aboutsummaryrefslogtreecommitdiff
path: root/src/model
diff options
context:
space:
mode:
Diffstat (limited to 'src/model')
-rw-r--r--src/model/bucket_alias_table.rs8
-rw-r--r--src/model/bucket_table.rs10
-rw-r--r--src/model/key_table.rs16
-rw-r--r--src/model/permission.rs6
4 files changed, 33 insertions, 7 deletions
diff --git a/src/model/bucket_alias_table.rs b/src/model/bucket_alias_table.rs
index 4d300d05..52484c5b 100644
--- a/src/model/bucket_alias_table.rs
+++ b/src/model/bucket_alias_table.rs
@@ -15,7 +15,6 @@ pub struct BucketAlias {
#[derive(PartialEq, Eq, PartialOrd, Ord, Clone, Debug, Serialize, Deserialize)]
pub struct AliasParams {
pub bucket_id: Uuid,
- pub website_access: bool,
}
impl AutoCrdt for AliasParams {
@@ -23,13 +22,10 @@ impl AutoCrdt for AliasParams {
}
impl BucketAlias {
- pub fn new(name: String, bucket_id: Uuid, website_access: bool) -> Self {
+ pub fn new(name: String, bucket_id: Uuid) -> Self {
BucketAlias {
name,
- state: crdt::Lww::new(crdt::Deletable::present(AliasParams {
- bucket_id,
- website_access,
- })),
+ state: crdt::Lww::new(crdt::Deletable::present(AliasParams { bucket_id })),
}
}
pub fn is_deleted(&self) -> bool {
diff --git a/src/model/bucket_table.rs b/src/model/bucket_table.rs
index ac40407e..6ae719ae 100644
--- a/src/model/bucket_table.rs
+++ b/src/model/bucket_table.rs
@@ -1,4 +1,5 @@
use serde::{Deserialize, Serialize};
+use serde_bytes::ByteBuf;
use garage_table::crdt::Crdt;
use garage_table::*;
@@ -27,6 +28,11 @@ pub struct BucketParams {
pub creation_date: u64,
/// Map of key with access to the bucket, and what kind of access they give
pub authorized_keys: crdt::Map<String, BucketKeyPerm>,
+ /// Whether this bucket is allowed for website access
+ /// (under all of its global alias names)
+ pub website_access: crdt::Lww<bool>,
+ /// The website configuration XML document
+ pub website_config: crdt::Lww<Option<ByteBuf>>,
/// Map of aliases that are or have been given to this bucket
/// in the global namespace
/// (not authoritative: this is just used as an indication to
@@ -44,6 +50,8 @@ impl BucketParams {
BucketParams {
creation_date: now_msec(),
authorized_keys: crdt::Map::new(),
+ website_access: crdt::Lww::new(false),
+ website_config: crdt::Lww::new(None),
aliases: crdt::LwwMap::new(),
local_aliases: crdt::LwwMap::new(),
}
@@ -53,6 +61,8 @@ impl BucketParams {
impl Crdt for BucketParams {
fn merge(&mut self, o: &Self) {
self.authorized_keys.merge(&o.authorized_keys);
+ self.website_access.merge(&o.website_access);
+ self.website_config.merge(&o.website_config);
self.aliases.merge(&o.aliases);
self.local_aliases.merge(&o.local_aliases);
}
diff --git a/src/model/key_table.rs b/src/model/key_table.rs
index e87f5949..469dbd49 100644
--- a/src/model/key_table.rs
+++ b/src/model/key_table.rs
@@ -27,6 +27,7 @@ pub struct Key {
/// Configuration for a key
#[derive(PartialEq, Clone, Debug, Serialize, Deserialize)]
pub struct KeyParams {
+ pub allow_create_bucket: crdt::Lww<bool>,
pub authorized_buckets: crdt::Map<Uuid, BucketKeyPerm>,
pub local_aliases: crdt::LwwMap<String, crdt::Deletable<Uuid>>,
}
@@ -34,6 +35,7 @@ pub struct KeyParams {
impl KeyParams {
pub fn new() -> Self {
KeyParams {
+ allow_create_bucket: crdt::Lww::new(false),
authorized_buckets: crdt::Map::new(),
local_aliases: crdt::LwwMap::new(),
}
@@ -48,6 +50,7 @@ impl Default for KeyParams {
impl Crdt for KeyParams {
fn merge(&mut self, o: &Self) {
+ self.allow_create_bucket.merge(&o.allow_create_bucket);
self.authorized_buckets.merge(&o.authorized_buckets);
self.local_aliases.merge(&o.local_aliases);
}
@@ -111,6 +114,19 @@ impl Key {
false
}
}
+
+ /// Check if `Key` is owner of bucket
+ pub fn allow_owner(&self, bucket: &Uuid) -> bool {
+ if let crdt::Deletable::Present(params) = &self.state {
+ params
+ .authorized_buckets
+ .get(bucket)
+ .map(|x| x.allow_owner)
+ .unwrap_or(false)
+ } else {
+ false
+ }
+ }
}
impl Entry<EmptyKey, String> for Key {
diff --git a/src/model/permission.rs b/src/model/permission.rs
index b61c92ce..04bb2bc5 100644
--- a/src/model/permission.rs
+++ b/src/model/permission.rs
@@ -12,8 +12,12 @@ pub struct BucketKeyPerm {
/// The key can be used to read the bucket
pub allow_read: bool,
- /// The key can be used to write in the bucket
+ /// The key can be used to write objects to the bucket
pub allow_write: bool,
+ /// The key can be used to control other aspects of the bucket:
+ /// - enable / disable website access
+ /// - delete bucket
+ pub allow_owner: bool,
}
impl Crdt for BucketKeyPerm {