public SecurityDescriptor(Sid owner, Sid group, Acl dacl, Acl sacl) : this() { this.Owner = owner; this.Group = group; this.Dacl = dacl; this.Sacl = sacl; }
/// <summary> /// Constructs a new ReadObjectStreamResponse /// </summary> /// <param name="s">The object content stream</param> /// <param name="contentType">The MIME type of the stream</param> /// <param name="length">The length. Set to -1 if unknown.</param> /// <param name="meta">The object metadata</param> /// <param name="acl">The object's ACL</param> /// <param name="extent">The extent that was read, or null</param> /// <param name="response">the HTTP response object to close the connection</param> /// <param name="checksum">The content checksum if the Atmos server had one stored</param> public ReadObjectStreamResponse(Stream s, string contentType, long length, MetadataList meta, Acl acl, Extent extent, HttpWebResponse response, string checksum) { this.Content = s; this.ContentType = contentType; this.Length = length; this.Metadata = meta; this.Acl = acl; this.response = response; this.ContentChecksum = checksum; }
public override void ExecuteCmdlet() { ConfirmAction( Force.IsPresent, string.Format(Resources.SettingDataLakeStoreItemAcl, Path.OriginalPath), string.Format(Resources.SetDataLakeStoreItemAcl, Path.OriginalPath), Path.OriginalPath, () => DataLakeStoreFileSystemClient.SetAcl(Path.TransformedPath, Account, Acl.GetAclSpec())); }
public override int GetHashCode() { int result = 17; int ret = GetType().GetHashCode(); result = 37 * result + ret; ret = Acl.GetHashCode(); result = 37 * result + ret; ret = Stat.GetHashCode(); result = 37 * result + ret; return(result); }
/// <summary> /// New API: obsoletes Public and Private Command, Commandlet has changed too /// </summary> /// <param name="cmd"></param> /// <returns></returns> public bool AddCommand(Commandlet cmd) { if (cmd.AccessString != null && Acl != null) { Acl.AddAccessString(cmd.AccessString); } if (!commands.ContainsKey(cmd.Command)) { commands.Add(cmd.Command, cmd); return(true); } return(false); }
public void CreateBucket(string bucketName, Acl acl) { try { var client = new OssClient(_endPoint, _accessKeyId, _accessKeySecret); client.CreateBucket(bucketName); client.SetBucketAcl(bucketName, (CannedAccessControlList)acl); } catch (Exception e) { throw new Exception(e.Message); } }
public void TestDomainJoinRolePositive() { // This should test positively because while the userSID is only granted one of the permissions (create computer), // the group SID ending with "-1440" has all of them, and the assertor will search groups. Acl dacl = this.sdd.GetDacl(); DaclAssertor assertor = new DaclAssertor(dacl, true); List <SID> groupSiDs = this.groupSIDList.Select(s => SID.Parse(GetSidAsByteBuffer(s))).ToList(); DomainJoinRoleAssertion djAssertion = new DomainJoinRoleAssertion(this.userSID, false, groupSiDs); bool result = assertor.DoAssert(djAssertion); Assert.True(result); }
/// <summary> /// Constructor. /// </summary> public NewNtTokenCmdlet() { AuthenticationId = NtToken.LocalSystemAuthId; TokenType = TokenType.Primary; ExpirationTime = DateTime.Now.AddYears(10); Groups = new Sid[0]; Privileges = new TokenPrivilegeValue[0]; DefaultAcl = new Acl(); DefaultAcl.AddAccessAllowedAce(GenericAccessRights.GenericAll, AceFlags.None, "SY"); DefaultAcl.AddAccessAllowedAce(GenericAccessRights.GenericAll, AceFlags.None, "BA"); IntegrityLevel = TokenIntegrityLevel.System; SecurityQualityOfService = new SecurityQualityOfService(SecurityImpersonationLevel.Anonymous, SecurityContextTrackingMode.Static, false); }
public static Entity CreateTileTemplate(Vector3 position) { var tileTemplate = EntityBuilder.Begin() .AddPositionComponent(position, CommonRequirementSets.PhysicsOnly) .AddMetadataComponent(entityType: SimulationSettings.TilePrefabName) .SetPersistence(true) .SetReadAcl(Acl.MakeRequirementSet(CommonAttributeSets.Physics, CommonAttributeSets.Visual, Acl.MakeAttributeSet("turret_rotation"))) .AddComponent(new Improbable.Demo.PositionColor.Data(0), CommonRequirementSets.PhysicsOnly) .AddComponent(new Improbable.Demo.CheckOutColor.Data(new List <uint>()), CommonRequirementSets.PhysicsOnly) .Build(); return(tileTemplate); }
private bool _addResultCanExecute() { if (!Acl.IsGranted(AnalysisRights.AnalysisAddResult)) { return(false); } if (Workflow.CurrentStage != SampleTestWorkflow.Running) { return(false); } return(true); }
/// <summary> /// Serialize <see cref="Acl"/>. /// </summary> /// <param name="acl"><see cref="Acl"/> to serialize</param> private void SerializeAcl(Acl acl) { bool isNull = acl == null; this.binaryWriter.Write((bool)isNull); if (!isNull) { Id id = acl.Id; this.binaryWriter.Write(id.Scheme); this.binaryWriter.Write(id.Identifier); this.binaryWriter.Write((int)acl.Perms); } }
public static TokenHandle Create( TokenAccess access, string name, ObjectFlags objectFlags, DirectoryHandle rootDirectory, TokenType tokenType, Luid authenticationId, long expirationTime, Sid user, Sid[] groups, PrivilegeSet privileges, Sid owner, Sid primaryGroup, Acl defaultDacl, TokenSource source ) { TokenUser tokenUser = new TokenUser(user); TokenGroups tokenGroups = new TokenGroups(groups); TokenPrivileges tokenPrivileges = new TokenPrivileges(privileges); TokenOwner tokenOwner = new TokenOwner(owner); TokenPrimaryGroup tokenPrimaryGroup = new TokenPrimaryGroup(primaryGroup); TokenDefaultDacl tokenDefaultDacl = new TokenDefaultDacl(defaultDacl); ObjectAttributes oa = new ObjectAttributes(name, objectFlags, rootDirectory); IntPtr handle; try { Win32.NtCreateToken( out handle, access, ref oa, tokenType, ref authenticationId, ref expirationTime, ref tokenUser, ref tokenGroups, ref tokenPrivileges, ref tokenOwner, ref tokenPrimaryGroup, ref tokenDefaultDacl, ref source ).ThrowIf(); } finally { oa.Dispose(); } return(new TokenHandle(handle, true)); }
private void InsertRecord(AzRecord r) { var record = new Acl { AceType = r.Reaction, Action = r.ActionId, Object = r.ObjectId ?? string.Empty, Subject = r.SubjectId, Tenant = r.Tenant }; CoreDbContext.AddOrUpdate(r => r.Acl, record); CoreDbContext.SaveChanges(); }
public override void ExecuteCmdlet() { var aclSpec = ParameterSetName.Equals(BaseParameterSetName) ? Acl.GetAclSpec() : string.Format("{0}{1}:{2}:{3}", Default ? "default:" : string.Empty, AceType, Id, DataLakeStoreItemPermissionInstance.GetPermissionString(Permissions)).ToLowerInvariant(); ConfirmAction( string.Format(Resources.SetDataLakeStoreItemAcl, Path.OriginalPath), Path.OriginalPath, () => DataLakeStoreFileSystemClient.ModifyAcl(Path.TransformedPath, Account, aclSpec)); }
