1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
5 * Ceph - scalable distributed file system
7 * Copyright (C) 2004-2009 Sage Weil <sage@newdream.net>
8 * Copyright (C) 2015 Yehuda Sadeh <yehuda@redhat.com>
10 * This is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License version 2.1, as published by the Free Software
13 * Foundation. See file COPYING.
17 #ifndef CEPH_RGW_COMMON_H
18 #define CEPH_RGW_COMMON_H
22 #include <boost/utility/string_view.hpp>
24 #include "common/ceph_crypto.h"
25 #include "common/random_string.h"
28 #include "rgw_iam_policy.h"
29 #include "rgw_quota.h"
30 #include "rgw_string.h"
31 #include "common/async/yield_context.h"
32 #include "rgw_website.h"
33 #include "rgw_object_lock.h"
35 #include "rgw_sync_policy.h"
36 #include "cls/version/cls_version_types.h"
37 #include "cls/user/cls_user_types.h"
38 #include "cls/rgw/cls_rgw_types.h"
39 #include "include/rados/librados.hpp"
40 #include "rgw_public_access.h"
48 using RGWAttrs
= std::map
<std::string
, ceph::buffer::list
>;
51 using ceph::crypto::MD5
;
53 #define RGW_ATTR_PREFIX "user.rgw."
55 #define RGW_HTTP_RGWX_ATTR_PREFIX "RGWX_ATTR_"
56 #define RGW_HTTP_RGWX_ATTR_PREFIX_OUT "Rgwx-Attr-"
58 #define RGW_AMZ_PREFIX "x-amz-"
59 #define RGW_AMZ_META_PREFIX RGW_AMZ_PREFIX "meta-"
60 #define RGW_AMZ_WEBSITE_REDIRECT_LOCATION RGW_AMZ_PREFIX "website-redirect-location"
61 #define RGW_AMZ_TAG_COUNT RGW_AMZ_PREFIX "tagging-count"
63 #define RGW_SYS_PARAM_PREFIX "rgwx-"
65 #define RGW_ATTR_ACL RGW_ATTR_PREFIX "acl"
66 #define RGW_ATTR_LC RGW_ATTR_PREFIX "lc"
67 #define RGW_ATTR_CORS RGW_ATTR_PREFIX "cors"
68 #define RGW_ATTR_ETAG RGW_ATTR_PREFIX "etag"
69 #define RGW_ATTR_BUCKETS RGW_ATTR_PREFIX "buckets"
70 #define RGW_ATTR_META_PREFIX RGW_ATTR_PREFIX RGW_AMZ_META_PREFIX
71 #define RGW_ATTR_CONTENT_TYPE RGW_ATTR_PREFIX "content_type"
72 #define RGW_ATTR_CACHE_CONTROL RGW_ATTR_PREFIX "cache_control"
73 #define RGW_ATTR_CONTENT_DISP RGW_ATTR_PREFIX "content_disposition"
74 #define RGW_ATTR_CONTENT_ENC RGW_ATTR_PREFIX "content_encoding"
75 #define RGW_ATTR_CONTENT_LANG RGW_ATTR_PREFIX "content_language"
76 #define RGW_ATTR_EXPIRES RGW_ATTR_PREFIX "expires"
77 #define RGW_ATTR_DELETE_AT RGW_ATTR_PREFIX "delete_at"
78 #define RGW_ATTR_ID_TAG RGW_ATTR_PREFIX "idtag"
79 #define RGW_ATTR_TAIL_TAG RGW_ATTR_PREFIX "tail_tag"
80 #define RGW_ATTR_SHADOW_OBJ RGW_ATTR_PREFIX "shadow_name"
81 #define RGW_ATTR_MANIFEST RGW_ATTR_PREFIX "manifest"
82 #define RGW_ATTR_USER_MANIFEST RGW_ATTR_PREFIX "user_manifest"
83 #define RGW_ATTR_AMZ_WEBSITE_REDIRECT_LOCATION RGW_ATTR_PREFIX RGW_AMZ_WEBSITE_REDIRECT_LOCATION
84 #define RGW_ATTR_SLO_MANIFEST RGW_ATTR_PREFIX "slo_manifest"
85 /* Information whether an object is SLO or not must be exposed to
86 * user through custom HTTP header named X-Static-Large-Object. */
87 #define RGW_ATTR_SLO_UINDICATOR RGW_ATTR_META_PREFIX "static-large-object"
88 #define RGW_ATTR_X_ROBOTS_TAG RGW_ATTR_PREFIX "x-robots-tag"
89 #define RGW_ATTR_STORAGE_CLASS RGW_ATTR_PREFIX "storage_class"
92 #define RGW_ATTR_OBJECT_LOCK RGW_ATTR_PREFIX "object-lock"
93 #define RGW_ATTR_OBJECT_RETENTION RGW_ATTR_PREFIX "object-retention"
94 #define RGW_ATTR_OBJECT_LEGAL_HOLD RGW_ATTR_PREFIX "object-legal-hold"
97 #define RGW_ATTR_PG_VER RGW_ATTR_PREFIX "pg_ver"
98 #define RGW_ATTR_SOURCE_ZONE RGW_ATTR_PREFIX "source_zone"
99 #define RGW_ATTR_TAGS RGW_ATTR_PREFIX RGW_AMZ_PREFIX "tagging"
101 #define RGW_ATTR_TEMPURL_KEY1 RGW_ATTR_META_PREFIX "temp-url-key"
102 #define RGW_ATTR_TEMPURL_KEY2 RGW_ATTR_META_PREFIX "temp-url-key-2"
104 /* Account/container quota of the Swift API. */
105 #define RGW_ATTR_QUOTA_NOBJS RGW_ATTR_META_PREFIX "quota-count"
106 #define RGW_ATTR_QUOTA_MSIZE RGW_ATTR_META_PREFIX "quota-bytes"
108 /* Static Web Site of Swift API. */
109 #define RGW_ATTR_WEB_INDEX RGW_ATTR_META_PREFIX "web-index"
110 #define RGW_ATTR_WEB_ERROR RGW_ATTR_META_PREFIX "web-error"
111 #define RGW_ATTR_WEB_LISTINGS RGW_ATTR_META_PREFIX "web-listings"
112 #define RGW_ATTR_WEB_LIST_CSS RGW_ATTR_META_PREFIX "web-listings-css"
113 #define RGW_ATTR_SUBDIR_MARKER RGW_ATTR_META_PREFIX "web-directory-type"
115 #define RGW_ATTR_OLH_PREFIX RGW_ATTR_PREFIX "olh."
117 #define RGW_ATTR_OLH_INFO RGW_ATTR_OLH_PREFIX "info"
118 #define RGW_ATTR_OLH_VER RGW_ATTR_OLH_PREFIX "ver"
119 #define RGW_ATTR_OLH_ID_TAG RGW_ATTR_OLH_PREFIX "idtag"
120 #define RGW_ATTR_OLH_PENDING_PREFIX RGW_ATTR_OLH_PREFIX "pending."
122 #define RGW_ATTR_COMPRESSION RGW_ATTR_PREFIX "compression"
124 #define RGW_ATTR_APPEND_PART_NUM RGW_ATTR_PREFIX "append_part_num"
127 #define RGW_ATTR_IAM_POLICY RGW_ATTR_PREFIX "iam-policy"
128 #define RGW_ATTR_USER_POLICY RGW_ATTR_PREFIX "user-policy"
129 #define RGW_ATTR_PUBLIC_ACCESS RGW_ATTR_PREFIX "public-access"
131 /* RGW File Attributes */
132 #define RGW_ATTR_UNIX_KEY1 RGW_ATTR_PREFIX "unix-key1"
133 #define RGW_ATTR_UNIX1 RGW_ATTR_PREFIX "unix1"
135 #define RGW_ATTR_CRYPT_PREFIX RGW_ATTR_PREFIX "crypt."
