Browse code
Added support for --acl-grant/--acl-revoke to 'sync' command
Michael Tyson authored on 2012/04/17 05:12:49Showing 1 changed files
| ... | ... |
@@ -932,6 +932,11 @@ def cmd_sync_local2remote(args): |
| 932 | 932 |
(item['full_name_unicode'], uri, response["size"], response["elapsed"], |
| 933 | 933 |
speed_fmt[0], speed_fmt[1], seq_label)) |
| 934 | 934 |
total_size += response["size"] |
| 935 |
+ if cfg.acl_grants or cfg.acl_revokes: |
|
| 936 |
+ try: |
|
| 937 |
+ update_acl(s3, uri) |
|
| 938 |
+ except Exception, e: |
|
| 939 |
+ error(u"%s: Error while setting ACL: %s" % e) |
|
| 935 | 940 |
uploaded_objects_list.append(uri.object()) |
| 936 | 941 |
|
| 937 | 942 |
total_elapsed = time.time() - timestamp_start |
| ... | ... |
@@ -970,45 +975,6 @@ def cmd_sync(args): |
| 970 | 970 |
raise ParameterError("Invalid source/destination: '%s'" % "' '".join(args))
|
| 971 | 971 |
|
| 972 | 972 |
def cmd_setacl(args): |
| 973 |
- def _update_acl(uri, seq_label = ""): |
|
| 974 |
- something_changed = False |
|
| 975 |
- acl = s3.get_acl(uri) |
|
| 976 |
- debug(u"acl: %s - %r" % (uri, acl.grantees)) |
|
| 977 |
- if cfg.acl_public == True: |
|
| 978 |
- if acl.isAnonRead(): |
|
| 979 |
- info(u"%s: already Public, skipping %s" % (uri, seq_label)) |
|
| 980 |
- else: |
|
| 981 |
- acl.grantAnonRead() |
|
| 982 |
- something_changed = True |
|
| 983 |
- elif cfg.acl_public == False: # we explicitely check for False, because it could be None |
|
| 984 |
- if not acl.isAnonRead(): |
|
| 985 |
- info(u"%s: already Private, skipping %s" % (uri, seq_label)) |
|
| 986 |
- else: |
|
| 987 |
- acl.revokeAnonRead() |
|
| 988 |
- something_changed = True |
|
| 989 |
- |
|
| 990 |
- # update acl with arguments |
|
| 991 |
- # grant first and revoke later, because revoke has priority |
|
| 992 |
- if cfg.acl_grants: |
|
| 993 |
- something_changed = True |
|
| 994 |
- for grant in cfg.acl_grants: |
|
| 995 |
- acl.grant(**grant); |
|
| 996 |
- |
|
| 997 |
- if cfg.acl_revokes: |
|
| 998 |
- something_changed = True |
|
| 999 |
- for revoke in cfg.acl_revokes: |
|
| 1000 |
- acl.revoke(**revoke); |
|
| 1001 |
- |
|
| 1002 |
- if not something_changed: |
|
| 1003 |
- return |
|
| 1004 |
- |
|
| 1005 |
- retsponse = s3.set_acl(uri, acl) |
|
| 1006 |
- if retsponse['status'] == 200: |
|
| 1007 |
- if cfg.acl_public in (True, False): |
|
| 1008 |
- output(u"%s: ACL set to %s %s" % (uri, set_to_acl, seq_label)) |
|
| 1009 |
- else: |
|
| 1010 |
- output(u"%s: ACL updated" % uri) |
|
| 1011 |
- |
|
| 1012 | 973 |
s3 = S3(cfg) |
| 1013 | 974 |
|
| 1014 | 975 |
set_to_acl = cfg.acl_public and "Public" or "Private" |
| ... | ... |
@@ -1024,7 +990,7 @@ def cmd_setacl(args): |
| 1024 | 1024 |
