Extract the account ACLs from the given account_info, and return the ACLs.
Parameters: | info – a dict of the form returned by get_account_info |
---|---|
Returns: | None (no ACL system metadata is set), or a dict of the form:: {‘admin’: [...], ‘read-write’: [...], ‘read-only’: [...]} |
Raises ValueError: | |
on a syntactically invalid header |
Returns a cleaned ACL header value, validating that it meets the formatting requirements for standard Swift ACL strings.
The ACL format is:
[item[,item...]]
Each item can be a group name to give access to or a referrer designation to grant or deny based on the HTTP Referer header.
The referrer designation format is:
.r:[-]value
The .r can also be .ref, .referer, or .referrer; though it will be shortened to just .r for decreased character count usage.
The value can be * to specify any referrer host is allowed access, a specific host name like www.example.com, or if it has a leading period . or leading *. it is a domain name specification, like .example.com or *.example.com. The leading minus sign - indicates referrer hosts that should be denied access.
Referrer access is applied in the order they are specified. For example, .r:.example.com,.r:-thief.example.com would allow all hosts ending with .example.com except for the specific host thief.example.com.
Example valid ACLs:
.r:*
.r:*,.r:-.thief.com
.r:*,.r:.example.com,.r:-thief.example.com
.r:*,.r:-.thief.com,bobs_account,sues_account:sue
bobs_account,sues_account:sue
Example invalid ACLs:
.r:
.r:-
By default, allowing read access via .r will not allow listing objects in the container – just retrieving objects from the container. To turn on listings, use the .rlistings directive.
Also, .r designations aren’t allowed in headers whose names include the word ‘write’.
ACLs that are “messy” will be cleaned up. Examples:
Original | Cleaned |
bob, sue | bob,sue |
bob , sue | bob,sue |
bob,,,sue | bob,sue |
.referrer : * | .r:* |
.ref:*.example.com | .r:.example.com |
.r:*, .rlistings | .r:*,.rlistings |
Parameters: |
|
---|---|
Returns: | The value, cleaned of extraneous formatting. |
Raises ValueError: | |
If the value does not meet the ACL formatting requirements; the error message will indicate why. |
Compatibility wrapper to help migrate ACL syntax from version 1 to 2. Delegates to the appropriate version-specific format_acl method, defaulting to version 1 for backward compatibility.
Parameters: | kwargs – keyword args appropriate for the selected ACL syntax version (see format_acl_v1() or format_acl_v2()) |
---|
Returns a standard Swift ACL string for the given inputs.
Caller is responsible for ensuring that :referrers: parameter is only given if the ACL is being generated for X-Container-Read. (X-Container-Write and the account ACL headers don’t support referrers.)
Parameters: |
|
---|---|
Returns: | a Swift ACL string for use in X-Container-{Read,Write}, X-Account-Access-Control, etc. |
Returns a version-2 Swift ACL JSON string.
JSON will be forced ASCII (containing six-char uNNNN sequences rather than UTF-8; UTF-8 is valid JSON but clients vary in their support for UTF-8 headers), and without extraneous whitespace.
Advantages over V1: forward compatibility (new keys don’t cause parsing exceptions); Unicode support; no reserved words (you can have a user named .rlistings if you want).
Parameters: | acl_dict – dict of arbitrary data to put in the ACL; see specific auth systems such as tempauth for supported values |
---|---|
Returns: | a JSON string which encodes the ACL |
Compatibility wrapper to help migrate ACL syntax from version 1 to 2. Delegates to the appropriate version-specific parse_acl method, attempting to determine the version from the types of args/kwargs.
Parameters: |
|
---|---|
Returns: | the return value of parse_acl_v1() or parse_acl_v2() |
Parses a standard Swift ACL string into a referrers list and groups list.
See clean_acl() for documentation of the standard Swift ACL format.
Parameters: | acl_string – The standard Swift ACL string to parse. |
---|---|
Returns: | A tuple of (referrers, groups) where referrers is a list of referrer designations (without the leading .r:) and groups is a list of groups to allow access. |
Parses a version-2 Swift ACL string and returns a dict of ACL info.
Parameters: | data – string containing the ACL data in JSON format |
---|---|
Returns: | A dict (possibly empty) containing ACL info, e.g.: {“groups”: [...], “referrers”: [...]} |
Returns: | None if data is None, is not valid JSON or does not parse as a dict |
Returns: | empty dictionary if data is an empty string |
Returns True if the referrer should be allowed based on the referrer_acl list (as returned by parse_acl()).
See clean_acl() for documentation of the standard Swift ACL format.
Parameters: |
|
---|---|
Returns: | True if the referrer should be allowed; False if not. |
Monkey Patch httplib.HTTPResponse to buffer reads of headers. This can improve performance when making large numbers of small HTTP requests. This module also provides helper functions to make HTTP connections using BufferedHTTPResponse.
Warning
If you use this, be sure that the libraries you are using do not access the socket directly (xmlrpclib, I’m looking at you :/), and instead make all calls through httplib.
Bases: httplib.HTTPConnection
HTTPConnection class that uses BufferedHTTPResponse
alias of BufferedHTTPResponse
Bases: httplib.HTTPResponse
HTTPResponse class that buffers reading of headers
Terminate the socket with extreme prejudice.
Closes the underlying socket regardless of whether or not anyone else has references to it. Use this when you are certain that nobody else you care about has a reference to this socket.
Helper function to create an HTTPConnection object. If ssl is set True, HTTPSConnection will be used. However, if ssl=False, BufferedHTTPConnection will be used, which is buffered for backend Swift services.
