgw_pool
& p
) const {
990 return !(*this == p
);
992 bool operator<(const rgw_pool
& p
) const {
993 int r
= name
.compare(p
.name
);
995 return (ns
.compare(p
.ns
) < 0);
1000 WRITE_CLASS_ENCODER(rgw_pool
)
1002 struct rgw_data_placement_target
{
1004 rgw_pool data_extra_pool
;
1005 rgw_pool index_pool
;
1007 rgw_data_placement_target() = default;
1008 rgw_data_placement_target(const rgw_data_placement_target
&) = default;
1009 rgw_data_placement_target(rgw_data_placement_target
&&) = default;
1011 rgw_data_placement_target(const rgw_pool
& data_pool
,
1012 const rgw_pool
& data_extra_pool
,
1013 const rgw_pool
& index_pool
)
1014 : data_pool(data_pool
),
1015 data_extra_pool(data_extra_pool
),
1016 index_pool(index_pool
) {
1019 rgw_data_placement_target
&
1020 operator=(const rgw_data_placement_target
&) = default;
1022 const rgw_pool
& get_data_extra_pool() const {
1023 if (data_extra_pool
.empty()) {
1026 return data_extra_pool
;
1029 int compare(const rgw_data_placement_target
& t
) {
1030 int c
= data_pool
.compare(t
.data_pool
);
1034 c
= data_extra_pool
.compare(t
.data_extra_pool
);
1038 return index_pool
.compare(t
.index_pool
);
1041 void dump(Formatter
*f
) const;
1042 void decode_json(JSONObj
*obj
);
1045 inline ostream
& operator<<(ostream
& out
, const rgw_pool
& p
) {
1050 struct rgw_raw_obj
{
1056 rgw_raw_obj(const rgw_pool
& _pool
, const std::string
& _oid
) {
1059 rgw_raw_obj(const rgw_pool
& _pool
, const std::string
& _oid
, const string
& _loc
) : loc(_loc
) {
1063 void init(const rgw_pool
& _pool
, const std::string
& _oid
) {
1068 bool empty() const {
1072 void encode(bufferlist
& bl
) const {
1073 ENCODE_START(6, 6, bl
);
1080 void decode_from_rgw_obj(bufferlist::const_iterator
& bl
);
1082 void decode(bufferlist::const_iterator
& bl
) {
1083 unsigned ofs
= bl
.get_off();
1084 DECODE_START(6, bl
);
1087 * this object was encoded as rgw_obj, prior to rgw_raw_obj been split out of it,
1088 * let's decode it as rgw_obj and convert it
1091 decode_from_rgw_obj(bl
);
1100 bool operator<(const rgw_raw_obj
& o
) const {
1101 int r
= pool
.compare(o
.pool
);
1103 r
= oid
.compare(o
.oid
);
1105 r
= loc
.compare(o
.loc
);
1111 bool operator==(const rgw_raw_obj
& o
) const {
1112 return (pool
== o
.pool
&& oid
== o
.oid
&& loc
== o
.loc
);
1115 void dump(Formatter
*f
) const;
1116 void decode_json(JSONObj
*obj
);
1118 WRITE_CLASS_ENCODER(rgw_raw_obj
)
1120 inline ostream
& operator<<(ostream
& out
, const rgw_raw_obj
& o
) {
1121 out
<< o
.pool
<< ":" << o
.oid
;
1129 std::string bucket_id
;
1130 rgw_data_placement_target explicit_placement
;
1133 * runtime in-memory only info. If not empty, points to the bucket instance object
1137 // cppcheck-suppress noExplicitConstructor
1138 explicit rgw_bucket(const rgw_user
& u
, const cls_user_bucket
& b
) :
1142 bucket_id(b
.bucket_id
),
1143 explicit_placement(b
.explicit_placement
.data_pool
,
1144 b
.explicit_placement
.data_extra_pool
,
1145 b
.explicit_placement
.index_pool
) {}
1146 rgw_bucket(const rgw_bucket
&) = default;
1147 rgw_bucket(rgw_bucket
&&) = default;
1149 void convert(cls_user_bucket
*b
) const {
1152 b
->bucket_id
= bucket_id
;
1153 b
->explicit_placement
.data_pool
= explicit_placement
.data_pool
.to_str();
1154 b
->explicit_placement
.data_extra_pool
= explicit_placement
.data_extra_pool
.to_str();
1155 b
->explicit_placement
.index_pool
= explicit_placement
.index_pool
.to_str();
1158 void encode(bufferlist
& bl
) const {
1159 ENCODE_START(10, 10, bl
);
1162 encode(bucket_id
, bl
);
1164 bool encode_explicit
= !explicit_placement
.data_pool
.empty();
1165 encode(encode_explicit
, bl
);
1166 if (encode_explicit
) {
1167 encode(explicit_placement
.data_pool
, bl
);
1168 encode(explicit_placement
.data_extra_pool
, bl
);
1169 encode(explicit_placement
.index_pool
, bl
);
1173 void decode(bufferlist::const_iterator
& bl
) {
1174 DECODE_START_LEGACY_COMPAT_LEN(10, 3, 3, bl
);
1176 if (struct_v
< 10) {
1177 decode(explicit_placement
.data_pool
.name
, bl
);
1179 if (struct_v
>= 2) {
1181 if (struct_v
<= 3) {
1185 snprintf(buf
, sizeof(buf
), "%" PRIu64
, id
);
1188 decode(bucket_id
, bl
);
1191 if (struct_v
< 10) {
1192 if (struct_v
>= 5) {
1193 decode(explicit_placement
.index_pool
.name
, bl
);
1195 explicit_placement