public override int GetHashCode() { int result = 17; int ret = GetType().GetHashCode(); result = 37 * result + ret; ret = Path.GetHashCode(); result = 37 * result + ret; ret = Acl.GetHashCode(); result = 37 * result + ret; ret = (int)Version; result = 37 * result + ret; return(result); }
public void Parse_Defaults() { const string acl = @"[{ ""subjects"": [ ], ""permissions"": { } }]"; IReadOnlyList <Acl> result = Acl.Parse(acl, LedgerPath.Parse("/root/path/"), new KeyEncoder(111)); Assert.Equal(1, result.Count); Assert.Equal("", result[0].RecordName.Pattern); Assert.Equal(PatternMatchingStrategy.Prefix, result[0].RecordName.MatchingStrategy); Assert.Equal(true, result[0].Recursive); Assert.Equal(0, result[0].Subjects.Count); Assert.Equal(Access.Unset, result[0].Permissions.AccountModify); Assert.Equal(Access.Unset, result[0].Permissions.AccountSpend); Assert.Equal(Access.Unset, result[0].Permissions.AccountModify); Assert.Equal(Access.Unset, result[0].Permissions.DataModify); }
public void Parse_Success() { IReadOnlyList <Acl> result = Acl.Parse(GetValidAcl(), LedgerPath.Parse("/root/path/"), new KeyEncoder(111)); Assert.Equal(1, result.Count); Assert.Equal("/root/path/", result[0].Path.FullPath); Assert.Equal("name", result[0].RecordName.Pattern); Assert.Equal(PatternMatchingStrategy.Exact, result[0].RecordName.MatchingStrategy); Assert.Equal(true, result[0].Recursive); Assert.Equal(1, result[0].Subjects.Count); Assert.Equal(Access.Permit, result[0].Permissions.AccountModify); Assert.Equal(Access.Permit, result[0].Permissions.AccountSpend); Assert.Equal(Access.Permit, result[0].Permissions.AccountModify); Assert.Equal(Access.Permit, result[0].Permissions.DataModify); }
public static SnapshotEntity CreatePlayerCreatorTemplate() { var entityTemplate = new SnapshotEntity { Prefab = SimulationSettings.PlayerCreatorPrefabName }; entityTemplate.Add(new WorldTransform.Data(Coordinates.ZERO, new Quaternion(0, 0, 0, 0))); entityTemplate.Add(new PlayerCreation.Data()); var acl = Acl.GenerateServerAuthoritativeAcl(entityTemplate); entityTemplate.SetAcl(acl); return(entityTemplate); }
public static SnapshotEntity CreateCubeEntityTemplate(Coordinates spawnPosition) { var entityTemplate = new SnapshotEntity { Prefab = SimulationSettings.CubePrefabName }; entityTemplate.Add(new WorldTransform.Data(spawnPosition, new Quaternion(0, 0, 0, 0))); entityTemplate.Add(new Grabbable.Data(new Option <CurrentGrabberInfo>())); var acl = Acl.GenerateServerAuthoritativeAcl(entityTemplate); entityTemplate.SetAcl(acl); return(entityTemplate); }
public static SnapshotEntity CreateArmchairEntityTemplate(Coordinates spawnPosition, float rotation) { var entityTemplate = new SnapshotEntity { Prefab = SimulationSettings.ArmchairPrefabName }; entityTemplate.Add(new WorldTransform.Data(spawnPosition, MathUtils.ToNativeQuaternion(UnityEngine.Quaternion.Euler(0, rotation, 0)))); entityTemplate.Add(new Grabbable.Data(new Option <CurrentGrabberInfo>())); var acl = Acl.GenerateServerAuthoritativeAcl(entityTemplate); entityTemplate.SetAcl(acl); return(entityTemplate); }
public AclPackage CreateAcl(String repoName, String userName, String aclName) { AclIdentity aclIdentity = new AclIdentity(); aclIdentity.RepositoryName = repoName; aclIdentity.Domain = userName; aclIdentity.Name = aclName; Permission basicReadPermission = new Permission(); basicReadPermission.Name = Permission.READ; basicReadPermission.Type = PermissionType.BASIC; Permission basicDeletePermission = new Permission(); basicDeletePermission.Name = Permission.DELETE; basicDeletePermission.Type = PermissionType.BASIC; List<AclEntry> entryList = new List<AclEntry>(); AclEntry aclEntry = new AclEntry(); aclEntry.AccessType = AccessType.PERMIT; aclEntry.Accessor = "dm_world"; List<Permission> permissionList = new List<Permission>(); permissionList.Add(basicReadPermission); aclEntry.Permissions = permissionList; AclEntry aclEntry1 = new AclEntry(); aclEntry1.AccessType = AccessType.PERMIT; aclEntry1.Accessor = "dm_owner"; List<Permission> permissionList1 = new List<Permission>(); permissionList1.Add(basicDeletePermission); aclEntry1.Permissions = permissionList1; entryList.Add(aclEntry); entryList.Add(aclEntry1); Acl acl = new Acl(); acl.Identity = aclIdentity; acl.Description = "a test acl" + System.DateTime.Now.Ticks; // acl.setType(AclType.REGULAR); // defaults to REGULAR // acl.setVisibility(AclVisibility.PRIVATE); // defaults to PRIVATE acl.Entries = entryList; AclPackage aclPackage = new AclPackage(); List<Acl> aclList = new List<Acl>(); aclList.Add(acl); aclPackage.Acls = aclList; return accessControlService.Create(aclPackage); }
private void ParseAcl(string acl) { //and example of a real acl string: //user::rw-,user:6b157067-78b0-4478-ba7b-ade5c66f1a9a:rwx,group::r--,mask::rwx,other::--- Acl.Clear(); if (acl == null) { return; } foreach (string textForm in acl.Split(',')) { bool isDefault = textForm.StartsWith("default:"); string processForm = isDefault ? textForm.Substring(8) : textForm; var entry = new AclEntry(processForm); if (entry.ObjectId == null) { //special entry if (entry.Type == "user") { OwningUserPermissions = entry; } else if (entry.Type == "group") { OwningGroupPermissions = entry; } //ignore other special objects as they're not important } else { //push ID'd objects to the rest of the ACL if (isDefault) { DefaultAcl.Add(entry); } else { Acl.Add(entry); } } } }
public override int GetHashCode() { var result = 17; int ret = GetType().GetHashCode(); result = 37 * result + ret; ret = Path.GetHashCode(); result = 37 * result + ret; ret = Data.GetHashCode(); result = 37 * result + ret; ret = Acl.GetHashCode(); result = 37 * result + ret; ret = Flags; result = 37 * result + ret; return(result); }
public static SnapshotEntity CreateIndividualTemplate(Coordinates initialPosition) { var template = new SnapshotEntity { Prefab = SimulationSettings.PlayerPrefabName }; template.Add(new TransformComponent.Data(initialPosition, (uint)0)); var permissions = Acl.Build() .SetReadAccess(CommonPredicates.PhysicsOrVisual) .SetWriteAccess <TransformComponent>(CommonPredicates.PhysicsOnly); template.SetAcl(permissions); return(template); }