136 #define RGW_ATTR_CRYPT_MODE RGW_ATTR_CRYPT_PREFIX "mode"
137 #define RGW_ATTR_CRYPT_KEYMD5 RGW_ATTR_CRYPT_PREFIX "keymd5"
138 #define RGW_ATTR_CRYPT_KEYID RGW_ATTR_CRYPT_PREFIX "keyid"
139 #define RGW_ATTR_CRYPT_KEYSEL RGW_ATTR_CRYPT_PREFIX "keysel"
142 #define RGW_FORMAT_PLAIN 0
143 #define RGW_FORMAT_XML 1
144 #define RGW_FORMAT_JSON 2
145 #define RGW_FORMAT_HTML 3
147 #define RGW_CAP_READ 0x1
148 #define RGW_CAP_WRITE 0x2
149 #define RGW_CAP_ALL (RGW_CAP_READ | RGW_CAP_WRITE)
151 #define RGW_REST_SWIFT 0x1
152 #define RGW_REST_SWIFT_AUTH 0x2
153 #define RGW_REST_S3 0x4
154 #define RGW_REST_WEBSITE 0x8
155 #define RGW_REST_STS 0x10
156 #define RGW_REST_IAM 0x20
158 #define RGW_SUSPENDED_USER_AUID (uint64_t)-2
160 #define RGW_OP_TYPE_READ 0x01
161 #define RGW_OP_TYPE_WRITE 0x02
162 #define RGW_OP_TYPE_DELETE 0x04
164 #define RGW_OP_TYPE_MODIFY (RGW_OP_TYPE_WRITE | RGW_OP_TYPE_DELETE)
165 #define RGW_OP_TYPE_ALL (RGW_OP_TYPE_READ | RGW_OP_TYPE_WRITE | RGW_OP_TYPE_DELETE)
167 #define RGW_DEFAULT_MAX_BUCKETS 1000
169 #define RGW_DEFER_TO_BUCKET_ACLS_RECURSE 1
170 #define RGW_DEFER_TO_BUCKET_ACLS_FULL_CONTROL 2
172 #define STATUS_CREATED 1900
173 #define STATUS_ACCEPTED 1901
174 #define STATUS_NO_CONTENT 1902
175 #define STATUS_PARTIAL_CONTENT 1903
176 #define STATUS_REDIRECT 1904
177 #define STATUS_NO_APPLY 1905
178 #define STATUS_APPLIED 1906
180 #define ERR_INVALID_BUCKET_NAME 2000
181 #define ERR_INVALID_OBJECT_NAME 2001
182 #define ERR_NO_SUCH_BUCKET 2002
183 #define ERR_METHOD_NOT_ALLOWED 2003
184 #define ERR_INVALID_DIGEST 2004
185 #define ERR_BAD_DIGEST 2005
186 #define ERR_UNRESOLVABLE_EMAIL 2006
187 #define ERR_INVALID_PART 2007
188 #define ERR_INVALID_PART_ORDER 2008
189 #define ERR_NO_SUCH_UPLOAD 2009
190 #define ERR_REQUEST_TIMEOUT 2010
191 #define ERR_LENGTH_REQUIRED 2011
192 #define ERR_REQUEST_TIME_SKEWED 2012
193 #define ERR_BUCKET_EXISTS 2013
194 #define ERR_BAD_URL 2014
195 #define ERR_PRECONDITION_FAILED 2015
196 #define ERR_NOT_MODIFIED 2016
197 #define ERR_INVALID_UTF8 2017
198 #define ERR_UNPROCESSABLE_ENTITY 2018
199 #define ERR_TOO_LARGE 2019
200 #define ERR_TOO_MANY_BUCKETS 2020
201 #define ERR_INVALID_REQUEST 2021
202 #define ERR_TOO_SMALL 2022
203 #define ERR_NOT_FOUND 2023
204 #define ERR_PERMANENT_REDIRECT 2024
205 #define ERR_LOCKED 2025
206 #define ERR_QUOTA_EXCEEDED 2026
207 #define ERR_SIGNATURE_NO_MATCH 2027
208 #define ERR_INVALID_ACCESS_KEY 2028
209 #define ERR_MALFORMED_XML 2029
210 #define ERR_USER_EXIST 2030
211 #define ERR_NOT_SLO_MANIFEST 2031
212 #define ERR_EMAIL_EXIST 2032
213 #define ERR_KEY_EXIST 2033
214 #define ERR_INVALID_SECRET_KEY 2034
215 #define ERR_INVALID_KEY_TYPE 2035
216 #define ERR_INVALID_CAP 2036
217 #define ERR_INVALID_TENANT_NAME 2037
218 #define ERR_WEBSITE_REDIRECT 2038
219 #define ERR_NO_SUCH_WEBSITE_CONFIGURATION 2039
220 #define ERR_AMZ_CONTENT_SHA256_MISMATCH 2040
221 #define ERR_NO_SUCH_LC 2041
222 #define ERR_NO_SUCH_USER 2042
223 #define ERR_NO_SUCH_SUBUSER 2043
224 #define ERR_MFA_REQUIRED 2044
225 #define ERR_NO_SUCH_CORS_CONFIGURATION 2045
226 #define ERR_NO_SUCH_OBJECT_LOCK_CONFIGURATION 2046
227 #define ERR_INVALID_RETENTION_PERIOD 2047
228 #define ERR_USER_SUSPENDED 2100
229 #define ERR_INTERNAL_ERROR 2200
230 #define ERR_NOT_IMPLEMENTED 2201
231 #define ERR_SERVICE_UNAVAILABLE 2202
232 #define ERR_ROLE_EXISTS 2203
233 #define ERR_MALFORMED_DOC 2204
234 #define ERR_NO_ROLE_FOUND 2205
235 #define ERR_DELETE_CONFLICT 2206
236 #define ERR_NO_SUCH_BUCKET_POLICY 2207
237 #define ERR_INVALID_LOCATION_CONSTRAINT 2208
238 #define ERR_TAG_CONFLICT 2209
239 #define ERR_INVALID_TAG 2210
240 #define ERR_ZERO_IN_URL 2211
241 #define ERR_MALFORMED_ACL_ERROR 2212
242 #define ERR_ZONEGROUP_DEFAULT_PLACEMENT_MISCONFIGURATION 2213
243 #define ERR_INVALID_ENCRYPTION_ALGORITHM 2214
244 #define ERR_INVALID_CORS_RULES_ERROR 2215
245 #define ERR_NO_CORS_FOUND 2216
246 #define ERR_INVALID_WEBSITE_ROUTING_RULES_ERROR 2217
247 #define ERR_RATE_LIMITED 2218
248 #define ERR_POSITION_NOT_EQUAL_TO_LENGTH 2219
249 #define ERR_OBJECT_NOT_APPENDABLE 2220
250 #define ERR_INVALID_BUCKET_STATE 2221
252 #define ERR_BUSY_RESHARDING 2300
253 #define ERR_NO_SUCH_ENTITY 2301
254 #define ERR_LIMIT_EXCEEDED 2302
257 #define ERR_PACKED_POLICY_TOO_LARGE 2400
258 #define ERR_INVALID_IDENTITY_TOKEN 2401
260 #define ERR_NO_SUCH_TAG_SET 2402
263 #define UINT32_MAX (0xffffffffu)
268 typedef void *RGWAccessHandle
;
270 enum RGWIntentEvent
{
280 /** Store error returns for output at a different point in the program */
284 bool is_clear() const;
286 friend std::ostream
& operator<<(std::ostream
& oss
, const rgw_err
&err
);
290 std::string err_code
;
294 /* Helper class used for RGWHTTPArgs parsing */
297 const std::string str
;
301 explicit NameVal(const std::string
& nv
) : str(nv
) {}
305 std::string
& get_name() { return name
; }
306 std::string
& get_val() { return val
; }
309 /** Stores the XML arguments associated with the HTTP request in req_state*/
311 std::string str
, empty_str
;
312 std::map
<std::string
, std::string
> val_map
;
313 std::map
<std::string
, std::string
> sys_val_map
;
314 std::map
<std::string
, std::string
> sub_resources
;
315 bool has_resp_modifier
= false;
316 bool admin_subresource_added
= false;
318 RGWHTTPArgs() = default;
319 explicit RGWHTTPArgs(const std::string
& s
) {
324 /** Set the arguments; as received */
325 void set(const std::string
& s
) {
326 has_resp_modifier
= false;
328 sub_resources
.clear();
331 /** parse the received arguments */
333 void append(const std::string
& name
, const string
& val
);
334 /** Get the value for a specific argument parameter */
335 const string
& get(const std::string
& name
, bool *exists
= NULL
) const;
336 boost::optional
<const std::string
&>
337 get_optional(const std::string
& name
) const;
338 int get_bool(const std::string
& name
, bool *val
, bool *exists
);
339 int get_bool(const char *name
, bool *val
, bool *exists
);
340 void get_bool(const char *name
, bool *val
, bool def_val
);
341 int get_int(const char *name
, int *val
, int def_val
);
343 /** Get the value for specific system argument parameter */
344 std::string
sys_get(const std::string
& name
, bool *exists
= nullptr) const;
346 /** see if a parameter is contained in this RGWHTTPArgs */
347 bool exists(const char *name
) const {
348 return (val_map
.find(name
) != std::end(val_map
));
350 bool sub_resource_exists(const char *name
) const {
351 return (sub_resources
.find(name
) != std::end(sub_resources
));
353 std::map
<std::string
, std::string
>& get_params() {
356 const std::map
<std::string
, std::string
>& get_sub_resources() const {
357 return sub_resources
;
359 unsigned get_num_params() const {
360 return val_map
.size();
362 bool has_response_modifier() const {
363 return has_resp_modifier
;
365 void set_system() { /* make all system params visible */
366 std::map
<std::string
, std::string
>::iterator iter
;
367 for (iter
= sys_val_map
.begin(); iter
!= sys_val_map
.end(); ++iter
) {
368 val_map
[iter
->first
] = iter
->second
;
371 const std::string
& get_str() {
376 const char *rgw_conf_get(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, const char *def_val
);
377 int rgw_conf_get_int(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, int def_val
);
378 bool rgw_conf_get_bool(const map
<string
, string
, ltstr_nocase
>& conf_map
, const char *name
, bool def_val
);
385 int enable_usage_log