.index_pool
= explicit_placement
.data_pool
;
1197 if (struct_v
>= 7) {
1198 decode(explicit_placement
.data_extra_pool
.name
, bl
);
1201 if (struct_v
>= 8) {
1204 if (struct_v
>= 10) {
1205 bool decode_explicit
= !explicit_placement
.data_pool
.empty();
1206 decode(decode_explicit
, bl
);
1207 if (decode_explicit
) {
1208 decode(explicit_placement
.data_pool
, bl
);
1209 decode(explicit_placement
.data_extra_pool
, bl
);
1210 decode(explicit_placement
.index_pool
, bl
);
1216 void update_bucket_id(const string
& new_bucket_id
) {
1217 bucket_id
= new_bucket_id
;
1221 // format a key for the bucket/instance. pass delim=0 to skip a field
1222 std::string
get_key(char tenant_delim
= '/',
1223 char id_delim
= ':',
1224 size_t reserve
= 0) const;
1226 const rgw_pool
& get_data_extra_pool() const {
1227 return explicit_placement
.get_data_extra_pool();
1230 void dump(Formatter
*f
) const;
1231 void decode_json(JSONObj
*obj
);
1232 static void generate_test_instances(list
<rgw_bucket
*>& o
);
1234 rgw_bucket
& operator=(const rgw_bucket
&) = default;
1236 bool operator<(const rgw_bucket
& b
) const {
1237 if (tenant
== b
.tenant
) {
1238 return name
< b
.name
;
1240 return tenant
< b
.tenant
;
1244 bool operator==(const rgw_bucket
& b
) const {
1245 return (tenant
== b
.tenant
) && (name
== b
.name
) && \
1246 (bucket_id
== b
.bucket_id
);
1249 WRITE_CLASS_ENCODER(rgw_bucket
)
1251 inline ostream
& operator<<(ostream
& out
, const rgw_bucket
&b
) {
1252 out
<< b
.name
<< "[" << b
.marker
<< "]";
1256 struct rgw_bucket_shard
{
1260 rgw_bucket_shard() : shard_id(-1) {}
1261 rgw_bucket_shard(const rgw_bucket
& _b
, int _sid
) : bucket(_b
), shard_id(_sid
) {}
1263 std::string
get_key(char tenant_delim
= '/', char id_delim
= ':',
1264 char shard_delim
= ':') const;
1266 bool operator<(const rgw_bucket_shard
& b
) const {
1267 if (bucket
< b
.bucket
) {
1270 if (b
.bucket
< bucket
) {
1273 return shard_id
< b
.shard_id
;
1278 struct RGWObjVersionTracker
{
1279 obj_version read_version
;
1280 obj_version write_version
;
1282 obj_version
*version_for_read() {
1283 return &read_version
;
1286 obj_version
*version_for_write() {
1287 if (write_version
.ver
== 0)
1290 return &write_version
;
1293 obj_version
*version_for_check() {
1294 if (read_version
.ver
== 0)
1297 return &read_version
;
1300 void prepare_op_for_read(librados::ObjectReadOperation
*op
);
1301 void prepare_op_for_write(librados::ObjectWriteOperation
*op
);
1303 void apply_write() {
1304 read_version
= write_version
;
1305 write_version
= obj_version();
1309 read_version
= obj_version();
1310 write_version
= obj_version();
1313 void generate_new_write_ver(CephContext
*cct
);
1316 inline ostream
& operator<<(ostream
& out
, const obj_version
&v
)
1318 out
<< v
.tag
<< ":" << v
.ver
;
1322 inline ostream
& operator<<(ostream
& out
, const RGWObjVersionTracker
&ot
)
1324 out
<< "{r=" << ot
.read_version
<< ",w=" << ot
.write_version
<< "}";
1328 enum RGWBucketFlags
{
1329 BUCKET_SUSPENDED
= 0x1,
1330 BUCKET_VERSIONED
= 0x2,
1331 BUCKET_VERSIONS_SUSPENDED
= 0x4,
1332 BUCKET_DATASYNC_DISABLED
= 0X8,
1333 BUCKET_MFA_ENABLED
= 0X10,
1336 enum RGWBucketIndexType
{
1337 RGWBIType_Normal
= 0,
1338 RGWBIType_Indexless
= 1,
1341 inline ostream
& operator<<(ostream
& out
, const RGWBucketIndexType
&index_type
)
1343 switch (index_type
) {
1344 case RGWBIType_Normal
:
1345 return out
<< "Normal";
1346 case RGWBIType_Indexless
:
1347 return out
<< "Indexless";
1349 return out
<< "Unknown";
1353 struct RGWBucketInfo
{
1354 enum BIShardsHashType
{
1362 ceph::real_time creation_time
;
1363 rgw_placement_rule placement_rule
;
1364 bool has_instance_obj
;
1365 RGWObjVersionTracker objv_tracker
; /* we don't need to serialize this, for runtime tracking */
1366 obj_version ep_objv
; /* entry point object version, for runtime tracking only */
1369 // Represents the number of bucket index object shards:
1370 // - value of 0 indicates there is no sharding (this is by default before this
1371 // feature is implemented).
1372 // - value of UINT32_T::MAX indicates this is a blind bucket.
1373 uint32_t num_shards
;
1375 // Represents the bucket index shard hash type.
1376 uint8_t bucket_index_shard_hash_type
;
1378 // Represents the shard number for blind bucket.