public static string ToString(Acl acl) { var sb = new StringBuilder(); sb.AppendFormat(CultureInfo.InvariantCulture, "Acl[AceCount={0}, AceEntries=", acl.AceItems.Count); sb.AppendLine(); for (int i = 0; i < acl.AceItems.Count; i++) { sb.AppendFormat(CultureInfo.InvariantCulture, "#{0} {1}", i, ToString(acl.AceItems[i])); sb.AppendLine(); } sb.AppendLine("]"); return(sb.ToString()); }
/// <summary> /// Converts the specified string to ACL /// </summary> /// <param name="aclStr">ACL in string</param> /// <param name="acl">Converted ACL</param> public static void FromString(string aclStr, out Acl acl) { if (aclStr == null) { throw new ArgumentNullException("aclStr"); } string[] aclpieces = aclStr.Split(','); if (aclpieces.Length < 3) { throw new ArgumentException("Acl string is not in expected format", "aclStr"); } acl = new Acl(int.Parse(aclpieces[0]), new Id(aclpieces[1], aclpieces[2])); }
private List <Acl> ConvertToAcl(List <org.apache.zookeeper.data.ACL> innerAcl) { var result = new List <Acl>(); // ReSharper disable once ForeachCanBeConvertedToQueryUsingAnotherGetEnumerator foreach (var resultAcl in innerAcl) { var resultId = resultAcl.getId(); var acl = new Acl((AclPerm)resultAcl.getPerms(), (AclScheme)Enum.Parse(typeof(AclScheme), resultId.getScheme().ToUpper(), true), new AclId(resultId.getId()) ); result.Add(acl); } return(result); }
public void testDomainJoinRoleNegative_Denials() { // This should test negatively because the userSID is denied one of the permissions (create computer), // within the OU the Sddl was pulled from (not inherited). Acl dacl = this.sddlDenials.GetDacl(); DaclAssertor assertor = new DaclAssertor(dacl, true); List <SID> groupSiDs = this.groupSIDList.Select(s => SID.Parse(GetSidAsByteBuffer(s))).ToList(); DomainJoinRoleAssertion djAssertion = new DomainJoinRoleAssertion(this.userSID, false, groupSiDs); bool result = assertor.DoAssert(djAssertion); Assert.False(result); // should be 1 of them Assert.Single(assertor.GetUnsatisfiedAssertions()); }
public override int GetHashCode() { int result = 17; int ret = GetType().GetHashCode(); result = 37 * result + ret; ret = Path.GetHashCode(); result = 37 * result + ret; ret = Data.GetHashCode(); result = 37 * result + ret; ret = Acl.GetHashCode(); result = 37 * result + ret; ret = (Ephemeral)?0:1; result = 37 * result + ret; return(result); }
/// <summary> /// Get the source of inherited ACEs. /// </summary> /// <param name="name">The name of the resource.</param> /// <param name="type">The type of the resource.</param> /// <param name="container">Whether the resource is a container.</param> /// <param name="object_types">Optional list of object types.</param> /// <param name="security_descriptor">The security descriptor for the resource.</param> /// <param name="sacl">True to check the SACL otherwise checks the DACL.</param> /// <param name="generic_mapping">Generic mapping for the resource.</param> /// <param name="query_security">Query security descriptors for sources.</param> /// <param name="throw_on_error">True to throw on error.</param> /// <returns>The list of inheritance sources.</returns> public static NtResult <IEnumerable <SecurityDescriptorInheritanceSource> > GetInheritanceSource( string name, SeObjectType type, bool container, Guid[] object_types, SecurityDescriptor security_descriptor, bool sacl, GenericMapping generic_mapping, bool query_security, bool throw_on_error) { Acl acl = sacl ? security_descriptor.Sacl : security_descriptor.Dacl; if (acl == null || acl.NullAcl) { return(NtStatus.STATUS_INVALID_ACL.CreateResultFromError <IEnumerable <SecurityDescriptorInheritanceSource> >(throw_on_error)); } using (var list = new DisposableList()) { SafeGuidArrayBuffer guids = SafeGuidArrayBuffer.Null; if (object_types?.Length > 0) { guids = list.AddResource(new SafeGuidArrayBuffer(object_types)); } NtType native_type = GetNativeType(type); INHERITED_FROM[] inherited_from = new INHERITED_FROM[acl.Count]; NtStatus status = NtStatus.STATUS_INVALID_PARAMETER; try { status = Win32NativeMethods.GetInheritanceSource(name, type, sacl ? SecurityInformation.Sacl : SecurityInformation.Dacl, container, guids, guids.Count, acl.ToByteArray(), IntPtr.Zero, ref generic_mapping, inherited_from).MapDosErrorToStatus(); return(status.CreateResult(throw_on_error, () => (IEnumerable <SecurityDescriptorInheritanceSource>)inherited_from .Select((s, i) => new SecurityDescriptorInheritanceSource(acl[i], s, type, native_type, container, query_security, sacl)).Where(s => s.Depth != -1).ToArray())); } finally { if (status.IsSuccess()) { Win32NativeMethods.FreeInheritedFromArray(inherited_from, (ushort)inherited_from.Length, IntPtr.Zero); } } } }
private IReadOnlyList <Acl> TranslateZkprAclListToRMAclList(IReadOnlyList <Acl> zkprAcls) { if (zkprAcls == null || zkprAcls.Any <Acl>() == false) { return(null); } List <Acl> rmAcls = new List <Acl>(); foreach (Acl a in zkprAcls) { Acl rmAcl = this.TranslateZkprAclToRmAcl(a); rmAcls.Add(rmAcl); } return(rmAcls as IReadOnlyList <Acl>); }
public EditableAcl(AccessControl acl) { OwnerUser = new EditableAclEntry(acl.OwningUserPermissions); OwnerGroup = new EditableAclEntry(acl.OwningGroupPermissions); OwnerUser.Identity = acl.OwnerUserId; OwnerGroup.Identity = acl.OwnerGroupId; foreach (AclEntry acle in acl.Acl) { Acl.Add(new EditableAclEntry(acle)); } foreach (AclEntry acle in acl.DefaultAcl) { DefaultAcl.Add(new EditableAclEntry(acle)); } }
public void TestDomainJoinRoleNegative() { // This should test negatively because the userSID is only granted one of the permissions (create computer) // and this test tells the assertor to NOT search groups. Acl dacl = this.sdd.GetDacl(); DaclAssertor assertor = new DaclAssertor(dacl, false); DomainJoinRoleAssertion djAssertion = new DomainJoinRoleAssertion(this.userSID, false, null); bool result = assertor.DoAssert(djAssertion); Assert.False(result); // should be 6 of them List <AceAssertion> unsatisfiedAssertions = assertor.GetUnsatisfiedAssertions(); Assert.Equal(6, unsatisfiedAssertions.Count); }