;
386 uint8_t defer_to_bucket_acls
;
387 void init(CephContext
*cct
);
392 defer_to_bucket_acls(0) {
397 std::map
<string
, string
, ltstr_nocase
> env_map
;
400 void init(CephContext
*cct
);
401 void init(CephContext
*cct
, char **envp
);
402 void set(std::string name
, std::string val
);
403 const char *get(const char *name
, const char *def_val
= nullptr) const;
404 int get_int(const char *name
, int def_val
= 0) const;
405 bool get_bool(const char *name
, bool def_val
= 0);
406 size_t get_size(const char *name
, size_t def_val
= 0) const;
407 bool exists(const char *name
) const;
408 bool exists_prefix(const char *prefix
) const;
409 void remove(const char *name
);
410 const std::map
<string
, string
, ltstr_nocase
>& get_map() const { return env_map
; }
411 int get_enable_ops_log() const {
412 return conf
.enable_ops_log
;
415 int get_enable_usage_log() const {
416 return conf
.enable_usage_log
;
419 int get_defer_to_bucket_acls() const {
420 return conf
.defer_to_bucket_acls
;
424 // return true if the connection is secure. this either means that the
425 // connection arrived via ssl, or was forwarded as https by a trusted proxy
426 bool rgw_transport_is_secure(CephContext
*cct
, const RGWEnv
& env
);
445 RGW_OP_GET_BUCKET_LOGGING
,
446 RGW_OP_GET_BUCKET_LOCATION
,
447 RGW_OP_GET_BUCKET_VERSIONING
,
448 RGW_OP_SET_BUCKET_VERSIONING
,
449 RGW_OP_GET_BUCKET_WEBSITE
,
450 RGW_OP_SET_BUCKET_WEBSITE
,
452 RGW_OP_CREATE_BUCKET
,
453 RGW_OP_DELETE_BUCKET
,
457 RGW_OP_PUT_METADATA_ACCOUNT
,
458 RGW_OP_PUT_METADATA_BUCKET
,
459 RGW_OP_PUT_METADATA_OBJECT
,
469 RGW_OP_GET_REQUEST_PAYMENT
,
470 RGW_OP_SET_REQUEST_PAYMENT
,
471 RGW_OP_INIT_MULTIPART
,
472 RGW_OP_COMPLETE_MULTIPART
,
473 RGW_OP_ABORT_MULTIPART
,
474 RGW_OP_LIST_MULTIPART
,
475 RGW_OP_LIST_BUCKET_MULTIPARTS
,
476 RGW_OP_DELETE_MULTI_OBJ
,
479 RGW_OP_GET_CROSS_DOMAIN_POLICY
,
480 RGW_OP_GET_HEALTH_CHECK
,
487 RGW_OP_PUT_ROLE_POLICY
,
488 RGW_OP_GET_ROLE_POLICY
,
489 RGW_OP_LIST_ROLE_POLICIES
,
490 RGW_OP_DELETE_ROLE_POLICY
,
491 RGW_OP_PUT_BUCKET_POLICY
,
492 RGW_OP_GET_BUCKET_POLICY
,
493 RGW_OP_DELETE_BUCKET_POLICY
,
494 RGW_OP_PUT_OBJ_TAGGING
,
495 RGW_OP_GET_OBJ_TAGGING
,
496 RGW_OP_DELETE_OBJ_TAGGING
,
500 RGW_OP_PUT_USER_POLICY
,
501 RGW_OP_GET_USER_POLICY
,
502 RGW_OP_LIST_USER_POLICIES
,
503 RGW_OP_DELETE_USER_POLICY
,
504 RGW_OP_PUT_BUCKET_OBJ_LOCK
,
505 RGW_OP_GET_BUCKET_OBJ_LOCK
,
506 RGW_OP_PUT_OBJ_RETENTION
,
507 RGW_OP_GET_OBJ_RETENTION
,
508 RGW_OP_PUT_OBJ_LEGAL_HOLD
,
509 RGW_OP_GET_OBJ_LEGAL_HOLD
,
511 RGW_OP_ADMIN_SET_METADATA
,
512 RGW_OP_GET_OBJ_LAYOUT
,
514 RGW_OP_METADATA_SEARCH
,
515 RGW_OP_CONFIG_BUCKET_META_SEARCH
,
516 RGW_OP_GET_BUCKET_META_SEARCH
,
517 RGW_OP_DEL_BUCKET_META_SEARCH
,
520 RGW_STS_GET_SESSION_TOKEN
,
521 RGW_STS_ASSUME_ROLE_WEB_IDENTITY
,
523 RGW_OP_PUBSUB_TOPIC_CREATE
,
524 RGW_OP_PUBSUB_TOPICS_LIST
,
525 RGW_OP_PUBSUB_TOPIC_GET
,
526 RGW_OP_PUBSUB_TOPIC_DELETE
,
527 RGW_OP_PUBSUB_SUB_CREATE
,
528 RGW_OP_PUBSUB_SUB_GET
,
529 RGW_OP_PUBSUB_SUB_DELETE
,
530 RGW_OP_PUBSUB_SUB_PULL
,
531 RGW_OP_PUBSUB_SUB_ACK
,
532 RGW_OP_PUBSUB_NOTIF_CREATE
,
533 RGW_OP_PUBSUB_NOTIF_DELETE
,
534 RGW_OP_PUBSUB_NOTIF_LIST
,
535 RGW_OP_GET_BUCKET_TAGGING
,
536 RGW_OP_PUT_BUCKET_TAGGING
,
537 RGW_OP_DELETE_BUCKET_TAGGING
,
538 RGW_OP_GET_BUCKET_REPLICATION
,
539 RGW_OP_PUT_BUCKET_REPLICATION
,
540 RGW_OP_DELETE_BUCKET_REPLICATION
,
543 RGW_OP_GET_BUCKET_POLICY_STATUS
,
544 RGW_OP_PUT_BUCKET_PUBLIC_ACCESS_BLOCK
,
545 RGW_OP_GET_BUCKET_PUBLIC_ACCESS_BLOCK
,
546 RGW_OP_DELETE_BUCKET_PUBLIC_ACCESS_BLOCK
,
548 /*OIDC provider specific*/
549 RGW_OP_CREATE_OIDC_PROVIDER
,
550 RGW_OP_DELETE_OIDC_PROVIDER
,
551 RGW_OP_GET_OIDC_PROVIDER
,
552 RGW_OP_LIST_OIDC_PROVIDERS
,
555 class RGWAccessControlPolicy
;
558 struct RGWAccessKey
{
559 string id
; // AccessKey
560 string key
; // SecretKey
564 RGWAccessKey(std::string _id
, std::string _key
)
565 : id(std::move(_id
)), key(std::move(_key
)) {}
567 void encode(bufferlist
& bl
) const {
568 ENCODE_START(2, 2, bl
);
575 void decode(bufferlist::const_iterator
& bl
) {
576 DECODE_START_LEGACY_COMPAT_LEN_32(2, 2, 2, bl
);
582 void dump(Formatter
*f
) const;
583 void dump_plain(Formatter
*f
) const;
584 void dump(Formatter
*f
, const string
& user
, bool swift
) const;
585 static void generate_test_instances(list
<RGWAccessKey
*>& o
);
587 void decode_json(JSONObj
*obj
);
588 void decode_json(JSONObj
*obj
, bool swift
);
590 WRITE_CLASS_ENCODER(RGWAccessKey
)
596 RGWSubUser() : perm_mask(0) {}
597 void encode(bufferlist
& bl
) const {
598 ENCODE_START(2, 2, bl
);
600 encode(perm_mask
, bl
);
604 void decode(bufferlist::const_iterator
& bl
) {
605 DECODE_START_LEGACY_COMPAT_LEN_32(2, 2, 2, bl
);
607 decode(perm_mask
, bl
);
610 void dump(Formatter
*f
) const;
611 void dump(Formatter
*f
, const string
& user
) const;
612 static void generate_test_instances(list
<RGWSubUser
*>& o
);
614 void decode_json(JSONObj
*obj
);
616 WRITE_CLASS_ENCODER(RGWSubUser
)
620 map
<string
, uint32_t> caps
;
622 int get_cap(const string
& cap
, string
& type
, uint32_t *perm
);
623 int add_cap(const string
& cap
);
624 int remove_cap(const string
& cap
);
626 static int parse_cap_perm(const string
& str
, uint32_t *perm
);
627 int add_from_string(const string
& str
);
628 int remove_from_string(const string
& str
);
630 void encode(bufferlist
& bl
) const {
631 ENCODE_START(1, 1, bl
);
635 void decode(bufferlist::const_iterator
& bl
) {
640 int check_cap(const string
& cap
, uint32_t perm
) const;
641 bool is_valid_cap_type(const string
& tp
);
642 void dump(Formatter
*f
) const;
643 void dump(Formatter
*f
, const char *name
) const;
645 void decode_json(JSONObj
*obj
);
647 WRITE_CLASS_ENCODER(RGWUserCaps
)
649 void encode_json(const char *name
, const obj_version
& v
, Formatter
*f
);
650 void encode_json(const char *name
, const RGWUserCaps
& val
, Formatter
*f
);
652 void decode_json_obj(obj_version
& v
, JSONObj
*obj
);
666 static string RGW_STORAGE_CLASS_STANDARD
= "STANDARD";
668 struct rgw_placement_rule
{
670 std::string storage_class
;
672 rgw_placement_rule() {}
673 rgw_placement_rule(const string
& _n
, const string
& _sc
) : name(_n
), storage_class(_sc
) {}
674 rgw_placement_rule(const rgw_placement_rule
& _r
, const string
& _sc
) : name(_r
.name
) {
678 storage_class
= _r
.storage_class
;
683 return name
.empty() && storage_class
.empty();
686 void inherit_from(const rgw_placement_rule
& r
) {
690 if (storage_class
.empty()) {
691 storage_class
= r
.storage_class
;
697 storage_class
.clear();
700 void init(const string
& n
, const string
& c
) {
705 static const string
& get_canonical_storage_class(const string
& storage_class
) {
706 if (storage_class
.empty()) {
707 return RGW_STORAGE_CLASS_STANDARD
;
709 return storage_class
;
712 const string
& get_storage_class() const {
713 return get_canonical_storage_class(storage_class
);
716 int compare(const rgw_placement_rule
& r
) const {
717 int c
= name
.compare(r
.name
);
721 return get_storage_class().compare(r
.get_storage_class());
724 bool operator==(const rgw_placement_rule
& r
) const {
725 return (name
== r
.name
&&
726 get_storage_class() == r
.get_storage_class());
729 bool operator!=(const rgw_placement_rule
& r
) const {
730 return !(*this == r
);
733 void encode(bufferlist
& bl
) const {
734 /* no ENCODE_START/END due to backward compatibility */
735 std::string s
= to_str();
739 void decode(bufferlist::const_iterator
& bl