Parameters: |
|
---|---|
Returns: | HTTPConnection object |
Helper function to create an HTTPConnection object. If ssl is set True, HTTPSConnection will be used. However, if ssl=False, BufferedHTTPConnection will be used, which is buffered for backend Swift services.
Parameters: |
|
---|---|
Returns: | HTTPConnection object |
Query string format= values to their corresponding content-type values
Validate that the value from x-copy-from header is well formatted. We assume the caller ensures that x-copy-from header is present in req.headers.
Parameters: | req – HTTP request object |
---|---|
Returns: | A tuple with container name and object name |
Raise : | HTTPPreconditionFailed if x-copy-from value is not well formatted. |
Helper function for checking if a string can be converted to a float.
Parameters: | string – string to be verified as a float |
---|---|
Returns: | True if the string can be converted to a float, False otherwise |
Check metadata sent in the request headers.
Parameters: |
|
---|---|
Returns: | HTTPBadRequest with bad metadata otherwise None |
Verify that the path to the device is a mount point and mounted. This allows us to fast fail on drives that have been unmounted because of issues, and also prevents us for accidentally filling up the root partition.
Parameters: |
|
---|---|
Returns: | True if it is a valid mounted device, False otherwise |
Check to ensure that everything is alright about an object to be created.
Parameters: |
|
---|---|
Returns HTTPRequestEntityTooLarge: | |
the object is too large |
|
Returns HTTPLengthRequired: | |
missing content-length header and not a chunked request |
|
Returns HTTPBadRequest: | |
missing or bad content-type header, or bad metadata |
Validate if a string is valid UTF-8 str or unicode and that it does not contain any null character.
Parameters: | string – string to be validated |
---|---|
Returns: | True if the string is valid utf-8 str or unicode and contains no null characters, False otherwise |
Parse SWIFT_CONF_FILE and reset module level global contraint attrs, populating OVERRIDE_CONSTRAINTS AND EFFECTIVE_CONSTRAINTS along the way.
Bases: object
Loads and parses the container-sync-realms.conf, occasionally checking the file’s mtime to see if it needs to be reloaded.
Returns a list of clusters for the realm.
Returns the endpoint for the cluster in the realm.
Returns the hexdigest string of the HMAC-SHA1 (RFC 2104) for the information given.
Parameters: |
|
---|---|
Returns: | hexdigest str of the HMAC-SHA1 for the request. |
Returns the key for the realm.
Returns the key2 for the realm.
Returns a list of realms.
Forces a reload of the conf file.
Internal client library for making calls directly to the servers rather than through the proxy.
Delete object directly from the object server.
Parameters: |
|
---|---|
Returns: | response from server |
Get listings directly from the account server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, a list of containers) The response headers will be a dict and all header names will be lowercase. |
Get container listings directly from the container server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, a list of objects) The response headers will be a dict and all header names will be lowercase. |
Get object directly from the object server.
Parameters: |
|
---|---|
Returns: | a tuple of (response headers, the object’s contents) The response headers will be a dict and all header names will be lowercase. |
Request container information directly from the container server.
Parameters: |
|
---|---|
Returns: | a dict containing the response’s headers (all header names will be lowercase) |
Request object information directly from the object server.
Parameters: |
|
---|---|
Returns: | a dict containing the response’s headers (all header names will be lowercase) |
Direct update to object metadata on object server.
Parameters: |
|
---|---|
Raises ClientException: | |
HTTP POST request failed |
Put object directly from the object server.
Parameters: |
|
---|---|
Returns: | etag from the server response |
Helper function to retry a given function a number of times.
Parameters: |
|
---|---|
Returns: | restult of func |
Bases: eventlet.timeout.Timeout
Bases: eventlet.timeout.Timeout
Bases: exceptions.Exception
Bases: eventlet.timeout.Timeout
Bases: eventlet.timeout.Timeout
Bases: exceptions.OSError
Bases: exceptions.Exception
Bases: exceptions.Exception
Bases: object
Wrapper for file object to compress object while reading.
Can be used to wrap file objects passed to InternalClient.upload_object().
Used in testing of InternalClient.
Parameters: |
|
---|
Reads a chunk from the file object.
Params are passed directly to the underlying file object’s read().
Returns: | Compressed chunk from file object. |
---|
Sets the object to the state needed for the first read.
Bases: object
An internal client that uses a swift proxy app to make requests to Swift.
This client will exponentially slow down for retries.
Parameters: |
|
---|
Checks to see if a container exists.
Parameters: |
|
---|---|
Raises: |
|
:returns : True if container exists, false otherwise.
Creates container.
Parameters: |
|
---|---|
Raises: |
|
Deletes a container.
Parameters: |
|
---|---|
Raises: |
|
Deletes an object.
Parameters: |
|
---|---|
Raises: |
|
Returns (container_count, object_count) for an account.
Parameters: |
|
---|---|
Raises: |
|
Gets account metadata.
Parameters: |
|
---|
:returns : Returns dict of account metadata. Keys will be lowercase.
Raises: |
|
---|
Gets container metadata.
Parameters: |
|
---|
:returns : Returns dict of container metadata. Keys will be lowercase.
Raises: |
|
---|
Gets object metadata.
Parameters: |
|
---|
:returns : Dict of object metadata.
Raises: |
|
---|
Returns an iterator of containers dicts from an account.
Parameters: |
|
---|---|
Raises: |
|
Returns an iterator of object lines from an uncompressed or compressed text object.
Uncompress object as it is read if the object’s name ends with ‘.gz’.
Parameters: |
|
---|---|
Raises: |
|
Returns an iterator of object dicts from a container.