public void IsMatch_Success() { // Recursive ACL Acl acl = new Acl(new[] { subject }, path, true, new StringPattern("name", PatternMatchingStrategy.Exact), permissions); // Match (recursiveOnly = true) Assert.True(acl.IsMatch(evidence, path, true, "name")); // Match (recursiveOnly = false) Assert.True(acl.IsMatch(evidence, path, false, "name")); // Non-recursive ACL acl = new Acl(new[] { subject }, path, false, new StringPattern("name", PatternMatchingStrategy.Exact), permissions); // Match (recursiveOnly = false) Assert.True(acl.IsMatch(evidence, path, false, "name")); // Error: record non recursive (recursiveOnly = true) Assert.False(acl.IsMatch(evidence, path, true, "name")); // Error: path mismatch Assert.False(acl.IsMatch(evidence, LedgerPath.Parse("/"), false, "name")); // Error: name mismatch Assert.False(acl.IsMatch(evidence, path, false, "n")); // Error: identity mismatch Assert.False(acl.IsMatch(new[] { new SignatureEvidence(ByteString.Parse("ab"), ByteString.Empty) }, path, false, "name")); }
/// <summary> /// Creates a new object in the cloud with the given key (and key-pool). /// </summary> /// <param name="key">the key-pool and key to use for the new object.</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content or a directory.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> /// <returns>the ObjectId of the newly-created object for references by ID.</returns> public ObjectId CreateObjectFromSegmentWithKey(ObjectKey key, Acl acl, MetadataList metadata, ArraySegment<byte> data, String mimeType, Checksum checksum) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, key); Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); // Figure out the mimetype if (mimeType == null) { mimeType = "application/octet-stream"; } headers.Add("Content-Type", mimeType); headers.Add("x-emc-uid", uid); headers.Add("x-emc-pool", key.pool); // Process metadata if (metadata != null) { processMetadata(metadata, headers); } // Add acl if (acl != null) { processAcl(acl, headers); } // Add date addDateHeader(headers); // Checksum if required if (checksum != null) { checksum.Update(data); headers.Add("x-emc-wschecksum", checksum.ToString()); } // Sign request signRequest(con, "POST", resource, headers); // post data Stream s = null; try { con.ContentLength = data.Count; con.SendChunked = false; s = con.GetRequestStream(); s.Write(data.Array, data.Offset, data.Count); s.Close(); } catch (IOException e) { s.Close(); throw new EsuException("Error posting data", e); } // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } // The new object ID is returned in the location response header string location = resp.Headers["location"]; // Parse the value out of the URL MatchCollection m = OBJECTID_EXTRACTOR.Matches(location); if (m.Count > 0) { string id = m[0].Groups[1].Value; log.TraceEvent(TraceEventType.Verbose, 0, "Id: " + id); return new ObjectId(id); } else { throw new EsuException("Could not find ObjectId in " + location); } } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if (resp != null) { resp.Close(); } } return null; }
/// <summary> /// Creates an anonymous access token using the specified policy and ACL /// </summary> /// <param name="id">identifier of the target object for the access token.</param> /// <param name="policy">the token policy for the new access token.</param> /// <param name="acl">the ACL that will be assigned to objects created using this access token.</param> /// <returns>The URL of the access token.</returns> public Uri CreateAccessToken(Identifier id, PolicyType policy, Acl acl) { HttpWebResponse resp = null; try { string resource = context + "/accesstokens"; Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); headers.Add("Content-Type", "application/xml"); headers.Add("x-emc-uid", uid); // Add id if (id != null) { if (id is ObjectId) headers.Add("x-emc-objectid", id.ToString()); else if (id is ObjectPath) headers.Add("x-emc-path", id.ToString()); else throw new EsuException("Only object ID and path are supported with access tokens"); } // Add acl if (acl != null) { processAcl(acl, headers); } // Add date addDateHeader(headers); // Sign request signRequest(con, "POST", resource, headers); // serialize XML Stream memStream = new MemoryStream(); XmlSerializer serializer = new XmlSerializer(typeof(PolicyType)); serializer.Serialize(memStream, policy); memStream.Position = 0; // post data writeRequestBodyFromStream(con, memStream, memStream.Length); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } // The token URL is returned in the location response header string location = resp.Headers["location"]; return buildUrl(location); } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if (resp != null) { resp.Close(); } } return null; }
/// <summary> /// Creates a new object on the server with the contents of the given file, /// acl and metadata. /// </summary> /// <param name="path">The ObjectPath to create the new object on.</param> /// <param name="file">the path to the file to upload</param> /// <param name="acl">the ACL to assign to the new object. Optional. If null, /// the server will generate a default ACL for the file.</param> /// <param name="meta">The metadata to assign to the new object. /// Optional. If null, no user metadata will be assigned to the new object.</param> /// <returns>the identifier of the newly-created object.</returns> public ObjectId CreateObjectOnPath(ObjectPath path, string file, Acl acl, MetadataList meta) { Stream s; // Open the file and call the streaming version try { totalBytes = new FileInfo(file).Length; s = File.OpenRead(file); } catch (FileNotFoundException e) { throw new EsuException("Could not open input file", e); } return CreateObjectOnPath(path, s, acl, meta, true); }
/// <summary> /// Updates an existing object with the contents of the given file, ACL, and /// metadata. /// </summary> /// <param name="id">the identifier of the object to update.</param> /// <param name="file">the path to the file to replace the object's current /// contents with</param> /// <param name="acl">the ACL to update the object with. Optional. If null, /// the ACL will not be modified.</param> /// <param name="metadata">The metadata to assign to the object. /// Optional. If null, no user metadata will be modified.</param> public void UpdateObject( Identifier id, string file, Acl acl, MetadataList metadata ) { // Open the file and call the streaming version Stream s; try { s = File.OpenRead( file ); } catch ( FileNotFoundException e ) { throw new EsuException( "Could not open input file", e ); } totalBytes = new FileInfo( file ).Length; UpdateObject( id, s, acl, metadata, true ); }
