1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab ft=cpp
8 #include <boost/algorithm/string.hpp>
10 #include "common/errno.h"
11 #include "common/Formatter.h"
12 #include "common/ceph_json.h"
13 #include "rgw_sal_rados.h"
17 #include "include/types.h"
19 #include "rgw_string.h"
21 // until everything is moved from rgw_common
22 #include "rgw_common.h"
24 #include "rgw_bucket.h"
25 #include "rgw_quota.h"
27 #include "services/svc_zone.h"
28 #include "services/svc_sys_obj.h"
29 #include "services/svc_sys_obj_cache.h"
30 #include "services/svc_user.h"
31 #include "services/svc_meta.h"
33 #define dout_subsys ceph_subsys_rgw
37 extern void op_type_to_str(uint32_t mask
, char *buf
, int len
);
40 * Get the anonymous (ie, unauthenticated) user info.
42 void rgw_get_anon_user(RGWUserInfo
& info
)
44 info
.user_id
= RGW_USER_ANON_ID
;
45 info
.display_name
.clear();
46 info
.access_keys
.clear();
49 int rgw_user_sync_all_stats(const DoutPrefixProvider
*dpp
, rgw::sal::Store
* store
,
50 rgw::sal::User
* user
, optional_yield y
)
52 rgw::sal::BucketList user_buckets
;
54 CephContext
*cct
= store
->ctx();
55 size_t max_entries
= cct
->_conf
->rgw_list_buckets_max_chunk
;
60 ret
= user
->list_buckets(dpp
, marker
, string(), max_entries
, false, user_buckets
, y
);
62 ldpp_dout(dpp
, 0) << "failed to read user buckets: ret=" << ret
<< dendl
;
65 auto& buckets
= user_buckets
.get_buckets();
66 for (auto i
= buckets
.begin(); i
!= buckets
.end(); ++i
) {
69 auto& bucket
= i
->second
;
71 ret
= bucket
->load_bucket(dpp
, y
);
73 ldpp_dout(dpp
, 0) << "ERROR: could not read bucket info: bucket=" << bucket
<< " ret=" << ret
<< dendl
;
76 ret
= bucket
->sync_user_stats(dpp
, y
);
78 ldout(cct
, 0) << "ERROR: could not sync bucket stats: ret=" << ret
<< dendl
;
81 ret
= bucket
->check_bucket_shards(dpp
);
83 ldpp_dout(dpp
, 0) << "ERROR in check_bucket_shards: " << cpp_strerror(-ret
)<< dendl
;
86 } while (user_buckets
.is_truncated());
88 ret
= user
->complete_flush_stats(dpp
, y
);
90 cerr
<< "ERROR: failed to complete syncing user stats: ret=" << ret
<< std::endl
;
97 int rgw_user_get_all_buckets_stats(const DoutPrefixProvider
*dpp
,
98 rgw::sal::Store
* store
,
100 map
<string
, bucket_meta_entry
>& buckets_usage_map
,
103 CephContext
*cct
= store
->ctx();
104 size_t max_entries
= cct
->_conf
->rgw_list_buckets_max_chunk
;
110 rgw::sal::BucketList buckets
;
111 ret
= user
->list_buckets(dpp
, marker
, string(), max_entries
, false, buckets
, y
);
113 ldpp_dout(dpp
, 0) << "failed to read user buckets: ret=" << ret
<< dendl
;
116 auto& m
= buckets
.get_buckets();
117 for (const auto& i
: m
) {
120 auto& bucket_ent
= i
.second
;
121 ret
= bucket_ent
->load_bucket(dpp
, y
, true /* load user stats */);
123 ldpp_dout(dpp
, 0) << "ERROR: could not get bucket stats: ret=" << ret
<< dendl
;
126 bucket_meta_entry entry
;
127 entry
.size
= bucket_ent
->get_size();
128 entry
.size_rounded
= bucket_ent
->get_size_rounded();
129 entry
.creation_time
= bucket_ent
->get_creation_time();
130 entry
.count
= bucket_ent
->get_count();
131 buckets_usage_map
.emplace(bucket_ent
->get_name(), entry
);
133 done
= (buckets
.count() < max_entries
);
139 static bool char_is_unreserved_url(char c
)
155 int rgw_validate_tenant_name(const string
& t
)
158 static bool is_good(char ch
) {
159 return isalnum(ch
) || ch
== '_';
162 std::string::const_iterator it
=
163 std::find_if_not(t
.begin(), t
.end(), tench::is_good
);
164 return (it
== t
.end())? 0: -ERR_INVALID_TENANT_NAME
;
167 static bool validate_access_key(string
& key
)
169 const char *p
= key
.c_str();
171 if (!char_is_unreserved_url(*p
))
178 static void set_err_msg(std::string
*sink
, std::string msg
)
180 if (sink
&& !msg
.empty())
185 * Dump either the full user info or a subset to a formatter.
187 * NOTE: It is the caller's responsibility to ensure that the
188 * formatter is flushed at the correct time.
191 static void dump_subusers_info(Formatter
*f
, RGWUserInfo
&info
)
193 map
<string
, RGWSubUser
>::iterator uiter
;
195 f
->open_array_section("subusers");
196 for (uiter
= info
.subusers
.begin(); uiter
!= info
.subusers
.end(); ++uiter
) {
197 RGWSubUser
& u
= uiter
->second
;
198 f
->open_object_section("user");
200 info
.user_id
.to_str(s
);
201 f
->dump_format("id", "%s:%s", s
.c_str(), u
.name
.c_str());
203 rgw_perm_to_str(u
.perm_mask
, buf
, sizeof(buf
));
204 f
->dump_string("permissions", buf
);
210 static void dump_access_keys_info(Formatter
*f
, RGWUserInfo
&info
)
212 map
<string
, RGWAccessKey
>::iterator kiter
;
213 f
->open_array_section("keys");
214 for (kiter
= info
.access_keys
.begin(); kiter
!= info
.access_keys
.end(); ++kiter
) {
215 RGWAccessKey
& k
= kiter
->second
;
216 const char *sep
= (k
.subuser
.empty() ? "" : ":");
217 const char *subuser
= (k
.subuser
.empty() ? "" : k
.subuser
.c_str());
218 f
->open_object_section("key");
220 info
.user_id
.to_str(s
);
221 f
->dump_format("user", "%s%s%s", s
.c_str(), sep
, subuser
);
222 f
->dump_string("access_key", k
.id
);
223 f
->dump_string("secret_key", k
.key
);
229 static void dump_swift_keys_info(Formatter
*f
, RGWUserInfo
&info
)
231 map
<string
, RGWAccessKey
>::iterator kiter
;
232 f
->open_array_section("swift_keys");
233 for (kiter
= info
.swift_keys
.begin(); kiter
!= info
.swift_keys
.end(); ++kiter
) {
234 RGWAccessKey
& k
= kiter
->second
;
235 const char *sep
= (k
.subuser
.empty() ? "" : ":");
236 const char *subuser
= (k
.subuser
.empty() ? "" : k
.subuser
.c_str());
237 f
->open_object_section("key");
239 info
.user_id
.to_str(s
);
240 f
->dump_format("user", "%s%s%s", s
.c_str(), sep
, subuser
);
241 f
->dump_string("secret_key", k
.key
);
247 static void dump_user_info(Formatter
*f
, RGWUserInfo
&info
,
248 RGWStorageStats
*stats
= NULL
)
250 f
->open_object_section("user_info");
251 encode_json("tenant", info
.user_id
.tenant
, f
);
252 encode_json("user_id", info
.user_id
.id
, f
);
253 encode_json("display_name", info
.display_name
, f
);
254 encode_json("email", info
.user_email
, f
);
255 encode_json("suspended", (int)info
.suspended
, f
);
256 encode_json("max_buckets", (int)info
.max_buckets
, f
);
258 dump_subusers_info(f
, info
);
259 dump_access_keys_info(f
, info
);
260 dump_swift_keys_info(f
, info
);
262 encode_json("caps", info
.caps
, f
);
265 op_type_to_str(info
.op_mask
, buf
, sizeof(buf
));
266 encode_json("op_mask", (const char *)buf
, f
);
267 encode_json("system", (bool)info
.system
, f
);
268 encode_json("admin", (bool)info
.admin
, f
);
269 encode_json("default_placement", info
.default_placement
.name
, f
);
270 encode_json("default_storage_class", info
.default_placement
.storage_class
, f
);
271 encode_json("placement_tags", info
.placement_tags
, f
);
272 encode_json("bucket_quota", info
.bucket_quota
, f
);
273 encode_json("user_quota", info
.user_quota
, f
);
274 encode_json("temp_url_keys", info
.temp_url_keys
, f
);
276 string user_source_type
;
277 switch ((RGWIdentityType
)info
.type
) {
279 user_source_type
= "rgw";
282 user_source_type
= "keystone";
285 user_source_type
= "ldap";
288 user_source_type
= "none";
291 user_source_type
= "none";
294 encode_json("type", user_source_type
, f
);
295 encode_json("mfa_ids", info
.mfa_ids
, f
);
297 encode_json("stats", *stats
, f
);
302 static int user_add_helper(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
305 const rgw_user
& uid
= op_state
.get_user_id();
306 std::string user_email
= op_state
.get_user_email();
307 std::string display_name
= op_state
.get_display_name();
309 // fail if the user exists already
310 if (op_state
.has_existing_user()) {
311 if (op_state
.found_by_email
) {
312 set_err_msg(err_msg
, "email: " + user_email
+
313 " is the email address of an existing user");
314 ret
= -ERR_EMAIL_EXIST
;
315 } else if (op_state
.found_by_key
) {
316 set_err_msg(err_msg
, "duplicate key provided");
317 ret
= -ERR_KEY_EXIST
;
319 set_err_msg(err_msg
, "user: " + uid
.to_str() + " exists");