) {
745 std::string
to_str() const {
746 if (standard_storage_class()) {
749 return to_str_explicit();
752 std::string
to_str_explicit() const {
753 return name
+ "/" + storage_class
;
756 void from_str(const std::string
& s
) {
757 size_t pos
= s
.find("/");
758 if (pos
== std::string::npos
) {
760 storage_class
.clear();
763 name
= s
.substr(0, pos
);
764 storage_class
= s
.substr(pos
+ 1);
767 bool standard_storage_class() const {
768 return storage_class
.empty() || storage_class
== RGW_STORAGE_CLASS_STANDARD
;
771 WRITE_CLASS_ENCODER(rgw_placement_rule
)
773 void encode_json(const char *name
, const rgw_placement_rule
& val
, ceph::Formatter
*f
);
774 void decode_json_obj(rgw_placement_rule
& v
, JSONObj
*obj
);
776 inline ostream
& operator<<(ostream
& out
, const rgw_placement_rule
& rule
) {
777 return out
<< rule
.to_str();
784 map
<string
, RGWAccessKey
> access_keys
;
785 map
<string
, RGWAccessKey
> swift_keys
;
786 map
<string
, RGWSubUser
> subusers
;
793 rgw_placement_rule default_placement
;
794 list
<string
> placement_tags
;
795 RGWQuotaInfo bucket_quota
;
796 map
<int, string
> temp_url_keys
;
797 RGWQuotaInfo user_quota
;
800 string assumed_role_arn
;
804 max_buckets(RGW_DEFAULT_MAX_BUCKETS
),
805 op_mask(RGW_OP_TYPE_ALL
),
811 RGWAccessKey
* get_key(const string
& access_key
) {
812 if (access_keys
.empty())
815 auto k
= access_keys
.find(access_key
);
816 if (k
== access_keys
.end())
822 void encode(bufferlist
& bl
) const {
823 ENCODE_START(21, 9, bl
);
824 encode((uint64_t)0, bl
); // old auid
827 if (!access_keys
.empty()) {
828 map
<string
, RGWAccessKey
>::const_iterator iter
= access_keys
.begin();
829 const RGWAccessKey
& k
= iter
->second
;
833 encode(access_key
, bl
);
834 encode(secret_key
, bl
);
835 encode(display_name
, bl
);
836 encode(user_email
, bl
);
839 if (!swift_keys
.empty()) {
840 map
<string
, RGWAccessKey
>::const_iterator iter
= swift_keys
.begin();
841 const RGWAccessKey
& k
= iter
->second
;
845 encode(swift_name
, bl
);
846 encode(swift_key
, bl
);
847 encode(user_id
.id
, bl
);
848 encode(access_keys
, bl
);
849 encode(subusers
, bl
);
850 encode(suspended
, bl
);
851 encode(swift_keys
, bl
);
852 encode(max_buckets
, bl
);
856 encode(default_placement
, bl
);
857 encode(placement_tags
, bl
);
858 encode(bucket_quota
, bl
);
859 encode(temp_url_keys
, bl
);
860 encode(user_quota
, bl
);
861 encode(user_id
.tenant
, bl
);
865 encode(assumed_role_arn
, bl
);
868 void decode(bufferlist::const_iterator
& bl
) {
869 DECODE_START_LEGACY_COMPAT_LEN_32(21, 9, 9, bl
);
872 decode(old_auid
, bl
);
876 decode(access_key
, bl
);
877 decode(secret_key
, bl
);
882 access_keys
[access_key
] = k
;
884 decode(display_name
, bl
);
885 decode(user_email
, bl
);
886 /* We populate swift_keys map later nowadays, but we have to decode. */
889 if (struct_v
>= 3) decode(swift_name
, bl
);
890 if (struct_v
>= 4) decode(swift_key
, bl
);
892 decode(user_id
.id
, bl
);
894 user_id
.id
= access_key
;
896 decode(access_keys
, bl
);
897 decode(subusers
, bl
);
901 decode(suspended
, bl
);
904 decode(swift_keys
, bl
);
906 if (struct_v
>= 10) {
907 decode(max_buckets
, bl
);
909 max_buckets
= RGW_DEFAULT_MAX_BUCKETS
;
911 if (struct_v
>= 11) {
914 if (struct_v
>= 12) {
917 op_mask
= RGW_OP_TYPE_ALL
;
919 if (struct_v
>= 13) {
921 decode(default_placement
, bl
);
922 decode(placement_tags
, bl
); /* tags of allowed placement rules */
924 if (struct_v
>= 14) {
925 decode(bucket_quota
, bl
);
927 if (struct_v
>= 15) {
928 decode(temp_url_keys
, bl
);
930 if (struct_v
>= 16) {
931 decode(user_quota
, bl
);
933 if (struct_v
>= 17) {
934 decode(user_id
.tenant
, bl
);
936 user_id
.tenant
.clear();
938 if (struct_v
>= 18) {
941 if (struct_v
>= 19) {
944 if (struct_v
>= 20) {
947 if (struct_v
>= 21) {
948 decode(assumed_role_arn
, bl
);
952 void dump(Formatter
*f
) const;
953 static void generate_test_instances(list
<RGWUserInfo
*>& o
);
955 void decode_json(JSONObj
*obj
);
957 WRITE_CLASS_ENCODER(RGWUserInfo
)
965 rgw_raw_obj(const rgw_pool
& _pool
, const std::string
& _oid
) {
968 rgw_raw_obj(const rgw_pool
& _pool
, const std::string
& _oid
, const string
& _loc
) : loc(_loc
) {
972 void init(const rgw_pool
& _pool
, const std::string
& _oid
) {
981 void encode(bufferlist
& bl
) const {
982 ENCODE_START(6, 6, bl
);
989 void decode_from_rgw_obj(bufferlist::const_iterator
& bl
);
991 void decode(bufferlist::const_iterator
& bl
) {
992 unsigned ofs
= bl
.get_off();
996 * this object was encoded as rgw_obj, prior to rgw_raw_obj been split out of it,
997 * let's decode it as rgw_obj and convert it
1000 decode_from_rgw_obj(bl
);
1009 bool operator<(const rgw_raw_obj
& o
) const {
1010 int r
= pool
.compare(o
.pool
);
1012 r
= oid
.compare(o
.oid
);
1014 r
= loc
.compare(o
.loc
);
1020 bool operator==(const rgw_raw_obj
& o
) const {
1021 return (pool
== o
.pool
&& oid
== o
.oid
&& loc
== o
.loc
);
1024 void dump(Formatter
*f
) const;
1025 void decode_json(JSONObj
*obj
);
1027 WRITE_CLASS_ENCODER(rgw_raw_obj
)
1029 inline ostream
& operator<<(ostream
& out
, const rgw_raw_obj
& o
) {
1030 out
<< o
.pool
<< ":" << o
.oid
;
1034 struct rgw_bucket_placement
{
1035 rgw_placement_rule placement_rule
;
1038 void dump(Formatter
*f
) const;
1041 struct RGWObjVersionTracker
{
1042 obj_version read_version
;
1043 obj_version write_version
;
1045 obj_version
*version_for_read() {
1046 return &read_version
;
1049 obj_version
*version_for_write() {
1050 if (write_version
.ver
== 0)
1053 return &write_version
;
1056 obj_version
*version_for_check() {
1057 if (read_version
.ver
== 0)
1060 return &read_version
;
1063 void prepare_op_for_read(librados::ObjectReadOperation
*op
);
1064 void prepare_op_for_write(librados::ObjectWriteOperation
*op
);
1069 read_version
= obj_version();
1070 write_version
= obj_version();
1073 void generate_new_write_ver(CephContext
*cct
);
1076 inline ostream
& operator<<(ostream
& out
, const obj_version
&v
)
1078 out
<< v
.tag
<< ":" << v
.ver
;
1082 inline ostream
& operator<<(ostream
& out
, const RGWObjVersionTracker
&ot
)
1084 out
<< "{r=" << ot
.read_version
<< ",w=" << ot
.write_version
<< "}";
1088 enum RGWBucketFlags
{
1089 BUCKET_SUSPENDED
= 0x1,
1090 BUCKET_VERSIONED
= 0x2,
1091 BUCKET_VERSIONS_SUSPENDED
= 0x4,
1092 BUCKET_DATASYNC_DISABLED
= 0X8,
1093 BUCKET_MFA_ENABLED
= 0X10,
1094 BUCKET_OBJ_LOCK_ENABLED
= 0X20,
1097 enum RGWBucketIndexType
{
1098 RGWBIType_Normal
= 0,
1099 RGWBIType_Indexless
= 1,
1102 inline ostream
& operator<<(ostream
& out
, const RGWBucketIndexType
&index_type
)
1104 switch (index_type
) {
1105 case RGWBIType_Normal
:
1106 return out
<< "Normal";
1107 case RGWBIType_Indexless
:
1108 return out
<< "Indexless";
1110 return out
<< "Unknown";
1116 struct RGWBucketInfo
{
1117 enum BIShardsHashType
{
1125 ceph::real_time creation_time
;
1126 rgw_placement_rule placement_rule
;
1127 bool has_instance_obj
{false};
1128 RGWObjVersionTracker objv_tracker
; /* we don't need to serialize this, for runtime tracking */
1131 // Represents the number of bucket index object shards:
1132 // - value of 0 indicates there is no sharding (this is by default
1133 // before this feature is implemented).
1134 // - value of UINT32_T::MAX indicates this is a blind bucket.
1135 uint32_t num_shards
{0};
1137 // Represents the bucket index shard hash type.
1138 uint8_t bucket_index_shard_hash_type
{MOD
};
1140 // Represents the shard number for blind bucket.
