1 use std
::collections
::{HashSet, HashMap}
;
3 use std
::os
::unix
::ffi
::OsStrExt
;
4 use std
::sync
::{Arc, Mutex}
;
5 use std
::path
::{Path, PathBuf}
;
8 use anyhow
::{bail, format_err, Error}
;
10 use hyper
::http
::request
::Parts
;
11 use hyper
::{header, Body, Response, StatusCode}
;
12 use serde_json
::{json, Value}
;
15 api
, ApiResponseFuture
, ApiHandler
, ApiMethod
, Router
,
16 RpcEnvironment
, RpcEnvironmentType
, Permission
18 use proxmox
::api
::router
::SubdirMap
;
19 use proxmox
::api
::schema
::*;
20 use proxmox
::tools
::fs
::{replace_file, CreateOptions}
;
21 use proxmox
::{http_err, identity, list_subdirs_api_method, sortable}
;
23 use pxar
::accessor
::aio
::{Accessor, FileContents, FileEntry}
;
26 use crate::api2
::types
::*;
27 use crate::api2
::node
::rrd
::create_value_from_rrd
;
29 use crate::config
::datastore
;
30 use crate::config
::cached_user_info
::CachedUserInfo
;
32 use crate::server
::WorkerTask
;
35 zip
::{ZipEncoder, ZipEntry}
,
36 AsyncChannelWriter
, AsyncReaderStream
, WrappedReaderStream
,
39 use crate::config
::acl
::{
41 PRIV_DATASTORE_MODIFY
,
44 PRIV_DATASTORE_BACKUP
,
45 PRIV_DATASTORE_VERIFY
,
48 fn check_priv_or_backup_owner(
53 ) -> Result
<(), Error
> {
54 let user_info
= CachedUserInfo
::new()?
;
55 let privs
= user_info
.lookup_privs(&auth_id
, &["datastore", store
.name()]);
57 if privs
& required_privs
== 0 {
58 let owner
= store
.get_owner(group
)?
;
59 check_backup_owner(&owner
, auth_id
)?
;
64 fn check_backup_owner(
67 ) -> Result
<(), Error
> {
68 let correct_owner
= owner
== auth_id
69 || (owner
.is_token() && &Authid
::from(owner
.user().clone()) == auth_id
);
71 bail
!("backup owner check failed ({} != {})", auth_id
, owner
);
78 backup_dir
: &BackupDir
,
79 ) -> Result
<(BackupManifest
, Vec
<BackupContent
>), Error
> {
81 let (manifest
, index_size
) = store
.load_manifest(backup_dir
)?
;
83 let mut result
= Vec
::new();
84 for item
in manifest
.files() {
85 result
.push(BackupContent
{
86 filename
: item
.filename
.clone(),
87 crypt_mode
: Some(item
.crypt_mode
),
88 size
: Some(item
.size
),
92 result
.push(BackupContent
{
93 filename
: MANIFEST_BLOB_NAME
.to_string(),
94 crypt_mode
: match manifest
.signature
{
95 Some(_
) => Some(CryptMode
::SignOnly
),
96 None
=> Some(CryptMode
::None
),
98 size
: Some(index_size
),
101 Ok((manifest
, result
))
104 fn get_all_snapshot_files(
107 ) -> Result
<(BackupManifest
, Vec
<BackupContent
>), Error
> {
109 let (manifest
, mut files
) = read_backup_index(&store
, &info
.backup_dir
)?
;
111 let file_set
= files
.iter().fold(HashSet
::new(), |mut acc
, item
| {
112 acc
.insert(item
.filename
.clone());
116 for file
in &info
.files
{
117 if file_set
.contains(file
) { continue; }
118 files
.push(BackupContent
{
119 filename
: file
.to_string(),
125 Ok((manifest
, files
))
128 fn group_backups(backup_list
: Vec
<BackupInfo
>) -> HashMap
<String
, Vec
<BackupInfo
>> {
130 let mut group_hash
= HashMap
::new();
132 for info
in backup_list
{
133 let group_id
= info
.backup_dir
.group().group_path().to_str().unwrap().to_owned();
134 let time_list
= group_hash
.entry(group_id
).or_insert(vec
![]);
135 time_list
.push(info
);
145 schema
: DATASTORE_SCHEMA
,
151 description
: "Returns the list of backup groups.",
157 permission
: &Permission
::Privilege(
158 &["datastore", "{store}"],
159 PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
,
163 /// List backup groups.
166 rpcenv
: &mut dyn RpcEnvironment
,
167 ) -> Result
<Vec
<GroupListItem
>, Error
> {
169 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
170 let user_info
= CachedUserInfo
::new()?
;
171 let user_privs
= user_info
.lookup_privs(&auth_id
, &["datastore", &store
]);
173 let datastore
= DataStore
::lookup_datastore(&store
)?
;
175 let backup_list
= BackupInfo
::list_backups(&datastore
.base_path())?
;
177 let group_hash
= group_backups(backup_list
);
179 let mut groups
= Vec
::new();
181 for (_group_id
, mut list
) in group_hash
{
183 BackupInfo
::sort_list(&mut list
, false);
187 let group
= info
.backup_dir
.group();
189 let list_all
= (user_privs
& PRIV_DATASTORE_AUDIT
) != 0;
190 let owner
= datastore
.get_owner(group
)?
;
191 if !list_all
&& check_backup_owner(&owner
, &auth_id
).is_err() {
195 let result_item
= GroupListItem
{
196 backup_type
: group
.backup_type().to_string(),
197 backup_id
: group
.backup_id().to_string(),
198 last_backup
: info
.backup_dir
.backup_time(),
199 backup_count
: list
.len() as u64,
200 files
: info
.files
.clone(),
203 groups
.push(result_item
);
213 schema
: DATASTORE_SCHEMA
,
216 schema
: BACKUP_TYPE_SCHEMA
,
219 schema
: BACKUP_ID_SCHEMA
,
222 schema
: BACKUP_TIME_SCHEMA
,
228 description
: "Returns the list of archive files inside a backup snapshots.",
234 permission
: &Permission
::Privilege(
235 &["datastore", "{store}"],
236 PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_READ
| PRIV_DATASTORE_BACKUP
,
240 /// List snapshot files.
