You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

217 lines
6.3 KiB

  1. package s3api
  2. import (
  3. "encoding/json"
  4. "github.com/aws/aws-sdk-go/service/s3"
  5. "github.com/seaweedfs/seaweedfs/weed/glog"
  6. "github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
  7. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  8. "github.com/seaweedfs/seaweedfs/weed/s3api/s3account"
  9. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  10. "github.com/seaweedfs/seaweedfs/weed/util"
  11. "math"
  12. "sync"
  13. )
  14. var loadBucketMetadataFromFiler = func(r *BucketRegistry, bucketName string) (*BucketMetaData, error) {
  15. entry, err := filer_pb.GetEntry(r.s3a, util.NewFullPath(r.s3a.option.BucketsPath, bucketName))
  16. if err != nil {
  17. return nil, err
  18. }
  19. return buildBucketMetadata(r.s3a.accountManager, entry), nil
  20. }
  21. type BucketMetaData struct {
  22. _ struct{} `type:"structure"`
  23. Name string
  24. //By default, when another AWS account uploads an object to S3 bucket,
  25. //that account (the object writer) owns the object, has access to it, and
  26. //can grant other users access to it through ACLs. You can use Object Ownership
  27. //to change this default behavior so that ACLs are disabled and you, as the
  28. //bucket owner, automatically own every object in your bucket.
  29. ObjectOwnership string
  30. // Container for the bucket owner's display name and ID.
  31. Owner *s3.Owner `type:"structure"`
  32. // A list of grants for access controls.
  33. Acl []*s3.Grant `locationName:"AccessControlList" locationNameList:"Grant" type:"list"`
  34. }
  35. type BucketRegistry struct {
  36. metadataCache map[string]*BucketMetaData
  37. metadataCacheLock sync.RWMutex
  38. notFound map[string]struct{}
  39. notFoundLock sync.RWMutex
  40. s3a *S3ApiServer
  41. }
  42. func NewBucketRegistry(s3a *S3ApiServer) *BucketRegistry {
  43. br := &BucketRegistry{
  44. metadataCache: make(map[string]*BucketMetaData),
  45. notFound: make(map[string]struct{}),
  46. s3a: s3a,
  47. }
  48. err := br.init()
  49. if err != nil {
  50. glog.Fatal("init bucket registry failed", err)
  51. return nil
  52. }
  53. return br
  54. }
  55. func (r *BucketRegistry) init() error {
  56. err := filer_pb.List(r.s3a, r.s3a.option.BucketsPath, "", func(entry *filer_pb.Entry, isLast bool) error {
  57. r.LoadBucketMetadata(entry)
  58. return nil
  59. }, "", false, math.MaxUint32)
  60. return err
  61. }
  62. func (r *BucketRegistry) LoadBucketMetadata(entry *filer_pb.Entry) {
  63. bucketMetadata := buildBucketMetadata(r.s3a.accountManager, entry)
  64. r.metadataCacheLock.Lock()
  65. defer r.metadataCacheLock.Unlock()
  66. r.metadataCache[entry.Name] = bucketMetadata
  67. }
  68. func buildBucketMetadata(accountManager *s3account.AccountManager, entry *filer_pb.Entry) *BucketMetaData {
  69. entryJson, _ := json.Marshal(entry)
  70. glog.V(3).Infof("build bucket metadata,entry=%s", entryJson)
  71. bucketMetadata := &BucketMetaData{
  72. Name: entry.Name,
  73. //Default ownership: OwnershipBucketOwnerEnforced, which means Acl is disabled
  74. ObjectOwnership: s3_constants.OwnershipBucketOwnerEnforced,
  75. // Default owner: `AccountAdmin`
  76. Owner: &s3.Owner{
  77. ID: &s3account.AccountAdmin.Id,
  78. DisplayName: &s3account.AccountAdmin.Name,
  79. },
  80. }
  81. if entry.Extended != nil {
  82. //ownership control
  83. ownership, ok := entry.Extended[s3_constants.ExtOwnershipKey]
  84. if ok {
  85. ownership := string(ownership)
  86. valid := s3_constants.ValidateOwnership(ownership)
  87. if valid {
  88. bucketMetadata.ObjectOwnership = ownership