1141 const static uint32_t NUM_SHARDS_BLIND_BUCKET
;
1143 bool requester_pays
{false};
1145 bool has_website
{false};
1146 RGWBucketWebsiteConf website_conf
;
1148 RGWBucketIndexType index_type
= RGWBIType_Normal
;
1150 bool swift_versioning
{false};
1151 string swift_ver_location
;
1153 map
<string
, uint32_t> mdsearch_config
;
1156 cls_rgw_reshard_status reshard_status
{cls_rgw_reshard_status::NOT_RESHARDING
};
1157 string new_bucket_instance_id
;
1159 RGWObjectLock obj_lock
;
1161 std::optional
<rgw_sync_policy_info
> sync_policy
;
1163 void encode(bufferlist
& bl
) const;
1164 void decode(bufferlist::const_iterator
& bl
);
1166 void dump(Formatter
*f
) const;
1167 static void generate_test_instances(list
<RGWBucketInfo
*>& o
);
1169 void decode_json(JSONObj
*obj
);
1171 bool versioned() const { return (flags
& BUCKET_VERSIONED
) != 0; }
1172 int versioning_status() const { return flags
& (BUCKET_VERSIONED
| BUCKET_VERSIONS_SUSPENDED
| BUCKET_MFA_ENABLED
); }
1173 bool versioning_enabled() const { return (versioning_status() & (BUCKET_VERSIONED
| BUCKET_VERSIONS_SUSPENDED
)) == BUCKET_VERSIONED
; }
1174 bool mfa_enabled() const { return (versioning_status() & BUCKET_MFA_ENABLED
) != 0; }
1175 bool datasync_flag_enabled() const { return (flags
& BUCKET_DATASYNC_DISABLED
) == 0; }
1176 bool obj_lock_enabled() const { return (flags
& BUCKET_OBJ_LOCK_ENABLED
) != 0; }
1178 bool has_swift_versioning() const {
1179 /* A bucket may be versioned through one mechanism only. */
1180 return swift_versioning
&& !versioned();
1183 void set_sync_policy(rgw_sync_policy_info
&& policy
);
1185 bool empty_sync_policy() const;
1190 WRITE_CLASS_ENCODER(RGWBucketInfo
)
1192 struct RGWBucketEntryPoint
1196 ceph::real_time creation_time
;
1199 bool has_bucket_info
;
1200 RGWBucketInfo old_bucket_info
;
1202 RGWBucketEntryPoint() : linked(false), has_bucket_info(false) {}
1204 void encode(bufferlist
& bl
) const {
1205 ENCODE_START(10, 8, bl
);
1207 encode(owner
.id
, bl
);
1209 uint64_t ctime
= (uint64_t)real_clock::to_time_t(creation_time
);
1212 encode(creation_time
, bl
);
1215 void decode(bufferlist::const_iterator
& bl
) {
1216 auto orig_iter
= bl
;
1217 DECODE_START_LEGACY_COMPAT_LEN_32(10, 4, 4, bl
);
1219 /* ouch, old entry, contains the bucket info itself */
1220 old_bucket_info
.decode(orig_iter
);
1221 has_bucket_info
= true;
1224 has_bucket_info
= false;
1226 decode(owner
.id
, bl
);
1230 if (struct_v
< 10) {
1231 creation_time
= real_clock::from_time_t((time_t)ctime
);
1233 if (struct_v
>= 9) {
1236 if (struct_v
>= 10) {
1237 decode(creation_time
, bl
);
1242 void dump(Formatter
*f
) const;
1243 void decode_json(JSONObj
*obj
);
1244 static void generate_test_instances(list
<RGWBucketEntryPoint
*>& o
);
1246 WRITE_CLASS_ENCODER(RGWBucketEntryPoint
)
1248 struct RGWStorageStats
1250 RGWObjCategory category
;
1252 uint64_t size_rounded
;
1253 uint64_t size_utilized
{0}; //< size after compression, encryption
1254 uint64_t num_objects
;
1257 : category(RGWObjCategory::None
),
1262 void dump(Formatter
*f
) const;
1267 /* Namespaced forward declarations. */
1271 class AWSBrowserUploadAbstractor
;
1281 using meta_map_t
= boost::container::flat_map
<std::string
, std::string
>;
1286 meta_map_t x_meta_map
;
1292 string request_uri_aws4
;
1293 string effective_uri
;
1294 string request_params
;
1296 string storage_class
;
1298 req_info(CephContext
*cct
, const RGWEnv
*env
);
1299 void rebuild_from(req_info
& src
);
1300 void init_meta_info(bool *found_bad_meta
);
1303 typedef cls_rgw_obj_key rgw_obj_index_key
;
1305 struct rgw_obj_key
{
1311 // cppcheck-suppress noExplicitConstructor
1312 rgw_obj_key(const string
& n
) : name(n
) {}
1313 rgw_obj_key(const string
& n
, const string
& i
) : name(n
), instance(i
) {}
1314 rgw_obj_key(const string
& n
, const string
& i
, const string
& _ns
) : name(n
), instance(i
), ns(_ns
) {}
1316 rgw_obj_key(const rgw_obj_index_key
& k
) {
1317 parse_index_key(k
.name
, &name
, &ns
);
1318 instance
= k
.instance
;
1321 static void parse_index_key(const string
& key
, string
*name
, string
*ns
) {
1322 if (key
[0] != '_') {
1327 if (key
[1] == '_') {
1328 *name
= key
.substr(1);
1332 ssize_t pos
= key
.find('_', 1);
1334 /* shouldn't happen, just use key */
1340 *name
= key
.substr(pos
+ 1);
1341 *ns
= key
.substr(1, pos
-1);
1344 void set(const string
& n
) {
1350 void set(const string
& n
, const string
& i
) {
1356 void set(const string
& n
, const string
& i
, const string
& _ns
) {
1362 bool set(const rgw_obj_index_key
& index_key
) {
1363 if (!parse_raw_oid(index_key
.name
, this)) {
1366 instance
= index_key
.instance
;
1370 void set_instance(const string
& i
) {
1374 const string
& get_instance() const {
1378 void set_ns(const std::string
& _ns
) {
1382 const std::string
& get_ns() const {
1386 string
get_index_key_name() const {
1388 if (name
.size() < 1 || name
[0] != '_') {
1391 return string("_") + name
;
1394 char buf
[ns
.size() + 16];
1395 snprintf(buf
, sizeof(buf
), "_%s_", ns
.c_str());
1396 return string(buf
) + name
;
1399 void get_index_key(rgw_obj_index_key
*key
) const {
1400 key
->name
= get_index_key_name();
1401 key
->instance
= instance
;
1404 string
get_loc() const {
1406 * For backward compatibility. Older versions used to have object locator on all objects,
1407 * however, the name was the effective object locator. This had the same effect as not
1408 * having object locator at all for most objects but the ones that started with underscore as
1409 * these were escaped.
1411 if (name
[0] == '_' && ns
.empty()) {
1418 bool empty() const {
1419 return name
.empty();
1422 bool have_null_instance() const {
1423 return instance
== "null";
1426 bool have_instance() const {
1427 return !instance
.empty();
1430 bool need_to_encode_instance() const {
1431 return have_instance() && !have_null_instance();
1434 string
get_oid() const {
1435 if (ns
.empty() && !need_to_encode_instance()) {
1436 if (name
.size() < 1 || name
[0] != '_') {
1439 return string("_") + name
;
1444 if (need_to_encode_instance()) {
1445 oid
.append(string(":") + instance
);
1452 bool operator==(const rgw_obj_key
& k
) const {
1453 return (name
.compare(k
.name
) == 0) &&
1454 (instance
.compare(k
.instance
) == 0);
1457 bool operator<(const rgw_obj_key
& k
) const {
1458 int r
= name
.compare(k
.name
);
1460 r
= instance
.compare(k
.instance
);
1465 bool operator<=(const rgw_obj_key
& k
) const {
1466 return !(k
< *this);
1469 static void parse_ns_field(string
& ns
, string
& instance
) {
1470 int pos
= ns
.find(':');
1472 instance
= ns
.substr(pos
+ 1);
1473 ns
= ns
.substr(0, pos
);
1479 // takes an oid and parses out the namespace (ns), name, and
1481 static bool parse_raw_oid(const string
& oid
, rgw_obj_key
*key
) {
1482 key
->instance
.clear();
1484 if (oid
[0] != '_') {
1489 if (oid
.size() >= 2 && oid
[1] == '_') {
1490 key
->name
= oid
.substr(1);
1494 if (oid
.size() < 3) // for namespace, min size would be 3: _x_
1497 size_t pos
= oid
.find('_', 2); // oid must match ^_[^_].+$
1498 if (pos
== string::npos
)
1501 key
->ns
= oid
.substr(1, pos
- 1);
1502 parse_ns_field(key
->ns
, key
->instance
);
1504 key
->name
= oid
.substr(pos
+ 1);
1509 * Translate a namespace-mangled object name to the user-facing name
1510 * existing in the given namespace.
1512 * If the object is part of the given namespace, it returns true
1513 * and cuts down the name to the unmangled version. If it is not
1514 * part of the given namespace, it returns false.
1516 static bool oid_to_key_in_ns(const string
& oid
, rgw_obj_key
*key
, const string
& ns
) {
1517 bool ret
= parse_raw_oid(oid
, key
);
1522 return (ns
== key
->ns
);
1526 * Given a mangled object name and an empty namespace string, this
1527 * function extracts the namespace into the string and sets the object
1528 * name to be the unmangled version.
1530 * It returns true after successfully doing so, or
1531 * false if it fails.