241 pub fn list_snapshot_files(
247 rpcenv
: &mut dyn RpcEnvironment
,
248 ) -> Result
<Vec
<BackupContent
>, Error
> {
250 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
251 let datastore
= DataStore
::lookup_datastore(&store
)?
;
253 let snapshot
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
255 check_priv_or_backup_owner(&datastore
, snapshot
.group(), &auth_id
, PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_READ
)?
;
257 let info
= BackupInfo
::new(&datastore
.base_path(), snapshot
)?
;
259 let (_manifest
, files
) = get_all_snapshot_files(&datastore
, &info
)?
;
268 schema
: DATASTORE_SCHEMA
,
271 schema
: BACKUP_TYPE_SCHEMA
,
274 schema
: BACKUP_ID_SCHEMA
,
277 schema
: BACKUP_TIME_SCHEMA
,
282 permission
: &Permission
::Privilege(
283 &["datastore", "{store}"],
284 PRIV_DATASTORE_MODIFY
| PRIV_DATASTORE_PRUNE
,
288 /// Delete backup snapshot.
295 rpcenv
: &mut dyn RpcEnvironment
,
296 ) -> Result
<Value
, Error
> {
298 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
300 let snapshot
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
301 let datastore
= DataStore
::lookup_datastore(&store
)?
;
303 check_priv_or_backup_owner(&datastore
, snapshot
.group(), &auth_id
, PRIV_DATASTORE_MODIFY
)?
;
305 datastore
.remove_backup_dir(&snapshot
, false)?
;
314 schema
: DATASTORE_SCHEMA
,
318 schema
: BACKUP_TYPE_SCHEMA
,
322 schema
: BACKUP_ID_SCHEMA
,
328 description
: "Returns the list of snapshots.",
330 type: SnapshotListItem
,
334 permission
: &Permission
::Privilege(
335 &["datastore", "{store}"],
336 PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
,
340 /// List backup snapshots.
341 pub fn list_snapshots (
343 backup_type
: Option
<String
>,
344 backup_id
: Option
<String
>,
347 rpcenv
: &mut dyn RpcEnvironment
,
348 ) -> Result
<Vec
<SnapshotListItem
>, Error
> {
350 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
351 let user_info
= CachedUserInfo
::new()?
;
352 let user_privs
= user_info
.lookup_privs(&auth_id
, &["datastore", &store
]);
354 let datastore
= DataStore
::lookup_datastore(&store
)?
;
356 let base_path
= datastore
.base_path();
358 let backup_list
= BackupInfo
::list_backups(&base_path
)?
;
360 let mut snapshots
= vec
![];
362 for info
in backup_list
{
363 let group
= info
.backup_dir
.group();
364 if let Some(ref backup_type
) = backup_type
{
365 if backup_type
!= group
.backup_type() { continue; }
367 if let Some(ref backup_id
) = backup_id
{
368 if backup_id
!= group
.backup_id() { continue; }
371 let list_all
= (user_privs
& PRIV_DATASTORE_AUDIT
) != 0;
372 let owner
= datastore
.get_owner(group
)?
;
374 if !list_all
&& check_backup_owner(&owner
, &auth_id
).is_err() {
380 let (comment
, verification
, files
) = match get_all_snapshot_files(&datastore
, &info
) {
381 Ok((manifest
, files
)) => {
382 size
= Some(files
.iter().map(|x
| x
.size
.unwrap_or(0)).sum());
383 // extract the first line from notes
384 let comment
: Option
<String
> = manifest
.unprotected
["notes"]
386 .and_then(|notes
| notes
.lines().next())
389 let verify
= manifest
.unprotected
["verify_state"].clone();
390 let verify
: Option
<SnapshotVerifyState
> = match serde_json
::from_value(verify
) {
391 Ok(verify
) => verify
,
393 eprintln
!("error parsing verification state : '{}'", err
);
398 (comment
, verify
, files
)
401 eprintln
!("error during snapshot file listing: '{}'", err
);
408 .map(|x
| BackupContent
{
409 filename
: x
.to_string(),
418 let result_item
= SnapshotListItem
{
419 backup_type
: group
.backup_type().to_string(),
420 backup_id
: group
.backup_id().to_string(),
421 backup_time
: info
.backup_dir
.backup_time(),
429 snapshots
.push(result_item
);
435 fn get_snapshots_count(store
: &DataStore
) -> Result
<Counts
, Error
> {
436 let base_path
= store
.base_path();
437 let backup_list
= BackupInfo
::list_backups(&base_path
)?
;
438 let mut groups
= HashSet
::new();
440 let mut result
= Counts
{
447 for info
in backup_list
{
448 let group
= info
.backup_dir
.group();
450 let id
= group
.backup_id();
451 let backup_type
= group
.backup_type();
453 let mut new_id
= false;
455 if groups
.insert(format
!("{}-{}", &backup_type
, &id
)) {
459 let mut counts
= match backup_type
{
460 "ct" => result
.ct
.take().unwrap_or(Default
::default()),
461 "host" => result
.host
.take().unwrap_or(Default
::default()),
462 "vm" => result
.vm
.take().unwrap_or(Default
::default()),
463 _
=> result
.other
.take().unwrap_or(Default
::default()),
466 counts
.snapshots
+= 1;
472 "ct" => result
.ct
= Some(counts
),
473 "host" => result
.host
= Some(counts
),
474 "vm" => result
.vm
= Some(counts
),
475 _
=> result
.other
= Some(counts
),
486 schema
: DATASTORE_SCHEMA
,
491 type: DataStoreStatus
,
494 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
, true),
497 /// Get datastore status.
501 _rpcenv
: &mut dyn RpcEnvironment
,
502 ) -> Result
<DataStoreStatus
, Error
> {
503 let datastore
= DataStore
::lookup_datastore(&store
)?