325 // fail if the user_info has already been populated
326 if (op_state
.is_populated()) {
327 set_err_msg(err_msg
, "cannot overwrite already populated user");
331 // fail if the display name was not included
332 if (display_name
.empty()) {
333 set_err_msg(err_msg
, "no display name specified");
340 RGWAccessKeyPool::RGWAccessKeyPool(RGWUser
* usr
)
348 store
= user
->get_store();
351 int RGWAccessKeyPool::init(RGWUserAdminOpState
& op_state
)
353 if (!op_state
.is_initialized()) {
354 keys_allowed
= false;
358 const rgw_user
& uid
= op_state
.get_user_id();
359 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
360 keys_allowed
= false;
364 swift_keys
= op_state
.get_swift_keys();
365 access_keys
= op_state
.get_access_keys();
372 RGWUserAdminOpState::RGWUserAdminOpState(rgw::sal::Store
* store
)
374 user
= store
->get_user(rgw_user(RGW_USER_ANON_ID
));
377 void RGWUserAdminOpState::set_user_id(const rgw_user
& id
)
382 user
->get_info().user_id
= id
;
385 void RGWUserAdminOpState::set_subuser(std::string
& _subuser
)
387 if (_subuser
.empty())
390 size_t pos
= _subuser
.find(":");
391 if (pos
!= string::npos
) {
393 tmp_id
.from_str(_subuser
.substr(0, pos
));
394 if (tmp_id
.tenant
.empty()) {
395 user
->get_info().user_id
.id
= tmp_id
.id
;
397 user
->get_info().user_id
= tmp_id
;
399 subuser
= _subuser
.substr(pos
+1);
404 subuser_specified
= true;
407 void RGWUserAdminOpState::set_user_info(RGWUserInfo
& user_info
)
409 user
->get_info() = user_info
;
412 const rgw_user
& RGWUserAdminOpState::get_user_id()
414 return user
->get_id();
417 RGWUserInfo
& RGWUserAdminOpState::get_user_info()
419 return user
->get_info();
422 map
<std::string
, RGWAccessKey
>* RGWUserAdminOpState::get_swift_keys()
424 return &user
->get_info().swift_keys
;
427 map
<std::string
, RGWAccessKey
>* RGWUserAdminOpState::get_access_keys()
429 return &user
->get_info().access_keys
;
432 map
<std::string
, RGWSubUser
>* RGWUserAdminOpState::get_subusers()
434 return &user
->get_info().subusers
;
437 RGWUserCaps
*RGWUserAdminOpState::get_caps_obj()
439 return &user
->get_info().caps
;
442 std::string
RGWUserAdminOpState::build_default_swift_kid()
444 if (user
->get_id().empty() || subuser
.empty())
448 user
->get_id().to_str(kid
);
455 std::string
RGWUserAdminOpState::generate_subuser() {
456 if (user
->get_id().empty())
459 std::string generated_subuser
;
460 user
->get_id().to_str(generated_subuser
);
461 std::string rand_suffix
;
463 int sub_buf_size
= RAND_SUBUSER_LEN
+ 1;
464 char sub_buf
[RAND_SUBUSER_LEN
+ 1];
466 gen_rand_alphanumeric_upper(g_ceph_context
, sub_buf
, sub_buf_size
);
468 rand_suffix
= sub_buf
;
469 if (rand_suffix
.empty())
472 generated_subuser
.append(rand_suffix
);
473 subuser
= generated_subuser
;
475 return generated_subuser
;
479 * Do a fairly exhaustive search for an existing key matching the parameters
480 * given. Also handles the case where no key type was specified and updates
481 * the operation state if needed.
484 bool RGWAccessKeyPool::check_existing_key(RGWUserAdminOpState
& op_state
)
486 bool existing_key
= false;
488 int key_type
= op_state
.get_key_type();
489 std::string kid
= op_state
.get_access_key();
490 std::map
<std::string
, RGWAccessKey
>::iterator kiter
;
491 std::string swift_kid
= op_state
.build_default_swift_kid();
493 RGWUserInfo dup_info
;
495 if (kid
.empty() && swift_kid
.empty())
500 kiter
= swift_keys
->find(swift_kid
);
502 existing_key
= (kiter
!= swift_keys
->end());
504 op_state
.set_access_key(swift_kid
);
508 kiter
= access_keys
->find(kid
);
509 existing_key
= (kiter
!= access_keys
->end());
513 kiter
= access_keys
->find(kid
);
515 existing_key
= (kiter
!= access_keys
->end());
517 op_state
.set_key_type(KEY_TYPE_S3
);
521 kiter
= swift_keys
->find(kid
);
523 existing_key
= (kiter
!= swift_keys
->end());
525 op_state
.set_key_type(KEY_TYPE_SWIFT
);
529 // handle the case where the access key was not provided in user:key format
530 if (swift_kid
.empty())
533 kiter
= swift_keys
->find(swift_kid
);
535 existing_key
= (kiter
!= swift_keys
->end());
537 op_state
.set_access_key(swift_kid
);
538 op_state
.set_key_type(KEY_TYPE_SWIFT
);
542 op_state
.set_existing_key(existing_key
);
547 int RGWAccessKeyPool::check_op(RGWUserAdminOpState
& op_state
,
548 std::string
*err_msg
)
550 RGWUserInfo dup_info
;
552 if (!op_state
.is_populated()) {
553 set_err_msg(err_msg
, "user info was not populated");
558 set_err_msg(err_msg
, "keys not allowed for this user");
562 int32_t key_type
= op_state
.get_key_type();
564 // if a key type wasn't specified
566 if (op_state
.has_subuser()) {
567 key_type
= KEY_TYPE_SWIFT
;
569 key_type
= KEY_TYPE_S3
;
573 op_state
.set_key_type(key_type
);
575 /* see if the access key was specified */
576 if (key_type
== KEY_TYPE_S3
&& !op_state
.will_gen_access() &&
577 op_state
.get_access_key().empty()) {
578 set_err_msg(err_msg
, "empty access key");
579 return -ERR_INVALID_ACCESS_KEY
;
582 // don't check for secret key because we may be doing a removal
584 if (check_existing_key(op_state
)) {
585 op_state
.set_access_key_exist();
590 // Generate a new random key
591 int RGWAccessKeyPool::generate_key(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
,
592 optional_yield y
, std::string
*err_msg
)
597 std::pair
<std::string
, RGWAccessKey
> key_pair
;
598 RGWAccessKey new_key
;
599 std::unique_ptr
<rgw::sal::User
> duplicate_check
;
601 int key_type
= op_state
.get_key_type();
602 bool gen_access
= op_state
.will_gen_access();
603 bool gen_secret
= op_state
.will_gen_secret();
606 set_err_msg(err_msg
, "access keys not allowed for this user");
610 if (op_state
.has_existing_key()) {
611 set_err_msg(err_msg
, "cannot create existing key");
612 return -ERR_KEY_EXIST
;
616 id
= op_state
.get_access_key();
622 if (store
->get_user_by_swift(dpp
, id
, y
, &duplicate_check
) >= 0) {
623 set_err_msg(err_msg
, "existing swift key in RGW system:" + id
);
624 return -ERR_KEY_EXIST
;
628 if (store
->get_user_by_access_key(dpp
, id
, y
, &duplicate_check
) >= 0) {
629 set_err_msg(err_msg
, "existing S3 key in RGW system:" + id
);
630 return -ERR_KEY_EXIST
;
636 if (op_state
.has_subuser()) {
637 //create user and subuser at the same time, user's s3 key should not be set this
638 if (!op_state
.key_type_setbycontext
|| (key_type
== KEY_TYPE_SWIFT
)) {
639 new_key
.subuser
= op_state
.get_subuser();
645 if (op_state
.get_secret_key().empty()) {
646 set_err_msg(err_msg
, "empty secret key");
647 return -ERR_INVALID_SECRET_KEY
;
650 key
= op_state
.get_secret_key();
652 char secret_key_buf
[SECRET_KEY_LEN
+ 1];
653 gen_rand_alphanumeric_plain(g_ceph_context
, secret_key_buf
, sizeof(secret_key_buf
));
654 key
= secret_key_buf
;
657 // Generate the access key
658 if (key_type
== KEY_TYPE_S3
&& gen_access
) {
659 char public_id_buf
[PUBLIC_ID_LEN
+ 1];
662 int id_buf_size
= sizeof(public_id_buf
);
663 gen_rand_alphanumeric_upper(g_ceph_context
, public_id_buf
, id_buf_size
);
665 if (!validate_access_key(id
))
668 } while (!store
->get_user_by_access_key(dpp
, id
, y
, &duplicate_check
));
671 if (key_type
== KEY_TYPE_SWIFT
) {
672 id
= op_state
.build_default_swift_kid();
674 set_err_msg(err_msg
, "empty swift access key");
675 return -ERR_INVALID_ACCESS_KEY
;
678 // check that the access key doesn't exist
679 if (store
->get_user_by_swift(dpp
, id
, y
, &duplicate_check
) >= 0) {
680 set_err_msg(err_msg
, "cannot create existing swift key");
681 return -ERR_KEY_EXIST
;
685 // finally create the new key
690 key_pair
.second
= new_key
;
692 if (key_type
== KEY_TYPE_S3
) {
693 access_keys
->insert(key_pair
);
694 } else if (key_type
== KEY_TYPE_SWIFT
) {
695 swift_keys
->insert(key_pair
);
701 // modify an existing key
702 int RGWAccessKeyPool::modify_key(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
705 std::string key
= op_state
.get_secret_key();
706 int key_type
= op_state
.get_key_type();
708 RGWAccessKey modify_key
;
710 pair
<string