/// <summary> /// Creates a new object in the cloud with the given key (and key-pool). /// </summary> /// <param name="key">the key-pool and key to use for the new object.</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content or a directory.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> /// <returns>the ObjectId of the newly-created object for references by ID.</returns> public ObjectId CreateObjectWithKey(ObjectKey key, Acl acl, MetadataList metadata, byte[] data, String mimeType, Checksum checksum) { return CreateObjectFromSegmentWithKey(key, acl, metadata, new ArraySegment<byte>(data, 0, data.Length), mimeType, checksum); }
/// <summary> /// Updates an object in the cloud. /// </summary> /// <param name="id">The ID of the object to update</param> /// <param name="acl">Access control list for the new object. Optional, set to NULL to leave the ACL unchanged.</param> /// <param name="metadata">Metadata list for the new object. Optional, set to NULL for no changes to the metadata.</param> /// <param name="extent">portion of the object to update. May be null to indicate the whole object is to be replaced. If not null, the extent size must match the data size.</param> /// <param name="data">The initial contents of the object. Note that we only read 'streamLength' bytes from the stream and do not close the stream.</param> /// <param name="streamLength">The number of bytes to read from the stream. Must be <= the actual stream length.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> public void UpdateObjectFromStream(Identifier id, Acl acl, MetadataList metadata, Extent extent, Stream data, long streamLength, string mimeType, Checksum checksum) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id); Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); // Figure out the mimetype if (mimeType == null) { mimeType = "application/octet-stream"; } headers.Add("Content-Type", mimeType); headers.Add("x-emc-uid", uid); if (id is ObjectKey) { headers.Add("x-emc-pool", (id as ObjectKey).pool); } //Add extent if needed if (extent != null && !extent.Equals(Extent.ALL_CONTENT)) { long end = extent.Offset + (extent.Size - 1); headers.Add("Range", "Bytes=" + extent.Offset + "-" + end); } // Process metadata if (metadata != null) { processMetadata(metadata, headers); } // Add acl if (acl != null) { processAcl(acl, headers); } // Add date addDateHeader(headers); // Checksum if required if (checksum != null) { if (!data.CanSeek) { throw new EsuException("Cannot checksum a stream that does not support seeking"); } long current = data.Position; byte[] buffer = new byte[64 * 1024]; for (long i = 0; i < streamLength; i += buffer.Length) { if (i + buffer.Length > streamLength) { int bytesToRead = (int)(streamLength - i); int count = data.Read(buffer, 0, bytesToRead); checksum.Update(new ArraySegment<byte>(buffer, 0, count)); } else { int count = data.Read(buffer, 0, buffer.Length); checksum.Update(new ArraySegment<byte>(buffer, 0, count)); } } data.Seek(current, SeekOrigin.Begin); //Checksum ckcopy = checksum.Clone(); headers.Add("x-emc-wschecksum", checksum.ToString()); } // Sign request signRequest(con, "PUT", resource, headers); // post data writeRequestBodyFromStream(con, data, streamLength); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if (resp != null) { resp.Close(); } } }
private void SwapSacl(Acl sacl) { BaseObject.SwapRef(ref _sacl, sacl); }
/// <summary> /// Updates an object in the cloud. /// </summary> /// <param name="id">The ID of the object to update</param> /// <param name="acl">Access control list for the new object. Optional, set to NULL to leave the ACL unchanged.</param> /// <param name="metadata">Metadata list for the new object. Optional, set to NULL for no changes to the metadata.</param> /// <param name="extent">portion of the object to update. May be null to indicate the whole object is to be replaced. If not null, the extent size must match the data size.</param> /// <param name="data">The new contents of the object. May be appended to later. Optional, set to null for no content changes.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> public void UpdateObjectFromSegment(Identifier id, Acl acl, MetadataList metadata, Extent extent, ArraySegment<byte> data, string mimeType) { UpdateObjectFromSegment(id, acl, metadata, extent, data, mimeType, null); }
/// <summary> /// Updates an object in the cloud. /// </summary> /// <param name="id">The ID of the object to update</param> /// <param name="acl">Access control list for the new object. Optional, set to NULL to leave the ACL unchanged.</param> /// <param name="metadata">Metadata list for the new object. Optional, set to NULL for no changes to the metadata.</param> /// <param name="extent">portion of the object to update. May be null to indicate the whole object is to be replaced. If not null, the extent size must match the data size.</param> /// <param name="data">The new contents of the object. May be appended to later. Optional, set to null for no content changes.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> public void UpdateObjectFromSegment(Identifier id, Acl acl, MetadataList metadata, Extent extent, ArraySegment<byte> data, string mimeType, Checksum checksum) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id); Uri u = buildUrl( resource ); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); // Figure out the mimetype if( mimeType == null ) { mimeType = "application/octet-stream"; } headers.Add( "Content-Type", mimeType ); headers.Add( "x-emc-uid", uid ); if (id is ObjectKey) { headers.Add( "x-emc-pool", (id as ObjectKey).pool ); } //Add extent if needed if( extent != null && !extent.Equals( Extent.ALL_CONTENT ) ) { long end = extent.Offset + (extent.Size - 1); headers.Add( "Range", "Bytes=" + extent.Offset + "-" + end ); } // Process metadata if( metadata != null ) { processMetadata( metadata, headers ); } // Add acl if( acl != null ) { processAcl( acl, headers ); } // Add date addDateHeader(headers); // Checksum if required if (checksum != null) { checksum.Update(data); headers.Add("x-emc-wschecksum", checksum.ToString()); } // Sign request signRequest( con, "PUT", resource, headers ); // post data Stream s = null; try { s = con.GetRequestStream(); s.Write( data.Array, data.Offset, data.Count ); s.Close(); } catch( IOException e ) { s.Close(); throw new EsuException( "Error posting data", e ); } // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if( statInt > 299 ) { handleError( resp ); } } catch( UriFormatException e ) { throw new EsuException( "Invalid URL", e ); } catch( IOException e ) { throw new EsuException( "Error connecting to server", e ); } catch( WebException e ) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if( resp != null ) { resp.Close(); } } }