;
504 let storage
= crate::tools
::disks
::disk_usage(&datastore
.base_path())?
;
505 let counts
= get_snapshots_count(&datastore
)?
;
506 let gc_status
= datastore
.last_gc_status();
509 total
: storage
.total
,
511 avail
: storage
.avail
,
521 schema
: DATASTORE_SCHEMA
,
524 schema
: BACKUP_TYPE_SCHEMA
,
528 schema
: BACKUP_ID_SCHEMA
,
532 schema
: BACKUP_TIME_SCHEMA
,
541 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_VERIFY
| PRIV_DATASTORE_BACKUP
, true),
546 /// This function can verify a single backup snapshot, all backup from a backup group,
547 /// or all backups in the datastore.
550 backup_type
: Option
<String
>,
551 backup_id
: Option
<String
>,
552 backup_time
: Option
<i64>,
553 rpcenv
: &mut dyn RpcEnvironment
,
554 ) -> Result
<Value
, Error
> {
555 let datastore
= DataStore
::lookup_datastore(&store
)?
;
557 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
560 let mut backup_dir
= None
;
561 let mut backup_group
= None
;
562 let mut worker_type
= "verify";
564 match (backup_type
, backup_id
, backup_time
) {
565 (Some(backup_type
), Some(backup_id
), Some(backup_time
)) => {
566 worker_id
= format
!("{}:{}/{}/{:08X}", store
, backup_type
, backup_id
, backup_time
);
567 let dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
569 check_priv_or_backup_owner(&datastore
, dir
.group(), &auth_id
, PRIV_DATASTORE_VERIFY
)?
;
571 backup_dir
= Some(dir
);
572 worker_type
= "verify_snapshot";
574 (Some(backup_type
), Some(backup_id
), None
) => {
575 worker_id
= format
!("{}:{}/{}", store
, backup_type
, backup_id
);
576 let group
= BackupGroup
::new(backup_type
, backup_id
);
578 check_priv_or_backup_owner(&datastore
, &group
, &auth_id
, PRIV_DATASTORE_VERIFY
)?
;
580 backup_group
= Some(group
);
581 worker_type
= "verify_group";
583 (None
, None
, None
) => {
584 worker_id
= store
.clone();
586 _
=> bail
!("parameters do not specify a backup group or snapshot"),
589 let to_stdout
= if rpcenv
.env_type() == RpcEnvironmentType
::CLI { true }
else { false }
;
591 let upid_str
= WorkerTask
::new_thread(
593 Some(worker_id
.clone()),
597 let verified_chunks
= Arc
::new(Mutex
::new(HashSet
::with_capacity(1024*16)));
598 let corrupt_chunks
= Arc
::new(Mutex
::new(HashSet
::with_capacity(64)));
600 let failed_dirs
= if let Some(backup_dir
) = backup_dir
{
601 let mut res
= Vec
::new();
602 if !verify_backup_dir(
608 worker
.upid().clone(),
611 res
.push(backup_dir
.to_string());
614 } else if let Some(backup_group
) = backup_group
{
615 let (_count
, failed_dirs
) = verify_backup_group(
627 let privs
= CachedUserInfo
::new()?
628 .lookup_privs(&auth_id
, &["datastore", &store
]);
630 let owner
= if privs
& PRIV_DATASTORE_VERIFY
== 0 {
636 verify_all_backups(datastore
, worker
.clone(), worker
.upid(), owner
, None
)?
638 if failed_dirs
.len() > 0 {
639 worker
.log("Failed to verify following snapshots:");
640 for dir
in failed_dirs
{
641 worker
.log(format
!("\t{}", dir
));
643 bail
!("verification failed - please check the log for details");
653 macro_rules
! add_common_prune_prameters
{
654 ( [ $
( $list1
:tt
)* ] ) => {
655 add_common_prune_prameters
!([$
( $list1
)* ] , [])
657 ( [ $
( $list1
:tt
)* ] , [ $
( $list2
:tt
)* ] ) => {
663 &PRUNE_SCHEMA_KEEP_DAILY
,
668 &PRUNE_SCHEMA_KEEP_HOURLY
,
673 &PRUNE_SCHEMA_KEEP_LAST
,
678 &PRUNE_SCHEMA_KEEP_MONTHLY
,
683 &PRUNE_SCHEMA_KEEP_WEEKLY
,
688 &PRUNE_SCHEMA_KEEP_YEARLY
,
695 pub const API_RETURN_SCHEMA_PRUNE
: Schema
= ArraySchema
::new(
696 "Returns the list of snapshots and a flag indicating if there are kept or removed.",
697 &PruneListItem
::API_SCHEMA
700 const API_METHOD_PRUNE
: ApiMethod
= ApiMethod
::new(
701 &ApiHandler
::Sync(&prune
),
703 "Prune the datastore.",
704 &add_common_prune_prameters
!([
705 ("backup-id", false, &BACKUP_ID_SCHEMA
),
706 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
707 ("dry-run", true, &BooleanSchema
::new(
708 "Just show what prune would do, but do not delete anything.")
712 ("store", false, &DATASTORE_SCHEMA
),
715 .returns(&API_RETURN_SCHEMA_PRUNE
)
716 .access(None
, &Permission
::Privilege(
717 &["datastore", "{store}"],
718 PRIV_DATASTORE_MODIFY
| PRIV_DATASTORE_PRUNE
,
725 rpcenv
: &mut dyn RpcEnvironment
,
726 ) -> Result
<Value
, Error
> {
728 let store
= tools
::required_string_param(¶m
, "store")?
;
729 let backup_type
= tools
::required_string_param(¶m
, "backup-type")?
;
730 let backup_id
= tools
::required_string_param(¶m
, "backup-id")?
;
732 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
734 let dry_run
= param
["dry-run"].as_bool().unwrap_or(false);
736 let group
= BackupGroup
::new(backup_type
, backup_id
);
738 let datastore
= DataStore
::lookup_datastore(&store
)?