Parameters: |
|
---|---|
Raises: |
|
Returns a swift path for a request quoting and utf-8 encoding the path parts as need be.
Parameters: |
|
---|---|
Raises ValueError: | |
Is raised if obj is specified and container is not. |
Makes a request to Swift with retries.
Parameters: |
|
---|
:returns : Response object on success.
Raises: |
|
---|
Sets account metadata. A call to this will add to the account metadata and not overwrite all of it with values in the metadata dict. To clear an account metadata value, pass an empty string as the value for the key in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Sets container metadata. A call to this will add to the container metadata and not overwrite all of it with values in the metadata dict. To clear a container metadata value, pass an empty string as the value for the key in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Sets an object’s metadata. The object’s metadata will be overwritten by the values in the metadata dict.
Parameters: |
|
---|---|
Raises: |
|
Parameters: |
|
---|---|
Raises: |
|
Bases: object
Simple client that is used in bin/swift-dispersion-* and container sync
Bases: exceptions.Exception
Exception raised on invalid responses to InternalClient.make_request().
Parameters: |
|
---|
For usage with container sync
For usage with container sync
Bases: object
Main class for performing commands on groups of servers.
Parameters: | servers – list of server names as strings |
---|
alias for reload
Find and return the decorated method named like cmd
Parameters: | cmd – the command to get, a string, if not found raises UnknownCommandError |
---|
stop a server (no error if not running)
Get all publicly accessible commands
Returns: | a list of string tuples (cmd, help), the method names who are decorated as commands |
---|
start a server interactively
spawn server and return immediately
start server and run one pass on supporting daemons
graceful shutdown then restart on supporting servers
stops then restarts server
Find the named command and run it
Parameters: | cmd – the command name to run |
---|
allow current requests to finish on supporting servers
starts a server
display status of tracked pids for server
stops a server
Bases: object
Manage operations on a server or group of servers of similar type
Parameters: | server – name of server |
---|
Get conf files for this server
Param : | number, if supplied will only lookup the nth server |
---|---|
Returns: | list of conf files |
Translate pid_file to a corresponding conf_file
Parameters: | pid_file – a pid_file for this server, a string |
---|---|
Returns: | the conf_file for this pid_file |
Translate conf_file to a corresponding pid_file
Parameters: | conf_file – an conf_file for this server, a string |
---|---|
Returns: | the pid_file for this conf_file |
Get running pids
Returns: | a dict mapping pids (ints) to pid_files (paths) |
---|
wait on spawned procs to terminate
Generator, yields (pid_file, pids)
Kill running pids
Parameters: | graceful – if True, attempt SIGHUP on supporting servers |
---|---|
Returns: | a dict mapping pids (ints) to pid_files (paths) |
Collect conf files and attempt to spawn the processes for this server
Get pid files for this server
Param : | number, if supplied will only lookup the nth server |
---|---|
Returns: | list of pid files |
Send a signal to pids for this server
Parameters: | sig – signal to send |
---|---|
Returns: | a dict mapping pids (ints) to pid_files (paths) |
Launch a subprocess for this server.
Parameters: |
|
---|
:returns : the pid of the spawned process
Display status of server
Param : | pids, if not supplied pids will be populated automatically |
---|---|
Param : | number, if supplied will only lookup the nth server |
Returns: | 1 if server is not running, 0 otherwise |
Send stop signals to pids for this server
Returns: | a dict mapping pids (ints) to pid_files (paths) |
---|
wait on spawned procs to start
Decorator to declare which methods are accessible as commands, commands always return 1 or 0, where 0 should indicate success.
Parameters: | func – function to make public |
---|
Try to increase resource limits of the OS. Move PYTHON_EGG_CACHE to /tmp
Monitor a collection of server pids yielding back those pids that aren’t responding to signals.
Parameters: | server_pids – a dict, lists of pids [int,...] keyed on Server objects |
---|
Why our own memcache client? By Michael Barton
python-memcached doesn’t use consistent hashing, so adding or removing a memcache server from the pool invalidates a huge percentage of cached items.
If you keep a pool of python-memcached client objects, each client object has its own connection to every memcached server, only one of which is ever in use. So you wind up with n * m open sockets and almost all of them idle. This client effectively has a pool for each server, so the number of backend connections is hopefully greatly reduced.
python-memcache uses pickle to store things, and there was already a huge stink about Swift using pickles in memcache (http://osvdb.org/show/osvdb/86581). That seemed sort of unfair, since nova and keystone and everyone else use pickles for memcache too, but it’s hidden behind a “standard” library. But changing would be a security regression at this point.
Also, pylibmc wouldn’t work for us because it needs to use python sockets in order to play nice with eventlet.
Lucid comes with memcached: v1.4.2. Protocol documentation for that version is at:
http://github.com/memcached/memcached/blob/1.4.2/doc/protocol.txt
Bases: eventlet.pools.Pool
Connection pool for Memcache Connections
Bases: object
Simple, consistent-hashed memcache client.
Decrements a key which has a numeric value by delta. Calls incr with -delta.
Parameters: |
|
---|---|
Returns: | result of decrementing |
Raises MemcacheConnectionError: | |
Deletes a key/value pair from memcache.
Parameters: | key – key to be deleted |
---|
Gets the object specified by key. It will also unserialize the object before returning if it is serialized in memcache with JSON, or if it is pickled and unpickling is allowed.
Parameters: | key – key |
---|---|
Returns: | value of the key in memcache |
Gets multiple values from memcache for the given keys.
Parameters: |
|
---|---|
Returns: | list of values |
Increments a key which has a numeric value by delta. If the key can’t be found, it’s added as delta or 0 if delta < 0. If passed a negative number, will use memcached’s decr. Returns the int stored in memcached Note: The data memcached stores as the result of incr/decr is an unsigned int. decr’s that result in a number below 0 are stored as 0.