/// <summary> /// Updates an object in the cloud. /// </summary> /// <param name="id">The ID of the object to update</param> /// <param name="acl">Access control list for the new object. Optional, set to NULL to leave the ACL unchanged.</param> /// <param name="metadata">Metadata list for the new object. Optional, set to NULL for no changes to the metadata.</param> /// <param name="extent">portion of the object to update. May be null to indicate the whole object is to be replaced. If not null, the extent size must match the data size.</param> /// <param name="data">The new contents of the object. May be appended to later. Optional, set to null for no content changes.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> public void UpdateObject(Identifier id, Acl acl, MetadataList metadata, Extent extent, byte[] data, string mimeType, Checksum checksum) { ArraySegment<byte> seg = new ArraySegment<byte>(data == null ? new byte[0] : data); UpdateObjectFromSegment(id, acl, metadata, extent, seg, mimeType, checksum); }
/// <summary> /// Sets the access control list on the object. /// </summary> /// <param name="id">The identifier of the object whose ACL to change</param> /// <param name="acl">The new ACL for the object.</param> public void SetAcl( Identifier id, Acl acl ) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id) + "?acl"; Uri u = buildUrl( resource ); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); headers.Add( "x-emc-uid", uid ); if (id is ObjectKey) { headers.Add("x-emc-pool", (id as ObjectKey).pool); } // Add acl if( acl != null ) { processAcl( acl, headers ); } // Add date addDateHeader(headers); // Sign request signRequest( con, "POST", resource, headers ); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if( statInt > 299 ) { handleError( resp ); } } catch( UriFormatException e ) { throw new EsuException( "Invalid URL", e ); } catch( IOException e ) { throw new EsuException( "Error connecting to server", e ); } catch( WebException e ) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if( resp != null ) { resp.Close(); } } }
/// <summary> /// Fetches object content as a stream /// </summary> /// <param name="id">the identifier of the object whose content to read.</param> /// <param name="extent">the portion of the object data to read. Optional. If null, the entire object will be read.</param> /// <returns></returns> public ReadObjectStreamResponse ReadObjectStream(Identifier id, Extent extent) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id); Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); headers.Add("x-emc-uid", uid); if (id is ObjectKey) { headers.Add("x-emc-pool", (id as ObjectKey).pool); } //Add extent if needed if (extent != null && !extent.Equals(Extent.ALL_CONTENT)) { long end = extent.Offset + (extent.Size - 1); headers.Add("Range", "Bytes=" + extent.Offset + "-" + end); } // Add date addDateHeader(headers); // Sign request signRequest(con, "GET", resource, headers); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } string contentChecksum = resp.Headers["x-emc-wschecksum"]; // Parse return headers. Regular metadata is in x-emc-meta and // listable metadata is in x-emc-listable-meta MetadataList meta = new MetadataList(); readMetadata(meta, resp.Headers["x-emc-meta"], false); readMetadata(meta, resp.Headers["x-emc-listable-meta"], true); // Parse return headers. User grants are in x-emc-useracl and // group grants are in x-emc-groupacl Acl acl = new Acl(); readAcl(acl, resp.Headers["x-emc-useracl"], Grantee.GRANTEE_TYPE.USER); readAcl(acl, resp.Headers["x-emc-groupacl"], Grantee.GRANTEE_TYPE.GROUP); long streamLength = resp.ContentLength; return new ReadObjectStreamResponse(resp.GetResponseStream(), resp.ContentType, streamLength, meta, acl, extent, resp, contentChecksum); } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { if (resp != null) { resp.Close(); } throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); if (resp != null) { resp.Close(); } } else { throw new EsuException("Error executing request: " + e.Message, e); } } return null; }
/// <summary> /// Creates a new object in the cloud reading the content a Stream. /// </summary> /// <param name="path">The path to create the new object on</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. Note that we only read 'streamLength' bytes from the stream and do not close the stream.</param> /// <param name="streamLength">The number of bytes to read from the stream. Must be <= the actual stream length.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> /// <returns>Identifier of the newly created object.</returns> public ObjectId CreateObjectFromStreamOnPath(ObjectPath path, Acl acl, MetadataList metadata, Stream data, long streamLength, string mimeType, Checksum checksum) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, path); Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); // Figure out the mimetype if (mimeType == null) { mimeType = "application/octet-stream"; } headers.Add("Content-Type", mimeType); headers.Add("x-emc-uid", uid); // Process metadata if (metadata != null) { processMetadata(metadata, headers); } // Add acl if (acl != null) { processAcl(acl, headers); } // Add date addDateHeader(headers); // Checksum if required if (checksum != null) { if (!data.CanSeek) { throw new EsuException("Cannot checksum a stream that does not support seeking"); } long current = data.Position; byte[] buffer = new byte[64 * 1024]; for (long i = 0; i < streamLength; i += buffer.Length) { if (i + buffer.Length > streamLength) { int bytesToRead = (int)(streamLength - i); int count = data.Read(buffer, 0, bytesToRead); checksum.Update(new ArraySegment<byte>(buffer, 0, count)); } else { int count = data.Read(buffer, 0, buffer.Length); checksum.Update(new ArraySegment<byte>(buffer, 0, count)); } } data.Seek(current, SeekOrigin.Begin); //Checksum ckcopy = checksum.Clone(); headers.Add("x-emc-wschecksum", checksum.ToString()); } // Sign request signRequest(con, "POST", resource, headers); writeRequestBodyFromStream(con, data, streamLength); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } // The new object ID is returned in the location response header string location = resp.Headers["location"]; // Parse the value out of the URL MatchCollection m = OBJECTID_EXTRACTOR.Matches(location); if (m.Count > 0) { string id = m[0].Groups[1].Value; log.TraceEvent(TraceEventType.Verbose, 0, "Id: " + id); return new ObjectId(id); } else { throw new EsuException("Could not find ObjectId in " + location); } } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if (resp != null) { resp.Close(); } } return null; }