1379 const static uint32_t NUM_SHARDS_BLIND_BUCKET
;
1381 bool requester_pays
;
1384 RGWBucketWebsiteConf website_conf
;
1386 RGWBucketIndexType index_type
= RGWBIType_Normal
;
1388 bool swift_versioning
;
1389 string swift_ver_location
;
1391 map
<string
, uint32_t> mdsearch_config
;
1394 uint8_t reshard_status
;
1395 string new_bucket_instance_id
;
1397 void encode(bufferlist
& bl
) const {
1398 ENCODE_START(19, 4, bl
);
1400 encode(owner
.id
, bl
);
1402 encode(zonegroup
, bl
);
1403 uint64_t ct
= real_clock::to_time_t(creation_time
);
1405 encode(placement_rule
, bl
);
1406 encode(has_instance_obj
, bl
);
1408 encode(num_shards
, bl
);
1409 encode(bucket_index_shard_hash_type
, bl
);
1410 encode(requester_pays
, bl
);
1411 encode(owner
.tenant
, bl
);
1412 encode(has_website
, bl
);
1414 encode(website_conf
, bl
);
1416 encode((uint32_t)index_type
, bl
);
1417 encode(swift_versioning
, bl
);
1418 if (swift_versioning
) {
1419 encode(swift_ver_location
, bl
);
1421 encode(creation_time
, bl
);
1422 encode(mdsearch_config
, bl
);
1423 encode(reshard_status
, bl
);
1424 encode(new_bucket_instance_id
, bl
);
1427 void decode(bufferlist::const_iterator
& bl
) {
1428 DECODE_START_LEGACY_COMPAT_LEN_32(19, 4, 4, bl
);
1430 if (struct_v
>= 2) {
1438 decode(zonegroup
, bl
);
1439 if (struct_v
>= 6) {
1443 creation_time
= ceph::real_clock::from_time_t((time_t)ct
);
1446 decode(placement_rule
, bl
);
1448 decode(has_instance_obj
, bl
);
1452 decode(num_shards
, bl
);
1454 decode(bucket_index_shard_hash_type
, bl
);
1456 decode(requester_pays
, bl
);
1458 decode(owner
.tenant
, bl
);
1459 if (struct_v
>= 14) {
1460 decode(has_website
, bl
);
1462 decode(website_conf
, bl
);
1464 website_conf
= RGWBucketWebsiteConf();
1467 if (struct_v
>= 15) {
1470 index_type
= (RGWBucketIndexType
)it
;
1472 index_type
= RGWBIType_Normal
;
1474 swift_versioning
= false;
1475 swift_ver_location
.clear();
1476 if (struct_v
>= 16) {
1477 decode(swift_versioning
, bl
);
1478 if (swift_versioning
) {
1479 decode(swift_ver_location
, bl
);
1482 if (struct_v
>= 17) {
1483 decode(creation_time
, bl
);
1485 if (struct_v
>= 18) {
1486 decode(mdsearch_config
, bl
);
1488 if (struct_v
>= 19) {
1489 decode(reshard_status
, bl
);
1490 decode(new_bucket_instance_id
, bl
);
1494 void dump(Formatter
*f
) const;
1495 static void generate_test_instances(list
<RGWBucketInfo
*>& o
);
1497 void decode_json(JSONObj
*obj
);
1499 bool versioned() const { return (flags
& BUCKET_VERSIONED
) != 0; }
1500 int versioning_status() const { return flags
& (BUCKET_VERSIONED
| BUCKET_VERSIONS_SUSPENDED
| BUCKET_MFA_ENABLED
); }
1501 bool versioning_enabled() const { return (versioning_status() & (BUCKET_VERSIONED
| BUCKET_VERSIONS_SUSPENDED
)) == BUCKET_VERSIONED
; }
1502 bool mfa_enabled() const { return (versioning_status() & BUCKET_MFA_ENABLED
) != 0; }
1503 bool datasync_flag_enabled() const { return (flags
& BUCKET_DATASYNC_DISABLED
) == 0; }
1505 bool has_swift_versioning() const {
1506 /* A bucket may be versioned through one mechanism only. */
1507 return swift_versioning
&& !versioned();
1510 RGWBucketInfo() : flags(0), has_instance_obj(false), num_shards(0), bucket_index_shard_hash_type(MOD
), requester_pays(false),
1511 has_website(false), swift_versioning(false), reshard_status(0) {}
1513 WRITE_CLASS_ENCODER(RGWBucketInfo
)
1515 struct RGWBucketEntryPoint
1519 ceph::real_time creation_time
;
1522 bool has_bucket_info
;
1523 RGWBucketInfo old_bucket_info
;
1525 RGWBucketEntryPoint() : linked(false), has_bucket_info(false) {}
1527 void encode(bufferlist
& bl
) const {
1528 ENCODE_START(10, 8, bl
);
1530 encode(owner
.id
, bl
);
1532 uint64_t ctime
= (uint64_t)real_clock::to_time_t(creation_time
);
1535 encode(creation_time
, bl
);
1538 void decode(bufferlist::const_iterator
& bl
) {
1539 auto orig_iter
= bl
;
1540 DECODE_START_LEGACY_COMPAT_LEN_32(10, 4, 4, bl
);
1542 /* ouch, old entry, contains the bucket info itself */
1543 old_bucket_info
.decode(orig_iter
);
1544 has_bucket_info
= true;
1547 has_bucket_info
= false;
1549 decode(owner
.id
, bl
);
1553 if (struct_v
< 10) {
1554 creation_time
= real_clock::from_time_t((time_t)ctime
);
1556 if (struct_v
>= 9) {
1559 if (struct_v
>= 10) {
1560 decode(creation_time
, bl
);
1565 void dump(Formatter
*f
) const;
1566 void decode_json(JSONObj
*obj
);
1568 WRITE_CLASS_ENCODER(RGWBucketEntryPoint
)
1570 struct RGWStorageStats
1572 RGWObjCategory category
;
1574 uint64_t size_rounded
;
1575 uint64_t size_utilized
{0}; //< size after compression, encryption
1576 uint64_t num_objects
;
1579 : category(RGWObjCategory::None
),
1584 void dump(Formatter
*f
) const;
1589 /* Namespaced forward declarations. */
1593 class AWSBrowserUploadAbstractor
;
1606 map
<string
, string
> x_meta_map
;
1612 string request_uri_aws4
;
1613 string effective_uri
;
1614 string request_params
;
1616 string storage_class
;
1618 req_info(CephContext
*cct
, const RGWEnv
*env
);
1619 void rebuild_from(req_info
& src
);
1620 void init_meta_info(bool *found_bad_meta
);
1623 typedef cls_rgw_obj_key rgw_obj_index_key
;
1625 struct rgw_obj_key
{
1631 // cppcheck-suppress noExplicitConstructor
1632 rgw_obj_key(const string
& n
) : name(n
) {}
1633 rgw_obj_key(const string
& n
, const string
& i
) : name(n
), instance(i
) {}
1634 rgw_obj_key(const string
& n
, const string
& i
, const string
& _ns
) : name(n
), instance(i
), ns(_ns
) {}
1636 rgw_obj_key(const rgw_obj_index_key
& k
) {
1637 parse_index_key(k
.name
, &name
, &ns
);
1638 instance
= k
.instance
;
1641 static void parse_index_key(const string
& key
, string
*name
, string
*ns
) {
1642 if (key
[0] != '_') {
1647 if (key
[1] == '_') {
1648 *name
= key
.substr(1);
1652 ssize_t pos
= key
.find('_', 1);
1654 /* shouldn't happen, just use key */
1660 *name
= key
.substr(pos
+ 1);
1661 *ns
= key
.substr(1, pos
-1);
1664 void set(const string
& n
) {
1670 void set(const string
& n
, const string
& i
) {
1676 void set(const string
& n
, const string
& i
, const string
& _ns
) {
1682 bool set(const rgw_obj_index_key
& index_key
) {
1683 if (!parse_raw_oid(index_key
.name
, this)) {
1686 instance
= index_key
.instance
;
1690 void set_instance(const string
& i
) {
1694 const string
& get_instance() const {
1698 string
get_index_key_name() const {
1700 if (name
.size() < 1 || name
[0] != '_') {
1703 return string("_") + name
;
1706 char buf
[ns
.size() + 16];
1707 snprintf(buf
, sizeof(buf
), "_%s_", ns
.c_str());
1708 return string(buf
) + name
;
1711 void get_index_key(rgw_obj_index_key
*key
) const {
1712 key
->name
= get_index_key_name();
1713 key
->instance
= instance
;
1716 string
get_loc() const {
1718 * For backward compatibility. Older versions used to have object locator on all objects,
1719 * however, the name was the effective object locator. This had the same effect as not
1720 * having object locator at all for most objects but the ones that started with underscore as
1721 * these were escaped.