  89. } else {
  90. glog.Warningf("Invalid ownership: %s, bucket: %s", ownership, bucketMetadata.Name)
  91. }
  92. }
  93. //access control policy
  94. //owner
  95. acpOwnerBytes, ok := entry.Extended[s3_constants.ExtAmzOwnerKey]
  96. if ok && len(acpOwnerBytes) > 0 {
  97. ownerAccountId := string(acpOwnerBytes)
  98. ownerAccountName, exists := accountManager.IdNameMapping[ownerAccountId]
  99. if !exists {
  100. glog.Warningf("owner[id=%s] is invalid, bucket: %s", ownerAccountId, bucketMetadata.Name)
  101. } else {
  102. bucketMetadata.Owner = &s3.Owner{
  103. ID: &ownerAccountId,
  104. DisplayName: &ownerAccountName,
  105. }
  106. }
  107. }
  108. //grants
  109. acpGrantsBytes, ok := entry.Extended[s3_constants.ExtAmzAclKey]
  110. if ok && len(acpGrantsBytes) > 0 {
  111. var grants []*s3.Grant
  112. err := json.Unmarshal(acpGrantsBytes, &grants)
  113. if err == nil {
  114. bucketMetadata.Acl = grants
  115. } else {
  116. glog.Warningf("Unmarshal ACP grants: %s(%v), bucket: %s", string(acpGrantsBytes), err, bucketMetadata.Name)
  117. }
  118. }
  119. }
  120. return bucketMetadata
  121. }
  122. func (r *BucketRegistry) RemoveBucketMetadata(entry *filer_pb.Entry) {
  123. r.removeMetadataCache(entry.Name)
  124. r.unMarkNotFound(entry.Name)
  125. }
  126. func (r *BucketRegistry) GetBucketMetadata(bucketName string) (*BucketMetaData, s3err.ErrorCode) {
  127. r.metadataCacheLock.RLock()
  128. bucketMetadata, ok := r.metadataCache[bucketName]
  129. r.metadataCacheLock.RUnlock()
  130. if ok {
  131. return bucketMetadata, s3err.ErrNone
  132. }
  133. r.notFoundLock.RLock()
  134. _, ok = r.notFound[bucketName]
  135. r.notFoundLock.RUnlock()
  136. if ok {
  137. return nil, s3err.ErrNoSuchBucket
  138. }
  139. bucketMetadata, errCode := r.LoadBucketMetadataFromFiler(bucketName)
  140. if errCode != s3err.ErrNone {
  141. return nil, errCode
  142. }
  143. r.setMetadataCache(bucketMetadata)
  144. r.unMarkNotFound(bucketName)
  145. return bucketMetadata, s3err.ErrNone
  146. }
  147. func (r *BucketRegistry) LoadBucketMetadataFromFiler(bucketName string) (*BucketMetaData, s3err.ErrorCode) {
  148. r.notFoundLock.Lock()
  149. defer r.notFoundLock.Unlock()
  150. //check if already exists
  151. r.metadataCacheLock.RLock()
  152. bucketMetaData, ok := r.metadataCache[bucketName]
  153. r.metadataCacheLock.RUnlock()
  154. if ok {
  155. return bucketMetaData, s3err.ErrNone
  156. }
  157. //if not exists, load from filer
  158. bucketMetadata, err := loadBucketMetadataFromFiler(r, bucketName)
  159. if err != nil {
  160. if err == filer_pb.ErrNotFound {
  161. // The bucket doesn't actually exist and should no longer loaded from the filer
  162. r.notFound[bucketName] = struct{}{}
  163. return nil, s3err.ErrNoSuchBucket
  164. }
  165. return nil, s3err.ErrInternalError
  166. }
  167. return bucketMetadata, s3err.ErrNone
  168. }
  169. func (r *BucketRegistry) setMetadataCache(metadata *BucketMetaData) {
  170. r.metadataCacheLock.Lock()
  171. defer r.metadataCacheLock.Unlock()
  172. r.metadataCache[metadata.Name] = metadata
  173. }
  174. func (r *BucketRegistry) removeMetadataCache(bucket string) {
  175. r.metadataCacheLock.Lock()
  176. defer r.metadataCacheLock.Unlock()
  177. delete(r.metadataCache, bucket)
  178. }
  179. func (r *BucketRegistry) markNotFound(bucket string) {
  180. r.notFoundLock.Lock()
  181. defer r.notFoundLock.Unlock()
  182. r.notFound[bucket] = struct{}{}
  183. }
  184. func (r *BucketRegistry) unMarkNotFound(bucket string) {
  185. r.notFoundLock.Lock()
  186. defer r.notFoundLock.Unlock()
  187. delete(r.notFound, bucket)
  188. }