, RGWAccessKey
> key_pair
;
711 map
<std::string
, RGWAccessKey
>::iterator kiter
;
715 id
= op_state
.get_access_key();
717 set_err_msg(err_msg
, "no access key specified");
718 return -ERR_INVALID_ACCESS_KEY
;
722 id
= op_state
.build_default_swift_kid();
724 set_err_msg(err_msg
, "no subuser specified");
729 set_err_msg(err_msg
, "invalid key type");
730 return -ERR_INVALID_KEY_TYPE
;
733 if (!op_state
.has_existing_key()) {
734 set_err_msg(err_msg
, "key does not exist");
735 return -ERR_INVALID_ACCESS_KEY
;
740 if (key_type
== KEY_TYPE_SWIFT
) {
742 modify_key
.subuser
= op_state
.get_subuser();
743 } else if (key_type
== KEY_TYPE_S3
) {
744 kiter
= access_keys
->find(id
);
745 if (kiter
!= access_keys
->end()) {
746 modify_key
= kiter
->second
;
750 if (op_state
.will_gen_secret()) {
751 char secret_key_buf
[SECRET_KEY_LEN
+ 1];
752 int key_buf_size
= sizeof(secret_key_buf
);
753 gen_rand_alphanumeric_plain(g_ceph_context
, secret_key_buf
, key_buf_size
);
754 key
= secret_key_buf
;
758 set_err_msg(err_msg
, "empty secret key");
759 return -ERR_INVALID_SECRET_KEY
;
762 // update the access key with the new secret key
763 modify_key
.key
= key
;
765 key_pair
.second
= modify_key
;
768 if (key_type
== KEY_TYPE_S3
) {
769 (*access_keys
)[id
] = modify_key
;
770 } else if (key_type
== KEY_TYPE_SWIFT
) {
771 (*swift_keys
)[id
] = modify_key
;
777 int RGWAccessKeyPool::execute_add(const DoutPrefixProvider
*dpp
,
778 RGWUserAdminOpState
& op_state
,
779 std::string
*err_msg
, bool defer_user_update
,
784 std::string subprocess_msg
;
785 int key_op
= GENERATE_KEY
;
788 if (op_state
.has_existing_key())
793 ret
= generate_key(dpp
, op_state
, y
, &subprocess_msg
);
796 ret
= modify_key(op_state
, &subprocess_msg
);
801 set_err_msg(err_msg
, subprocess_msg
);
805 // store the updated info
806 if (!defer_user_update
)
807 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
815 int RGWAccessKeyPool::add(const DoutPrefixProvider
*dpp
,
816 RGWUserAdminOpState
& op_state
, optional_yield y
,
817 std::string
*err_msg
)
819 return add(dpp
, op_state
, err_msg
, false, y
);
822 int RGWAccessKeyPool::add(const DoutPrefixProvider
*dpp
,
823 RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
824 bool defer_user_update
, optional_yield y
)
827 std::string subprocess_msg
;
829 ret
= check_op(op_state
, &subprocess_msg
);
831 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
835 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
837 set_err_msg(err_msg
, "unable to add access key, " + subprocess_msg
);
844 int RGWAccessKeyPool::execute_remove(const DoutPrefixProvider
*dpp
,
845 RGWUserAdminOpState
& op_state
,
846 std::string
*err_msg
,
847 bool defer_user_update
,
852 int key_type
= op_state
.get_key_type();
853 std::string id
= op_state
.get_access_key();
854 map
<std::string
, RGWAccessKey
>::iterator kiter
;
855 map
<std::string
, RGWAccessKey
> *keys_map
;
857 if (!op_state
.has_existing_key()) {
858 set_err_msg(err_msg
, "unable to find access key");
859 return -ERR_INVALID_ACCESS_KEY
;
862 if (key_type
== KEY_TYPE_S3
) {
863 keys_map
= access_keys
;
864 } else if (key_type
== KEY_TYPE_SWIFT
) {
865 keys_map
= swift_keys
;
868 set_err_msg(err_msg
, "invalid access key");
869 return -ERR_INVALID_ACCESS_KEY
;
872 kiter
= keys_map
->find(id
);
873 if (kiter
== keys_map
->end()) {
874 set_err_msg(err_msg
, "key not found");
875 return -ERR_INVALID_ACCESS_KEY
;
878 keys_map
->erase(kiter
);
880 if (!defer_user_update
)
881 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
889 int RGWAccessKeyPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
890 std::string
*err_msg
)
892 return remove(dpp
, op_state
, err_msg
, false, y
);
895 int RGWAccessKeyPool::remove(const DoutPrefixProvider
*dpp
,
896 RGWUserAdminOpState
& op_state
,
897 std::string
*err_msg
, bool defer_user_update
,
902 std::string subprocess_msg
;
904 ret
= check_op(op_state
, &subprocess_msg
);
906 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
910 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
912 set_err_msg(err_msg
, "unable to remove access key, " + subprocess_msg
);
919 // remove all keys associated with a subuser
920 int RGWAccessKeyPool::remove_subuser_keys(const DoutPrefixProvider
*dpp
,
921 RGWUserAdminOpState
& op_state
,
922 std::string
*err_msg
,
923 bool defer_user_update
,
928 if (!op_state
.is_populated()) {
929 set_err_msg(err_msg
, "user info was not populated");
933 if (!op_state
.has_subuser()) {
934 set_err_msg(err_msg
, "no subuser specified");
938 std::string swift_kid
= op_state
.build_default_swift_kid();
939 if (swift_kid
.empty()) {
940 set_err_msg(err_msg
, "empty swift access key");
944 map
<std::string
, RGWAccessKey
>::iterator kiter
;
945 map
<std::string
, RGWAccessKey
> *keys_map
;
947 // a subuser can have at most one swift key
948 keys_map
= swift_keys
;
949 kiter
= keys_map
->find(swift_kid
);
950 if (kiter
!= keys_map
->end()) {
951 keys_map
->erase(kiter
);
954 // a subuser may have multiple s3 key pairs
955 std::string subuser_str
= op_state
.get_subuser();
956 keys_map
= access_keys
;
957 RGWUserInfo user_info
= op_state
.get_user_info();
958 auto user_kiter
= user_info
.access_keys
.begin();
959 for (; user_kiter
!= user_info
.access_keys
.end(); ++user_kiter
) {
960 if (user_kiter
->second
.subuser
== subuser_str
) {
961 kiter
= keys_map
->find(user_kiter
->first
);
962 if (kiter
!= keys_map
->end()) {
963 keys_map
->erase(kiter
);
968 if (!defer_user_update
)
969 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
977 RGWSubUserPool::RGWSubUserPool(RGWUser
*usr
)
985 subusers_allowed
= true;
986 store
= user
->get_store();
989 int RGWSubUserPool::init(RGWUserAdminOpState
& op_state
)
991 if (!op_state
.is_initialized()) {
992 subusers_allowed
= false;
996 const rgw_user
& uid
= op_state
.get_user_id();
997 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
998 subusers_allowed
= false;
1002 subuser_map
= op_state
.get_subusers();
1003 if (subuser_map
== NULL
) {
1004 subusers_allowed
= false;
1008 subusers_allowed
= true;
1013 bool RGWSubUserPool::exists(std::string subuser
)
1015 if (subuser
.empty())
1021 if (subuser_map
->count(subuser
))
1027 int RGWSubUserPool::check_op(RGWUserAdminOpState
& op_state
,
1028 std::string
*err_msg
)
1030 bool existing
= false;
1031 std::string subuser
= op_state
.get_subuser();
1033 if (!op_state
.is_populated()) {
1034 set_err_msg(err_msg
, "user info was not populated");
1038 if (!subusers_allowed
) {
1039 set_err_msg(err_msg
, "subusers not allowed for this user");
1043 if (subuser
.empty() && !op_state
.will_gen_subuser()) {
1044 set_err_msg(err_msg
, "empty subuser name");
1048 if (op_state
.get_subuser_perm() == RGW_PERM_INVALID
) {
1049 set_err_msg(err_msg
, "invalid subuser access");
1053 //set key type when it not set or set by context
1054 if ((op_state
.get_key_type() < 0) || op_state
.key_type_setbycontext
) {
1055 op_state
.set_key_type(KEY_TYPE_SWIFT
);
1056 op_state
.key_type_setbycontext
= true;
1059 // check if the subuser exists
1060 if (!subuser
.empty())
1061 existing
= exists(subuser
);
1063 op_state
.set_existing_subuser(existing
);
1068 int RGWSubUserPool::execute_add(const DoutPrefixProvider
*dpp
,
1069 RGWUserAdminOpState
& op_state
,
1070 std::string
*err_msg
, bool defer_user_update
,
1074 std::string subprocess_msg
;
1077 std::pair
<std::string
, RGWSubUser
> subuser_pair
;
1078 std::string subuser_str
= op_state
.get_subuser();
1080 subuser_pair
.first
= subuser_str
;
1082 // assumes key should be created
1083 if (op_state
.has_key_op()) {
1084 ret
= user
->keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
1086 set_err_msg(err_msg
, "unable to create subuser key, " + subprocess_msg
);
1091 // create the subuser
1092 subuser
.name
= subuser_str
;
1094 if (op_state
.has_subuser_perm())
1095 subuser
.perm_mask
= op_state
.get_subuser_perm();
1097 // insert the subuser into user info
1098 subuser_pair
.second
= subuser