/// <summary> /// Creates a new object in the cloud. /// </summary> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <param name="checksum">the checksum object to use to compute checksums. If you're doing incremental updates after the create, include the same object in subsequent calls. Can be null to omit checksums.</param> /// <returns>Identifier of the newly created object.</returns> public ObjectId CreateObject(Acl acl, MetadataList metadata, byte[] data, string mimeType, Checksum checksum) { return CreateObjectFromSegment(acl, metadata, data == null ? new ArraySegment<byte>(new byte[0]) : new ArraySegment<byte>(data), mimeType, checksum); }
private void SwapDacl(Acl dacl) { BaseObject.SwapRef(ref _dacl, dacl); }
/// <summary> /// Creates a new object in the cloud using an ArraySegment. /// </summary> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <returns>Identifier of the newly created object.</returns> public ObjectId CreateObjectFromSegment(Acl acl, MetadataList metadata, ArraySegment<byte> data, string mimeType) { return CreateObjectFromSegment(acl, metadata, data, mimeType, null); }
/// <summary> /// Returns an object's ACL /// </summary> /// <param name="id">The identifier of the object whose ACL to read</param> /// <returns>The object's ACL</returns> public Acl GetAcl( Identifier id ) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id) + "?acl"; Uri u = buildUrl( resource ); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); headers.Add( "x-emc-uid", uid ); if (id is ObjectKey) { headers.Add("x-emc-pool", (id as ObjectKey).pool); } // Add date addDateHeader(headers); // Sign request signRequest( con, "GET", resource, headers ); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if( statInt > 299 ) { handleError( resp ); } // Parse return headers. User grants are in x-emc-useracl and // group grants are in x-emc-groupacl Acl acl = new Acl(); readAcl( acl, resp.Headers["x-emc-useracl"], Grantee.GRANTEE_TYPE.USER ); readAcl( acl, resp.Headers["x-emc-groupacl"], Grantee.GRANTEE_TYPE.GROUP ); return acl; } catch( UriFormatException e ) { throw new EsuException( "Invalid URL", e ); } catch( IOException e ) { throw new EsuException( "Error connecting to server", e ); } catch( WebException e ) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if( resp != null ) { resp.Close(); } } return null; }
private void processAcl( Acl acl, Dictionary<string, string> headers ) { StringBuilder userGrants = new StringBuilder(); StringBuilder groupGrants = new StringBuilder(); foreach( Grant grant in acl ) { if( grant.Grantee.GranteeType == Grantee.GRANTEE_TYPE.USER ) { if( userGrants.Length > 0 ) { userGrants.Append( "," ); } userGrants.Append( grant.ToString() ); } else { if( groupGrants.Length > 0 ) { groupGrants.Append( "," ); } groupGrants.Append( grant.ToString() ); } } headers.Add( "x-emc-useracl", userGrants.ToString() ); headers.Add( "x-emc-groupacl", groupGrants.ToString() ); }
private static void ParseClaims(Acl acl, JObject item) { var sid = item.Property("sid").Value.ToString(); var type = item.Property("type").Value.ToString(); List<Access> allowed = new List<Access>(); List<Access> denied = new List<Access>(); var allowProperty = item.Property("allow"); if (allowProperty != null) { allowProperty .Values() .Select(x => (Access)Enum.Parse(typeof(Access), x.ToString(), true)) .For(x => allowed.Add(x)); } var denyProperty = item.Property("deny"); if (denyProperty != null) { denyProperty .Values() .Select(x => (Access)Enum.Parse(typeof(Access), x.ToString(), true)) .For(x => denied.Add(x)); } ClaimType claimType = (ClaimType)Enum.Parse(typeof(ClaimType), type, true); List<Claim> claims = new List<Claim>(); allowed.For(x => claims.Add(new Claim(Permission.Allow, x, claimType, sid))); denied.For(x => claims.Add(new Claim(Permission.Deny, x, claimType, sid))); acl.SetInternal(claims); }
private void readAcl( Acl acl, string header, EsuApiLib.Grantee.GRANTEE_TYPE type ) { log.TraceEvent(TraceEventType.Verbose, 0, "readAcl: " + header ); string[] grants = header.Split( new string[] { "," }, StringSplitOptions.RemoveEmptyEntries ); for( int i = 0; i < grants.Length; i++ ) { string[] nvpair = grants[i].Split( new string[] { "=" }, 2, StringSplitOptions.RemoveEmptyEntries ); string grantee = nvpair[0]; string permission = nvpair[1]; grantee = grantee.Trim(); // Currently, the server returns "FULL" instead of "FULL_CONTROL". // For consistency, change this to value use in the request if( "FULL".Equals( permission ) ) { permission = Permission.FULL_CONTROL; } log.TraceEvent(TraceEventType.Verbose, 0, "grant: " + grantee + "." + permission + " (" + type + ")" ); Grantee ge = new Grantee( grantee, type ); Grant gr = new Grant( ge, permission ); log.TraceEvent(TraceEventType.Verbose, 0, "Grant: " + gr ); acl.AddGrant( gr ); } }
/// <summary> /// Updates an existing object with the contents of the given stream, ACL, and /// metadata. /// </summary> /// <param name="id">the identifier of the object to update.</param> /// <param name="stream">the stream to replace the object's current /// contents with. The stream will be read until an EOF is encountered.</param> /// <param name="acl">the ACL to update the object with. Optional. If not /// specified, the ACL will not be modified.</param> /// <param name="metadata">The metadata to assign to the object. /// Optional. If null, no user metadata will be modified.</param> /// <param name="closeStream">If true, the stream will be closed after /// the object is updated.</param> public void UpdateObject( Identifier id, Stream stream, Acl acl, MetadataList metadata, bool closeStream ) { this.currentBytes = 0; this.complete = false; this.failed = false; this.error = null; this.closeStream = closeStream; this.stream = stream; if (computeChecksums) { checksum = new Checksum(Checksum.Algorithm.SHA0); } else { checksum = null; } // First call uses a null extent to truncate the file. try { bool eof = ReadChunk(); this.esu.UpdateObjectFromSegment( id, acl, metadata, null, buffer, contentType, checksum ); if ( !eof ) { this.OnProgress( buffer.Count ); } else { // No data in file? Complete this.OnComplete(); return; } // Continue appending this.AppendChunks( id ); } catch ( EsuException e ) { this.OnFail( e ); throw e; } catch ( IOException e ) { this.OnFail( e ); throw new EsuException( "Error updating object", e ); } }