Parameters: |
|
---|---|
Returns: | result of incrementing |
Raises MemcacheConnectionError: | |
Set a key/value pair in memcache
Parameters: |
|
---|---|
Time : | equivalent to timeout, this parameter is added to keep the signature compatible with python-memcached interface. This implementation will take this value and sign it to the parameter timeout |
Min_compress_len : | |
minimum compress length, this parameter was added to keep the signature compatible with python-memcached interface. This implementation ignores it. |
Sets multiple key/value pairs in memcache.
Parameters: |
|
---|---|
Time : | equalvent to timeout, this parameter is added to keep the signature compatible with python-memcached interface. This implementation will take this value and sign it to parameter timeout |
Min_compress_len : | |
minimum compress length, this parameter was added to keep the signature compatible with python-memcached interface. This implementation ignores it |
Sanitize a timeout value to use an absolute expiration time if the delta is greater than 30 days (in seconds). Note that the memcached server translates negative values to mean a delta of 30 days in seconds (and 1 additional second), client beware.
Miscellaneous utility functions for use in generating responses.
Why not swift.common.utils, you ask? Because this way we can import things from swob in here without creating circular imports.
Bases: object
Iterable that returns the object contents for a large object.
Parameters: |
|
---|
swob.Response will only respond with a 206 status in certain cases; one of those is if the body iterator responds to .app_iter_range().
However, this object (or really, its listing iter) is smart enough to handle the range stuff internally, so we just no-op this out for swob.
Like contextlib.closing(), but doesn’t crash if the object lacks a close() method.
PEP 333 (WSGI) says: “If the iterable returned by the application has a close() method, the server or gateway must call that method upon completion of the current request[.]” This function makes that easier.
Determine the content type to use for an account or container listing response.
Parameters: | req – request object |
---|---|
Returns: | content type as a string (e.g. text/plain, application/json) |
Raises : | HTTPNotAcceptable if the requested content type is not acceptable |
Raises : | HTTPBadRequest if the ‘format’ query param is provided and not valid UTF-8 |
Get parameters from an HTTP request ensuring proper handling UTF-8 encoding.
Parameters: |
|
---|---|
Returns: | HTTP request parameter value (as UTF-8 encoded str, not unicode object) |
Raises : | HTTPBadRequest if param not valid UTF-8 byte sequence |
Returns the prefix for system metadata headers for given server type.
This prefix defines the namespace for headers that will be persisted by backend servers.
Parameters: | server_type – type of backend server i.e. [account|container|object] |
---|---|
Returns: | prefix string for server type’s system metadata headers |
Returns the prefix for user metadata headers for given server type.
This prefix defines the namespace for headers that will be persisted by backend servers.
Parameters: | server_type – type of backend server i.e. [account|container|object] |
---|---|
Returns: | prefix string for server type’s user metadata headers |
Tests if a header key starts with and is longer than the system metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Tests if a header key starts with and is longer than the user or system metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Tests if a header key starts with and is longer than the user metadata prefix for given server type.
Parameters: |
|
---|---|
Returns: | True if the key satisfies the test, False otherwise |
Removes items from a dict whose keys satisfy the given condition.
Parameters: |
|
---|---|
Returns: | a dict, possibly empty, of headers that have been removed |
Utility function to split and validate the request path.
Returns: | result of split_path if everything’s okay |
---|---|
Raises : | HTTPBadRequest if something’s not okay |
Removes the system metadata prefix for a given server type from the start of a header key.
Parameters: |
|
---|---|
Returns: | stripped header key |
Removes the user metadata prefix for a given server type from the start of a header key.
Parameters: |
|
---|---|
Returns: | stripped header key |
Implementation of WSGI Request and Response objects.
This library has a very similar API to Webob. It wraps WSGI request environments and response values into objects that are more friendly to interact with.
Why Swob and not just use WebOb? By Michael Barton
We used webob for years. The main problem was that the interface wasn’t stable. For a while, each of our several test suites required a slightly different version of webob to run, and none of them worked with the then-current version. It was a huge headache, so we just scrapped it.
This is kind of a ton of code, but it’s also been a huge relief to not have to scramble to add a bunch of code branches all over the place to keep Swift working every time webob decides some interface needs to change.
Bases: object
Wraps a Request’s Accept header as a friendly object.
Parameters: | headerval – value of the header as a str |
---|
list of weak references to the object (if defined)
Returns the item from “options” that best matches the accept header. Returns None if no available options are acceptable to the client.
Parameters: | options – a list of content-types the server can respond with |
---|
Bases: UserDict.DictMixin
A dict-like object that proxies requests to a wsgi environ, rewriting header keys to environ keys.
For example, headers[‘Content-Range’] sets and gets the value of headers.environ[‘HTTP_CONTENT_RANGE’]
Bases: dict
A dict that title-cases all keys on the way in, so as to be case-insensitive.
list of weak references to the object (if defined)
Bases: object
Wraps a Request’s If-[None-]Match header as a friendly object.
Parameters: | headerval – value of the header as a str |
---|
list of weak references to the object (if defined)
Bases: object
Wraps a Request’s Range header as a friendly object. After initialization, “range.ranges” is populated with a list of (start, end) tuples denoting the requested ranges.
If there were any syntactically-invalid byte-range-spec values, “range.ranges” will be an empty list, per the relevant RFC:
“The recipient of a byte-range-set that includes one or more syntactically invalid byte-range-spec values MUST ignore the header field that includes that byte-range-set.”