;
1099 subuser_map
->insert(subuser_pair
);
1101 // attempt to save the subuser
1102 if (!defer_user_update
)
1103 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1111 int RGWSubUserPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1112 std::string
*err_msg
)
1114 return add(dpp
, op_state
, err_msg
, false, y
);
1117 int RGWSubUserPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, bool defer_user_update
, optional_yield y
)
1119 std::string subprocess_msg
;
1121 int32_t key_type
= op_state
.get_key_type();
1123 ret
= check_op(op_state
, &subprocess_msg
);
1125 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1129 if (op_state
.get_access_key_exist()) {
1130 set_err_msg(err_msg
, "cannot create existing key");
1131 return -ERR_KEY_EXIST
;
1134 if (key_type
== KEY_TYPE_S3
&& op_state
.get_access_key().empty()) {
1135 op_state
.set_gen_access();
1138 if (op_state
.get_secret_key().empty()) {
1139 op_state
.set_gen_secret();
1142 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1144 set_err_msg(err_msg
, "unable to create subuser, " + subprocess_msg
);
1151 int RGWSubUserPool::execute_remove(const DoutPrefixProvider
*dpp
,
1152 RGWUserAdminOpState
& op_state
,
1153 std::string
*err_msg
, bool defer_user_update
,
1157 std::string subprocess_msg
;
1159 std::string subuser_str
= op_state
.get_subuser();
1161 map
<std::string
, RGWSubUser
>::iterator siter
;
1162 siter
= subuser_map
->find(subuser_str
);
1163 if (siter
== subuser_map
->end()){
1164 set_err_msg(err_msg
, "subuser not found: " + subuser_str
);
1165 return -ERR_NO_SUCH_SUBUSER
;
1167 if (!op_state
.has_existing_subuser()) {
1168 set_err_msg(err_msg
, "subuser not found: " + subuser_str
);
1169 return -ERR_NO_SUCH_SUBUSER
;
1172 // always purge all associate keys
1173 user
->keys
.remove_subuser_keys(dpp
, op_state
, &subprocess_msg
, true, y
);
1175 // remove the subuser from the user info
1176 subuser_map
->erase(siter
);
1178 // attempt to save the subuser
1179 if (!defer_user_update
)
1180 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1188 int RGWSubUserPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1189 std::string
*err_msg
)
1191 return remove(dpp
, op_state
, err_msg
, false, y
);
1194 int RGWSubUserPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1195 bool defer_user_update
, optional_yield y
)
1197 std::string subprocess_msg
;
1200 ret
= check_op(op_state
, &subprocess_msg
);
1202 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1206 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1208 set_err_msg(err_msg
, "unable to remove subuser, " + subprocess_msg
);
1215 int RGWSubUserPool::execute_modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, bool defer_user_update
, optional_yield y
)
1218 std::string subprocess_msg
;
1219 std::map
<std::string
, RGWSubUser
>::iterator siter
;
1220 std::pair
<std::string
, RGWSubUser
> subuser_pair
;
1222 std::string subuser_str
= op_state
.get_subuser();
1225 if (!op_state
.has_existing_subuser()) {
1226 set_err_msg(err_msg
, "subuser does not exist");
1227 return -ERR_NO_SUCH_SUBUSER
;
1230 subuser_pair
.first
= subuser_str
;
1232 siter
= subuser_map
->find(subuser_str
);
1233 subuser
= siter
->second
;
1235 if (op_state
.has_key_op()) {
1236 ret
= user
->keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
1238 set_err_msg(err_msg
, "unable to create subuser keys, " + subprocess_msg
);
1243 if (op_state
.has_subuser_perm())
1244 subuser
.perm_mask
= op_state
.get_subuser_perm();
1246 subuser_pair
.second
= subuser
;
1248 subuser_map
->erase(siter
);
1249 subuser_map
->insert(subuser_pair
);
1251 // attempt to save the subuser
1252 if (!defer_user_update
)
1253 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1261 int RGWSubUserPool::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1263 return RGWSubUserPool::modify(dpp
, op_state
, y
, err_msg
, false);
1266 int RGWSubUserPool::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
, bool defer_user_update
)
1268 std::string subprocess_msg
;
1273 ret
= check_op(op_state
, &subprocess_msg
);
1275 set_err_msg(err_msg
, "unable to parse request, " + subprocess_msg
);
1279 ret
= execute_modify(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1281 set_err_msg(err_msg
, "unable to modify subuser, " + subprocess_msg
);
1288 RGWUserCapPool::RGWUserCapPool(RGWUser
*usr
)
1294 caps_allowed
= true;
1297 int RGWUserCapPool::init(RGWUserAdminOpState
& op_state
)
1299 if (!op_state
.is_initialized()) {
1300 caps_allowed
= false;
1304 const rgw_user
& uid
= op_state
.get_user_id();
1305 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
1306 caps_allowed
= false;
1310 caps
= op_state
.get_caps_obj();
1312 caps_allowed
= false;
1313 return -ERR_INVALID_CAP
;
1316 caps_allowed
= true;
1321 int RGWUserCapPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1322 std::string
*err_msg
)
1324 return add(dpp
, op_state
, err_msg
, false, y
);
1327 int RGWUserCapPool::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1328 bool defer_save
, optional_yield y
)
1331 std::string caps_str
= op_state
.get_caps();
1333 if (!op_state
.is_populated()) {
1334 set_err_msg(err_msg
, "user info was not populated");
1338 if (!caps_allowed
) {
1339 set_err_msg(err_msg
, "caps not allowed for this user");
1343 if (caps_str
.empty()) {
1344 set_err_msg(err_msg
, "empty user caps");
1345 return -ERR_INVALID_CAP
;
1348 int r
= caps
->add_from_string(caps_str
);
1350 set_err_msg(err_msg
, "unable to add caps: " + caps_str
);
1355 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1363 int RGWUserCapPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
,
1364 std::string
*err_msg
)
1366 return remove(dpp
, op_state
, err_msg
, false, y
);
1369 int RGWUserCapPool::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1370 bool defer_save
, optional_yield y
)
1374 std::string caps_str
= op_state
.get_caps();
1376 if (!op_state
.is_populated()) {
1377 set_err_msg(err_msg
, "user info was not populated");
1381 if (!caps_allowed
) {
1382 set_err_msg(err_msg
, "caps not allowed for this user");
1386 if (caps_str
.empty()) {
1387 set_err_msg(err_msg
, "empty user caps");
1388 return -ERR_INVALID_CAP
;
1391 int r
= caps
->remove_from_string(caps_str
);
1393 set_err_msg(err_msg
, "unable to remove caps: " + caps_str
);
1398 ret
= user
->update(dpp
, op_state
, err_msg
, y
);
1406 RGWUser::RGWUser() : caps(this), keys(this), subusers(this)
1411 int RGWUser::init(const DoutPrefixProvider
*dpp
, rgw::sal::Store
* storage
,
1412 RGWUserAdminOpState
& op_state
, optional_yield y
)
1415 int ret
= init_storage(storage
);
1419 ret
= init(dpp
, op_state
, y
);
1426 void RGWUser::init_default()
1428 // use anonymous user info as a placeholder
1429 rgw_get_anon_user(old_info
);
1430 user_id
= RGW_USER_ANON_ID
;
1435 int RGWUser::init_storage(rgw::sal::Store
* storage
)
1446 keys
= RGWAccessKeyPool(this);
1447 caps
= RGWUserCapPool(this);
1448 subusers
= RGWSubUserPool(this);
1453 int RGWUser::init(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
)
1456 std::string swift_user
;
1457 user_id
= op_state
.get_user_id();
1458 std::string user_email
= op_state
.get_user_email();
1459 std::string access_key
= op_state
.get_access_key();
1460 std::string subuser
= op_state
.get_subuser();
1462 int key_type
= op_state
.get_key_type();
1463 if (key_type
== KEY_TYPE_SWIFT
) {
1464 swift_user
= op_state
.get_access_key();
1468 std::unique_ptr
<rgw::sal::User
> user
;
1472 if (user_id
.empty() && !subuser
.empty()) {
1473 size_t pos
= subuser
.find(':');
1474 if (pos
!= string::npos
) {
1475 user_id
= subuser
.substr(0, pos
);
1476 op_state
.set_user_id(user_id
);
1480 if (!user_id
.empty() && (user_id
.compare(RGW_USER_ANON_ID
) != 0)) {
1481 user
= store
->get_user(user_id
);
1482 found
= (user
->load_user(dpp
, y
) >= 0);
1483 op_state
.found_by_uid
= found
;
1485 if (store
->ctx()->_conf
.get_val
<bool>("rgw_user_unique_email")) {
1486 if (!user_email
