Module: Fog::Storage::HP::Utils

Included in:

Mock, Real

Defined in:

lib/fog/hp/storage.rb

Instance Method Summary

• #cdn ⇒ Object
• #create_temp_url(container, object, expires, method, options = {}) ⇒ Object

  creates a temporary url.

• #generate_object_temp_url(container, object, expires_secs, method) ⇒ Object

  Get an object http url expiring in the given amount of seconds.

• #get_object_http_url(container, object, expires, options = {}) ⇒ Object

  Get an expiring object http url.

• #get_object_https_url(container, object, expires, options = {}) ⇒ Object

  Get an expiring object https url.

• #header_to_perm_acl(read_header = nil, write_header = nil) ⇒ Object
• #perm_acl_to_header(read_perm_acl, write_perm_acl) ⇒ Object
• #perm_to_acl(perm, users = []) ⇒ Object
• #public_url(container = nil, object = nil) ⇒ Object
• #url ⇒ Object

Instance Method Details

#cdn ⇒ Object

# File 'lib/fog/hp/storage.rb', line 49

def cdn
  unless @hp_cdn_uri.nil?
    @cdn ||= Fog::CDN.new(
      :provider       => 'HP',
      :hp_access_key  => @hp_access_key,
      :hp_secret_key  => @hp_secret_key,
      :hp_auth_uri    => @hp_auth_uri,
      :hp_cdn_uri     => @hp_cdn_uri,
      :hp_tenant_id   => @hp_tenant_id,
      :hp_avl_zone    => @hp_avl_zone,
      :credentials    => @credentials,
      :connection_options => @connection_options
    )
    if @cdn.enabled?
      @cdn
    end
  else
    nil
  end
end

#create_temp_url(container, object, expires, method, options = {}) ⇒ Object

creates a temporary url

Parameters

• container<~String> - Name of container containing object

• object<~String> - Name of object to get expiring url for

• expires<~Time> - An expiry time for this url

• method<~String> - The method to use for accessing the object (GET, PUT, HEAD)

• options<~Hash> - An optional options hash

  • ‘scheme’<~String> - The scheme to use (http, https)

  • ‘host’<~String> - The host to use

  • ‘port’<~Integer> - The port to use

Returns

• response<~Excon::Response>:

  • body<~String> - url for object

Raises:

• (ArgumentError)

# File 'lib/fog/hp/storage.rb', line 208

def create_temp_url(container, object, expires, method, options = {})
  raise ArgumentError, "Insufficient parameters specified." unless (container && object && expires && method)

  # POST not allowed
  allowed_methods = %w{GET PUT HEAD}
  unless allowed_methods.include?(method)
    raise ArgumentError.new("Invalid method '#{method}' specified. Valid methods are: #{allowed_methods.join(', ')}")
  end

  expires        = expires.to_i
  scheme = options[:scheme] || @scheme
  host = options[:host] || @host
  port = options[:port] || @port

  # do not encode before signature generation, encode after
  sig_path = "#{@path}/#{container}/#{object}"
  encoded_path = "#{@path}/#{Fog::HP.escape(container)}/#{Fog::HP.escape(object)}"

  string_to_sign = "#{method}\n#{expires}\n#{sig_path}"

  signature = nil

  # HP uses a different strategy to create the signature that is passed to swift than OpenStack.
  # As the HP provider is broadly used by OpenStack users the OpenStack strategy is applied when
  # the @os_account_meta_temp_url_key is given.
  if @os_account_meta_temp_url_key
    hmac      = OpenSSL::HMAC.new(@os_account_meta_temp_url_key, OpenSSL::Digest::SHA1.new)
    signature= hmac.update(string_to_sign).hexdigest
  else
    #Note if the value of the @hp_secret_key is really a password, this will NOT work
    #HP Public Cloud FormPost and Temporary URL hashing algorithms require the secret key NOT password.
    if Fog::HP.instance_variable_get("@hp_use_upass_auth_style")
      raise ArgumentError, "Temporary URLS cannot be generated unless you login via access_key/secret_key"
    end
    # Only works with 1.9+ Not compatible with 1.8.7
    #signed_string = Digest::HMAC.hexdigest(string_to_sign, @hp_secret_key, Digest::SHA1)

    # Compatible with 1.8.7 onwards
    hmac = OpenSSL::HMAC.new(@hp_secret_key, OpenSSL::Digest::SHA1.new)
    signed_string = hmac.update(string_to_sign).hexdigest

    signature     = @hp_tenant_id.to_s + ":" + @hp_access_key.to_s + ":" + signed_string
    signature     = Fog::HP.escape(signature)
  end

  # generate the temp url using the signature and expiry
  temp_url_options = {
      :scheme => scheme,
      :host => host,
      :port => port,
      :path => encoded_path,
      :query => "temp_url_sig=#{signature}&temp_url_expires=#{expires}"
  }
  URI::Generic.build(temp_url_options).to_s
end

