diff options
author | Alex Auvolat <alex@adnab.me> | 2021-12-16 11:47:58 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-01-04 12:45:52 +0100 |
commit | 0bbb6673e7ce703e470a3c2aad620ee5f009bc84 (patch) | |
tree | 844e95b50e2bc129403b679a6c5d63ff82940ad6 /src/model | |
parent | 53f71b3a57b3c1828292e26b7865d31e9bec44d6 (diff) | |
download | garage-0bbb6673e7ce703e470a3c2aad620ee5f009bc84.tar.gz garage-0bbb6673e7ce703e470a3c2aad620ee5f009bc84.zip |
Model changes
Diffstat (limited to 'src/model')
-rw-r--r-- | src/model/bucket_alias_table.rs | 8 | ||||
-rw-r--r-- | src/model/bucket_table.rs | 10 | ||||
-rw-r--r-- | src/model/key_table.rs | 16 | ||||
-rw-r--r-- | src/model/permission.rs | 6 |
4 files changed, 33 insertions, 7 deletions
diff --git a/src/model/bucket_alias_table.rs b/src/model/bucket_alias_table.rs index 4d300d05..52484c5b 100644 --- a/src/model/bucket_alias_table.rs +++ b/src/model/bucket_alias_table.rs @@ -15,7 +15,6 @@ pub struct BucketAlias { #[derive(PartialEq, Eq, PartialOrd, Ord, Clone, Debug, Serialize, Deserialize)] pub struct AliasParams { pub bucket_id: Uuid, - pub website_access: bool, } impl AutoCrdt for AliasParams { @@ -23,13 +22,10 @@ impl AutoCrdt for AliasParams { } impl BucketAlias { - pub fn new(name: String, bucket_id: Uuid, website_access: bool) -> Self { + pub fn new(name: String, bucket_id: Uuid) -> Self { BucketAlias { name, - state: crdt::Lww::new(crdt::Deletable::present(AliasParams { - bucket_id, - website_access, - })), + state: crdt::Lww::new(crdt::Deletable::present(AliasParams { bucket_id })), } } pub fn is_deleted(&self) -> bool { diff --git a/src/model/bucket_table.rs b/src/model/bucket_table.rs index ac40407e..6ae719ae 100644 --- a/src/model/bucket_table.rs +++ b/src/model/bucket_table.rs @@ -1,4 +1,5 @@ use serde::{Deserialize, Serialize}; +use serde_bytes::ByteBuf; use garage_table::crdt::Crdt; use garage_table::*; @@ -27,6 +28,11 @@ pub struct BucketParams { pub creation_date: u64, /// Map of key with access to the bucket, and what kind of access they give pub authorized_keys: crdt::Map<String, BucketKeyPerm>, + /// Whether this bucket is allowed for website access + /// (under all of its global alias names) + pub website_access: crdt::Lww<bool>, + /// The website configuration XML document + pub website_config: crdt::Lww<Option<ByteBuf>>, /// Map of aliases that are or have been given to this bucket /// in the global namespace /// (not authoritative: this is just used as an indication to @@ -44,6 +50,8 @@ impl BucketParams { BucketParams { creation_date: now_msec(), authorized_keys: crdt::Map::new(), + website_access: crdt::Lww::new(false), + website_config: crdt::Lww::new(None), aliases: crdt::LwwMap::new(), local_aliases: crdt::LwwMap::new(), } @@ -53,6 +61,8 @@ impl BucketParams { impl Crdt for BucketParams { fn merge(&mut self, o: &Self) { self.authorized_keys.merge(&o.authorized_keys); + self.website_access.merge(&o.website_access); + self.website_config.merge(&o.website_config); self.aliases.merge(&o.aliases); self.local_aliases.merge(&o.local_aliases); } diff --git a/src/model/key_table.rs b/src/model/key_table.rs index e87f5949..469dbd49 100644 --- a/src/model/key_table.rs +++ b/src/model/key_table.rs @@ -27,6 +27,7 @@ pub struct Key { /// Configuration for a key #[derive(PartialEq, Clone, Debug, Serialize, Deserialize)] pub struct KeyParams { + pub allow_create_bucket: crdt::Lww<bool>, pub authorized_buckets: crdt::Map<Uuid, BucketKeyPerm>, pub local_aliases: crdt::LwwMap<String, crdt::Deletable<Uuid>>, } @@ -34,6 +35,7 @@ pub struct KeyParams { impl KeyParams { pub fn new() -> Self { KeyParams { + allow_create_bucket: crdt::Lww::new(false), authorized_buckets: crdt::Map::new(), local_aliases: crdt::LwwMap::new(), } @@ -48,6 +50,7 @@ impl Default for KeyParams { impl Crdt for KeyParams { fn merge(&mut self, o: &Self) { + self.allow_create_bucket.merge(&o.allow_create_bucket); self.authorized_buckets.merge(&o.authorized_buckets); self.local_aliases.merge(&o.local_aliases); } @@ -111,6 +114,19 @@ impl Key { false } } + + /// Check if `Key` is owner of bucket + pub fn allow_owner(&self, bucket: &Uuid) -> bool { + if let crdt::Deletable::Present(params) = &self.state { + params + .authorized_buckets + .get(bucket) + .map(|x| x.allow_owner) + .unwrap_or(false) + } else { + false + } + } } impl Entry<EmptyKey, String> for Key { diff --git a/src/model/permission.rs b/src/model/permission.rs index b61c92ce..04bb2bc5 100644 --- a/src/model/permission.rs +++ b/src/model/permission.rs @@ -12,8 +12,12 @@ pub struct BucketKeyPerm { /// The key can be used to read the bucket pub allow_read: bool, - /// The key can be used to write in the bucket + /// The key can be used to write objects to the bucket pub allow_write: bool, + /// The key can be used to control other aspects of the bucket: + /// - enable / disable website access + /// - delete bucket + pub allow_owner: bool, } impl Crdt for BucketKeyPerm { |