.empty() && !found
) {
1487 found
= (store
->get_user_by_email(dpp
, user_email
, y
, &user
) >= 0);
1488 op_state
.found_by_email
= found
;
1491 if (!swift_user
.empty() && !found
) {
1492 found
= (store
->get_user_by_swift(dpp
, swift_user
, y
, &user
) >= 0);
1493 op_state
.found_by_key
= found
;
1495 if (!access_key
.empty() && !found
) {
1496 found
= (store
->get_user_by_access_key(dpp
, access_key
, y
, &user
) >= 0);
1497 op_state
.found_by_key
= found
;
1500 op_state
.set_existing_user(found
);
1502 op_state
.set_user_info(user
->get_info());
1503 op_state
.set_populated();
1504 op_state
.objv
= user
->get_version_tracker();
1506 old_info
= user
->get_info();
1510 if (user_id
.empty()) {
1511 user_id
= user
->get_id();
1513 op_state
.set_initialized();
1515 // this may have been called by a helper object
1516 int ret
= init_members(op_state
);
1523 int RGWUser::init_members(RGWUserAdminOpState
& op_state
)
1527 ret
= keys
.init(op_state
);
1531 ret
= subusers
.init(op_state
);
1535 ret
= caps
.init(op_state
);
1542 int RGWUser::update(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1546 std::string subprocess_msg
;
1547 rgw::sal::User
* user
= op_state
.get_user();
1550 set_err_msg(err_msg
, "couldn't initialize storage");
1554 RGWUserInfo
*pold_info
= (is_populated() ? &old_info
: nullptr);
1556 ret
= user
->store_user(dpp
, y
, false, pold_info
);
1557 op_state
.objv
= user
->get_version_tracker();
1559 set_err_msg(err_msg
, "unable to store user info");
1563 old_info
= user
->get_info();
1569 int RGWUser::check_op(RGWUserAdminOpState
& op_state
, std::string
*err_msg
)
1572 const rgw_user
& uid
= op_state
.get_user_id();
1574 if (uid
.compare(RGW_USER_ANON_ID
) == 0) {
1575 set_err_msg(err_msg
, "unable to perform operations on the anonymous user");
1579 if (is_populated() && user_id
.compare(uid
) != 0) {
1580 set_err_msg(err_msg
, "user id mismatch, operation id: " + uid
.to_str()
1581 + " does not match: " + user_id
.to_str());
1586 ret
= rgw_validate_tenant_name(uid
.tenant
);
1588 set_err_msg(err_msg
,
1589 "invalid tenant only alphanumeric and _ characters are allowed");
1593 //set key type when it not set or set by context
1594 if ((op_state
.get_key_type() < 0) || op_state
.key_type_setbycontext
) {
1595 op_state
.set_key_type(KEY_TYPE_S3
);
1596 op_state
.key_type_setbycontext
= true;
1602 // update swift_keys with new user id
1603 static void rename_swift_keys(const rgw_user
& user
,
1604 std::map
<std::string
, RGWAccessKey
>& keys
)
1606 std::string user_id
;
1607 user
.to_str(user_id
);
1609 auto modify_keys
= std::move(keys
);
1610 for ([[maybe_unused
]] auto& [k
, key
] : modify_keys
) {
1611 std::string id
= user_id
+ ":" + key
.subuser
;
1613 keys
[id
] = std::move(key
);
1617 int RGWUser::execute_rename(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1620 bool populated
= op_state
.is_populated();
1622 if (!op_state
.has_existing_user() && !populated
) {
1623 set_err_msg(err_msg
, "user not found");
1628 ret
= init(dpp
, op_state
, y
);
1630 set_err_msg(err_msg
, "unable to retrieve user info");
1635 std::unique_ptr
<rgw::sal::User
> old_user
= store
->get_user(op_state
.get_user_info().user_id
);
1636 std::unique_ptr
<rgw::sal::User
> new_user
= store
->get_user(op_state
.get_new_uid());
1637 if (old_user
->get_tenant() != new_user
->get_tenant()) {
1638 set_err_msg(err_msg
, "users have to be under the same tenant namespace "
1639 + old_user
->get_tenant() + " != " + new_user
->get_tenant());
1643 // create a stub user and write only the uid index and buckets object
1644 std::unique_ptr
<rgw::sal::User
> user
;
1645 user
= store
->get_user(new_user
->get_id());
1647 const bool exclusive
= !op_state
.get_overwrite_new_user(); // overwrite if requested
1649 ret
= user
->store_user(dpp
, y
, exclusive
);
1650 if (ret
== -EEXIST
) {
1651 set_err_msg(err_msg
, "user name given by --new-uid already exists");
1655 set_err_msg(err_msg
, "unable to store new user info");
1659 RGWAccessControlPolicy policy_instance
;
1660 policy_instance
.create_default(new_user
->get_id(), old_user
->get_display_name());
1662 //unlink and link buckets to new user
1664 CephContext
*cct
= store
->ctx();
1665 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
1666 rgw::sal::BucketList buckets
;
1669 ret
= old_user
->list_buckets(dpp
, marker
, "", max_buckets
, false, buckets
, y
);
1671 set_err_msg(err_msg
, "unable to list user buckets");
1675 auto& m
= buckets
.get_buckets();
1677 for (auto it
= m
.begin(); it
!= m
.end(); ++it
) {
1678 auto& bucket
= it
->second
;
1681 ret
= bucket
->load_bucket(dpp
, y
);
1683 set_err_msg(err_msg
, "failed to fetch bucket info for bucket=" + bucket
->get_name());
1687 ret
= bucket
->set_acl(dpp
, policy_instance
, y
);
1689 set_err_msg(err_msg
, "failed to set acl on bucket " + bucket
->get_name());
1693 ret
= bucket
->chown(dpp
, new_user
.get(), old_user
.get(), y
);
1695 set_err_msg(err_msg
, "failed to run bucket chown" + cpp_strerror(-ret
));
1700 } while (buckets
.is_truncated());
1702 // update the 'stub user' with all of the other fields and rewrite all of the
1703 // associated index objects
1704 RGWUserInfo
& user_info
= op_state
.get_user_info();
1705 user_info
.user_id
= new_user
->get_id();
1706 op_state
.objv
= user
->get_version_tracker();
1708 rename_swift_keys(new_user
->get_id(), user_info
.swift_keys
);
1710 return update(dpp
, op_state
, err_msg
, y
);
1713 int RGWUser::execute_add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
,
1716 const rgw_user
& uid
= op_state
.get_user_id();
1717 std::string user_email
= op_state
.get_user_email();
1718 std::string display_name
= op_state
.get_display_name();
1720 // set the user info
1721 RGWUserInfo user_info
;
1723 user_info
.user_id
= user_id
;
1724 user_info
.display_name
= display_name
;
1725 user_info
.type
= TYPE_RGW
;
1727 if (!user_email
.empty())
1728 user_info
.user_email
= user_email
;
1730 CephContext
*cct
= store
->ctx();
1731 if (op_state
.max_buckets_specified
) {
1732 user_info
.max_buckets
= op_state
.get_max_buckets();
1734 user_info
.max_buckets
=
1735 cct
->_conf
.get_val
<int64_t>("rgw_user_max_buckets");
1738 user_info
.suspended
= op_state
.get_suspension_status();
1739 user_info
.admin
= op_state
.admin
;
1740 user_info
.system
= op_state
.system
;
1742 if (op_state
.op_mask_specified
)
1743 user_info
.op_mask
= op_state
.get_op_mask();
1745 if (op_state
.has_bucket_quota()) {
1746 user_info
.bucket_quota
= op_state
.get_bucket_quota();
1748 rgw_apply_default_bucket_quota(user_info
.bucket_quota
, cct
->_conf
);
1751 if (op_state
.temp_url_key_specified
) {
1752 map
<int, string
>::iterator iter
;
1753 for (iter
= op_state
.temp_url_keys
.begin();
1754 iter
!= op_state
.temp_url_keys
.end(); ++iter
) {
1755 user_info
.temp_url_keys
[iter
->first
] = iter
->second
;
1759 if (op_state
.has_user_quota()) {
1760 user_info
.user_quota
= op_state
.get_user_quota();
1762 rgw_apply_default_user_quota(user_info
.user_quota
, cct
->_conf
);
1765 if (op_state
.default_placement_specified
) {
1766 user_info
.default_placement
= op_state
.default_placement
;
1769 if (op_state
.placement_tags_specified
) {
1770 user_info
.placement_tags
= op_state
.placement_tags
;
1773 // update the request
1774 op_state
.set_user_info(user_info
);
1775 op_state
.set_populated();
1777 // update the helper objects
1778 int ret
= init_members(op_state
);
1780 set_err_msg(err_msg
, "unable to initialize user");
1784 // see if we need to add an access key
1785 std::string subprocess_msg
;
1786 bool defer_user_update
= true;
1787 if (op_state
.has_key_op()) {
1788 ret
= keys
.add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1790 set_err_msg(err_msg
, "unable to create access key, " + subprocess_msg
);
1795 // see if we need to add some caps
1796 if (op_state
.has_caps_op()) {
1797 ret
= caps
.add(dpp
, op_state
, &subprocess_msg
, defer_user_update
, y
);
1799 set_err_msg(err_msg