#generate_object_temp_url(container, object, expires_secs, method) ⇒ Object

Get an object http url expiring in the given amount of seconds

Parameters

• container<~String> - Name of container containing object

• object<~String> - Name of object to get expiring url for

• expires_secs<~Integer> - the amount of seconds from now until the url expires

Returns

• response<~Excon::Response>:

  • body<~String> - url for object

# File 'lib/fog/hp/storage.rb', line 188

def generate_object_temp_url(container, object, expires_secs, method)
  expiration_time = (Time.now + expires_secs.to_i).to_i
  create_temp_url(container, object, expiration_time, method, {})
end

#get_object_http_url(container, object, expires, options = {}) ⇒ Object

Get an expiring object http url

Parameters

• container<~String> - Name of container containing object

• object<~String> - Name of object to get expiring url for

• expires<~Time> - An expiry time for this url

Returns

• response<~Excon::Response>:

  • body<~String> - url for object

# File 'lib/fog/hp/storage.rb', line 174

def get_object_http_url(container, object, expires, options = {})
  create_temp_url(container, object, expires, "GET", {:port => 80}.merge(options).merge(:scheme => "http"))
end

#get_object_https_url(container, object, expires, options = {}) ⇒ Object

Get an expiring object https url

Parameters

• container<~String> - Name of container containing object

• object<~String> - Name of object to get expiring url for

• expires<~Time> - An expiry time for this url

Returns

• response<~Excon::Response>:

  • body<~String> - url for object

# File 'lib/fog/hp/storage.rb', line 160

def get_object_https_url(container, object, expires, options = {})
  create_temp_url(container, object, expires, "GET", {:port => 443}.merge(options).merge(:scheme => "https"))
end

#header_to_perm_acl(read_header = nil, write_header = nil) ⇒ Object

# File 'lib/fog/hp/storage.rb', line 143

def header_to_perm_acl(read_header=nil, write_header=nil)
  read_h, write_h = nil
  read_h = read_header.split(',') unless read_header.nil?
  write_h = write_header.split(',') unless write_header.nil?
  return read_h, write_h
end

#perm_acl_to_header(read_perm_acl, write_perm_acl) ⇒ Object

# File 'lib/fog/hp/storage.rb', line 129

def perm_acl_to_header(read_perm_acl, write_perm_acl)
  header = {}
  if read_perm_acl.nil? && write_perm_acl.nil?
    header = {'X-Container-Read' => "", 'X-Container-Write' => ""}
  elsif !read_perm_acl.nil? && write_perm_acl.nil?
    header = {'X-Container-Read' => "#{read_perm_acl.join(',')}", 'X-Container-Write' => ""}
  elsif read_perm_acl.nil? && !write_perm_acl.nil?
    header = {'X-Container-Read' => "", 'X-Container-Write' => "#{write_perm_acl.join(',')}"}
  elsif !read_perm_acl.nil? && !write_perm_acl.nil?
    header = {'X-Container-Read' => "#{read_perm_acl.join(',')}", 'X-Container-Write' => "#{write_perm_acl.join(',')}"}
  end
  header
end

#perm_to_acl(perm, users = []) ⇒ Object

# File 'lib/fog/hp/storage.rb', line 88

def perm_to_acl(perm, users=[])
  read_perm_acl = []
  write_perm_acl = []
  valid_public_perms  = ['pr', 'pw', 'prw']
  valid_account_perms = ['r', 'w', 'rw']
  valid_perms = valid_public_perms + valid_account_perms
  unless valid_perms.include?(perm)
    raise ArgumentError.new("permission must be one of [#{valid_perms.join(', ')}]")
  end
  # tackle the public access differently
  if valid_public_perms.include?(perm)
    case perm
      when "pr"
        read_perm_acl = [".r:*",".rlistings"]
      when "pw"
        write_perm_acl = ["*"]
      when "prw"
        read_perm_acl = [".r:*",".rlistings"]
        write_perm_acl = ["*"]
    end
  elsif valid_account_perms.include?(perm)
    # tackle the user access differently
    unless (users.nil? || users.empty?)
      # return the correct acls
      tenant_id = "*"  # this might change later
      acl_array = users.map { |u| "#{tenant_id}:#{u}" }
      #acl_string = acl_array.join(',')
      case perm
        when "r"
          read_perm_acl = acl_array
        when "w"
          write_perm_acl = acl_array
        when "rw"
          read_perm_acl = acl_array
          write_perm_acl = acl_array
      end
    end
  end
  return read_perm_acl, write_perm_acl
end

#public_url(container = nil, object = nil) ⇒ Object

# File 'lib/fog/hp/storage.rb', line 74

def public_url(container=nil, object=nil)
  public_url = nil
  unless container.nil?
    if object.nil?
      # return container public url
      public_url = "#{url}/#{Fog::HP.escape(container)}"
    else
      # return object public url
      public_url = "#{url}/#{Fog::HP.escape(container)}/#{Fog::HP.escape(object)}"
    end
  end
  public_url
end

#url ⇒ Object

# File 'lib/fog/hp/storage.rb', line 70

def url
  "#{@scheme}://#{@host}:#{@port}#{@path}"
end