;
740 check_priv_or_backup_owner(&datastore
, &group
, &auth_id
, PRIV_DATASTORE_MODIFY
)?
;
742 let prune_options
= PruneOptions
{
743 keep_last
: param
["keep-last"].as_u64(),
744 keep_hourly
: param
["keep-hourly"].as_u64(),
745 keep_daily
: param
["keep-daily"].as_u64(),
746 keep_weekly
: param
["keep-weekly"].as_u64(),
747 keep_monthly
: param
["keep-monthly"].as_u64(),
748 keep_yearly
: param
["keep-yearly"].as_u64(),
751 let worker_id
= format
!("{}:{}/{}", store
, backup_type
, backup_id
);
753 let mut prune_result
= Vec
::new();
755 let list
= group
.list_backups(&datastore
.base_path())?
;
757 let mut prune_info
= compute_prune_info(list
, &prune_options
)?
;
759 prune_info
.reverse(); // delete older snapshots first
761 let keep_all
= !prune_options
.keeps_something();
764 for (info
, mut keep
) in prune_info
{
765 if keep_all { keep = true; }
767 let backup_time
= info
.backup_dir
.backup_time();
768 let group
= info
.backup_dir
.group();
770 prune_result
.push(json
!({
771 "backup-type": group
.backup_type(),
772 "backup-id": group
.backup_id(),
773 "backup-time": backup_time
,
777 return Ok(json
!(prune_result
));
781 // We use a WorkerTask just to have a task log, but run synchrounously
782 let worker
= WorkerTask
::new("prune", Some(worker_id
), auth_id
.clone(), true)?
;
785 worker
.log("No prune selection - keeping all files.");
787 worker
.log(format
!("retention options: {}", prune_options
.cli_options_string()));
788 worker
.log(format
!("Starting prune on store \"{}\" group \"{}/{}\"",
789 store
, backup_type
, backup_id
));
792 for (info
, mut keep
) in prune_info
{
793 if keep_all { keep = true; }
795 let backup_time
= info
.backup_dir
.backup_time();
796 let timestamp
= info
.backup_dir
.backup_time_string();
797 let group
= info
.backup_dir
.group();
805 if keep { "keep" }
else { "remove" }
,
810 prune_result
.push(json
!({
811 "backup-type": group
.backup_type(),
812 "backup-id": group
.backup_id(),
813 "backup-time": backup_time
,
817 if !(dry_run
|| keep
) {
818 if let Err(err
) = datastore
.remove_backup_dir(&info
.backup_dir
, false) {
821 "failed to remove dir {:?}: {}",
822 info
.backup_dir
.relative_path(), err
829 worker
.log_result(&Ok(()));
831 Ok(json
!(prune_result
))
838 schema
: DATASTORE_SCHEMA
,
846 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_MODIFY
, false),
849 /// Start garbage collection.
850 fn start_garbage_collection(
853 rpcenv
: &mut dyn RpcEnvironment
,
854 ) -> Result
<Value
, Error
> {
856 let datastore
= DataStore
::lookup_datastore(&store
)?
;
857 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
859 println
!("Starting garbage collection on store {}", store
);
861 let to_stdout
= if rpcenv
.env_type() == RpcEnvironmentType
::CLI { true }
else { false }
;
863 let upid_str
= WorkerTask
::new_thread(
864 "garbage_collection",
869 worker
.log(format
!("starting garbage collection on store {}", store
));
870 datastore
.garbage_collection(&*worker
, worker
.upid())
881 schema
: DATASTORE_SCHEMA
,
886 type: GarbageCollectionStatus
,
889 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
, false),
892 /// Garbage collection status.
893 pub fn garbage_collection_status(
896 _rpcenv
: &mut dyn RpcEnvironment
,
897 ) -> Result
<GarbageCollectionStatus
, Error
> {
899 let datastore
= DataStore
::lookup_datastore(&store
)?
;
901 let status
= datastore
.last_gc_status();
908 description
: "List the accessible datastores.",
911 description
: "Datastore name and description.",
914 schema
: DATASTORE_SCHEMA
,
918 schema
: SINGLE_LINE_COMMENT_SCHEMA
,
924 permission
: &Permission
::Anybody
,
928 fn get_datastore_list(
931 rpcenv
: &mut dyn RpcEnvironment
,
932 ) -> Result
<Value
, Error
> {
934 let (config
, _digest
) = datastore
::config()?
;
936 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
937 let user_info
= CachedUserInfo
::new()?
;
939 let mut list
= Vec
::new();
941 for (store
, (_
, data
)) in &config
.sections
{
942 let user_privs
= user_info
.lookup_privs(&auth_id
, &["datastore", &store
]);
943 let allowed
= (user_privs
& (PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
)) != 0;
945 let mut entry
= json
!({ "store": store }
);
946 if let Some(comment
) = data
["comment"].as_str() {
947 entry
["comment"] = comment
.into();
957 pub const API_METHOD_DOWNLOAD_FILE
: ApiMethod
= ApiMethod
::new(
958 &ApiHandler
::AsyncHttp(&download_file
),
960 "Download single raw file from backup snapshot.",
962 ("store", false, &DATASTORE_SCHEMA
),
963 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
964 ("backup-id", false, &BACKUP_ID_SCHEMA
),
965 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
966 ("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA
),
969 ).access(None
, &Permission
::Privilege(
970 &["datastore", "{store}"],
971 PRIV_DATASTORE_READ
| PRIV_DATASTORE_BACKUP
,
980 rpcenv
: Box
<dyn RpcEnvironment
>,
981 ) -> ApiResponseFuture
{
984 let store
= tools
::required_string_param(¶m
, "store")?
;
985 let datastore
= DataStore
::lookup_datastore(store
)?
;
987 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
989 let file_name
= tools
::required_string_param(¶m
, "file-name")?
.to_owned();
991 let backup_type
= tools
::required_string_param(¶m
, "backup-type")?
;
992 let backup_id
= tools
::required_string_param(¶m
, "backup-id")?
;
993 let backup_time
= tools
::required_integer_param(¶m
, "backup-time")?