, "unable to add user capabilities, " + subprocess_msg
);
1804 ret
= update(dpp
, op_state
, err_msg
, y
);
1811 int RGWUser::add(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1813 std::string subprocess_msg
;
1814 int ret
= user_add_helper(op_state
, &subprocess_msg
);
1816 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1820 ret
= check_op(op_state
, &subprocess_msg
);
1822 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1826 ret
= execute_add(dpp
, op_state
, &subprocess_msg
, y
);
1828 set_err_msg(err_msg
, "unable to create user, " + subprocess_msg
);
1835 int RGWUser::rename(RGWUserAdminOpState
& op_state
, optional_yield y
, const DoutPrefixProvider
*dpp
, std::string
*err_msg
)
1837 std::string subprocess_msg
;
1840 ret
= check_op(op_state
, &subprocess_msg
);
1842 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1846 ret
= execute_rename(dpp
, op_state
, &subprocess_msg
, y
);
1848 set_err_msg(err_msg
, "unable to rename user, " + subprocess_msg
);
1855 int RGWUser::execute_remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1859 bool purge_data
= op_state
.will_purge_data();
1860 rgw::sal::User
* user
= op_state
.get_user();
1862 if (!op_state
.has_existing_user()) {
1863 set_err_msg(err_msg
, "user does not exist");
1867 rgw::sal::BucketList buckets
;
1869 CephContext
*cct
= store
->ctx();
1870 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
1872 ret
= user
->list_buckets(dpp
, marker
, string(), max_buckets
, false, buckets
, y
);
1874 set_err_msg(err_msg
, "unable to read user bucket info");
1878 auto& m
= buckets
.get_buckets();
1879 if (!m
.empty() && !purge_data
) {
1880 set_err_msg(err_msg
, "must specify purge data to remove user with buckets");
1881 return -EEXIST
; // change to code that maps to 409: conflict
1884 for (auto it
= m
.begin(); it
!= m
.end(); ++it
) {
1885 ret
= it
->second
->remove_bucket(dpp
, true, false, nullptr, y
);
1887 set_err_msg(err_msg
, "unable to delete user data");
1894 } while (buckets
.is_truncated());
1896 ret
= user
->remove_user(dpp
, y
);
1898 set_err_msg(err_msg
, "unable to remove user from RADOS");
1902 op_state
.clear_populated();
1908 int RGWUser::remove(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
1910 std::string subprocess_msg
;
1913 ret
= check_op(op_state
, &subprocess_msg
);
1915 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
1919 ret
= execute_remove(dpp
, op_state
, &subprocess_msg
, y
);
1921 set_err_msg(err_msg
, "unable to remove user, " + subprocess_msg
);
1928 int RGWUser::execute_modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, std::string
*err_msg
, optional_yield y
)
1930 bool populated
= op_state
.is_populated();
1932 std::string subprocess_msg
;
1933 std::string op_email
= op_state
.get_user_email();
1934 std::string display_name
= op_state
.get_display_name();
1936 RGWUserInfo user_info
;
1937 std::unique_ptr
<rgw::sal::User
> duplicate_check
;
1939 // ensure that the user info has been populated or is populate-able
1940 if (!op_state
.has_existing_user() && !populated
) {
1941 set_err_msg(err_msg
, "user not found");
1945 // if the user hasn't already been populated...attempt to
1947 ret
= init(dpp
, op_state
, y
);
1949 set_err_msg(err_msg
, "unable to retrieve user info");
1954 // ensure that we can modify the user's attributes
1955 if (user_id
.compare(RGW_USER_ANON_ID
) == 0) {
1956 set_err_msg(err_msg
, "unable to modify anonymous user's info");
1960 user_info
= old_info
;
1962 std::string old_email
= old_info
.user_email
;
1963 if (!op_email
.empty()) {
1964 // make sure we are not adding a duplicate email
1965 if (old_email
!= op_email
) {
1966 ret
= store
->get_user_by_email(dpp
, op_email
, y
, &duplicate_check
);
1967 if (ret
>= 0 && duplicate_check
->get_id().compare(user_id
) != 0) {
1968 set_err_msg(err_msg
, "cannot add duplicate email");
1969 return -ERR_EMAIL_EXIST
;
1972 user_info
.user_email
= op_email
;
1973 } else if (op_email
.empty() && op_state
.user_email_specified
) {
1974 ldpp_dout(dpp
, 10) << "removing email index: " << user_info
.user_email
<< dendl
;
1975 /* will be physically removed later when calling update() */
1976 user_info
.user_email
.clear();
1979 // update the remaining user info
1980 if (!display_name
.empty())
1981 user_info
.display_name
= display_name
;
1983 if (op_state
.max_buckets_specified
)
1984 user_info
.max_buckets
= op_state
.get_max_buckets();
1986 if (op_state
.admin_specified
)
1987 user_info
.admin
= op_state
.admin
;
1989 if (op_state
.system_specified
)
1990 user_info
.system
= op_state
.system
;
1992 if (op_state
.temp_url_key_specified
) {
1993 map
<int, string
>::iterator iter
;
1994 for (iter
= op_state
.temp_url_keys
.begin();
1995 iter
!= op_state
.temp_url_keys
.end(); ++iter
) {
1996 user_info
.temp_url_keys
[iter
->first
] = iter
->second
;
2000 if (op_state
.op_mask_specified
)
2001 user_info
.op_mask
= op_state
.get_op_mask();
2003 if (op_state
.has_bucket_quota())
2004 user_info
.bucket_quota
= op_state
.get_bucket_quota();
2006 if (op_state
.has_user_quota())
2007 user_info
.user_quota
= op_state
.get_user_quota();
2009 if (op_state
.has_suspension_op()) {
2010 __u8 suspended
= op_state
.get_suspension_status();
2011 user_info
.suspended
= suspended
;
2013 rgw::sal::BucketList buckets
;
2015 if (user_id
.empty()) {
2016 set_err_msg(err_msg
, "empty user id passed...aborting");
2021 CephContext
*cct
= store
->ctx();
2022 size_t max_buckets
= cct
->_conf
->rgw_list_buckets_max_chunk
;
2023 std::unique_ptr
<rgw::sal::User
> user
= store
->get_user(user_id
);
2025 ret
= user
->list_buckets(dpp
, marker
, string(), max_buckets
, false, buckets
, y
);
2027 set_err_msg(err_msg
, "could not get buckets for uid: " + user_id
.to_str());
2031 auto& m
= buckets
.get_buckets();
2033 vector
<rgw_bucket
> bucket_names
;
2034 for (auto iter
= m
.begin(); iter
!= m
.end(); ++iter
) {
2035 auto& bucket
= iter
->second
;
2036 bucket_names
.push_back(bucket
->get_key());
2038 marker
= iter
->first
;
2041 ret
= store
->set_buckets_enabled(dpp
, bucket_names
, !suspended
);
2043 set_err_msg(err_msg
, "failed to modify bucket");
2047 } while (buckets
.is_truncated());
2050 if (op_state
.mfa_ids_specified
) {
2051 user_info
.mfa_ids
= op_state
.mfa_ids
;
2054 if (op_state
.default_placement_specified
) {
2055 user_info
.default_placement
= op_state
.default_placement
;
2058 if (op_state
.placement_tags_specified
) {
2059 user_info
.placement_tags
= op_state
.placement_tags
;
2062 op_state
.set_user_info(user_info
);
2064 // if we're supposed to modify keys, do so
2065 if (op_state
.has_key_op()) {
2066 ret
= keys
.add(dpp
, op_state
, &subprocess_msg
, true, y
);
2068 set_err_msg(err_msg
, "unable to create or modify keys, " + subprocess_msg
);
2073 ret
= update(dpp
, op_state
, err_msg
, y
);
2080 int RGWUser::modify(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, optional_yield y
, std::string
*err_msg
)
2082 std::string subprocess_msg
;
2085 ret
= check_op(op_state
, &subprocess_msg
);
2087 set_err_msg(err_msg
, "unable to parse parameters, " + subprocess_msg
);
2091 ret
= execute_modify(dpp
, op_state
, &subprocess_msg
, y
);
2093 set_err_msg(err_msg
, "unable to modify user, " + subprocess_msg
);
2100 int RGWUser::info(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, RGWUserInfo
& fetched_info
,
2101 optional_yield y
, std::string
*err_msg
)
2103 int ret
= init(dpp
, op_state
, y
);
2105 set_err_msg(err_msg
, "unable to fetch user info");
2109 fetched_info
= op_state
.get_user_info();
2114 int RGWUser::info(RGWUserInfo
& fetched_info
, std::string
*err_msg
)
2116 if (!is_populated()) {
2117 set_err_msg(err_msg
, "no user info saved");
2121 fetched_info
= old_info
;
2126 int RGWUser::list(const DoutPrefixProvider
*dpp
, RGWUserAdminOpState
& op_state
, RGWFormatterFlusher
& flusher
)
2128 Formatter
*formatter
= flusher
.get_formatter();
2129 void *handle
= nullptr;
2130 std::string metadata_key
= "user";