1723 if (name
[0] == '_' && ns
.empty()) {
1730 bool empty() const {
1731 return name
.empty();
1734 bool have_null_instance() const {
1735 return instance
== "null";
1738 bool have_instance() const {
1739 return !instance
.empty();
1742 bool need_to_encode_instance() const {
1743 return have_instance() && !have_null_instance();
1746 string
get_oid() const {
1747 if (ns
.empty() && !need_to_encode_instance()) {
1748 if (name
.size() < 1 || name
[0] != '_') {
1751 return string("_") + name
;
1756 if (need_to_encode_instance()) {
1757 oid
.append(string(":") + instance
);
1764 bool operator==(const rgw_obj_key
& k
) const {
1765 return (name
.compare(k
.name
) == 0) &&
1766 (instance
.compare(k
.instance
) == 0);
1769 bool operator<(const rgw_obj_key
& k
) const {
1770 int r
= name
.compare(k
.name
);
1772 r
= instance
.compare(k
.instance
);
1777 bool operator<=(const rgw_obj_key
& k
) const {
1778 return !(k
< *this);
1781 static void parse_ns_field(string
& ns
, string
& instance
) {
1782 int pos
= ns
.find(':');
1784 instance
= ns
.substr(pos
+ 1);
1785 ns
= ns
.substr(0, pos
);
1791 // takes an oid and parses out the namespace (ns), name, and
1793 static bool parse_raw_oid(const string
& oid
, rgw_obj_key
*key
) {
1794 key
->instance
.clear();
1796 if (oid
[0] != '_') {
1801 if (oid
.size() >= 2 && oid
[1] == '_') {
1802 key
->name
= oid
.substr(1);
1806 if (oid
.size() < 3) // for namespace, min size would be 3: _x_
1809 size_t pos
= oid
.find('_', 2); // oid must match ^_[^_].+$
1810 if (pos
== string::npos
)
1813 key
->ns
= oid
.substr(1, pos
- 1);
1814 parse_ns_field(key
->ns
, key
->instance
);
1816 key
->name
= oid
.substr(pos
+ 1);
1821 * Translate a namespace-mangled object name to the user-facing name
1822 * existing in the given namespace.
1824 * If the object is part of the given namespace, it returns true
1825 * and cuts down the name to the unmangled version. If it is not
1826 * part of the given namespace, it returns false.
1828 static bool oid_to_key_in_ns(const string
& oid
, rgw_obj_key
*key
, const string
& ns
) {
1829 bool ret
= parse_raw_oid(oid
, key
);
1834 return (ns
== key
->ns
);
1838 * Given a mangled object name and an empty namespace string, this
1839 * function extracts the namespace into the string and sets the object
1840 * name to be the unmangled version.
1842 * It returns true after successfully doing so, or
1843 * false if it fails.