;
995 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
997 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_READ
)?
;
999 println
!("Download {} from {} ({}/{})", file_name
, store
, backup_dir
, file_name
);
1001 let mut path
= datastore
.base_path();
1002 path
.push(backup_dir
.relative_path());
1003 path
.push(&file_name
);
1005 let file
= tokio
::fs
::File
::open(&path
)
1007 .map_err(|err
| http_err
!(BAD_REQUEST
, "File open failed: {}", err
))?
;
1009 let payload
= tokio_util
::codec
::FramedRead
::new(file
, tokio_util
::codec
::BytesCodec
::new())
1010 .map_ok(|bytes
| hyper
::body
::Bytes
::from(bytes
.freeze()))
1011 .map_err(move |err
| {
1012 eprintln
!("error during streaming of '{:?}' - {}", &path
, err
);
1015 let body
= Body
::wrap_stream(payload
);
1017 // fixme: set other headers ?
1018 Ok(Response
::builder()
1019 .status(StatusCode
::OK
)
1020 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1027 pub const API_METHOD_DOWNLOAD_FILE_DECODED
: ApiMethod
= ApiMethod
::new(
1028 &ApiHandler
::AsyncHttp(&download_file_decoded
),
1030 "Download single decoded file from backup snapshot. Only works if it's not encrypted.",
1032 ("store", false, &DATASTORE_SCHEMA
),
1033 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1034 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1035 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1036 ("file-name", false, &BACKUP_ARCHIVE_NAME_SCHEMA
),
1039 ).access(None
, &Permission
::Privilege(
1040 &["datastore", "{store}"],
1041 PRIV_DATASTORE_READ
| PRIV_DATASTORE_BACKUP
,
1045 fn download_file_decoded(
1050 rpcenv
: Box
<dyn RpcEnvironment
>,
1051 ) -> ApiResponseFuture
{
1054 let store
= tools
::required_string_param(¶m
, "store")?
;
1055 let datastore
= DataStore
::lookup_datastore(store
)?
;
1057 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1059 let file_name
= tools
::required_string_param(¶m
, "file-name")?
.to_owned();
1061 let backup_type
= tools
::required_string_param(¶m
, "backup-type")?
;
1062 let backup_id
= tools
::required_string_param(¶m
, "backup-id")?
;
1063 let backup_time
= tools
::required_integer_param(¶m
, "backup-time")?
;
1065 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1067 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_READ
)?
;
1069 let (manifest
, files
) = read_backup_index(&datastore
, &backup_dir
)?
;
1071 if file
.filename
== file_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1072 bail
!("cannot decode '{}' - is encrypted", file_name
);
1076 println
!("Download {} from {} ({}/{})", file_name
, store
, backup_dir
, file_name
);
1078 let mut path
= datastore
.base_path();
1079 path
.push(backup_dir
.relative_path());
1080 path
.push(&file_name
);
1082 let extension
= file_name
.rsplitn(2, '
.'
).next().unwrap();
1084 let body
= match extension
{
1086 let index
= DynamicIndexReader
::open(&path
)
1087 .map_err(|err
| format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
))?
;
1088 let (csum
, size
) = index
.compute_csum();
1089 manifest
.verify_file(&file_name
, &csum
, size
)?
;
1091 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1092 let reader
= AsyncIndexReader
::new(index
, chunk_reader
);
1093 Body
::wrap_stream(AsyncReaderStream
::new(reader
)
1094 .map_err(move |err
| {
1095 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1100 let index
= FixedIndexReader
::open(&path
)
1101 .map_err(|err
| format_err
!("unable to read fixed index '{:?}' - {}", &path
, err
))?
;
1103 let (csum
, size
) = index
.compute_csum();
1104 manifest
.verify_file(&file_name
, &csum
, size
)?
;
1106 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1107 let reader
= AsyncIndexReader
::new(index
, chunk_reader
);
1108 Body
::wrap_stream(AsyncReaderStream
::with_buffer_size(reader
, 4*1024*1024)
1109 .map_err(move |err
| {
1110 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1115 let file
= std
::fs
::File
::open(&path
)
1116 .map_err(|err
| http_err
!(BAD_REQUEST
, "File open failed: {}", err
))?
;
1118 // FIXME: load full blob to verify index checksum?
1121 WrappedReaderStream
::new(DataBlobReader
::new(file
, None
)?
)
1122 .map_err(move |err
| {
1123 eprintln
!("error during streaming of '{:?}' - {}", path
, err
);
1129 bail
!("cannot download '{}' files", extension
);
1133 // fixme: set other headers ?
1134 Ok(Response
::builder()
1135 .status(StatusCode
::OK
)
1136 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1143 pub const API_METHOD_UPLOAD_BACKUP_LOG
: ApiMethod
= ApiMethod
::new(
1144 &ApiHandler
::AsyncHttp(&upload_backup_log
),
1146 "Upload the client backup log file into a backup snapshot ('client.log.blob').",
1148 ("store", false, &DATASTORE_SCHEMA
),
1149 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1150 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1151 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1155 Some("Only the backup creator/owner is allowed to do this."),
1156 &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_BACKUP
, false)
1159 fn upload_backup_log(
1164 rpcenv
: Box
<dyn RpcEnvironment
>,
1165 ) -> ApiResponseFuture
{
1168 let store
= tools
::required_string_param(¶m
, "store")?
;
1169 let datastore
= DataStore
::lookup_datastore(store
)?
;
1171 let file_name
= CLIENT_LOG_BLOB_NAME
;
1173 let backup_type
= tools
::required_string_param(¶m
, "backup-type")?
;
1174 let backup_id
= tools
::required_string_param(¶m
, "backup-id")?
;
1175 let backup_time
= tools
::required_integer_param(¶m
, "backup-time")?
;
1177 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1179 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1180 let owner
= datastore
.get_owner(backup_dir
.group())?
;
1181 check_backup_owner(&owner
, &auth_id
)?