1533 static bool strip_namespace_from_name(string
& name
, string
& ns
, string
& instance
) {
1536 if (name
[0] != '_') {
1540 size_t pos
= name
.find('_', 1);
1541 if (pos
== string::npos
) {
1545 if (name
[1] == '_') {
1546 name
= name
.substr(1);
1550 size_t period_pos
= name
.find('.');
1551 if (period_pos
< pos
) {
1555 ns
= name
.substr(1, pos
-1);
1556 name
= name
.substr(pos
+1, string::npos
);
1558 parse_ns_field(ns
, instance
);
1562 void encode(bufferlist
& bl
) const {
1563 ENCODE_START(2, 1, bl
);
1565 encode(instance
, bl
);
1569 void decode(bufferlist::const_iterator
& bl
) {
1570 DECODE_START(2, bl
);
1572 decode(instance
, bl
);
1573 if (struct_v
>= 2) {
1578 void dump(Formatter
*f
) const;
1579 void decode_json(JSONObj
*obj
);
1581 string
to_str() const {
1582 if (instance
.empty()) {
1585 char buf
[name
.size() + instance
.size() + 16];
1586 snprintf(buf
, sizeof(buf
), "%s[%s]", name
.c_str(), instance
.c_str());
1590 WRITE_CLASS_ENCODER(rgw_obj_key
)
1592 inline ostream
& operator<<(ostream
& out
, const rgw_obj_key
&o
) {
1593 return out
<< o
.to_str();
1596 inline ostream
& operator<<(ostream
& out
, const rgw_obj_index_key
&o
) {
1597 if (o
.instance
.empty()) {
1598 return out
<< o
.name
;
1600 return out
<< o
.name
<< "[" << o
.instance
<< "]";
1604 struct req_init_state
{
1605 /* Keeps [[tenant]:]bucket until we parse the token. */
1610 #include "rgw_auth.h"
1613 class RGWSysObjectCtx
;
1615 /** Store all the state necessary to complete and respond to an HTTP request*/
1616 struct req_state
: DoutPrefixProvider
{
1618 rgw::io::BasicClient
*cio
{nullptr};
1619 http_op op
{OP_UNKNOWN
};
1620 RGWOpType op_type
{};
1621 bool content_started
{false};
1623 ceph::Formatter
*formatter
{nullptr};
1625 string relative_uri
;
1626 const char *length
{nullptr};
1627 int64_t content_length
{0};
1628 map
<string
, string
> generic_attrs
;
1630 bool expect_cont
{false};
1631 uint64_t obj_size
{0};
1632 bool enable_ops_log
;
1633 bool enable_usage_log
;
1634 uint8_t defer_to_bucket_acls
;
1635 uint32_t perm_mask
{0};
1637 /* Set once when url_bucket is parsed and not violated thereafter. */
1638 string account_name
;
1640 string bucket_tenant
;
1645 string src_tenant_name
;
1646 string src_bucket_name
;
1647 rgw_obj_key src_object
;
1648 ACLOwner bucket_owner
;
1651 string zonegroup_name
;
1652 string zonegroup_endpoint
;
1653 string bucket_instance_id
;
1654 int bucket_instance_shard_id
{-1};
1655 string redirect_zone_endpoint
;
1659 RGWBucketInfo bucket_info
;
1660 obj_version bucket_ep_objv
;
1661 real_time bucket_mtime
;
1662 std::map
<std::string
, ceph::bufferlist
> bucket_attrs
;
1663 bool bucket_exists
{false};
1664 rgw_placement_rule dest_placement
;
1666 bool has_bad_meta
{false};
1668 rgw::sal::RGWUser
*user
;
1671 /* TODO(rzarzynski): switch out to the static_ptr for both members. */
1673 /* Object having the knowledge about an authenticated identity and allowing
1674 * to apply it during the authorization phase (verify_permission() methods
1675 * of a given RGWOp). Thus, it bounds authentication and authorization steps
1676 * through a well-defined interface. For more details, see rgw_auth.h. */
1677 std::unique_ptr
<rgw::auth::Identity
> identity
;
1679 std::shared_ptr
<rgw::auth::Completer
> completer
;
1681 /* A container for credentials of the S3's browser upload. It's necessary
1682 * because: 1) the ::authenticate() method of auth engines and strategies
1683 * take req_state only; 2) auth strategies live much longer than RGWOps -
1684 * there is no way to pass additional data dependencies through ctors. */
1687 friend class RGWPostObj_ObjStore_S3
;
1689 friend class rgw::auth::s3::AWSBrowserUploadAbstractor
;
1690 friend class rgw::auth::s3::STSEngine
;
1692 std::string access_key
;
1693 std::string signature
;
1694 std::string x_amz_algorithm
;
1695 std::string x_amz_credential
;
1696 std::string x_amz_date
;
1697 std::string x_amz_security_token
;
1698 ceph::bufferlist encoded_policy
;
1702 std::unique_ptr
<RGWAccessControlPolicy
> user_acl
;
1703 std::unique_ptr
<RGWAccessControlPolicy
> bucket_acl
;
1704 std::unique_ptr
<RGWAccessControlPolicy
> object_acl
;
1706 rgw::IAM::Environment env
;
1707 boost::optional
<rgw::IAM::Policy
> iam_policy
;
1708 boost::optional
<PublicAccessBlockConfiguration
> bucket_access_conf
;
1709 vector
<rgw::IAM::Policy
> iam_user_policies
;
1711 /* Is the request made by an user marked as a system one?
1712 * Being system user means we also have the admin status. */
1713 bool system_request
{false};
1716 bool has_acl_header
{false};
1717 bool local_source
{false}; /* source is local */
1721 /* Content-Disposition override for TempURL of Swift API. */
1730 req_init_state init_state
;
1732 using Clock
= ceph::coarse_real_clock
;
1733 Clock::time_point time
;
1735 Clock::duration
time_elapsed() const { return Clock::now() - time
; }
1737 RGWObjectCtx
*obj_ctx
{nullptr};
1738 RGWSysObjectCtx
*sysobj_ctx
{nullptr};
1746 bool mfa_verified
{false};
1748 /// optional coroutine context
1749 optional_yield yield
{null_yield
};
1751 //token claims from STS token for ops log (can be used for Keystone token also)
1752 std::vector
<string
> token_claims
;
1754 req_state(CephContext
* _cct
, RGWEnv
* e
, rgw::sal::RGWUser
* u
, uint64_t id
);
1757 bool is_err() const { return err
.is_err(); }
1759 // implements DoutPrefixProvider
1760 std::ostream
& gen_prefix(std::ostream
& out
) const override
;
1761 CephContext
* get_cct() const override
{ return cct
; }
1762 unsigned get_subsys() const override
{ return ceph_subsys_rgw
; }
1765 void set_req_state_err(struct req_state
*, int);
1766 void set_req_state_err(struct req_state
*, int, const string
&);
1767 void set_req_state_err(struct rgw_err
&, int, const int);
1768 void dump(struct req_state
*);
1770 /** Store basic data on bucket */
1771 struct RGWBucketEnt
{
1774 size_t size_rounded
;
1775 ceph::real_time creation_time
;
1778 /* The placement_rule is necessary to calculate per-storage-policy statics
1779 * of the Swift API. Although the info available in RGWBucketInfo, we need
1780 * to duplicate it here to not affect the performance of buckets listing. */
1781 rgw_placement_rule placement_rule
;
1788 RGWBucketEnt(const RGWBucketEnt
&) = default;
1789 RGWBucketEnt(RGWBucketEnt
&&) = default;
1790 explicit RGWBucketEnt(const rgw_user
& u
, cls_user_bucket_entry
&& e
)
1791 : bucket(u
, std::move(e
.bucket
)),
1793 size_rounded(e
.size_rounded
),
1794 creation_time(e
.creation_time
),
1798 RGWBucketEnt
& operator=(const RGWBucketEnt
&) = default;
1800 void convert(cls_user_bucket_entry
*b
) const {
1801 bucket
.convert(&b
->bucket
);
1803 b
->size_rounded
= size_rounded
;
1804 b
->creation_time
= creation_time
;
1808 void encode(bufferlist
& bl
) const {
1809 ENCODE_START(7, 5, bl
);
1811 __u32 mt
= ceph::real_clock::to_time_t(creation_time
);
1812 string empty_str
; // originally had the bucket name here, but we encode bucket later
1813 encode(empty_str
, bl
);
1820 encode(creation_time
, bl
);
1821 encode(placement_rule
, bl
);
1824 void decode(bufferlist::const_iterator
& bl
) {
1825 DECODE_START_LEGACY_COMPAT_LEN(7, 5, 5, bl
);
1828 string empty_str
; // backward compatibility
1829 decode(empty_str
, bl
);
1834 creation_time
= ceph::real_clock::from_time_t(mt
);
1844 decode(creation_time
, bl
);
1846 decode(placement_rule
, bl
);
1849 void dump(Formatter
*f
) const;
1850 static void generate_test_instances(list
<RGWBucketEnt
*>& o
);
1852 WRITE_CLASS_ENCODER(RGWBucketEnt
)
1858 bool in_extra_data
{false}; /* in-memory only member, does not serialize */
1860 // Represents the hash index source for this object once it is set (non-empty)
1861 std::string index_hash_source
;
1864 rgw_obj(const rgw_bucket
& b
, const std::string
& name
) : bucket(b
), key(name
) {}
1865 rgw_obj(const rgw_bucket
& b
, const rgw_obj_key
& k
) : bucket(b
), key(k
) {}