else: |
| 1025 | 1025 |
info("Setting bucket-level ACL for %s" % (uri.uri()))
|
| 1026 | 1026 |
if not cfg.dry_run: |
| 1027 |
- _update_acl(uri) |
|
| 1027 |
+ update_acl(s3, uri) |
|
| 1028 | 1028 |
else: |
| 1029 | 1029 |
args.append(arg) |
| 1030 | 1030 |
|
| ... | ... |
@@ -1049,7 +1015,7 @@ def cmd_setacl(args): |
| 1049 | 1049 |
seq += 1 |
| 1050 | 1050 |
seq_label = "[%d of %d]" % (seq, remote_count) |
| 1051 | 1051 |
uri = S3Uri(remote_list[key]['object_uri_str']) |
| 1052 |
- _update_acl(uri, seq_label) |
|
| 1052 |
+ update_acl(s3, uri, seq_label) |
|
| 1053 | 1053 |
|
| 1054 | 1054 |
def cmd_accesslog(args): |
| 1055 | 1055 |
s3 = S3(cfg) |
| ... | ... |
@@ -1417,6 +1383,46 @@ def format_commands(progname, commands_list): |
| 1417 | 1417 |
help += " %s\n %s %s %s\n" % (cmd["label"], progname, cmd["cmd"], cmd["param"]) |
| 1418 | 1418 |
return help |
| 1419 | 1419 |
|
| 1420 |
+ |
|
| 1421 |
+def update_acl(s3, uri, seq_label=""): |
|
| 1422 |
+ something_changed = False |
|
| 1423 |
+ acl = s3.get_acl(uri) |
|
| 1424 |
+ debug(u"acl: %s - %r" % (uri, acl.grantees)) |
|
| 1425 |
+ if cfg.acl_public == True: |
|
| 1426 |
+ if acl.isAnonRead(): |
|
| 1427 |
+ info(u"%s: already Public, skipping %s" % (uri, seq_label)) |
|
| 1428 |
+ else: |
|
| 1429 |
+ acl.grantAnonRead() |
|
| 1430 |
+ something_changed = True |
|
| 1431 |
+ elif cfg.acl_public == False: # we explicitely check for False, because it could be None |
|
| 1432 |
+ if not acl.isAnonRead(): |
|
| 1433 |
+ info(u"%s: already Private, skipping %s" % (uri, seq_label)) |
|
| 1434 |
+ else: |
|
| 1435 |
+ acl.revokeAnonRead() |
|
| 1436 |
+ something_changed = True |
|
| 1437 |
+ |
|
| 1438 |
+ # update acl with arguments |
|
| 1439 |
+ # grant first and revoke later, because revoke has priority |
|
| 1440 |
+ if cfg.acl_grants: |
|
| 1441 |
+ something_changed = True |
|
| 1442 |
+ for grant in cfg.acl_grants: |
|
| 1443 |
+ acl.grant(**grant) |
|
| 1444 |
+ |
|
| 1445 |
+ if cfg.acl_revokes: |
|
| 1446 |
+ something_changed = True |
|
| 1447 |
+ for revoke in cfg.acl_revokes: |
|
| 1448 |
+ acl.revoke(**revoke) |
|
| 1449 |
+ |
|
| 1450 |
+ if not something_changed: |
|
| 1451 |
+ return |
|
| 1452 |
+ |
|
| 1453 |
+ retsponse = s3.set_acl(uri, acl) |
|
| 1454 |
+ if retsponse['status'] == 200: |
|
| 1455 |
+ if cfg.acl_public in (True, False): |
|
| 1456 |
+ output(u"%s: ACL set to %s %s" % (uri, set_to_acl, seq_label)) |
|
| 1457 |
+ else: |
|
| 1458 |
+ output(u"%s: ACL updated" % uri) |
|
| 1459 |
+ |
|
| 1420 | 1460 |
class OptionMimeType(Option): |
| 1421 | 1461 |
def check_mimetype(option, opt, value): |
| 1422 | 1462 |
if re.compile("^[a-z0-9]+/[a-z0-9+\.-]+(;.*)?$", re.IGNORECASE).match(value):
|