;
1183 let mut path
= datastore
.base_path();
1184 path
.push(backup_dir
.relative_path());
1185 path
.push(&file_name
);
1188 bail
!("backup already contains a log.");
1191 println
!("Upload backup log to {}/{}/{}/{}/{}", store
,
1192 backup_type
, backup_id
, backup_dir
.backup_time_string(), file_name
);
1195 .map_err(Error
::from
)
1196 .try_fold(Vec
::new(), |mut acc
, chunk
| {
1197 acc
.extend_from_slice(&*chunk
);
1198 future
::ok
::<_
, Error
>(acc
)
1202 // always verify blob/CRC at server side
1203 let blob
= DataBlob
::load_from_reader(&mut &data
[..])?
;
1205 replace_file(&path
, blob
.raw_data(), CreateOptions
::new())?
;
1207 // fixme: use correct formatter
1208 Ok(crate::server
::formatter
::json_response(Ok(Value
::Null
)))
1216 schema
: DATASTORE_SCHEMA
,
1219 schema
: BACKUP_TYPE_SCHEMA
,
1222 schema
: BACKUP_ID_SCHEMA
,
1225 schema
: BACKUP_TIME_SCHEMA
,
1228 description
: "Base64 encoded path.",
1234 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_READ
| PRIV_DATASTORE_BACKUP
, true),
1237 /// Get the entries of the given path of the catalog
1240 backup_type
: String
,
1246 rpcenv
: &mut dyn RpcEnvironment
,
1247 ) -> Result
<Value
, Error
> {
1248 let datastore
= DataStore
::lookup_datastore(&store
)?
;
1250 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1252 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1254 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_READ
)?
;
1256 let file_name
= CATALOG_NAME
;
1258 let (manifest
, files
) = read_backup_index(&datastore
, &backup_dir
)?
;
1260 if file
.filename
== file_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1261 bail
!("cannot decode '{}' - is encrypted", file_name
);
1265 let mut path
= datastore
.base_path();
1266 path
.push(backup_dir
.relative_path());
1267 path
.push(file_name
);
1269 let index
= DynamicIndexReader
::open(&path
)
1270 .map_err(|err
| format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
))?
;
1272 let (csum
, size
) = index
.compute_csum();
1273 manifest
.verify_file(&file_name
, &csum
, size
)?
;
1275 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1276 let reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1278 let mut catalog_reader
= CatalogReader
::new(reader
);
1279 let mut current
= catalog_reader
.root()?
;
1280 let mut components
= vec
![];
1283 if filepath
!= "root" {
1284 components
= base64
::decode(filepath
)?
;
1285 if components
.len() > 0 && components
[0] == '
/'
as u8 {
1286 components
.remove(0);
1288 for component
in components
.split(|c
| *c
== '
/'
as u8) {
1289 if let Some(entry
) = catalog_reader
.lookup(¤t
, component
)?
{
1292 bail
!("path {:?} not found in catalog", &String
::from_utf8_lossy(&components
));
1297 let mut res
= Vec
::new();
1299 for direntry
in catalog_reader
.read_dir(¤t
)?
{
1300 let mut components
= components
.clone();
1301 components
.push('
/'
as u8);
1302 components
.extend(&direntry
.name
);
1303 let path
= base64
::encode(components
);
1304 let text
= String
::from_utf8_lossy(&direntry
.name
);
1305 let mut entry
= json
!({
1308 "type": CatalogEntryType
::from(&direntry
.attr
).to_string(),
1311 match direntry
.attr
{
1312 DirEntryAttribute
::Directory { start: _ }
=> {
1313 entry
["leaf"] = false.into();
1315 DirEntryAttribute
::File { size, mtime }
=> {
1316 entry
["size"] = size
.into();
1317 entry
["mtime"] = mtime
.into();
1327 fn recurse_files
<'a
, T
, W
>(
1328 zip
: &'a
mut ZipEncoder
<W
>,
1329 decoder
: &'a
mut Accessor
<T
>,
1332 ) -> Pin
<Box
<dyn Future
<Output
= Result
<(), Error
>> + Send
+ 'a
>>
1334 T
: Clone
+ pxar
::accessor
::ReadAt
+ Unpin
+ Send
+ Sync
+ '
static,
1335 W
: tokio
::io
::AsyncWrite
+ Unpin
+ Send
+ '
static,
1337 Box
::pin(async
move {
1338 let metadata
= file
.entry().metadata();
1339 let path
= file
.entry().path().strip_prefix(&prefix
)?
.to_path_buf();
1342 EntryKind
::File { .. }
=> {
1343 let entry
= ZipEntry
::new(
1345 metadata
.stat
.mtime
.secs
,
1346 metadata
.stat
.mode
as u16,
1349 zip
.add_entry(entry
, Some(file
.contents().await?
))
1351 .map_err(|err
| format_err
!("could not send file entry: {}", err
))?
;
1353 EntryKind
::Hardlink(_
) => {
1354 let realfile
= decoder
.follow_hardlink(&file
).await?
;
1355 let entry
= ZipEntry
::new(
1357 metadata
.stat
.mtime
.secs
,
1358 metadata
.stat
.mode
as u16,
1361 zip
.add_entry(entry
, Some(realfile
.contents().await?
))
1363 .map_err(|err
| format_err
!("could not send file entry: {}", err
))?
;
1365 EntryKind
::Directory
=> {
1366 let dir
= file
.enter_directory().await?
;
1367 let mut readdir
= dir
.read_dir();
1368 let entry
= ZipEntry
::new(
1370 metadata
.stat
.mtime
.secs
,
1371 metadata
.stat
.mode
as u16,
1374 zip
.add_entry
::<FileContents
<T
>>(entry
, None
).await?
;
1375 while let Some(entry
) = readdir
.next().await
{
1376 let entry
= entry?
.decode_entry().await?
;
1377 recurse_files(zip
, decoder
, prefix
, entry
).await?