According to the RFC 2616 specification, the following cases will be all considered as syntactically invalid, thus, a ValueError is thrown so that the range header will be ignored. If the range value contains at least one of the following cases, the entire range is considered invalid, ValueError will be thrown so that the header will be ignored.
Every syntactically valid range will be added into the ranges list even when some of the ranges may not be satisfied by underlying content.
Parameters: | headerval – value of the header as a str |
---|
list of weak references to the object (if defined)
This method is used to return multiple ranges for a given length which should represent the length of the underlying content. The constructor method __init__ made sure that any range in ranges list is syntactically valid. So if length is None or size of the ranges is zero, then the Range header should be ignored which will eventually make the response to be 200.
If an empty list is returned by this method, it indicates that there are unsatisfiable ranges found in the Range header, 416 will be returned.
if a returned list has at least one element, the list indicates that there is at least one range valid and the server should serve the request with a 206 status code.
The start value of each range represents the starting position in the content, the end value represents the ending position. This method purposely adds 1 to the end number because the spec defines the Range to be inclusive.
The Range spec can be found at the following link: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.1
Parameters: | length – length of the underlying content |
---|
Bases: object
WSGI Request object.
list of weak references to the object (if defined)
Retrieve and set the accept property in the WSGI environ, as a Accept object
Get and set the swob.ACL property in the WSGI environment
Create a new request object with the given parameters, and an environment otherwise filled in with non-surprising default values.
Parameters: |
|
---|
Get and set the request body str
Get and set the wsgi.input property in the WSGI environment
Calls the application with this request’s environment. Returns the status, headers, and app_iter for the response as a tuple.
Parameters: | application – the WSGI application to call |
---|
Retrieve and set the content-length header as an int
Makes a copy of the request, converting it to a GET.
Calls the application with this request’s environment. Returns a Response object that wraps up the application’s result.
Parameters: | application – the WSGI application to call |
---|
Get and set the HTTP_HOST property in the WSGI environment
Get url for request/response up to path
Retrieve and set the if-match property in the WSGI environ, as a Match object
Retrieve and set the if-modified-since header as a datetime, set it with a datetime, int, or str
Retrieve and set the if-none-match property in the WSGI environ, as a Match object
Retrieve and set the if-unmodified-since header as a datetime, set it with a datetime, int, or str
Properly determine the message length for this request. It will return an integer if the headers explicitly contain the message length, or None if the headers don’t contain a length. The ValueError exception will be raised if the headers are invalid.
Raises: |
|
---|
Get and set the REQUEST_METHOD property in the WSGI environment
Provides QUERY_STRING parameters as a dictionary
Provides the full path of the request, excluding the QUERY_STRING
Get and set the PATH_INFO property in the WSGI environment
Takes one path portion (delineated by slashes) from the path_info, and appends it to the script_name. Returns the path segment.
The path of the request, without host but with query string.
Get and set the QUERY_STRING property in the WSGI environment
Retrieve and set the range property in the WSGI environ, as a Range object
Get and set the HTTP_REFERER property in the WSGI environment
Get and set the HTTP_REFERER property in the WSGI environment
Get and set the REMOTE_ADDR property in the WSGI environment
Get and set the REMOTE_USER property in the WSGI environment
Get and set the SCRIPT_NAME property in the WSGI environment
Validate and split the Request’s path.
Examples:
['a'] = split_path('/a')
['a', None] = split_path('/a', 1, 2)
['a', 'c'] = split_path('/a/c', 1, 2)
['a', 'c', 'o/r'] = split_path('/a/c/o/r', 1, 3, True)
Parameters: |
|
---|---|
Returns: | list of segments with a length of maxsegs (non-existent segments will return as None) |
Raises : | ValueError if given an invalid path |
Provides QUERY_STRING parameters as a dictionary
Provides the account/container/object path, sans API version.
This can be useful when constructing a path to send to a backend server, as that path will need everything after the “/v1”.
Provides the full url of the request
Get and set the HTTP_USER_AGENT property in the WSGI environment
Bases: object
WSGI Response object.
Respond to the WSGI request.
Warning
This will translate any relative Location header value to an absolute URL using the WSGI environment’s HOST_URL as a prefix, as RFC 2616 specifies.
However, it is quite common to use relative redirects, especially when it is difficult to know the exact HOST_URL the browser would have used when behind several CNAMEs, CDN services, etc. All modern browsers support relative redirects.
To skip over RFC enforcement of the Location header value, you may set env['swift.leave_relative_location'] = True in the WSGI environment.
list of weak references to the object (if defined)
Attempt to construct an absolute location.
Retrieve and set the accept-ranges header
Retrieve and set the response app_iter
Retrieve and set the Response body str
Retrieve and set the response charset
Retrieve and set the content-length header as an int
Retrieve and set the content-range header
Retrieve and set the response Content-Type header
Retrieve and set the response Etag header
Get url for request/response up to path
Retrieve and set the last-modified header as a datetime, set it with a datetime, int, or str
Retrieve and set the location header
Retrieve and set the Response status, e.g. ‘200 OK’
Construct a suitable value for WWW-Authenticate response header
If we have a request and a valid-looking path, the realm is the account; otherwise we set it to ‘unknown’.
Bases: object
A dict-like object that returns HTTPException subclasses/factory functions where the given key is the status code.
list of weak references to the object (if defined)
A decorator for translating functions which take a swob Request object and return a Response object into WSGI callables. Also catches any raised HTTPExceptions and treats them as a returned Response.
Miscellaneous utility functions for use with Swift.
Bases: object
Like itertools.chain, but with a close method that will attempt to invoke its sub-iterators’ close methods, if any.