2131 if (op_state
.max_entries
> 1000) {
2132 op_state
.max_entries
= 1000;
2135 int ret
= store
->meta_list_keys_init(dpp
, metadata_key
, op_state
.marker
, &handle
);
2140 bool truncated
= false;
2145 // open the result object section
2146 formatter
->open_object_section("result");
2148 // open the user id list array section
2149 formatter
->open_array_section("keys");
2151 std::list
<std::string
> keys
;
2152 left
= op_state
.max_entries
- count
;
2153 ret
= store
->meta_list_keys_next(dpp
, handle
, left
, keys
, &truncated
);
2154 if (ret
< 0 && ret
!= -ENOENT
) {
2156 } if (ret
!= -ENOENT
) {
2157 for (std::list
<std::string
>::iterator iter
= keys
.begin(); iter
!= keys
.end(); ++iter
) {
2158 formatter
->dump_string("key", *iter
);
2162 } while (truncated
&& left
> 0);
2163 // close user id list section
2164 formatter
->close_section();
2166 formatter
->dump_bool("truncated", truncated
);
2167 formatter
->dump_int("count", count
);
2169 formatter
->dump_string("marker", store
->meta_get_marker(handle
));
2172 // close result object section
2173 formatter
->close_section();
2175 store
->meta_list_keys_complete(handle
);
2181 int RGWUserAdminOp_User::list(const DoutPrefixProvider
*dpp
, rgw::sal::Store
* store
, RGWUserAdminOpState
& op_state
,
2182 RGWFormatterFlusher
& flusher
)
2186 int ret
= user
.init_storage(store
);
2190 ret
= user
.list(dpp
, op_state
, flusher
);
2197 int RGWUserAdminOp_User::info(const DoutPrefixProvider
*dpp
,
2198 rgw::sal::Store
* store
, RGWUserAdminOpState
& op_state
,
2199 RGWFormatterFlusher
& flusher
,
2204 std::unique_ptr
<rgw::sal::User
> ruser
;
2206 int ret
= user
.init(dpp
, store
, op_state
, y
);
2210 if (!op_state
.has_existing_user())
2211 return -ERR_NO_SUCH_USER
;
2213 Formatter
*formatter
= flusher
.get_formatter();
2215 ret
= user
.info(info
, NULL
);
2219 ruser
= store
->get_user(info
.user_id
);
2221 if (op_state
.sync_stats
) {
2222 ret
= rgw_user_sync_all_stats(dpp
, store
, ruser
.get(), y
);
2228 RGWStorageStats stats
;
2229 RGWStorageStats
*arg_stats
= NULL
;
2230 if (op_state
.fetch_stats
) {
2231 int ret
= ruser
->read_stats(dpp
, y
, &stats
);
2232 if (ret
< 0 && ret
!= -ENOENT
) {
2242 dump_user_info(formatter
, info
, arg_stats
);
2249 int RGWUserAdminOp_User::create(const DoutPrefixProvider
*dpp
,
2250 rgw::sal::Store
* store
,
2251 RGWUserAdminOpState
& op_state
,
2252 RGWFormatterFlusher
& flusher
, optional_yield y
)
2256 int ret
= user
.init(dpp
, store
, op_state
, y
);
2260 Formatter
*formatter
= flusher
.get_formatter();
2262 ret
= user
.add(dpp
, op_state
, y
, NULL
);
2265 ret
= -ERR_USER_EXIST
;
2269 ret
= user
.info(info
, NULL
);
2276 dump_user_info(formatter
, info
);
2283 int RGWUserAdminOp_User::modify(const DoutPrefixProvider
*dpp
,
2284 rgw::sal::Store
* store
,
2285 RGWUserAdminOpState
& op_state
,
2286 RGWFormatterFlusher
& flusher
, optional_yield y
)
2290 int ret
= user
.init(dpp
, store
, op_state
, y
);
2293 Formatter
*formatter
= flusher
.get_formatter();
2295 ret
= user
.modify(dpp
, op_state
, y
, NULL
);
2298 ret
= -ERR_NO_SUCH_USER
;
2302 ret
= user
.info(info
, NULL
);
2309 dump_user_info(formatter
, info
);
2316 int RGWUserAdminOp_User::remove(const DoutPrefixProvider
*dpp
,
2317 rgw::sal::Store
* store
, RGWUserAdminOpState
& op_state
,
2318 RGWFormatterFlusher
& flusher
, optional_yield y
)
2322 int ret
= user
.init(dpp
, store
, op_state
, y
);
2327 ret
= user
.remove(dpp
, op_state
, y
, NULL
);
2330 ret
= -ERR_NO_SUCH_USER
;
2334 int RGWUserAdminOp_Subuser::create(const DoutPrefixProvider
*dpp
,
2335 rgw::sal::Store
* store
,
2336 RGWUserAdminOpState
& op_state
,
2337 RGWFormatterFlusher
& flusher
,
2342 int ret
= user
.init(dpp
, store
, op_state
, y
);
2346 if (!op_state
.has_existing_user())
2347 return -ERR_NO_SUCH_USER
;
2349 Formatter
*formatter
= flusher
.get_formatter();
2351 ret
= user
.subusers
.add(dpp
, op_state
, y
, NULL
);
2355 ret
= user
.info(info
, NULL
);
2362 dump_subusers_info(formatter
, info
);
2369 int RGWUserAdminOp_Subuser::modify(const DoutPrefixProvider
*dpp
,
2370 rgw::sal::Store
* store
, RGWUserAdminOpState
& op_state
,
2371 RGWFormatterFlusher
& flusher
, optional_yield y
)
2375 int ret
= user
.init(dpp
, store
, op_state
, y
);
2379 if (!op_state
.has_existing_user())
2380 return -ERR_NO_SUCH_USER
;
2382 Formatter
*formatter
= flusher
.get_formatter();
2384 ret
= user
.subusers
.modify(dpp
, op_state
, y
, NULL
);
2388 ret
= user
.info(info
, NULL
);
2395 dump_subusers_info(formatter
, info
);
2402 int RGWUserAdminOp_Subuser::remove(const DoutPrefixProvider
*dpp
,
2403 rgw::sal::Store
* store
,
2404 RGWUserAdminOpState
& op_state
,
2405 RGWFormatterFlusher
& flusher
,
2410 int ret
= user
.init(dpp
, store
, op_state
, y
);
2415 if (!op_state
.has_existing_user())
2416 return -ERR_NO_SUCH_USER
;
2418 ret
= user
.subusers
.remove(dpp
, op_state
, y
, NULL
);
2425 int RGWUserAdminOp_Key::create(const DoutPrefixProvider
*dpp
,
2426 rgw::sal::Store
* store
, RGWUserAdminOpState
& op_state
,
2427 RGWFormatterFlusher
& flusher
,
2432 int ret
= user
.init(dpp
, store
, op_state
, y
);
2436 if (!op_state
.has_existing_user())
2437 return -ERR_NO_SUCH_USER
;
2439 Formatter
*formatter
= flusher
.get_formatter();
2441 ret
= user
.keys
.add(dpp
, op_state
, y
, NULL
);
2445 ret
= user
.info(info
, NULL
);
2452 int key_type
= op_state
.get_key_type();
2454 if (key_type
== KEY_TYPE_SWIFT
)
2455 dump_swift_keys_info(formatter
, info
);
2457 else if (key_type
== KEY_TYPE_S3
)
2458 dump_access_keys_info(formatter
, info
);
2466 int RGWUserAdminOp_Key::remove(const DoutPrefixProvider
*dpp
,
2467 rgw::sal::Store
* store
,
2468 RGWUserAdminOpState
& op_state
,
2469 RGWFormatterFlusher
& flusher
,
2474 int ret
= user
.init(dpp
, store
, op_state
, y
);
2478 if (!op_state
.has_existing_user())
2479 return -ERR_NO_SUCH_USER
;
2482 ret
= user
.keys
.remove(dpp
, op_state
, y
, NULL
);
2489 int RGWUserAdminOp_Caps::add(const DoutPrefixProvider
*dpp
,
2490 rgw::sal::Store
* store
,
2491 RGWUserAdminOpState
& op_state
,
2492 RGWFormatterFlusher
& flusher
, optional_yield y
)
2496 int ret
= user
.init(dpp
, store
, op_state
, y
);
2500 if (!op_state
.has_existing_user())
2501 return -ERR_NO_SUCH_USER
;
2503 Formatter
*formatter
= flusher
.get_formatter();
2505 ret
= user
.caps
.add(dpp
, op_state
, y
, NULL
);
2509 ret
= user
.info(info
, NULL
);
2516 info
.caps
.dump(formatter
);
2524 int RGWUserAdminOp_Caps::remove(const DoutPrefixProvider
*dpp
,
2525 rgw::sal::Store
* store
,
2526 RGWUserAdminOpState
& op_state
,
2527 RGWFormatterFlusher
& flusher
, optional_yield y
)
2531 int ret
= user
.init(dpp
, store
, op_state
, y
);
2535 if (!op_state
.has_existing_user())
2536 return -ERR_NO_SUCH_USER
;
2538 Formatter
*formatter
= flusher
.get_formatter();
2540 ret
= user
.caps
.remove(dpp
, op_state
, y
, NULL
);
2544 ret
= user
.info(info
, NULL
);
2551 info
.caps
.dump(formatter
);
2558 class RGWUserMetadataHandler
: public RGWMetadataHandler_GenericMetaBE
{
2561 RGWSI_User
*user
{nullptr};
2564 RGWUserMetadataHandler(RGWSI_User
*user_svc
) {
2565 base_init(user_svc
->ctx(), user_svc
->get_be_handler());
2566 svc
.user
= user_svc
;
2569 string
get_type() override
{ return "user"; }
2571 int do_get(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
, RGWMetadataObject
**obj
, optional_yield y
, const DoutPrefixProvider
*dpp
) override
{
2572 RGWUserCompleteInfo uci
;
2573 RGWObjVersionTracker objv_tracker
;
2576 rgw_user user
= RGWSI_User::user_from_meta_key(entry
);
2578 int ret
= svc
.user
->read_user_info(op
->ctx(), user
, &uci
.info
, &objv_tracker
,
2579 &mtime
, nullptr, &uci
.attrs
,
2585 RGWUserMetadataObject
*mdo
= new RGWUserMetadataObject(uci
, objv_tracker
.read_version
, mtime
);
2591 RGWMetadataObject
*get_meta_obj(JSONObj
*jo
, const obj_version
& objv
, const ceph::real_time
& mtime
) override
{
2592 RGWUserCompleteInfo uci
;
2595 decode_json_obj(uci
, jo
);
2596 } catch (JSONDecoder::err
& e