;
1380 _
=> {}
// ignore all else
1388 pub const API_METHOD_PXAR_FILE_DOWNLOAD
: ApiMethod
= ApiMethod
::new(
1389 &ApiHandler
::AsyncHttp(&pxar_file_download
),
1391 "Download single file from pxar file of a backup snapshot. Only works if it's not encrypted.",
1393 ("store", false, &DATASTORE_SCHEMA
),
1394 ("backup-type", false, &BACKUP_TYPE_SCHEMA
),
1395 ("backup-id", false, &BACKUP_ID_SCHEMA
),
1396 ("backup-time", false, &BACKUP_TIME_SCHEMA
),
1397 ("filepath", false, &StringSchema
::new("Base64 encoded path").schema()),
1400 ).access(None
, &Permission
::Privilege(
1401 &["datastore", "{store}"],
1402 PRIV_DATASTORE_READ
| PRIV_DATASTORE_BACKUP
,
1406 fn pxar_file_download(
1411 rpcenv
: Box
<dyn RpcEnvironment
>,
1412 ) -> ApiResponseFuture
{
1415 let store
= tools
::required_string_param(¶m
, "store")?
;
1416 let datastore
= DataStore
::lookup_datastore(&store
)?
;
1418 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1420 let filepath
= tools
::required_string_param(¶m
, "filepath")?
.to_owned();
1422 let backup_type
= tools
::required_string_param(¶m
, "backup-type")?
;
1423 let backup_id
= tools
::required_string_param(¶m
, "backup-id")?
;
1424 let backup_time
= tools
::required_integer_param(¶m
, "backup-time")?
;
1426 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1428 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_READ
)?
;
1430 let mut components
= base64
::decode(&filepath
)?
;
1431 if components
.len() > 0 && components
[0] == '
/'
as u8 {
1432 components
.remove(0);
1435 let mut split
= components
.splitn(2, |c
| *c
== '
/'
as u8);
1436 let pxar_name
= std
::str::from_utf8(split
.next().unwrap())?
;
1437 let file_path
= split
.next().ok_or(format_err
!("filepath looks strange '{}'", filepath
))?
;
1438 let (manifest
, files
) = read_backup_index(&datastore
, &backup_dir
)?
;
1440 if file
.filename
== pxar_name
&& file
.crypt_mode
== Some(CryptMode
::Encrypt
) {
1441 bail
!("cannot decode '{}' - is encrypted", pxar_name
);
1445 let mut path
= datastore
.base_path();
1446 path
.push(backup_dir
.relative_path());
1447 path
.push(pxar_name
);
1449 let index
= DynamicIndexReader
::open(&path
)
1450 .map_err(|err
| format_err
!("unable to read dynamic index '{:?}' - {}", &path
, err
))?
;
1452 let (csum
, size
) = index
.compute_csum();
1453 manifest
.verify_file(&pxar_name
, &csum
, size
)?
;
1455 let chunk_reader
= LocalChunkReader
::new(datastore
, None
, CryptMode
::None
);
1456 let reader
= BufferedDynamicReader
::new(index
, chunk_reader
);
1457 let archive_size
= reader
.archive_size();
1458 let reader
= LocalDynamicReadAt
::new(reader
);
1460 let decoder
= Accessor
::new(reader
, archive_size
).await?
;
1461 let root
= decoder
.open_root().await?
;
1463 .lookup(OsStr
::from_bytes(file_path
)).await?
1464 .ok_or(format_err
!("error opening '{:?}'", file_path
))?
;
1466 let body
= match file
.kind() {
1467 EntryKind
::File { .. }
=> Body
::wrap_stream(
1468 AsyncReaderStream
::new(file
.contents().await?
).map_err(move |err
| {
1469 eprintln
!("error during streaming of file '{:?}' - {}", filepath
, err
);
1473 EntryKind
::Hardlink(_
) => Body
::wrap_stream(
1474 AsyncReaderStream
::new(decoder
.follow_hardlink(&file
).await?
.contents().await?
)
1475 .map_err(move |err
| {
1477 "error during streaming of hardlink '{:?}' - {}",
1483 EntryKind
::Directory
=> {
1484 let (sender
, receiver
) = tokio
::sync
::mpsc
::channel(100);
1485 let mut prefix
= PathBuf
::new();
1486 let mut components
= file
.entry().path().components();
1487 components
.next_back(); // discar last
1488 for comp
in components
{
1492 let channelwriter
= AsyncChannelWriter
::new(sender
, 1024 * 1024);
1494 crate::server
::spawn_internal_task(async
move {
1495 let mut zipencoder
= ZipEncoder
::new(channelwriter
);
1496 let mut decoder
= decoder
;
1497 recurse_files(&mut zipencoder
, &mut decoder
, &prefix
, file
)
1499 .map_err(|err
| eprintln
!("error during creating of zip: {}", err
))?
;
1504 .map_err(|err
| eprintln
!("error during finishing of zip: {}", err
))
1507 Body
::wrap_stream(receiver
.map_err(move |err
| {
1508 eprintln
!("error during streaming of zip '{:?}' - {}", filepath
, err
);
1512 other
=> bail
!("cannot download file of type {:?}", other
),
1515 // fixme: set other headers ?
1516 Ok(Response
::builder()
1517 .status(StatusCode
::OK
)
1518 .header(header
::CONTENT_TYPE
, "application/octet-stream")
1528 schema
: DATASTORE_SCHEMA
,
1531 type: RRDTimeFrameResolution
,
1539 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
, true),
1542 /// Read datastore stats
1545 timeframe
: RRDTimeFrameResolution
,
1548 ) -> Result
<Value
, Error
> {
1550 create_value_from_rrd(
1551 &format
!("datastore/{}", store
),
1554 "read_ios", "read_bytes",
1555 "write_ios", "write_bytes",
1567 schema
: DATASTORE_SCHEMA
,
1570 schema
: BACKUP_TYPE_SCHEMA
,
1573 schema
: BACKUP_ID_SCHEMA
,
1576 schema
: BACKUP_TIME_SCHEMA
,
1581 permission
: &Permission
::Privilege(&["datastore", "{store}"], PRIV_DATASTORE_AUDIT
| PRIV_DATASTORE_BACKUP
, true),
1584 /// Get "notes" for a specific backup
1587 backup_type
: String
,
1590 rpcenv
: &mut dyn RpcEnvironment
,
1591 ) -> Result
<String
, Error
> {
1592 let datastore
= DataStore
::lookup_datastore(&store
)?