1845 static bool strip_namespace_from_name(string
& name
, string
& ns
, string
& instance
) {
1848 if (name
[0] != '_') {
1852 size_t pos
= name
.find('_', 1);
1853 if (pos
== string::npos
) {
1857 if (name
[1] == '_') {
1858 name
= name
.substr(1);
1862 size_t period_pos
= name
.find('.');
1863 if (period_pos
< pos
) {
1867 ns
= name
.substr(1, pos
-1);
1868 name
= name
.substr(pos
+1, string::npos
);
1870 parse_ns_field(ns
, instance
);
1874 void encode(bufferlist
& bl
) const {
1875 ENCODE_START(2, 1, bl
);
1877 encode(instance
, bl
);
1881 void decode(bufferlist::const_iterator
& bl
) {
1882 DECODE_START(2, bl
);
1884 decode(instance
, bl
);
1885 if (struct_v
>= 2) {
1890 void dump(Formatter
*f
) const;
1891 void decode_json(JSONObj
*obj
);
1893 string
to_str() const {
1894 if (instance
.empty()) {
1897 char buf
[name
.size() + instance
.size() + 16];
1898 snprintf(buf
, sizeof(buf
), "%s[%s]", name
.c_str(), instance
.c_str());
1902 WRITE_CLASS_ENCODER(rgw_obj_key
)
1904 inline ostream
& operator<<(ostream
& out
, const rgw_obj_key
&o
) {
1905 return out
<< o
.to_str();
1908 inline ostream
& operator<<(ostream
& out
, const rgw_obj_index_key
&o
) {
1909 if (o
.instance
.empty()) {
1910 return out
<< o
.name
;
1912 return out
<< o
.name
<< "[" << o
.instance
<< "]";
1916 struct req_init_state
{
1917 /* Keeps [[tenant]:]bucket until we parse the token. */
1922 #include "rgw_auth.h"
1925 class RGWSysObjectCtx
;
1927 /** Store all the state necessary to complete and respond to an HTTP request*/
1928 struct req_state
: DoutPrefixProvider
{
1930 rgw::io::BasicClient
*cio
{nullptr};
1931 http_op op
{OP_UNKNOWN
};
1932 RGWOpType op_type
{};
1933 bool content_started
{false};
1935 ceph::Formatter
*formatter
{nullptr};
1937 string relative_uri
;
1938 const char *length
{nullptr};
1939 int64_t content_length
{0};
1940 map
<string
, string
> generic_attrs
;
1942 bool expect_cont
{false};
1943 uint64_t obj_size
{0};
1944 bool enable_ops_log
;
1945 bool enable_usage_log
;
1946 uint8_t defer_to_bucket_acls
;
1947 uint32_t perm_mask
{0};
1949 /* Set once when url_bucket is parsed and not violated thereafter. */
1950 string account_name
;
1952 string bucket_tenant
;
1957 string src_tenant_name
;
1958 string src_bucket_name
;
1959 rgw_obj_key src_object
;
1960 ACLOwner bucket_owner
;
1963 string zonegroup_name
;
1964 string zonegroup_endpoint
;
1965 string bucket_instance_id
;
1966 int bucket_instance_shard_id
{-1};
1967 string redirect_zone_endpoint
;
1971 RGWBucketInfo bucket_info
;
1972 real_time bucket_mtime
;
1973 std::map
<std::string
, ceph::bufferlist
> bucket_attrs
;
1974 bool bucket_exists
{false};
1975 rgw_placement_rule dest_placement
;
1977 bool has_bad_meta
{false};
1982 /* TODO(rzarzynski): switch out to the static_ptr for both members. */
1984 /* Object having the knowledge about an authenticated identity and allowing
1985 * to apply it during the authorization phase (verify_permission() methods
1986 * of a given RGWOp). Thus, it bounds authentication and authorization steps
1987 * through a well-defined interface. For more details, see rgw_auth.h. */
1988 std::unique_ptr
<rgw::auth::Identity
> identity
;
1990 std::shared_ptr
<rgw::auth::Completer
> completer
;
1992 /* A container for credentials of the S3's browser upload. It's necessary
1993 * because: 1) the ::authenticate() method of auth engines and strategies
1994 * take req_state only; 2) auth strategies live much longer than RGWOps -
1995 * there is no way to pass additional data dependencies through ctors. */
1998 friend class RGWPostObj_ObjStore_S3
;
2000 friend class rgw::auth::s3::AWSBrowserUploadAbstractor
;
2002 std::string access_key
;
2003 std::string signature
;
2004 std::string x_amz_algorithm
;
2005 std::string x_amz_credential
;
2006 std::string x_amz_date
;
2007 std::string x_amz_security_token
;
2008 ceph::bufferlist encoded_policy
;
2012 std::unique_ptr
<RGWAccessControlPolicy
> user_acl
;
2013 std::unique_ptr
<RGWAccessControlPolicy
> bucket_acl
;
2014 std::unique_ptr
<RGWAccessControlPolicy
> object_acl
;
2016 rgw::IAM::Environment env
;
2017 boost::optional
<rgw::IAM::Policy
> iam_policy
;
2018 vector
<rgw::IAM::Policy
> iam_user_policies
;
2020 /* Is the request made by an user marked as a system one?
2021 * Being system user means we also have the admin status. */
2022 bool system_request
{false};
2025 bool has_acl_header
{false};
2026 bool local_source
{false}; /* source is local */
2030 /* Content-Disposition override for TempURL of Swift API. */
2039 req_init_state init_state
;
2041 using Clock
= ceph::coarse_real_clock
;
2042 Clock::time_point time
;
2044 Clock::duration
time_elapsed() const { return Clock::now() - time
; }
2046 RGWObjectCtx
*obj_ctx
{nullptr};
2047 RGWSysObjectCtx
*sysobj_ctx
{nullptr};
2053 bool mfa_verified
{false};
2055 /// optional coroutine context
2056 optional_yield yield
{null_yield
};
2058 req_state(CephContext
* _cct
, RGWEnv
* e
, RGWUserInfo
* u
, uint64_t id
);
2061 bool is_err() const { return err
.is_err(); }
2063 // implements DoutPrefixProvider
2064 std::ostream
& gen_prefix(std::ostream
& out
) const override
;
2065 CephContext
* get_cct() const override
{ return cct
; }
2066 unsigned get_subsys() const override
{ return ceph_subsys_rgw
; }