Bases: eventlet.greenpool.GreenPool
GreenPool subclassed to kill its coros when it gets gc’ed
Bases: object
Runs jobs in a pool of green threads, and the results can be retrieved by using this object as an iterator.
This is very similar in principle to eventlet.GreenPile, except it returns results as they become available rather than in the order they were launched.
Correlating results with jobs (if necessary) is left to the caller.
Spawn a job in a green thread on the pile.
Wait timeout seconds for any results to come in.
Parameters: | timeout – seconds to wait for results |
---|---|
Returns: | list of results accrued in that time |
Bases: object
Wrap an iterator to ensure that only one greenthread is inside its next() method at a time.
This is useful if an iterator’s next() method may perform network IO, as that may trigger a greenthread context switch (aka trampoline), which can give another greenthread a chance to call next(). At that point, you get an error like “ValueError: generator already executing”. By wrapping calls to next() with a mutex, we avoid that error.
Bases: object
File-like object that counts bytes read. To be swapped in for wsgi.input for accounting purposes.
Pass read request to the underlying file-like object and add bytes read to total.
Pass readline request to the underlying file-like object and add bytes read to total.
Bases: logging.LoggerAdapter, object
A Logger like object which performs some reformatting on calls to exception(). Can be used to store a threadlocal transaction id and client ip.
Convenience function for syslog priority LOG_NOTICE. The python logging lvl is set to 25, just above info. SysLogHandler is monkey patched to map this log lvl to the LOG_NOTICE syslog priority.
Add extra info to message
The StatsD client prefix defaults to the “name” of the logger. This method may override that default with a specific value. Currently used in the proxy-server to differentiate the Account, Container, and Object controllers.
Factory to create methods which delegate to methods on self.logger.statsd_client (an instance of StatsdClient). The created methods conditionally delegate to a method whose name is given in ‘statsd_func_name’. The created delegate methods are a no-op when StatsD logging is not configured.
Parameters: | statsd_func_name – the name of a method on StatsdClient. |
---|
Bases: weakref
Like a weak reference, but passes through a couple methods that logging handlers need.
Bases: urlparse.ParseResult
Parse results class for urlparse.
Bases: object
A no-op logger for eventlet wsgi.
Bases: object
Wrap an iterator to only yield elements at a rate of N per second.
Parameters: |
|
---|
Bases: logging.Formatter
Custom logging.Formatter will append txn_id to a log message if the record has one and the message does not.
Turns an affinity config value into a function suitable for passing to sort(). After doing so, the array will be sorted with respect to the given ordering.
For example, if affinity_str is “r1=1, r2z7=2, r2z8=2”, then the array will be sorted with all nodes from region 1 (r1=1) first, then all the nodes from region 2 zones 7 and 8 (r2z7=2 and r2z8=2), then everything else.
Note that the order of the pieces of affinity_str is irrelevant; the priority values are what comes after the equals sign.
If affinity_str is empty or all whitespace, then the resulting function will not alter the ordering of the nodes.
Parameters: | affinity_str – affinity config value, e.g. “r1z2=3” or “r1=1, r2z1=2, r2z2=2” |
---|---|
Returns: | single-argument function |
Raises : | ValueError if argument invalid |
Turns a write-affinity config value into a predicate function for nodes. The returned value will be a 1-arg function that takes a node dictionary and returns a true value if it is “local” and a false value otherwise. The definition of “local” comes from the affinity_str argument passed in here.
For example, if affinity_str is “r1, r2z2”, then only nodes where region=1 or where (region=2 and zone=2) are considered local.
If affinity_str is empty or all whitespace, then the resulting function will consider everything local
Parameters: | affinity_str – affinity config value, e.g. “r1z2” or “r1, r2z1, r2z2” |
---|---|
Returns: | single-argument function, or None if affinity_str is empty |
Raises : | ValueError if argument invalid |
Given a devices path and a data directory, yield (path, device, partition) for all files in that directory
Parameters: |
|
---|
A generator returning lines from a file starting with the last line, then the second last line, etc. i.e., it reads lines backwards. Stops when the first line (if any) is read. This is useful when searching for recent activity in very large files.
Parameters: |
|
---|
Get memcache connection pool from the environment (which had been previously set by the memcache middleware
Parameters: | env – wsgi environment dict |
---|---|
Returns: | swift.common.memcached.MemcacheRing from environment |
Log unhandled exceptions, close stdio, capture stdout and stderr.
param logger: Logger object to use
Compute an ETA. Now only if we could also have a progress bar...
Parameters: |
|
---|---|
Returns: | ETA as a tuple of (length of time, unit of time) where unit of time is one of (‘h’, ‘m’, ‘s’) |
Returns default if value is None or ‘auto’. Returns value as an int or raises ValueError otherwise.
Returns True if the value is either True or a string in TRUE_VALUES. Returns False otherwise.
Appends an item to a comma-separated string.
If the comma-separated string is empty/None, just returns item.
Drop ‘buffer’ cache for the given range of the given file.
Parameters: |
|
---|
Sets the userid/groupid of the current process, get session leader, etc.
Parameters: | user – User name to change privileges to |
---|
Update recon cache values
Parameters: |
|
---|
Pre-allocate disk space for a file.
Parameters: |
|
---|
Sync modified file data to disk.
Parameters: | fd – file descriptor |
---|
Sync modified file data and metadata to disk.
Parameters: | fd – file descriptor |
---|
Returns the hexdigest string of the HMAC-SHA1 (RFC 2104) for the request.
Parameters: |
|
---|---|
Returns: | hexdigest str of the HMAC-SHA1 for the request. |
Checks whether poll is available and falls back on select if it isn’t.
