diff options
| author | Yehuda Sadeh <yehuda.sadeh@dreamhost.com> | 2011-12-02 17:03:47 -0800 |
|---|---|---|
| committer | Yehuda Sadeh <yehuda.sadeh@dreamhost.com> | 2011-12-02 17:03:47 -0800 |
| commit | 94d094e1afd397f0da40272cfd36c0e7244e0f1c (patch) | |
| tree | 6416c041022daa138fac5c972c1d78f3c040af0e | |
| parent | bd087d8e8d10e90ef4e19bc1c6be0d485fe57cbb (diff) | |
| download | ceph-94d094e1afd397f0da40272cfd36c0e7244e0f1c.tar.gz | |
rgw: more shuffling, refcount infrastructure
not going to compile, stuff is not yet in place. Currently getting rid of the
stuff that is in rgw_user and moving stuff to libradosgw.
| -rw-r--r-- | src/rgw/libradosgw.cc | 343 | ||||
| -rw-r--r-- | src/rgw/libradosgw.hpp | 125 | ||||
| -rw-r--r-- | src/rgw/rgw_admin.cc | 4 | ||||
| -rw-r--r-- | src/rgw/rgw_common.cc | 2 | ||||
| -rw-r--r-- | src/rgw/rgw_common.h | 97 | ||||
| -rw-r--r-- | src/rgw/rgw_op.cc | 4 | ||||
| -rw-r--r-- | src/rgw/rgw_swift_auth.cc | 2 | ||||
| -rw-r--r-- | src/rgw/rgw_swift_auth.h | 3 | ||||
| -rw-r--r-- | src/rgw/rgw_user.cc | 97 | ||||
| -rw-r--r-- | src/rgw/rgw_user.h | 40 |
10 files changed, 457 insertions, 260 deletions
diff --git a/src/rgw/libradosgw.cc b/src/rgw/libradosgw.cc index 20cd878d32b..b069ea744da 100644 --- a/src/rgw/libradosgw.cc +++ b/src/rgw/libradosgw.cc @@ -1,45 +1,266 @@ +#include "include/atomic.h" + #include "libradosgw.hpp" #include "rgw_rados.h" #include "rgw_cache.h" +#define USER_INFO_POOL_NAME ".users" +#define USER_INFO_EMAIL_POOL_NAME ".users.email" +#define USER_INFO_SWIFT_POOL_NAME ".users.swift" +#define USER_INFO_UID_POOL_NAME ".users.uid" +#define RGW_USER_ANON_ID "anonymous" + namespace libradosgw { - class StoreImpl { - RGWRados *rados; + static rgw_bucket ui_key_bucket(USER_INFO_POOL_NAME); + static rgw_bucket ui_email_bucket(USER_INFO_EMAIL_POOL_NAME); + static rgw_bucket ui_swift_bucket(USER_INFO_SWIFT_POOL_NAME); + static rgw_bucket ui_uid_bucket(USER_INFO_UID_POOL_NAME); + + rgw_bucket rgw_root_bucket(RGW_ROOT_BUCKET); + + + void encode(const AccessKey& k, bufferlist& bl) { + __u32 ver = 1; + ::encode(ver, bl); + ::encode(k.id, bl); + ::encode(k.key, bl); + ::encode(k.subuser, bl); + } + + void decode(AccessKey& k, bufferlist::iterator& bl) { + __u32 ver; + ::decode(ver, bl); + ::decode(k.id, bl); + ::decode(k.key, bl); + ::decode(k.subuser, bl); + } + + void encode(const SubUser& s, bufferlist& bl) { + __u32 ver = 1; + ::encode(ver, bl); + ::encode(s.name, bl); + ::encode(s.perm_mask, bl); + } + + void decode(SubUser& s, bufferlist::iterator& bl) { + __u32 ver; + ::decode(ver, bl); + ::decode(s.name, bl); + ::decode(s.perm_mask, bl); + } + + struct AccountImpl : public RefCountedObject + { + Account *account; + StoreImpl *store; + + AccountImpl(Account *a, StoreImpl *s) : account(a), store(s) {} + + int store_info(); + + void encode(bufferlist& bl) const { + __u32 ver = USER_INFO_VER; + + User& user = account->user; + + ::encode(ver, bl); + ::encode(user.auid, bl); + string access_key; + string secret_key; + if (!account->access_keys.empty()) { + map<string, AccessKey>::const_iterator iter = account->access_keys.begin(); + const AccessKey& k = iter->second; + access_key = k.id; + secret_key = k.key; + } + ::encode(access_key, bl); + ::encode(secret_key, bl); + ::encode(user.display_name, bl); + ::encode(user.email, bl); + string swift_name; + string swift_key; + if (!account->swift_keys.empty()) { + map<string, AccessKey>::const_iterator iter = account->swift_keys.begin(); + const AccessKey& k = iter->second; + swift_name = k.id; + swift_key = k.key; + } + ::encode(swift_name, bl); + ::encode(swift_key, bl); + ::encode(user.uid, bl); + ::encode(account->access_keys, bl); + ::encode(account->subusers, bl); + ::encode(account->suspended, bl); + ::encode(account->swift_keys, bl); + } + void decode(bufferlist::iterator& bl) { + __u32 ver; + ::decode(ver, bl); + + User& user = account->user; + + if (ver >= 2) ::decode(account->auid, bl); + else account->auid = CEPH_AUTH_UID_DEFAULT; + string access_key; + string secret_key; + ::decode(access_key, bl); + ::decode(secret_key, bl); + if (ver < 6) { + AccessKey k; + k.id = access_key; + k.key = secret_key; + account->access_keys[access_key] = k; + } + ::decode(user.display_name, bl); + ::decode(user.email, bl); + string swift_name; + string swift_key; + if (ver >= 3) ::decode(swift_name, bl); + if (ver >= 4) ::decode(swift_key, bl); + if (ver >= 5) + ::decode(user.uid, bl); + else + user.uid = access_key; + if (ver >= 6) { + ::decode(account->access_keys, bl); + ::decode(account->subusers, bl); + } + account->suspended = false; + if (ver >= 7) { + ::decode(account->suspended, bl); + } + if (ver >= 8) { + ::decode(account->swift_keys, bl); + } + } + }; + WRITE_CLASS_ENCODER(AccountImpl) + + class StoreImpl : public RefCountedObject { + RGWRados *access; + + int account_from_index(string& key, rgw_bucket& bucket, Account& account); + public: - StoreImpl() : rados(NULL) {} + StoreImpl() : access(NULL) {} int init(CephContext *cct) { int use_cache = cct->_conf->rgw_cache_enabled; if (use_cache) { - rados = new RGWRados; + access = new RGWRados; } else { - rados = new RGWCache<RGWRados>; + access = new RGWCache<RGWRados>; } - int ret = rados->initialize(cct); + int ret = access->initialize(cct); return ret; } void shutdown() { - if (!rados) + if (!access) return; - rados->finalize(); - rados = NULL; + access->finalize(); + access = NULL; } - int get_account(string& name, Account& account) {} + int put_complete_obj(string& uid, rgw_bucket& bucket, string& oid, const char *data, size_t size); + int get_complete_obj(void *ctx, rgw_bucket& bucket, string& key, bufferlist& bl); + + int account_by_name(string& name, Account& account) {} + int account_by_email(string& email, Account& account) {} + int account_by_access_key(string& access_key, Account& account) {} + int account_by_subuser(string& subuser, Account& account) {} int user_by_name(string& name, User& user) {} int user_by_email(string& email, User& user) {} int user_by_access_key(string& access_key, User& user) {} + int user_by_subuser(string& subuser, User& user) {} }; + int StoreImpl::put_complete_obj(string& uid, rgw_bucket& bucket, string& oid, const char *data, size_t size) + { + map<string,bufferlist> attrs; + + rgw_obj obj(bucket, oid); + + int ret = access->put_obj(NULL, obj, data, size, NULL, attrs); + + if (ret == -ENOENT) { + ret = access->create_bucket(uid, bucket, attrs, true); //all callers are using system buckets + if (ret >= 0) + ret = access->put_obj(NULL, obj, data, size, NULL, attrs); + } + + return ret; + } + + int StoreImpl::get_complete_obj(void *ctx, rgw_bucket& bucket, string& key, bufferlist& bl) + { + int ret; + char *data = NULL; + struct rgw_err err; + void *handle = NULL; + bufferlist::iterator iter; +#define READ_CHUNK_LEN (16 * 1024) + int request_len = READ_CHUNK_LEN; + rgw_obj obj(bucket, key); + ret = access->prepare_get_obj(ctx, obj, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL, NULL, NULL, &handle, &err); + if (ret < 0) + return ret; + + do { + ret = access->get_obj(ctx, &handle, obj, &data, 0, request_len - 1); + if (ret < 0) + goto done; + if (ret < request_len) + break; + free(data); + request_len *= 2; + } while (true); + + bl.append(data, ret); + free(data); + + ret = 0; + done: + access->finish_get_obj(&handle); + return ret; + } + + int StoreImpl::account_from_index(string& key, rgw_bucket& bucket, Account& account) + { + bufferlist bl; + string uid; + + int ret = get_complete_obj(NULL, bucket, key, bl); + if (ret < 0) + return ret; + + AccountImpl *impl = NULL; + + bufferlist::iterator iter = bl.begin(); + try { + ::decode(uid, iter); + if (!iter.end()) { + impl = new AccountImpl(&account, this); + impl->decode(iter); + account.impl = impl; + } + } catch (buffer::error& err) { + delete impl; + dout(0) << "ERROR: failed to decode account info, caught buffer::error" << dendl; + return -EIO; + } + + return 0; + } int Store::init(CephContext *cct) { impl = new StoreImpl; @@ -48,12 +269,23 @@ namespace libradosgw { void Store::shutdown() { impl->shutdown(); - delete impl; - impl = NULL; + impl->put(); + } + + int Store::account_by_name(string& name, Account& account) { + return impl->account_by_name(name, account); + } + + int Store::account_by_email(string& email, Account& account) { + return impl->account_by_email(email, account); } - int Store::get_account(string& name, Account& account) { - return impl->get_account(name, account); + int Store::account_by_access_key(string& access_key, Account& account) { + return impl->account_by_access_key(access_key, account); + } + + int Store::account_by_subuser(string& access_key, Account& account) { + return impl->account_by_subuser(access_key, account); } int Store::user_by_name(string& name, User& user) { @@ -67,4 +299,87 @@ namespace libradosgw { int Store::user_by_access_key(string& access_key, User& user) { return impl->user_by_access_key(access_key, user); } + + int Store::user_by_subuser(string& access_key, User& user) { + return impl->user_by_subuser(access_key, user); + } + + + int AccountImpl::store_info() + { + bufferlist bl; + encode(bl); + string md5; + int ret; + map<string,bufferlist> attrs; + + User& user = account->user; + + map<string, AccessKey>::iterator iter; + for (iter = account->swift_keys.begin(); iter != account->swift_keys.end(); ++iter) { + AccessKey& k = iter->second; + /* check if swift mapping exists */ + User u; + int r = store->user_by_subuser(k.id, u); + if (r >= 0 && u.uid.compare(user.uid) != 0) { + dout(0) << "can't store user info, subuser id already mapped to another user" << dendl; + return -EEXIST; + } + } + + if (account->access_keys.size()) { + /* check if access keys already exist */ + User u; + map<string, AccessKey>::iterator iter = account->access_keys.begin(); + for (; iter != account->access_keys.end(); ++iter) { + AccessKey& k = iter->second; + int r = store->user_by_access_key(k.id, u); + if (r >= 0 && u.uid.compare(user.uid) != 0) { + dout(0) << "can't store user info, access key already mapped to another user" << dendl; + return -EEXIST; + } + } + } + + bufferlist uid_bl; + ::encode(user.uid, uid_bl); + encode(uid_bl); + + ret = store->put_complete_obj(user.uid, ui_uid_bucket, user.uid, uid_bl.c_str(), uid_bl.length()); + if (ret < 0) + return ret; + + if (user.email.size()) { + ret = store->put_complete_obj(user.uid, ui_email_bucket, user.email, uid_bl.c_str(), uid_bl.length()); + if (ret < 0) + return ret; + } + + if (account->access_keys.size()) { + map<string, AccessKey>::iterator iter = account->access_keys.begin(); + for (; iter != account->access_keys.end(); ++iter) { + AccessKey& k = iter->second; + ret = store->put_complete_obj(k.id, ui_key_bucket, k.id, uid_bl.c_str(), uid_bl.length()); + if (ret < 0) + return ret; + } + } + + map<string, AccessKey>::iterator siter; + for (siter = account->swift_keys.begin(); siter != account->swift_keys.end(); ++siter) { + AccessKey& k = siter->second; + ret = store->put_complete_obj(user.uid, ui_swift_bucket, k.id, uid_bl.c_str(), uid_bl.length()); + if (ret < 0) + return ret; + } + + return ret; + } + + + Account::~Account() { + if (impl) + impl->put(); + } + } diff --git a/src/rgw/libradosgw.hpp b/src/rgw/libradosgw.hpp index 5c55c2b228d..3a8205785e9 100644 --- a/src/rgw/libradosgw.hpp +++ b/src/rgw/libradosgw.hpp @@ -9,12 +9,74 @@ namespace libradosgw { + struct RefCountedObject { + int nref; + RefCountedObject() : nref(1) {} + virtual ~RefCountedObject() {} + + RefCountedObject *get() { + ++nref; + return this; + } + void put() { + if (--nref == 0) + delete this; + } + }; + + + template <class T, class S> + class ObjRef { + T *obj; + public: + ObjRef(T *o = NULL) : obj(o) {} + + ObjRef(ObjRef<T, S>& src) { + obj = src; + if (obj) + obj->get(); + } + + ~ObjRef() { + if (obj) + obj->put(); + } + + ObjRef<T, S>& operator=(ObjRef<T, S> &src) { + if (this == &src) + return *this; + + if (src.obj) + src.obj->get(); + + if (obj) + obj->put(); + + obj = src.obj; + return *this; + } + + T *operator=(T *o) { + if (obj) + obj->put(); + + obj = o; + return obj; + } + + S *operator->() { + return obj; + } + }; + + using std::string; using librados::Rados; using ceph::bufferlist; class StoreImpl; class AccountImpl; + class UserImpl; enum RGWPerm { PERM_READ = 0x01, @@ -29,18 +91,49 @@ namespace libradosgw { GROUP_AUTHENTICATED = 2, }; + struct AccessKey { + string id; + string key; + string subuser; + }; + + struct SubUser { + string name; + uint32_t perm_mask; + }; + + class ImplContainer { + protected: + void *impl; + + public: + ImplContainer() : impl(NULL) {} + virtual ~ImplContainer(); + + ImplContainer& operator=(ImplContainer& c); + }; + class User { + friend class UserImpl; + friend class AccountImpl; + + protected: + UserImpl *account; + int group; - string name; + string uid; string display_name; string email; + uint64_t auid; + public: - + int get_group() { return group; } void set_group(int g) { group = g; } bool is_anonymous() { return (group & GROUP_ANONYMOUS) != 0; } - int get_group() { return group; } - const string& get_name() { return name; } + const string& get_uid() { return uid; } + + int store_info(); }; struct ACLs { @@ -159,9 +252,22 @@ namespace libradosgw { }; class Account { - AccountImpl *account; + friend class AccountImpl; + friend class StoreImpl; + + protected: + ObjRef<RefCountedObject, AccountImpl> impl; + + User user; + std::map<string, AccessKey> access_keys; + std::map<string, AccessKey> swift_keys; + std::map<string, SubUser> subusers; + + uint64_t auid; + bool suspended; public: Account(); + ~Account(); AccountIterator buckets_begin(); const AccountIterator& buckets_end(); @@ -173,18 +279,23 @@ namespace libradosgw { class Store { - StoreImpl *impl; + protected: + ObjRef<RefCountedObject, StoreImpl> impl; public: Store() : impl(NULL) {} int init(CephContext *cct); void shutdown(); - int get_account(string& name, Account& account); + int account_by_name(string& name, Account& account); + int account_by_email(string& email, Account& account); + int account_by_access_key(string& access_key, Account& account); + int account_by_subuser(string& subuser, Account& account); int user_by_name(string& name, User& user); int user_by_email(string& email, User& user); int user_by_access_key(string& access_key, User& user); + int user_by_subuser(string& subuser, User& user); }; } diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc index 1a18237665a..fc4c6ee8fb3 100644 --- a/src/rgw/rgw_admin.cc +++ b/src/rgw/rgw_admin.cc @@ -956,7 +956,7 @@ int main(int argc, char **argv) return -EINVAL; } //cout << "bucket is linked to user '" << owner.get_id() << "'.. unlinking" << std::endl; - r = rgw_remove_user_bucket_info(owner.get_id(), bucket); + r = rgw_unlink_bucket(owner.get_id(), bucket); if (r < 0) { cerr << "could not unlink policy from user '" << owner.get_id() << "'" << std::endl; return r; @@ -975,7 +975,7 @@ int main(int argc, char **argv) return usage(); } - int r = rgw_remove_user_bucket_info(user_id, bucket); + int r = rgw_unlink_bucket(user_id, bucket); if (r < 0) cerr << "error unlinking bucket " << cpp_strerror(-r) << std::endl; return -r; diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc index 851abdc9a8d..bec9b359c56 100644 --- a/src/rgw/rgw_common.cc +++ b/src/rgw/rgw_common.cc @@ -345,7 +345,7 @@ bool verify_permission(RGWAccessControlPolicy *policy, string& uid, int user_per bool verify_permission(struct req_state *s, int perm) { - return verify_permission(s->acl, s->user.user_id, s->perm_mask, perm); + return verify_permission(s->acl, s->user.uid, s->perm_mask, perm); } static char hex_to_num(char c) diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h index a4147b8e772..35419343dca 100644 --- a/src/rgw/rgw_common.h +++ b/src/rgw/rgw_common.h @@ -318,101 +318,6 @@ struct RGWSubUser { }; WRITE_CLASS_ENCODER(RGWSubUser); - -struct RGWUserInfo -{ - uint64_t auid; - string user_id; - string display_name; - string user_email; - map<string, RGWAccessKey> access_keys; - map<string, RGWAccessKey> swift_keys; - map<string, RGWSubUser> subusers; - __u8 suspended; - - RGWUserInfo() : auid(0), suspended(0) {} - - void encode(bufferlist& bl) const { - __u32 ver = USER_INFO_VER; - ::encode(ver, bl); - ::encode(auid, bl); - string access_key; - string secret_key; - if (!access_keys.empty()) { - map<string, RGWAccessKey>::const_iterator iter = access_keys.begin(); - const RGWAccessKey& k = iter->second; - access_key = k.id; - secret_key = k.key; - } - ::encode(access_key, bl); - ::encode(secret_key, bl); - ::encode(display_name, bl); - ::encode(user_email, bl); - string swift_name; - string swift_key; - if (!swift_keys.empty()) { - map<string, RGWAccessKey>::const_iterator iter = swift_keys.begin(); - const RGWAccessKey& k = iter->second; - swift_name = k.id; - swift_key = k.key; - } - ::encode(swift_name, bl); - ::encode(swift_key, bl); - ::encode(user_id, bl); - ::encode(access_keys, bl); - ::encode(subusers, bl); - ::encode(suspended, bl); - ::encode(swift_keys, bl); - } - void decode(bufferlist::iterator& bl) { - __u32 ver; - ::decode(ver, bl); - if (ver >= 2) ::decode(auid, bl); - else auid = CEPH_AUTH_UID_DEFAULT; - string access_key; - string secret_key; - ::decode(access_key, bl); - ::decode(secret_key, bl); - if (ver < 6) { - RGWAccessKey k; - k.id = access_key; - k.key = secret_key; - access_keys[access_key] = k; - } - ::decode(display_name, bl); - ::decode(user_email, bl); - string swift_name; - string swift_key; - if (ver >= 3) ::decode(swift_name, bl); - if (ver >= 4) ::decode(swift_key, bl); - if (ver >= 5) - ::decode(user_id, bl); - else - user_id = access_key; - if (ver >= 6) { - ::decode(access_keys, bl); - ::decode(subusers, bl); - } - suspended = 0; - if (ver >= 7) { - ::decode(suspended, bl); - } - if (ver >= 8) { - ::decode(swift_keys, bl); - } - } - - void clear() { - user_id.clear(); - display_name.clear(); - user_email.clear(); - auid = CEPH_AUTH_UID_DEFAULT; - access_keys.clear(); - suspended = 0; - } -}; -WRITE_CLASS_ENCODER(RGWUserInfo) - struct rgw_bucket { std::string name; std::string pool; @@ -551,7 +456,7 @@ struct