/// <summary> /// Creates a new object in the cloud using a BufferSegment on the /// given path. /// </summary> /// <param name="path">the path to create the object on.</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content or a directory.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <returns>the ObjectId of the newly-created object for references by ID.</returns> public ObjectId CreateObjectFromSegmentOnPath(ObjectPath path, Acl acl, MetadataList metadata, ArraySegment<byte> data, String mimeType) { return CreateObjectFromSegmentOnPath(path, acl, metadata, data, mimeType, null); }
/// <summary> /// Creates a new object on the server with the contents of the given stream, /// acl and metadata. /// </summary> /// <param name="path">The ObjectPath to create the object on.</param> /// <param name="stream">the stream to upload. The stream will be read until /// an EOF is encountered.</param> /// <param name="acl">the ACL to assign to the new object. Optional. If null, /// the server will generate a default ACL for the file.</param> /// <param name="metadata">The metadata to assign to the new object. /// Optional. If null, no user metadata will be assigned to the new object.</param> /// <param name="closeStream">if true, the stream will be closed after /// the transfer completes. If false, the stream will not be closed.</param> /// <returns>the identifier of the newly-created object.</returns> public ObjectId CreateObjectOnPath(ObjectPath path, Stream stream, Acl acl, MetadataList metadata, bool closeStream) { this.currentBytes = 0; this.complete = false; this.failed = false; this.error = null; this.closeStream = closeStream; this.stream = stream; if (computeChecksums) { checksum = new Checksum(Checksum.Algorithm.SHA0); } else { checksum = null; } ObjectId id = null; // First call should be to create object try { bool eof = ReadChunk(); id = this.esu.CreateObjectFromSegmentOnPath(path, acl, metadata, buffer, contentType, checksum); if (!eof) { this.OnProgress(buffer.Count); } else { // No data in file? Complete this.OnComplete(); return id; } // Continue appending this.AppendChunks(path); } catch (EsuException e) { this.OnFail(e); throw e; } catch (IOException e) { this.OnFail(e); throw new EsuException("Error uploading object", e); } return id; }
/// <summary> /// Creates a new object in the cloud with the given key (and key-pool). /// </summary> /// <param name="key">the key-pool and key to use for the new object.</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content or a directory.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <returns>the ObjectId of the newly-created object for references by ID.</returns> public ObjectId CreateObjectFromSegmentWithKey(ObjectKey key, Acl acl, MetadataList metadata, ArraySegment<byte> data, String mimeType) { return CreateObjectFromSegmentWithKey(key, acl, metadata, data, mimeType, null); }
/// <summary> /// Creates a new object in the cloud on the /// given path. /// </summary> /// <param name="path">the path to create the object on.</param> /// <param name="acl">Access control list for the new object. May be null to use a default ACL</param> /// <param name="metadata">Metadata for the new object. May be null for no metadata.</param> /// <param name="data">The initial contents of the object. May be appended to later. May be null to create an object with no content or a directory.</param> /// <param name="mimeType">the MIME type of the content. Optional, may be null. If data is non-null and mimeType is null, the MIME type will default to application/octet-stream.</param> /// <returns>the ObjectId of the newly-created object for references by ID.</returns> public ObjectId CreateObjectOnPath(ObjectPath path, Acl acl, MetadataList metadata, byte[] data, String mimeType) { return CreateObjectFromSegmentOnPath(path, acl, metadata, data == null ? new ArraySegment<byte>(new byte[0]) : new ArraySegment<byte>(data), mimeType, null); }
/// <summary> /// Returns all of an object's metadata and its ACL in /// one call. /// </summary> /// <param name="id">the object's identifier.</param> /// <returns>the object's metadata</returns> public ObjectMetadata GetAllMetadata( Identifier id ) { HttpWebResponse resp = null; try { string resource = getResourcePath(context, id); Uri u = buildUrl(resource); HttpWebRequest con = createWebRequest(u); // Build headers Dictionary<string, string> headers = new Dictionary<string, string>(); headers.Add("x-emc-uid", uid); if (utf8Enabled) headers.Add("x-emc-utf8", "true"); if (id is ObjectKey) { headers.Add("x-emc-pool", (id as ObjectKey).pool); } // Add date addDateHeader(headers); // Sign request signRequest(con, "HEAD", resource, headers); // Check response resp = (HttpWebResponse)con.GetResponse(); int statInt = (int)resp.StatusCode; if (statInt > 299) { handleError(resp); } // Parse return headers. Regular metadata is in x-emc-meta and // listable metadata is in x-emc-listable-meta MetadataList meta = new MetadataList(); readMetadata(meta, resp.Headers["x-emc-meta"], false); readMetadata(meta, resp.Headers["x-emc-listable-meta"], true); // Parse return headers. User grants are in x-emc-useracl and // group grants are in x-emc-groupacl Acl acl = new Acl(); readAcl(acl, resp.Headers["x-emc-useracl"], Grantee.GRANTEE_TYPE.USER); readAcl(acl, resp.Headers["x-emc-groupacl"], Grantee.GRANTEE_TYPE.GROUP); ObjectMetadata om = new ObjectMetadata(); om.ACL = acl; om.Metadata = meta; return om; } catch (UriFormatException e) { throw new EsuException("Invalid URL", e); } catch (IOException e) { throw new EsuException("Error connecting to server", e); } catch (WebException e) { if (e.Response != null) { handleError((HttpWebResponse)e.Response); } else { throw new EsuException("Error executing request: " + e.Message, e); } } finally { if (resp != null) { resp.Close(); } } return null; }