1866 rgw_obj(const rgw_bucket
& b
, const rgw_obj_index_key
& k
) : bucket(b
), key(k
) {}
1868 void init(const rgw_bucket
& b
, const std::string
& name
) {
1872 void init(const rgw_bucket
& b
, const std::string
& name
, const string
& i
, const string
& n
) {
1874 key
.set(name
, i
, n
);
1876 void init_ns(const rgw_bucket
& b
, const std::string
& name
, const string
& n
) {
1879 key
.instance
.clear();
1883 bool empty() const {
1887 void set_key(const rgw_obj_key
& k
) {
1891 string
get_oid() const {
1892 return key
.get_oid();
1895 const string
& get_hash_object() const {
1896 return index_hash_source
.empty() ? key
.name
: index_hash_source
;
1899 void set_in_extra_data(bool val
) {
1900 in_extra_data
= val
;
1903 bool is_in_extra_data() const {
1904 return in_extra_data
;
1907 void encode(bufferlist
& bl
) const {
1908 ENCODE_START(6, 6, bl
);
1911 encode(key
.name
, bl
);
1912 encode(key
.instance
, bl
);
1913 // encode(placement_id, bl);
1916 void decode(bufferlist::const_iterator
& bl
) {
1917 DECODE_START_LEGACY_COMPAT_LEN(6, 3, 3, bl
);
1920 decode(bucket
.name
, bl
); /* bucket.name */
1921 decode(s
, bl
); /* loc */
1923 decode(key
.name
, bl
);
1927 decode(key
.instance
, bl
);
1928 if (key
.ns
.empty() && key
.instance
.empty()) {
1929 if (key
.name
[0] == '_') {
1930 key
.name
= key
.name
.substr(1);
1933 if (struct_v
>= 5) {
1934 decode(key
.name
, bl
);
1936 ssize_t pos
= key
.name
.find('_', 1);
1938 throw buffer::error();
1940 key
.name
= key
.name
.substr(pos
+ 1);
1946 decode(key
.name
, bl
);
1947 decode(key
.instance
, bl
);
1948 // decode(placement_id, bl);
1952 void dump(Formatter
*f
) const;
1953 static void generate_test_instances(list
<rgw_obj
*>& o
);
1955 bool operator==(const rgw_obj
& o
) const {
1956 return (key
== o
.key
) &&
1957 (bucket
== o
.bucket
);
1959 bool operator<(const rgw_obj
& o
) const {
1960 int r
= key
.name
.compare(o
.key
.name
);
1962 r
= bucket
.bucket_id
.compare(o
.bucket
.bucket_id
); /* not comparing bucket.name, if bucket_id is equal so will be bucket.name */
1964 r
= key
.ns
.compare(o
.key
.ns
);
1966 r
= key
.instance
.compare(o
.key
.instance
);
1974 const rgw_pool
& get_explicit_data_pool() {
1975 if (!in_extra_data
|| bucket
.explicit_placement
.data_extra_pool
.empty()) {
1976 return bucket
.explicit_placement
.data_pool
;
1978 return bucket
.explicit_placement
.data_extra_pool
;
1981 WRITE_CLASS_ENCODER(rgw_obj
)
1983 struct rgw_cache_entry_info
{
1984 string cache_locator
;
1987 rgw_cache_entry_info() : gen(0) {}
1990 inline ostream
& operator<<(ostream
& out
, const rgw_obj
&o
) {
1991 return out
<< o
.bucket
.name
<< ":" << o
.get_oid();
1994 static inline void buf_to_hex(const unsigned char* const buf
,
1999 for (size_t i
= 0; i
< len
; i
++) {
2000 ::sprintf(&str
[i
*2], "%02x", static_cast<int>(buf
[i
]));
2004 template<size_t N
> static inline std::array
<char, N
* 2 + 1>
2005 buf_to_hex(const std::array
<unsigned char, N
>& buf
)
2007 static_assert(N
> 0, "The input array must be at least one element long");
2009 std::array
<char, N
* 2 + 1> hex_dest
;
2010 buf_to_hex(buf
.data(), N
, hex_dest
.data());
2014 static inline int hexdigit(char c
)
2016 if (c
>= '0' && c
<= '9')
2019 if (c
>= 'A' && c
<= 'F')
2020 return c
- 'A' + 0xa;
2024 static inline int hex_to_buf(const char *hex
, char *buf
, int len
)
2027 const char *p
= hex
;
2032 int d
= hexdigit(*p
);
2049 static inline int rgw_str_to_bool(const char *s
, int def_val
)
2054 return (strcasecmp(s
, "true") == 0 ||
2055 strcasecmp(s
, "on") == 0 ||
2056 strcasecmp(s
, "yes") == 0 ||
2057 strcasecmp(s
, "1") == 0);
2060 static inline void append_rand_alpha(CephContext
*cct
, const string
& src
, string
& dest
, int len
)
2064 gen_rand_alphanumeric(cct
, buf
, len
);
2069 static inline const char *rgw_obj_category_name(RGWObjCategory category
)
2072 case RGWObjCategory::None
:
2074 case RGWObjCategory::Main
:
2076 case RGWObjCategory::Shadow
:
2077 return "rgw.shadow";
2078 case RGWObjCategory::MultiMeta
:
2079 return "rgw.multimeta";
2085 static inline uint64_t rgw_rounded_kb(uint64_t bytes
)
2087 return (bytes
+ 1023) / 1024;
2090 static inline uint64_t rgw_rounded_objsize(uint64_t bytes
)
2092 return ((bytes
+ 4095) & ~4095);
2095 static inline uint64_t rgw_rounded_objsize_kb(uint64_t bytes
)
2097 return ((bytes
+ 4095) & ~4095) / 1024;
2100 /* implement combining step, S3 header canonicalization; k is a
2101 * valid header and in lc form */
2102 void rgw_add_amz_meta_header(
2103 meta_map_t
& x_meta_map
,
2104 const std::string
& k
,
2105 const std::string
& v
);
2107 extern string
rgw_string_unquote(const string
& s
);
2108 extern void parse_csv_string(const string
& ival
, vector
<string
>& ovals
);
2109 extern int parse_key_value(string
& in_str
, string
& key
, string
& val
);
2110 extern int parse_key_value(string
& in_str
, const char *delim
, string
& key
, string
& val
);
2112 extern boost::optional
<std::pair
<boost::string_view
, boost::string_view
>>
2113 parse_key_value(const boost::string_view
& in_str
,
2114 const boost::string_view
& delim
);
2115 extern boost::optional
<std::pair
<boost::string_view
, boost::string_view
>>
2116 parse_key_value(const boost::string_view
& in_str
);
2120 extern int parse_time(const char *time_str
, real_time
*time
);
2121 extern bool parse_rfc2616(const char *s
, struct tm
*t
);
2122 extern bool parse_iso8601(const char *s
, struct tm
*t
, uint32_t *pns
= NULL
, bool extended_format
= true);
2123 extern string
rgw_trim_whitespace(const string
& src
);
2124 extern boost::string_view
rgw_trim_whitespace(const boost::string_view
& src
);
2125 extern string
rgw_trim_quotes(const string
& val
);
2127 extern void rgw_to_iso8601(const real_time
& t
, char *dest
, int buf_size
);
2128 extern void rgw_to_iso8601(const real_time
& t
, string
*dest
);
2129 extern std::string
rgw_to_asctime(const utime_t
& t
);
2131 struct perm_state_base
{
2133 const rgw::IAM::Environment
& env
;
2134 rgw::auth::Identity
*identity
;
2135 const RGWBucketInfo
& bucket_info
;
2137 bool defer_to_bucket_acls
;
2138 boost::optional
<PublicAccessBlockConfiguration
> bucket_access_conf
;
2140 perm_state_base(CephContext
*_cct
,
2141 const rgw::IAM::Environment
& _env
,
2142 rgw::auth::Identity
*_identity
,
2143 const RGWBucketInfo
& _bucket_info
,
2145 bool _defer_to_bucket_acls
,
2146 boost::optional
<PublicAccessBlockConfiguration
> _bucket_acess_conf
= boost::none
) :
2149 identity(_identity
),
2150 bucket_info(_bucket_info
),
2151 perm_mask(_perm_mask
),
2152 defer_to_bucket_acls(_defer_to_bucket_acls
),
2153 bucket_access_conf(_bucket_acess_conf
)
2156 virtual ~perm_state_base() {}
2158 virtual const char *get_referer() const = 0;
2159 virtual std::optional
<bool> get_request_payer() const = 0; /*
2160 * empty state means that request_payer param was not passed in
2165 struct perm_state
: public perm_state_base
{
2166 const char *referer
;
2169 perm_state(CephContext
*_cct
,
2170 const rgw::IAM::Environment
& _env
,
2171 rgw::auth::Identity
*_identity
,
2172 const RGWBucketInfo
& _bucket_info
,
2174 bool _defer_to_bucket_acls
,
2175 const char *_referer
,
2176 bool _request_payer
) : perm_state_base(_cct
,
2181 _defer_to_bucket_acls
),
2183 request_payer(_request_payer
) {}
2185 const char *get_referer() const override
{
2189 std::optional
<bool> get_request_payer() const override
{
2190 return request_payer
;
2194 /** Check if the req_state's user has the necessary permissions
2195 * to do the requested action */
2196 bool verify_bucket_permission_no_policy(
2197 const DoutPrefixProvider
* dpp
,
2198 struct perm_state_base
* const s
,
2199 RGWAccessControlPolicy
* const user_acl
,
2200 RGWAccessControlPolicy
* const bucket_acl
,
2203 bool verify_user_permission_no_policy(const DoutPrefixProvider
* dpp
,
2204 struct perm_state_base
* const s
,
2205 RGWAccessControlPolicy
* const user_acl
,