2069 void set_req_state_err(struct req_state
*, int);
2070 void set_req_state_err(struct req_state
*, int, const string
&);
2071 void set_req_state_err(struct rgw_err
&, int, const int);
2072 void dump(struct req_state
*);
2074 /** Store basic data on bucket */
2075 struct RGWBucketEnt
{
2078 size_t size_rounded
;
2079 ceph::real_time creation_time
;
2082 /* The placement_rule is necessary to calculate per-storage-policy statics
2083 * of the Swift API. Although the info available in RGWBucketInfo, we need
2084 * to duplicate it here to not affect the performance of buckets listing. */
2085 rgw_placement_rule placement_rule
;
2092 RGWBucketEnt(const RGWBucketEnt
&) = default;
2093 RGWBucketEnt(RGWBucketEnt
&&) = default;
2094 explicit RGWBucketEnt(const rgw_user
& u
, cls_user_bucket_entry
&& e
)
2095 : bucket(u
, std::move(e
.bucket
)),
2097 size_rounded(e
.size_rounded
),
2098 creation_time(e
.creation_time
),
2102 RGWBucketEnt
& operator=(const RGWBucketEnt
&) = default;
2104 void convert(cls_user_bucket_entry
*b
) const {
2105 bucket
.convert(&b
->bucket
);
2107 b
->size_rounded
= size_rounded
;
2108 b
->creation_time
= creation_time
;
2112 void encode(bufferlist
& bl
) const {
2113 ENCODE_START(7, 5, bl
);
2115 __u32 mt
= ceph::real_clock::to_time_t(creation_time
);
2116 string empty_str
; // originally had the bucket name here, but we encode bucket later
2117 encode(empty_str
, bl
);
2124 encode(creation_time
, bl
);
2125 encode(placement_rule
, bl
);
2128 void decode(bufferlist::const_iterator
& bl
) {
2129 DECODE_START_LEGACY_COMPAT_LEN(7, 5, 5, bl
);
2132 string empty_str
; // backward compatibility
2133 decode(empty_str
, bl
);
2138 creation_time
= ceph::real_clock::from_time_t(mt
);
2148 decode(creation_time
, bl
);
2150 decode(placement_rule
, bl
);
2153 void dump(Formatter
*f
) const;
2154 static void generate_test_instances(list
<RGWBucketEnt
*>& o
);
2156 WRITE_CLASS_ENCODER(RGWBucketEnt
)
2162 bool in_extra_data
{false}; /* in-memory only member, does not serialize */
2164 // Represents the hash index source for this object once it is set (non-empty)
2165 std::string index_hash_source
;
2168 rgw_obj(const rgw_bucket
& b
, const std::string
& name
) : bucket(b
), key(name
) {}
2169 rgw_obj(const rgw_bucket
& b
, const rgw_obj_key
& k
) : bucket(b
), key(k
) {}
2170 rgw_obj(const rgw_bucket
& b
, const rgw_obj_index_key
& k
) : bucket(b
), key(k
) {}
2172 void init(const rgw_bucket
& b
, const std::string
& name
) {
2176 void init(const rgw_bucket
& b
, const std::string
& name
, const string
& i
, const string
& n
) {
2178 key
.set(name
, i
, n
);
2180 void init_ns(const rgw_bucket
& b
, const std::string
& name
, const string
& n
) {
2183 key
.instance
.clear();
2187 bool empty() const {
2191 void set_key(const rgw_obj_key
& k
) {
2195 string
get_oid() const {
2196 return key
.get_oid();
2199 const string
& get_hash_object() const {
2200 return index_hash_source
.empty() ? key
.name
: index_hash_source
;
2203 void set_in_extra_data(bool val
) {
2204 in_extra_data
= val
;
2207 bool is_in_extra_data() const {
2208 return in_extra_data
;
2211 void encode(bufferlist
& bl
) const {
2212 ENCODE_START(6, 6, bl
);
2215 encode(key
.name
, bl
);
2216 encode(key
.instance
, bl
);
2217 // encode(placement_id, bl);
2220 void decode(bufferlist::const_iterator
& bl
) {
2221 DECODE_START_LEGACY_COMPAT_LEN(6, 3, 3, bl
);
2224 decode(bucket
.name
, bl
); /* bucket.name */
2225 decode(s
, bl
); /* loc */
2227 decode(key
.name
, bl
);
2231 decode(key
.instance
, bl
);
2232 if (key
.ns
.empty() && key
.instance
.empty()) {
2233 if (key
.name
[0] == '_') {
2234 key
.name
= key
.name
.substr(1);
2237 if (struct_v
>= 5) {
2238 decode(key
.name
, bl
);
2240 ssize_t pos
= key
.name
.find('_', 1);
2242 throw buffer::error();
2244 key
.name
= key
.name
.substr(pos
+ 1);
2250 decode(key
.name
, bl
);
2251 decode(key
.instance
, bl
);
2252 // decode(placement_id, bl);
2256 void dump(Formatter
*f
) const;
2257 static void generate_test_instances(list
<rgw_obj
*>& o
);
2259 bool operator==(const rgw_obj
& o
) const {
2260 return (key
== o
.key
) &&
2261 (bucket
== o
.bucket
);
2263 bool operator<(const rgw_obj
& o
) const {
2264 int r
= key
.name
.compare(o
.key
.name
);
2266 r
= bucket
.bucket_id
.compare(o
.bucket
.bucket_id
); /* not comparing bucket.name, if bucket_id is equal so will be bucket.name */
2268 r
= key
.ns
.compare(o
.key
.ns
);
2270 r
= key
.instance
.compare(o
.key
.instance
);
2278 const rgw_pool
& get_explicit_data_pool() {
2279 if (!in_extra_data
|| bucket
.explicit_placement
.data_extra_pool
.empty()) {
2280 return bucket
.explicit_placement
.data_pool
;
2282 return bucket
.explicit_placement
.data_extra_pool
;
2285 WRITE_CLASS_ENCODER(rgw_obj
)
2287 struct rgw_cache_entry_info
{
2288 string cache_locator
;
2291 rgw_cache_entry_info() : gen(0) {}
2294 inline ostream
& operator<<(ostream
& out
, const rgw_obj
&o
) {
2295 return out
<< o
.bucket
.name
<< ":" << o
.get_oid();
2298 static inline void buf_to_hex(const unsigned char* const buf
,
2303 for (size_t i
= 0; i
< len
; i
++) {
2304 ::sprintf(&str
[i
*2], "%02x", static_cast<int>(buf
[i
]));
2308 template<size_t N
> static inline std::array
<char, N
* 2 + 1>
2309 buf_to_hex(const std::array
<unsigned char, N
>& buf
)