Note about epoll:
Review: https://review.openstack.org/#/c/18806/
There was a problem where once out of every 30 quadrillion connections, a coroutine wouldn’t wake up when the client closed its end. Epoll was not reporting the event or it was getting swallowed somewhere. Then when that file descriptor was re-used, eventlet would freak right out because it still thought it was waiting for activity from it in some other coro.
Make a line for logging that matches the documented log line format for backend servers.
Parameters: |
|
---|---|
Returns: | a properly formated line for logging. |
Get the current system logger using config settings.
Log config and defaults:
log_facility = LOG_LOCAL0
log_level = INFO
log_name = swift
log_udp_host = (disabled)
log_udp_port = logging.handlers.SYSLOG_UDP_PORT
log_address = /dev/log
log_statsd_host = (disabled)
log_statsd_port = 8125
log_statsd_default_sample_rate = 1.0
log_statsd_sample_rate_factor = 1.0
log_statsd_metric_prefix = (empty-string)
Parameters: |
|
---|
Returns information about the swift cluster that has been previously registered with the register_swift_info call.
Parameters: |
|
---|---|
Returns: | dictionary of information about the swift cluster. |
Get a nomralized length of time in the largest unit of time (hours, minutes, or seconds.)
Parameters: | time_amount – length of time in seconds |
---|---|
Returns: | A touple of (length of time, unit of time) where unit of time is one of (‘h’, ‘m’, ‘s’) |
Get valid parts of utf-8 str from str, unicode and even invalid utf-8 str
Parameters: | str_or_unicode – a string or an unicode which can be invalid utf-8 |
---|
Get the canonical hash for an account/container/object
Parameters: |
|
---|---|
Returns: | hash string |
Returns the number in a human readable format; for example 1048576 = “1Mi”.
Test whether a path is a mount point. This will catch any exceptions and translate them into a False return value Use ismount_raw to have the exceptions raised instead.
Test whether a path is a mount point. Whereas ismount will catch any exceptions and just return False, this raw version will not catch exceptions.
This is code hijacked from C Python 2.6.8, adapted to remove the extra lstat() system call.
Get a value from the wsgi environment
Parameters: |
|
---|---|
Returns: | the value from the environment |
Splits the str given and returns a properly stripped list of the comma separated values.
Attempt to find the function in libc, otherwise return a no-op func.
Parameters: | func_name – name of the function to pull from libc. |
---|
Context manager that acquires a lock on a file. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
Parameters: |
|
---|
Context manager that acquires a lock on the parent directory of the given file path. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
Parameters: |
|
---|
Context manager that acquires a lock on a directory. This will block until the lock can be acquired, or the timeout time has expired (whichever occurs first).
For locking exclusively, file or directory has to be opened in Write mode. Python doesn’t allow directories to be opened in Write Mode. So we workaround by locking a hidden file in the directory.
Parameters: |
|
---|
Ensures the path is a directory or makes it if not. Errors if the path exists but is a file or on permissions failure.
Parameters: | path – path to create |
---|
Format a timestamp (string or numeric) into a standardized xxxxxxxxxx (10) format.
Note that timestamps less than 0000000000 are raised to 0000000000 and values greater than November 20th, 2286 at 17:46:39 UTC will be capped at that date and time, resulting in no return value exceeding 9999999999.
This cap is because the expirer is already working through a sorted list of strings that were all a length of 10. Adding another digit would mess up the sort and cause the expirer to break from processing early. By 2286, this problem will need to be fixed, probably by creating an additional .expiring_objects account to work from with 11 (or more) digit container names.
Parameters: | timestamp – unix timestamp |
---|---|
Returns: | normalized timestamp as a string |
Format a timestamp (string or numeric) into a standardized xxxxxxxxxx.xxxxx (10.5) format.
Note that timestamps using values greater than or equal to November 20th, 2286 at 17:46 UTC will use 11 digits to represent the number of seconds.
Parameters: | timestamp – unix timestamp |
---|---|
Returns: | normalized timestamp as a string |
Takes a dict from a container listing and overrides the content_type, bytes fields if swift_bytes is set.
Parse a content-type and its parameters into values. RFC 2616 sec 14.17 and 3.7 are pertinent.
Examples:
'text/plain; charset=UTF-8' -> ('text/plain', [('charset, 'UTF-8')])
'text/plain; charset=UTF-8; level=1' ->
('text/plain', [('charset, 'UTF-8'), ('level', '1')])
Parameters: | content_type – content_type to parse |
---|---|
Returns: | a typle containing (content type, list of k, v parameter tuples) |
Parse standard swift server/daemon options with optparse.OptionParser.
Parameters: |
|
---|
Raises SystemExit: | |
---|---|
First arg (CONFIG) is required, file must exist |
Decorator to declare which methods are publicly accessible as HTTP requests
Parameters: | func – function to make public |
---|
Function that will check if item is a dict, and if so put it under cache_entry[key]. We use nested recon cache entries when the object auditor runs in ‘once’ mode with a specified subset of devices.
Number of successful backend requests needed for the proxy to consider the client request successful.
Patched version of urllib.quote that encodes utf-8 strings before quoting
Will eventlet.sleep() for the appropriate time so that the max_rate is never exceeded. If max_rate is 0, will not ratelimit. The maximum recommended rate should not exceed (1000 * incr_by) a second as eventlet.sleep() does involve some overhead. Returns running_time that should be used for subsequent calls.
Parameters: |
|
---|
Read config file(s) and return config items as a dict
Parameters: |
|
---|---|
Returns: | dict of config items |
Registers information about the swift cluster to be retrieved with calls to get_swift_info.