2208 bool verify_object_permission_no_policy(const DoutPrefixProvider
* dpp
,
2209 struct perm_state_base
* const s
,
2210 RGWAccessControlPolicy
* const user_acl
,
2211 RGWAccessControlPolicy
* const bucket_acl
,
2212 RGWAccessControlPolicy
* const object_acl
,
2215 /** Check if the req_state's user has the necessary permissions
2216 * to do the requested action */
2217 rgw::IAM::Effect
eval_user_policies(const vector
<rgw::IAM::Policy
>& user_policies
,
2218 const rgw::IAM::Environment
& env
,
2219 boost::optional
<const rgw::auth::Identity
&> id
,
2221 const rgw::ARN
& arn
);
2222 bool verify_user_permission(const DoutPrefixProvider
* dpp
,
2223 struct req_state
* const s
,
2224 RGWAccessControlPolicy
* const user_acl
,
2225 const vector
<rgw::IAM::Policy
>& user_policies
,
2226 const rgw::ARN
& res
,
2228 bool verify_user_permission_no_policy(const DoutPrefixProvider
* dpp
,
2229 struct req_state
* const s
,
2230 RGWAccessControlPolicy
* const user_acl
,
2232 bool verify_user_permission(const DoutPrefixProvider
* dpp
,
2233 struct req_state
* const s
,
2234 const rgw::ARN
& res
,
2236 bool verify_user_permission_no_policy(const DoutPrefixProvider
* dpp
,
2237 struct req_state
* const s
,
2239 bool verify_bucket_permission(
2240 const DoutPrefixProvider
* dpp
,
2241 struct req_state
* const s
,
2242 const rgw_bucket
& bucket
,
2243 RGWAccessControlPolicy
* const user_acl
,
2244 RGWAccessControlPolicy
* const bucket_acl
,
2245 const boost::optional
<rgw::IAM::Policy
>& bucket_policy
,
2246 const vector
<rgw::IAM::Policy
>& user_policies
,
2248 bool verify_bucket_permission(const DoutPrefixProvider
* dpp
, struct req_state
* const s
, const uint64_t op
);
2249 bool verify_bucket_permission_no_policy(
2250 const DoutPrefixProvider
* dpp
,
2251 struct req_state
* const s
,
2252 RGWAccessControlPolicy
* const user_acl
,
2253 RGWAccessControlPolicy
* const bucket_acl
,
2255 bool verify_bucket_permission_no_policy(const DoutPrefixProvider
* dpp
,
2256 struct req_state
* const s
,
2258 int verify_bucket_owner_or_policy(struct req_state
* const s
,
2260 extern bool verify_object_permission(
2261 const DoutPrefixProvider
* dpp
,
2262 struct req_state
* const s
,
2264 RGWAccessControlPolicy
* const user_acl
,
2265 RGWAccessControlPolicy
* const bucket_acl
,
2266 RGWAccessControlPolicy
* const object_acl
,
2267 const boost::optional
<rgw::IAM::Policy
>& bucket_policy
,
2268 const vector
<rgw::IAM::Policy
>& user_policies
,
2270 extern bool verify_object_permission(const DoutPrefixProvider
* dpp
, struct req_state
*s
, uint64_t op
);
2271 extern bool verify_object_permission_no_policy(
2272 const DoutPrefixProvider
* dpp
,
2273 struct req_state
* const s
,
2274 RGWAccessControlPolicy
* const user_acl
,
2275 RGWAccessControlPolicy
* const bucket_acl
,
2276 RGWAccessControlPolicy
* const object_acl
,
2278 extern bool verify_object_permission_no_policy(const DoutPrefixProvider
* dpp
, struct req_state
*s
,
2280 extern int verify_object_lock(
2281 const DoutPrefixProvider
* dpp
,
2282 const rgw::sal::RGWAttrs
& attrs
,
2283 const bool bypass_perm
,
2284 const bool bypass_governance_mode
);
2286 /** Convert an input URL into a sane object name
2287 * by converting %-escaped strings into characters, etc*/
2288 extern void rgw_uri_escape_char(char c
, string
& dst
);
2289 extern std::string
url_decode(const boost::string_view
& src_str
,
2290 bool in_query
= false);
2291 extern void url_encode(const std::string
& src
, string
& dst
,
2292 bool encode_slash
= true);
2293 extern std::string
url_encode(const std::string
& src
, bool encode_slash
= true);
2294 extern std::string
url_remove_prefix(const std::string
& url
); // Removes hhtp, https and www from url
2295 /* destination should be CEPH_CRYPTO_HMACSHA1_DIGESTSIZE bytes long */
2296 extern void calc_hmac_sha1(const char *key
, int key_len
,
2297 const char *msg
, int msg_len
, char *dest
);
2299 static inline sha1_digest_t
2300 calc_hmac_sha1(const boost::string_view
& key
, const boost::string_view
& msg
) {
2302 calc_hmac_sha1(key
.data(), key
.size(), msg
.data(), msg
.size(),
2303 reinterpret_cast<char*>(dest
.v
));
2307 /* destination should be CEPH_CRYPTO_HMACSHA256_DIGESTSIZE bytes long */
2308 extern void calc_hmac_sha256(const char *key
, int key_len
,
2309 const char *msg
, int msg_len
,
2312 static inline sha256_digest_t
2313 calc_hmac_sha256(const char *key
, const int key_len
,
2314 const char *msg
, const int msg_len
) {
2315 sha256_digest_t dest
;
2316 calc_hmac_sha256(key
, key_len
, msg
, msg_len
,
2317 reinterpret_cast<char*>(dest
.v
));
2321 static inline sha256_digest_t
2322 calc_hmac_sha256(const boost::string_view
& key
, const boost::string_view
& msg
) {
2323 sha256_digest_t dest
;
2324 calc_hmac_sha256(key
.data(), key
.size(),
2325 msg
.data(), msg
.size(),
2326 reinterpret_cast<char*>(dest
.v
));
2330 static inline sha256_digest_t
2331 calc_hmac_sha256(const sha256_digest_t
&key
,
2332 const boost::string_view
& msg
) {
2333 sha256_digest_t dest
;
2334 calc_hmac_sha256(reinterpret_cast<const char*>(key
.v
), sha256_digest_t::SIZE
,
2335 msg
.data(), msg
.size(),
2336 reinterpret_cast<char*>(dest
.v
));
2340 static inline sha256_digest_t
2341 calc_hmac_sha256(const std::vector
<unsigned char>& key
,
2342 const boost::string_view
& msg
) {
2343 sha256_digest_t dest
;
2344 calc_hmac_sha256(reinterpret_cast<const char*>(key
.data()), key
.size(),
2345 msg
.data(), msg
.size(),
2346 reinterpret_cast<char*>(dest
.v
));
2350 template<size_t KeyLenN
>
2351 static inline sha256_digest_t
2352 calc_hmac_sha256(const std::array
<unsigned char, KeyLenN
>& key
,
2353 const boost::string_view
& msg
) {
2354 sha256_digest_t dest
;
2355 calc_hmac_sha256(reinterpret_cast<const char*>(key
.data()), key
.size(),
2356 msg
.data(), msg
.size(),
2357 reinterpret_cast<char*>(dest
.v
));
2361 extern sha256_digest_t
calc_hash_sha256(const boost::string_view
& msg
);
2363 extern ceph::crypto::SHA256
* calc_hash_sha256_open_stream();
2364 extern void calc_hash_sha256_update_stream(ceph::crypto::SHA256
* hash
,
2367 extern std::string
calc_hash_sha256_close_stream(ceph::crypto::SHA256
** phash
);
2368 extern std::string
calc_hash_sha256_restart_stream(ceph::crypto::SHA256
** phash
);
2370 extern int rgw_parse_op_type_list(const string
& str
, uint32_t *perm
);
2372 static constexpr uint32_t MATCH_POLICY_ACTION
= 0x01;
2373 static constexpr uint32_t MATCH_POLICY_RESOURCE
= 0x02;
2374 static constexpr uint32_t MATCH_POLICY_ARN
= 0x04;
2375 static constexpr uint32_t MATCH_POLICY_STRING
= 0x08;
2377 extern bool match_policy(boost::string_view pattern
, boost::string_view input
,
2380 extern string
camelcase_dash_http_attr(const string
& orig
);
2381 extern string
lowercase_dash_http_attr(const string
& orig
);
2383 void rgw_setup_saved_curl_handles();
2384 void rgw_release_all_curl_handles();
2386 static inline void rgw_escape_str(const string
& s
, char esc_char
,
2387 char special_char
, string
*dest
)
2389 const char *src
= s
.c_str();
2390 char dest_buf
[s
.size() * 2 + 1];
2391 char *destp
= dest_buf
;
2393 for (size_t i
= 0; i
< s
.size(); i
++) {
2395 if (c
== esc_char
|| c
== special_char
) {
2396 *destp
++ = esc_char
;
2404 static inline ssize_t
rgw_unescape_str(const string
& s
, ssize_t ofs
,
2405 char esc_char
, char special_char
,
2408 const char *src
= s
.c_str();
2409 char dest_buf
[s
.size() + 1];
2410 char *destp
= dest_buf
;
2415 for (size_t i
= ofs
; i
< s
.size(); i
++) {
2417 if (!esc
&& c
== esc_char
) {
2421 if (!esc
&& c
== special_char
) {
2424 return (ssize_t
)i
+ 1;
2431 return string::npos
;
2434 static inline string
rgw_bl_str(ceph::buffer::list
& raw
)
2436 size_t len
= raw
.length();
2437 string
s(raw
.c_str(), len
);
2438 while (len
&& !s
[len
- 1]) {
2445 template <typename T
>
2446 int decode_bl(bufferlist
& bl
, T
& t
)
2448 auto iter
= bl
.cbegin();
2451 } catch (buffer::error
& err
) {