req_state { map<string, string> x_meta_map; bool has_bad_meta; - RGWUserInfo user; + libradosgw::User user; RGWAccessControlPolicy *acl; string canned_acl; diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index 1c1b59b2971..976bf6930eb 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -553,7 +553,7 @@ void RGWCreateBucket::execute() ret = rgw_add_bucket(s->user.user_id, s->bucket); if (ret && !existed && ret != -EEXIST) /* if it exists (or previously existed), don't remove it! */ - rgw_remove_user_bucket_info(s->user.user_id, s->bucket); + rgw_unlink_bucket(s->user.user_id, s->bucket); if (ret == -EEXIST) ret = -ERR_BUCKET_EXISTS; @@ -578,7 +578,7 @@ void RGWDeleteBucket::execute() ret = rgwstore->delete_bucket(s->bucket); if (ret == 0) { - ret = rgw_remove_user_bucket_info(s->user.user_id, s->bucket); + ret = rgw_unlink_bucket(s->user.user_id, s->bucket); if (ret < 0) { dout(0) << "WARNING: failed to remove bucket: ret=" << ret << dendl; } diff --git a/src/rgw/rgw_swift_auth.cc b/src/rgw/rgw_swift_auth.cc index e70afc4cf37..eb65af04b8b 100644 --- a/src/rgw/rgw_swift_auth.cc +++ b/src/rgw/rgw_swift_auth.cc @@ -56,7 +56,7 @@ static int encode_token(string& swift_user, string& key, bufferlist& bl) return ret; } -int rgw_swift_verify_signed_token(const char *token, RGWUserInfo& info) +int rgw_swift_verify_signed_token(const char *token, libradosgw::Account& info) { if (strncmp(token, "AUTH_rgwtk", 10) != 0) return -EINVAL; diff --git a/src/rgw/rgw_swift_auth.h b/src/rgw/rgw_swift_auth.h index 95909a96015..2afd73806bf 100644 --- a/src/rgw/rgw_swift_auth.h +++ b/src/rgw/rgw_swift_auth.h @@ -1,11 +1,12 @@ #ifndef CEPH_RGW_SWIFT_AUTH_H #define CEPH_RGW_SWIFT_AUTH_H +#include "libradosgw.hpp" #include "rgw_op.h" #define RGW_SWIFT_TOKEN_EXPIRATION (15 * 60) -extern int rgw_swift_verify_signed_token(const char *token, RGWUserInfo& info); +extern int rgw_swift_verify_signed_token(const char *token, libradosgw::Account& info); class RGW_SWIFT_Auth_Get : public RGWOp { public: diff --git a/src/rgw/rgw_user.cc b/src/rgw/rgw_user.cc index fb2809840c9..5e7cf79eee2 100644 --- a/src/rgw/rgw_user.cc +++ b/src/rgw/rgw_user.cc @@ -14,103 +14,6 @@ using namespace std; -static rgw_bucket ui_key_bucket(USER_INFO_POOL_NAME); -static rgw_bucket ui_email_bucket(USER_INFO_EMAIL_POOL_NAME); -static rgw_bucket ui_swift_bucket(USER_INFO_SWIFT_POOL_NAME); -static rgw_bucket ui_uid_bucket(USER_INFO_UID_POOL_NAME); - -rgw_bucket rgw_root_bucket(RGW_ROOT_BUCKET); - -/** - * Get the anonymous (ie, unauthenticated) user info. - */ -void rgw_get_anon_user(RGWUserInfo& info) -{ - info.user_id = RGW_USER_ANON_ID; - info.display_name.clear(); - info.access_keys.clear(); -} - -bool rgw_user_is_authenticated(RGWUserInfo& info) -{ - return (info.user_id != RGW_USER_ANON_ID); -} - -/** - * Save the given user information to storage. - * Returns: 0 on success, -ERR# on failure. - */ -int rgw_store_user_info(RGWUserInfo& info) -{ - bufferlist bl; - info.encode(bl); - string md5; - int ret; - map<string,bufferlist> attrs; - - map<string, RGWAccessKey>::iterator iter; - for (iter = info.swift_keys.begin(); iter != info.swift_keys.end(); ++iter) { - RGWAccessKey& k = iter->second; - /* check if swift mapping exists */ - RGWUserInfo inf; - int r = rgw_get_user_info_by_swift(k.id, inf); - if (r >= 0 && inf.user_id.compare(info.user_id) != 0) { - dout(0) << "can't store user info, swift id already mapped to another user" << dendl; - return -EEXIST; - } - } - - if (info.access_keys.size()) { - /* check if access keys already exist */ - RGWUserInfo inf; - map<string, RGWAccessKey>::iterator iter = info.access_keys.begin(); - for (; iter != info.access_keys.end(); ++iter) { - RGWAccessKey& k = iter->second; - int r = rgw_get_user_info_by_access_key(k.id, inf); - if (r >= 0 && inf.user_id.compare(info.user_id) != 0) { - dout(0) << "can't store user info, access key already mapped to another user" << dendl; - return -EEXIST; - } - } - } - - bufferlist uid_bl; - RGWUID ui; - ui.user_id = info.user_id; - ::encode(ui, uid_bl); - ::encode(info, uid_bl); - - ret = rgw_put_obj(rgwstore, info.user_id, ui_uid_bucket, info.user_id, uid_bl.c_str(), uid_bl.length()); - if (ret < 0) - return ret; - - if (info.user_email.size()) { - ret = rgw_put_obj(rgwstore, info.user_id, ui_email_bucket, info.user_email, uid_bl.c_str(), uid_bl.length()); - if (ret < 0) - return ret; - } - - if (info.access_keys.size()) { - map<string, RGWAccessKey>::iterator iter = info.access_keys.begin(); - for (; iter != info.access_keys.end(); ++iter) { - RGWAccessKey& k = iter->second; - ret = rgw_put_obj(rgwstore, k.id, ui_key_bucket, k.id, uid_bl.c_str(), uid_bl.length()); - if (ret < 0) - return ret; - } - } - - map<string, RGWAccessKey>::iterator siter; - for (siter = info.swift_keys.begin(); siter != info.swift_keys.end(); ++siter) { - RGWAccessKey& k = siter->second; - ret = rgw_put_obj(rgwstore, info.user_id, ui_swift_bucket, k.id, uid_bl.c_str(), uid_bl.length()); - if (ret < 0) - return ret; - } - - return ret; -} - int rgw_get_user_info_from_index(string& key, rgw_bucket& bucket, RGWUserInfo& info) { bufferlist bl; diff --git a/src/rgw/rgw_user.h b/src/rgw/rgw_user.h index 51294d05970..11df0498204 100644 --- a/src/rgw/rgw_user.h +++ b/src/rgw/rgw_user.h @@ -32,44 +32,6 @@ struct RGWUID WRITE_CLASS_ENCODER(RGWUID) /** - * Get the anonymous (ie, unauthenticated) user info. - */ -extern void rgw_get_anon_user(RGWUserInfo& info); - -/** - * verify that user is an actual user, and not the anonymous user - */ -extern bool rgw_user_is_authenticated(RGWUserInfo& info); -/** - * Save the given user information to storage. - * Returns: 0 on success, -ERR# on failure. - */ -extern int rgw_store_user_info(RGWUserInfo& info); -/** - * Given an email, finds the user info associated with it. - * returns: 0 on success, -ERR# on failure (including nonexistence) - */ -extern int rgw_get_user_info_by_uid(string& user_id, RGWUserInfo& info); -/** - * Given an swift username, finds the user info associated with it. - * returns: 0 on success, -ERR# on failure (including nonexistence) - */ -extern int rgw_get_user_info_by_email(string& email, RGWUserInfo& info); -/** - * Given an swift username, finds the user info associated with it. - * returns: 0 on success, -ERR# on failure (including nonexistence) - */ -extern int rgw_get_user_info_by_swift(string& swift_name, RGWUserInfo& info); -/** - * Given an access key, finds the user info associated with it. - * returns: 0 on success, -ERR# on failure (including nonexistence) - */ -extern int rgw_get_user_info_by_access_key(string& access_key, RGWUserInfo& info); -/** - * Given an RGWUserInfo, deletes the user and its bucket ACLs. - */ -extern int rgw_delete_user(RGWUserInfo& user); -/** * Store a list of the user's buckets, with associated functinos. */ class RGWUserBuckets @@ -137,7 +99,7 @@ extern int rgw_read_user_buckets(string user_id, RGWUserBuckets& buckets, bool n extern int rgw_write_buckets_attr(string user_id, RGWUserBuckets& buckets); extern int rgw_add_bucket(string user_id, rgw_bucket& bucket); -extern int rgw_remove_user_bucket_info(string user_id, rgw_bucket& bucket); +extern int rgw_unlink_bucket(string user_id, rgw_bucket& bucket); /* * remove the different indexes |