;
1594 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1595 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1597 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_AUDIT
)?
;
1599 let (manifest
, _
) = datastore
.load_manifest(&backup_dir
)?
;
1601 let notes
= manifest
.unprotected
["notes"]
1605 Ok(String
::from(notes
))
1612 schema
: DATASTORE_SCHEMA
,
1615 schema
: BACKUP_TYPE_SCHEMA
,
1618 schema
: BACKUP_ID_SCHEMA
,
1621 schema
: BACKUP_TIME_SCHEMA
,
1624 description
: "A multiline text.",
1629 permission
: &Permission
::Privilege(&["datastore", "{store}"],
1630 PRIV_DATASTORE_MODIFY
| PRIV_DATASTORE_BACKUP
,
1634 /// Set "notes" for a specific backup
1637 backup_type
: String
,
1641 rpcenv
: &mut dyn RpcEnvironment
,
1642 ) -> Result
<(), Error
> {
1643 let datastore
= DataStore
::lookup_datastore(&store
)?
;
1645 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1646 let backup_dir
= BackupDir
::new(backup_type
, backup_id
, backup_time
)?
;
1648 check_priv_or_backup_owner(&datastore
, backup_dir
.group(), &auth_id
, PRIV_DATASTORE_MODIFY
)?
;
1650 datastore
.update_manifest(&backup_dir
,|manifest
| {
1651 manifest
.unprotected
["notes"] = notes
.into();
1652 }).map_err(|err
| format_err
!("unable to update manifest blob - {}", err
))?
;
1661 schema
: DATASTORE_SCHEMA
,
1664 schema
: BACKUP_TYPE_SCHEMA
,
1667 schema
: BACKUP_ID_SCHEMA
,
1675 permission
: &Permission
::Anybody
,
1676 description
: "Datastore.Modify on whole datastore, or changing ownership between user and a user's token for owned backups with Datastore.Backup"
1679 /// Change owner of a backup group
1680 fn set_backup_owner(
1682 backup_type
: String
,
1685 rpcenv
: &mut dyn RpcEnvironment
,
1686 ) -> Result
<(), Error
> {
1688 let datastore
= DataStore
::lookup_datastore(&store
)?
;
1690 let backup_group
= BackupGroup
::new(backup_type
, backup_id
);
1692 let auth_id
: Authid
= rpcenv
.get_auth_id().unwrap().parse()?
;
1694 let user_info
= CachedUserInfo
::new()?
;
1696 let privs
= user_info
.lookup_privs(&auth_id
, &["datastore", &store
]);
1698 let allowed
= if (privs
& PRIV_DATASTORE_MODIFY
) != 0 {
1699 // High-privilege user/token
1701 } else if (privs
& PRIV_DATASTORE_BACKUP
) != 0 {
1702 let owner
= datastore
.get_owner(&backup_group
)?
;
1704 match (owner
.is_token(), new_owner
.is_token()) {
1706 // API token to API token, owned by same user
1707 let owner
= owner
.user();
1708 let new_owner
= new_owner
.user();
1709 owner
== new_owner
&& Authid
::from(owner
.clone()) == auth_id
1712 // API token to API token owner
1713 Authid
::from(owner
.user().clone()) == auth_id
1714 && new_owner
== auth_id
1717 // API token owner to API token
1719 && Authid
::from(new_owner
.user().clone()) == auth_id
1722 // User to User, not allowed for unprivileged users
1731 return Err(http_err
!(UNAUTHORIZED
,
1732 "{} does not have permission to change owner of backup group '{}' to {}",
1739 if !user_info
.is_active_auth_id(&new_owner
) {
1740 bail
!("{} '{}' is inactive or non-existent",
1741 if new_owner
.is_token() {
1742 "API token".to_string()
1749 datastore
.set_owner(&backup_group
, &new_owner
, true)?
;
1755 const DATASTORE_INFO_SUBDIRS
: SubdirMap
= &[
1759 .get(&API_METHOD_CATALOG
)
1764 .post(&API_METHOD_SET_BACKUP_OWNER
)
1769 .download(&API_METHOD_DOWNLOAD_FILE
)
1774 .download(&API_METHOD_DOWNLOAD_FILE_DECODED
)
1779 .get(&API_METHOD_LIST_SNAPSHOT_FILES
)
1784 .get(&API_METHOD_GARBAGE_COLLECTION_STATUS
)
1785 .post(&API_METHOD_START_GARBAGE_COLLECTION
)
1790 .get(&API_METHOD_LIST_GROUPS
)
1795 .get(&API_METHOD_GET_NOTES
)
1796 .put(&API_METHOD_SET_NOTES
)
1801 .post(&API_METHOD_PRUNE
)
1804 "pxar-file-download",
1806 .download(&API_METHOD_PXAR_FILE_DOWNLOAD
)
1811 .get(&API_METHOD_GET_RRD_STATS
)
1816 .get(&API_METHOD_LIST_SNAPSHOTS
)
1817 .delete(&API_METHOD_DELETE_SNAPSHOT
)
1822 .get(&API_METHOD_STATUS
)
1825 "upload-backup-log",
1827 .upload(&API_METHOD_UPLOAD_BACKUP_LOG
)
1832 .post(&API_METHOD_VERIFY
)
1836 const DATASTORE_INFO_ROUTER
: Router
= Router
::new()
1837 .get(&list_subdirs_api_method
!(DATASTORE_INFO_SUBDIRS
))
1838 .subdirs(DATASTORE_INFO_SUBDIRS
);
1841 pub const ROUTER
: Router
= Router
::new()
1842 .get(&API_METHOD_GET_DATASTORE_LIST
)
1843 .match_all("store", &DATASTORE_INFO_ROUTER
);