2311 static_assert(N
> 0, "The input array must be at least one element long");
2313 std::array
<char, N
* 2 + 1> hex_dest
;
2314 buf_to_hex(buf
.data(), N
, hex_dest
.data());
2318 static inline int hexdigit(char c
)
2320 if (c
>= '0' && c
<= '9')
2323 if (c
>= 'A' && c
<= 'F')
2324 return c
- 'A' + 0xa;
2328 static inline int hex_to_buf(const char *hex
, char *buf
, int len
)
2331 const char *p
= hex
;
2336 int d
= hexdigit(*p
);
2353 static inline int rgw_str_to_bool(const char *s
, int def_val
)
2358 return (strcasecmp(s
, "true") == 0 ||
2359 strcasecmp(s
, "on") == 0 ||
2360 strcasecmp(s
, "yes") == 0 ||
2361 strcasecmp(s
, "1") == 0);
2364 static inline void append_rand_alpha(CephContext
*cct
, const string
& src
, string
& dest
, int len
)
2368 gen_rand_alphanumeric(cct
, buf
, len
);
2373 static inline const char *rgw_obj_category_name(RGWObjCategory category
)
2376 case RGWObjCategory::None
:
2378 case RGWObjCategory::Main
:
2380 case RGWObjCategory::Shadow
:
2381 return "rgw.shadow";
2382 case RGWObjCategory::MultiMeta
:
2383 return "rgw.multimeta";
2389 static inline uint64_t rgw_rounded_kb(uint64_t bytes
)
2391 return (bytes
+ 1023) / 1024;
2394 static inline uint64_t rgw_rounded_objsize(uint64_t bytes
)
2396 return ((bytes
+ 4095) & ~4095);
2399 static inline uint64_t rgw_rounded_objsize_kb(uint64_t bytes
)
2401 return ((bytes
+ 4095) & ~4095) / 1024;
2404 /* implement combining step, S3 header canonicalization; k is a
2405 * valid header and in lc form */
2406 static inline void add_amz_meta_header(
2407 std::map
<std::string
, std::string
>& x_meta_map
,
2408 const std::string
& k
,
2409 const std::string
& v
)
2411 auto it
= x_meta_map
.find(k
);
2412 if (it
!= x_meta_map
.end()) {
2413 std::string old
= it
->second
;
2414 boost::algorithm::trim_right(old
);
2417 x_meta_map
[k
] = old
;
2421 } /* add_amz_meta_header */
2423 extern string
rgw_string_unquote(const string
& s
);
2424 extern void parse_csv_string(const string
& ival
, vector
<string
>& ovals
);
2425 extern int parse_key_value(string
& in_str
, string
& key
, string
& val
);
2426 extern int parse_key_value(string
& in_str
, const char *delim
, string
& key
, string
& val
);
2428 extern boost::optional
<std::pair
<boost::string_view
, boost::string_view
>>
2429 parse_key_value(const boost::string_view
& in_str
,
2430 const boost::string_view
& delim
);
2431 extern boost::optional
<std::pair
<boost::string_view
, boost::string_view
>>
2432 parse_key_value(const boost::string_view
& in_str
);
2436 extern int parse_time(const char *time_str
, real_time
*time
);
2437 extern bool parse_rfc2616(const char *s
, struct tm
*t
);
2438 extern bool parse_iso8601(const char *s
, struct tm
*t
, uint32_t *pns
= NULL
, bool extended_format
= true);
2439 extern string
rgw_trim_whitespace(const string
& src
);
2440 extern boost::string_view
rgw_trim_whitespace(const boost::string_view
& src
);
2441 extern string
rgw_trim_quotes(const string
& val
);
2443 extern void rgw_to_iso8601(const real_time
& t
, char *dest
, int buf_size
);
2444 extern void rgw_to_iso8601(const real_time
& t
, string
*dest
);
2445 extern std::string
rgw_to_asctime(const utime_t
& t
);
2447 /** Check if the req_state's user has the necessary permissions
2448 * to do the requested action */
2449 rgw::IAM::Effect
eval_user_policies(const vector
<rgw::IAM::Policy
>& user_policies
,
2450 const rgw::IAM::Environment
& env
,
2451 boost::optional
<const rgw::auth::Identity
&> id
,
2453 const rgw::IAM::ARN
& arn
);
2454 bool verify_user_permission(const DoutPrefixProvider
* dpp
,
2455 struct req_state
* const s
,
2456 RGWAccessControlPolicy
* const user_acl
,
2457 const vector
<rgw::IAM::Policy
>& user_policies
,
2458 const rgw::IAM::ARN
& res
,
2460 bool verify_user_permission_no_policy(const DoutPrefixProvider
* dpp
,
2461 struct req_state
* const s
,
2462 RGWAccessControlPolicy
* const user_acl
,
2464 bool verify_user_permission(const DoutPrefixProvider
* dpp
,
2465 struct req_state
* const s
,
2466 const rgw::IAM::ARN
& res
,
2468 bool verify_user_permission_no_policy(const DoutPrefixProvider
* dpp
,
2469 struct req_state
* const s
,
2471 bool verify_bucket_permission(
2472 const DoutPrefixProvider
* dpp
,
2473 struct req_state
* const s
,
2474 const rgw_bucket
& bucket
,
2475 RGWAccessControlPolicy
* const user_acl
,
2476 RGWAccessControlPolicy
* const bucket_acl
,
2477 const boost::optional
<rgw::IAM::Policy
>& bucket_policy
,
2478 const vector
<rgw::IAM::Policy
>& user_policies
,
2480 bool verify_bucket_permission(const DoutPrefixProvider
* dpp
, struct req_state
* const s
, const uint64_t op
);
2481 bool verify_bucket_permission_no_policy(
2482 const DoutPrefixProvider
* dpp
,
2483 struct req_state
* const s
,
2484 RGWAccessControlPolicy
* const user_acl
,
2485 RGWAccessControlPolicy
* const bucket_acl
,
2487 bool verify_bucket_permission_no_policy(const DoutPrefixProvider
* dpp
,
2488 struct req_state
* const s
,
2490 int verify_bucket_owner_or_policy(struct req_state
* const s
,
2492 extern bool verify_object_permission(
2493 const DoutPrefixProvider
* dpp
,
2494 struct req_state
* const s
,
2496 RGWAccessControlPolicy
* const user_acl
,
2497 RGWAccessControlPolicy
* const bucket_acl
,
2498 RGWAccessControlPolicy
* const object_acl
,