Parameters: |
|
---|
Consume the first item from an iterator, then re-chain it to the rest of the iterator. This is useful when you want to make sure the prologue to downstream generators have been executed before continuing.
Parameters: | iterable – an iterable object |
---|
Quiet wrapper for os.unlink, OSErrors are suppressed
Parameters: | path – first and only argument passed to os.unlink |
---|
Attempt to fix / hide race conditions like empty object directories being removed by backend processes during uploads, by retrying.
Parameters: |
|
---|
Decorator to declare which methods are accessible for different type of servers:
Parameters: | func – function to mark accessible for replication |
---|
Transform ip string to an rsync-compatible form
Will return ipv4 addresses unchanged, but will nest ipv6 addresses inside square brackets.
Parameters: | ip – an ip string (ipv4 or ipv6) |
---|---|
Returns: | a string ip address |
Look in root, for any files/dirs matching glob, recursively traversing any found directories looking for files ending with ext
Parameters: |
|
---|---|
Returns: | list of full paths to matching files, sorted |
Validate and split the given HTTP request path.
Examples:
['a'] = split_path('/a')
['a', None] = split_path('/a', 1, 2)
['a', 'c'] = split_path('/a/c', 1, 2)
['a', 'c', 'o/r'] = split_path('/a/c/o/r', 1, 3, True)
Parameters: |
|
---|---|
Returns: | list of segments with a length of maxsegs (non-existent segments will return as None) |
Raises : | ValueError if given an invalid path |
Get the storage directory
Parameters: |
|
---|---|
Returns: | Storage directory |
Constant-time string comparison.
Params s1: | the first string |
---|---|
Params s2: | the second string |
Returns: | True if the strings are equal. |
This function takes two strings and compares them. It is intended to be used when doing a comparison for authentication purposes to help guard against timing attacks.
Returns a decorator that logs timing events or errors for public methods in swift’s wsgi server controllers, based on response code.
Hack to work around Eventlet’s tpool not catching and reraising Timeouts.
Remove any file in a given path that that was last modified before mtime.
Parameters: | path – path to remove file from |
---|---|
Mtime : | timestamp of oldest file to keep |
urlparse augmentation. This is necessary because urlparse can’t handle RFC 2732 URLs.
Parameters: | url – URL to parse. |
---|
Validate that a device and a partition are valid and won’t lead to directory traversal when used.
Parameters: |
|
---|---|
Raises : | ValueError if given an invalid device or partition |
Validates an X-Container-Sync-To header value, returning the validated endpoint, realm, and realm_key, or an error string.
Parameters: |
|
---|---|
Returns: | A tuple of (error_string, validated_endpoint, realm, realm_key). The error_string will None if the rest of the values have been validated. The validated_endpoint will be the validated endpoint to sync to. The realm and realm_key will be set if validation was done through realms_conf. |
Get the machine’s ip addresses
Returns: | list of Strings of ip addresses |
---|
Write contents to file at path
Parameters: |
|
---|
Ensure that a pickle file gets written to disk. The file is first written to a tmp location, ensure it is synced to disk, then perform a move to its final location
Parameters: |
|
---|
WSGI tools for use with swift.
Bases: swift.common.wsgi.NamedConfigLoader
Read configuration from multiple files under the given path.
Bases: paste.deploy.loadwsgi.ConfigLoader
Patch paste.deploy’s ConfigLoader so each context object will know what config section it came from.
Bases: object
This class provides a number of utility methods for modifying the composition of a wsgi pipeline.
Creates a context for a filter that can subsequently be added to a pipeline context.
Parameters: | entry_point_name – entry point of the middleware (Swift only) |
---|---|
Returns: | a filter context |
Returns the first index of the given entry point name in the pipeline.
Raises ValueError if the given module is not in the pipeline.
Inserts a filter module into the pipeline context.
Parameters: |
|
---|
Tests if the pipeline starts with the given entry point name.
Parameters: | entry_point_name – entry point of middleware or app (Swift only) |
---|---|
Returns: | True if entry_point_name is first in pipeline, False otherwise |
Bases: eventlet.greenpool.GreenPool
Works the same as GreenPool, but if the size is specified as one, then the spawn_n() method will invoke waitall() before returning to prevent the caller from doing any other work (like calling accept()).
Bases: object
This class provides a means to provide context (scope) for a middleware filter to have access to the wsgi start_response results like the request status and headers.
Bind socket to bind ip:port in conf
Parameters: |
|
---|
Loads common settings from conf Sets the logger Loads the request processor
Parameters: |
|
---|---|
Returns: | the loaded application entry point |
Raises ConfigFileError: | |
Exception is raised for config file error |
Loads a context from a config file, and if the context is a pipeline then presents the app with the opportunity to modify the pipeline.
Returns a new fresh WSGI environment.
Parameters: |
|
---|---|
Returns: | Fresh WSGI environment. |
Same as make_env() but with preauthorization.
Same as make_subrequest() but with preauthorization.
Makes a new swob.Request based on the current env but with the parameters specified.
Parameters: |
|
---|---|
Returns: | Fresh swob.Request object. |
mimetools.Message defaults content-type to “text/plain” This changes it to default to None, so we can detect missing headers.
Runs the server using the specified number of workers.
Parameters: |
|
---|---|
Returns: | 0 if successful, nonzero otherwise |
Wrap a function whos first argument is a paste.deploy style config uri, such that you can pass it an un-adorned raw filesystem path and the config directive (either config: or config_dir:) will be added automatically based on the type of filesystem entity at the given path (either a file or directory) before passing it through to the paste.deploy function.