) {
2600 return new RGWUserMetadataObject(uci
, objv
, mtime
);
2603 int do_put(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2604 RGWMetadataObject
*obj
,
2605 RGWObjVersionTracker
& objv_tracker
,
2606 optional_yield y
, const DoutPrefixProvider
*dpp
,
2607 RGWMDLogSyncType type
, bool from_remote_zone
) override
;
2609 int do_remove(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
, RGWObjVersionTracker
& objv_tracker
,
2610 optional_yield y
, const DoutPrefixProvider
*dpp
) override
{
2613 rgw_user user
= RGWSI_User::user_from_meta_key(entry
);
2615 int ret
= svc
.user
->read_user_info(op
->ctx(), user
, &info
, nullptr,
2616 nullptr, nullptr, nullptr,
2622 return svc
.user
->remove_user_info(op
->ctx(), info
, &objv_tracker
,
2627 class RGWMetadataHandlerPut_User
: public RGWMetadataHandlerPut_SObj
2629 RGWUserMetadataHandler
*uhandler
;
2630 RGWUserMetadataObject
*uobj
;
2632 RGWMetadataHandlerPut_User(RGWUserMetadataHandler
*_handler
,
2633 RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2634 RGWMetadataObject
*obj
, RGWObjVersionTracker
& objv_tracker
,
2636 RGWMDLogSyncType type
, bool from_remote_zone
) : RGWMetadataHandlerPut_SObj(_handler
, op
, entry
, obj
, objv_tracker
, y
, type
, from_remote_zone
),
2637 uhandler(_handler
) {
2638 uobj
= static_cast<RGWUserMetadataObject
*>(obj
);
2641 int put_checked(const DoutPrefixProvider
*dpp
) override
;
2644 int RGWUserMetadataHandler::do_put(RGWSI_MetaBackend_Handler::Op
*op
, string
& entry
,
2645 RGWMetadataObject
*obj
,
2646 RGWObjVersionTracker
& objv_tracker
,
2647 optional_yield y
, const DoutPrefixProvider
*dpp
,
2648 RGWMDLogSyncType type
, bool from_remote_zone
)
2650 RGWMetadataHandlerPut_User
put_op(this, op
, entry
, obj
, objv_tracker
, y
, type
, from_remote_zone
);
2651 return do_put_operate(&put_op
, dpp
);
2654 int RGWMetadataHandlerPut_User::put_checked(const DoutPrefixProvider
*dpp
)
2656 RGWUserMetadataObject
*orig_obj
= static_cast<RGWUserMetadataObject
*>(old_obj
);
2657 RGWUserCompleteInfo
& uci
= uobj
->get_uci();
2659 map
<string
, bufferlist
> *pattrs
{nullptr};
2660 if (uci
.has_attrs
) {
2661 pattrs
= &uci
.attrs
;
2664 RGWUserInfo
*pold_info
= (orig_obj
? &orig_obj
->get_uci().info
: nullptr);
2666 auto mtime
= obj
->get_mtime();
2668 int ret
= uhandler
->svc
.user
->store_user_info(op
->ctx(), uci
.info
, pold_info
,
2669 &objv_tracker
, mtime
,
2670 false, pattrs
, y
, dpp
);
2675 return STATUS_APPLIED
;
2679 RGWUserCtl::RGWUserCtl(RGWSI_Zone
*zone_svc
,
2680 RGWSI_User
*user_svc
,
2681 RGWUserMetadataHandler
*_umhandler
) : umhandler(_umhandler
) {
2682 svc
.zone
= zone_svc
;
2683 svc
.user
= user_svc
;
2684 be_handler
= umhandler
->get_be_handler();
2688 class optional_default
2690 const std::optional
<T
>& opt
;
2691 std::optional
<T
> def
;
2694 optional_default(const std::optional
<T
>& _o
) : opt(_o
) {
2703 const T
*operator->() {
2707 const T
& operator*() {
2712 int RGWUserCtl::get_info_by_uid(const DoutPrefixProvider
*dpp
,
2713 const rgw_user
& uid
,
2716 const GetParams
& params
)
2719 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2720 return svc
.user
->read_user_info(op
->ctx(),
2723 params
.objv_tracker
,
2732 int RGWUserCtl::get_info_by_email(const DoutPrefixProvider
*dpp
,
2733 const string
& email
,
2736 const GetParams
& params
)
2738 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2739 return svc
.user
->get_user_info_by_email(op
->ctx(), email
,
2741 params
.objv_tracker
,
2748 int RGWUserCtl::get_info_by_swift(const DoutPrefixProvider
*dpp
,
2749 const string
& swift_name
,
2752 const GetParams
& params
)
2754 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2755 return svc
.user
->get_user_info_by_swift(op
->ctx(), swift_name
,
2757 params
.objv_tracker
,
2764 int RGWUserCtl::get_info_by_access_key(const DoutPrefixProvider
*dpp
,
2765 const string
& access_key
,
2768 const GetParams
& params
)
2770 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2771 return svc
.user
->get_user_info_by_access_key(op
->ctx(), access_key
,
2773 params
.objv_tracker
,
2780 int RGWUserCtl::get_attrs_by_uid(const DoutPrefixProvider
*dpp
,
2781 const rgw_user
& user_id
,
2782 map
<string
, bufferlist
> *pattrs
,
2784 RGWObjVersionTracker
*objv_tracker
)
2786 RGWUserInfo user_info
;
2788 return get_info_by_uid(dpp
, user_id
, &user_info
, y
, RGWUserCtl::GetParams()
2790 .set_objv_tracker(objv_tracker
));
2793 int RGWUserCtl::store_info(const DoutPrefixProvider
*dpp
,
2794 const RGWUserInfo
& info
, optional_yield y
,
2795 const PutParams
& params
)
2797 string key
= RGWSI_User::get_meta_key(info
.user_id
);
2799 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2800 return svc
.user
->store_user_info(op
->ctx(), info
,
2802 params
.objv_tracker
,
2811 int RGWUserCtl::remove_info(const DoutPrefixProvider
*dpp
,
2812 const RGWUserInfo
& info
, optional_yield y
,
2813 const RemoveParams
& params
)
2816 string key
= RGWSI_User::get_meta_key(info
.user_id
);
2818 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2819 return svc
.user
->remove_user_info(op
->ctx(), info
,
2820 params
.objv_tracker
,
2825 int RGWUserCtl::add_bucket(const DoutPrefixProvider
*dpp
,
2826 const rgw_user
& user
,
2827 const rgw_bucket
& bucket
,
2828 ceph::real_time creation_time
,
2832 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2833 return svc
.user
->add_bucket(dpp
, op
->ctx(), user
, bucket
, creation_time
, y
);
2837 int RGWUserCtl::remove_bucket(const DoutPrefixProvider
*dpp
,
2838 const rgw_user
& user
,
2839 const rgw_bucket
& bucket
,
2843 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2844 return svc
.user
->remove_bucket(dpp
, op
->ctx(), user
, bucket
, y
);
2848 int RGWUserCtl::list_buckets(const DoutPrefixProvider
*dpp
,
2849 const rgw_user
& user
,
2850 const string
& marker
,
2851 const string
& end_marker
,
2854 RGWUserBuckets
*buckets
,
2857 uint64_t default_max
)
2863 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2864 int ret
= svc
.user
->list_buckets(dpp
, op
->ctx(), user
, marker
, end_marker
,
2865 max
, buckets
, is_truncated
, y
);
2870 map
<string
, RGWBucketEnt
>& m
= buckets
->get_buckets();
2871 ret
= ctl
.bucket
->read_buckets_stats(m
, y
, dpp
);
2872 if (ret
< 0 && ret
!= -ENOENT
) {
2873 ldpp_dout(dpp
, 0) << "ERROR: could not get stats for buckets" << dendl
;
2881 int RGWUserCtl::flush_bucket_stats(const DoutPrefixProvider
*dpp
,
2882 const rgw_user
& user
,
2883 const RGWBucketEnt
& ent
,
2886 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2887 return svc
.user
->flush_bucket_stats(dpp
, op
->ctx(), user
, ent
, y
);
2891 int RGWUserCtl::complete_flush_stats(const DoutPrefixProvider
*dpp
, const rgw_user
& user
, optional_yield y
)
2893 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2894 return svc
.user
->complete_flush_stats(dpp
, op
->ctx(), user
, y
);
2898 int RGWUserCtl::reset_stats(const DoutPrefixProvider
*dpp
, const rgw_user
& user
, optional_yield y
)
2900 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2901 return svc
.user
->reset_bucket_stats(dpp
, op
->ctx(), user
, y
);
2905 int RGWUserCtl::read_stats(const DoutPrefixProvider
*dpp
,
2906 const rgw_user
& user
, RGWStorageStats
*stats
,
2908 ceph::real_time
*last_stats_sync
,
2909 ceph::real_time
*last_stats_update
)
2911 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2912 return svc
.user
->read_stats(dpp
, op
->ctx(), user
, stats
,
2913 last_stats_sync
, last_stats_update
, y
);
2917 int RGWUserCtl::read_stats_async(const DoutPrefixProvider
*dpp
, const rgw_user
& user
, RGWGetUserStats_CB
*cb
)
2919 return be_handler
->call([&](RGWSI_MetaBackend_Handler::Op
*op
) {
2920 return svc
.user
->read_stats_async(dpp
, op
->ctx(), user
, cb
);
2924 RGWMetadataHandler
*RGWUserMetaHandlerAllocator::alloc(RGWSI_User
*user_svc
) {
2925 return new RGWUserMetadataHandler(user_svc
);
2928 void rgw_user::dump(Formatter
*f
) const
2930 ::encode_json("user", *this, f
);