2499 const boost::optional
<rgw::IAM::Policy
>& bucket_policy
,
2500 const vector
<rgw::IAM::Policy
>& user_policies
,
2502 extern bool verify_object_permission(const DoutPrefixProvider
* dpp
, struct req_state
*s
, uint64_t op
);
2503 extern bool verify_object_permission_no_policy(
2504 const DoutPrefixProvider
* dpp
,
2505 struct req_state
* const s
,
2506 RGWAccessControlPolicy
* const user_acl
,
2507 RGWAccessControlPolicy
* const bucket_acl
,
2508 RGWAccessControlPolicy
* const object_acl
,
2510 extern bool verify_object_permission_no_policy(const DoutPrefixProvider
* dpp
, struct req_state
*s
,
2512 /** Convert an input URL into a sane object name
2513 * by converting %-escaped strings into characters, etc*/
2514 extern void rgw_uri_escape_char(char c
, string
& dst
);
2515 extern std::string
url_decode(const boost::string_view
& src_str
,
2516 bool in_query
= false);
2517 extern void url_encode(const std::string
& src
, string
& dst
,
2518 bool encode_slash
= true);
2519 extern std::string
url_encode(const std::string
& src
, bool encode_slash
= true);
2520 /* destination should be CEPH_CRYPTO_HMACSHA1_DIGESTSIZE bytes long */
2521 extern void calc_hmac_sha1(const char *key
, int key_len
,
2522 const char *msg
, int msg_len
, char *dest
);
2524 static inline sha1_digest_t
2525 calc_hmac_sha1(const boost::string_view
& key
, const boost::string_view
& msg
) {
2527 calc_hmac_sha1(key
.data(), key
.size(), msg
.data(), msg
.size(),
2528 reinterpret_cast<char*>(dest
.v
));
2532 /* destination should be CEPH_CRYPTO_HMACSHA256_DIGESTSIZE bytes long */
2533 extern void calc_hmac_sha256(const char *key
, int key_len
,
2534 const char *msg
, int msg_len
,
2537 static inline sha256_digest_t
2538 calc_hmac_sha256(const char *key
, const int key_len
,
2539 const char *msg
, const int msg_len
) {
2540 sha256_digest_t dest
;
2541 calc_hmac_sha256(key
, key_len
, msg
, msg_len
,
2542 reinterpret_cast<char*>(dest
.v
));
2546 static inline sha256_digest_t
2547 calc_hmac_sha256(const boost::string_view
& key
, const boost::string_view
& msg
) {
2548 sha256_digest_t dest
;
2549 calc_hmac_sha256(key
.data(), key
.size(),
2550 msg
.data(), msg
.size(),
2551 reinterpret_cast<char*>(dest
.v
));
2555 static inline sha256_digest_t
2556 calc_hmac_sha256(const sha256_digest_t
&key
,
2557 const boost::string_view
& msg
) {
2558 sha256_digest_t dest
;
2559 calc_hmac_sha256(reinterpret_cast<const char*>(key
.v
), sha256_digest_t::SIZE
,
2560 msg
.data(), msg
.size(),
2561 reinterpret_cast<char*>(dest
.v
));
2565 static inline sha256_digest_t
2566 calc_hmac_sha256(const std::vector
<unsigned char>& key
,
2567 const boost::string_view
& msg
) {
2568 sha256_digest_t dest
;
2569 calc_hmac_sha256(reinterpret_cast<const char*>(key
.data()), key
.size(),
2570 msg
.data(), msg
.size(),
2571 reinterpret_cast<char*>(dest
.v
));
2575 template<size_t KeyLenN
>
2576 static inline sha256_digest_t
2577 calc_hmac_sha256(const std::array
<unsigned char, KeyLenN
>& key
,
2578 const boost::string_view
& msg
) {
2579 sha256_digest_t dest
;
2580 calc_hmac_sha256(reinterpret_cast<const char*>(key
.data()), key
.size(),
2581 msg
.data(), msg
.size(),
2582 reinterpret_cast<char*>(dest
.v
));
2586 extern sha256_digest_t
calc_hash_sha256(const boost::string_view
& msg
);
2588 extern ceph::crypto::SHA256
* calc_hash_sha256_open_stream();
2589 extern void calc_hash_sha256_update_stream(ceph::crypto::SHA256
* hash
,
2592 extern std::string
calc_hash_sha256_close_stream(ceph::crypto::SHA256
** phash
);
2593 extern std::string
calc_hash_sha256_restart_stream(ceph::crypto::SHA256
** phash
);
2595 extern int rgw_parse_op_type_list(const string
& str
, uint32_t *perm
);
2597 static constexpr uint32_t MATCH_POLICY_ACTION
= 0x01;
2598 static constexpr uint32_t MATCH_POLICY_RESOURCE
= 0x02;
2599 static constexpr uint32_t MATCH_POLICY_ARN
= 0x04;
2600 static constexpr uint32_t MATCH_POLICY_STRING
= 0x08;
2602 extern bool match_policy(boost::string_view pattern
, boost::string_view input
,
2605 extern string
camelcase_dash_http_attr(const string
& orig
);
2606 extern string
lowercase_dash_http_attr(const string
& orig
);
2608 void rgw_setup_saved_curl_handles();
2609 void rgw_release_all_curl_handles();
2611 static inline void rgw_escape_str(const string
& s
, char esc_char
,
2612 char special_char
, string
*dest
)
2614 const char *src
= s
.c_str();
2615 char dest_buf
[s
.size() * 2 + 1];
2616 char *destp
= dest_buf
;
2618 for (size_t i
= 0; i
< s
.size(); i
++) {
2620 if (c
== esc_char
|| c
== special_char
) {
2621 *destp
++ = esc_char
;
2629 static inline ssize_t
rgw_unescape_str(const string
& s
, ssize_t ofs
,
2630 char esc_char
, char special_char
,
2633 const char *src
= s
.c_str();
2634 char dest_buf
[s
.size() + 1];
2635 char *destp
= dest_buf
;
2640 for (size_t i
= ofs
; i
< s
.size(); i
++) {
2642 if (!esc
&& c
== esc_char
) {
2646 if (!esc
&& c
== special_char
) {
2649 return (ssize_t
)i
+ 1;
2656 return string::npos
;
2659 static inline string
rgw_bl_str(ceph::buffer::list
& raw
)
2661 size_t len
= raw
.length();
2662 string
s(raw
.c_str(), len
);
2663 while (len
&& !s
[len
- 1]) {
2670 template <typename T
>
2671 int decode_bl(bufferlist
& bl
, T
& t
)
2673 auto iter
= bl
.cbegin();
2676 } catch (buffer::error
& err
) {