X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/cbd11b4bfd5bcc637abe0e7678239dd1e7a2fbd2..789e1eb86b5286f3d34b112e0ab802bd3a2793b2:/services/keepstore/handlers.go

diff --git a/services/keepstore/handlers.go b/services/keepstore/handlers.go
index 038e812c4f..27d1e908c5 100644
--- a/services/keepstore/handlers.go
+++ b/services/keepstore/handlers.go
@@ -60,9 +60,15 @@ func MakeRESTRouter() *mux.Router {
 	rest.HandleFunc(`/status.json`, StatusHandler).Methods("GET", "HEAD")
 
 	// The PullHandler and TrashHandler process "PUT /pull" and "PUT
-	// /trash" requests from Data Manager.  Each handler parses the
-	// JSON list of block management requests in the message body, and
-	// delivers them to the pull queue or trash queue, respectively.
+	// /trash" requests from Data Manager.  These requests instruct
+	// Keep to replicate or delete blocks; see
+	// https://arvados.org/projects/arvados/wiki/Keep_Design_Doc
+	// for more details.
+	//
+	// Each handler parses the JSON list of block management requests
+	// in the message body, and replaces any existing pull queue or
+	// trash queue with their contentes.
+	//
 	rest.HandleFunc(`/pull`, PullHandler).Methods("PUT")
 	rest.HandleFunc(`/trash`, TrashHandler).Methods("PUT")
 
@@ -112,8 +118,6 @@ func FindKeepVolumes() []string {
 func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
 	hash := mux.Vars(req)["hash"]
 
-	log.Printf("%s %s", req.Method, hash)
-
 	hints := mux.Vars(req)["hints"]
 
 	// Parse the locator string and hints from the request.
@@ -132,6 +136,7 @@ func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
 				// presumed to be valid and ignored, to permit forward compatibility.
 			} else {
 				// Unknown format; not a valid locator.
+				log.Printf("%s %s %d %s", req.Method, hash, BadRequestError.HTTPCode, "-")
 				http.Error(resp, BadRequestError.Error(), BadRequestError.HTTPCode)
 				return
 			}
@@ -142,14 +147,17 @@ func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
 	// request's permission signature.
 	if enforce_permissions {
 		if signature == "" || timestamp == "" {
+			log.Printf("%s %s %d %s", req.Method, hash, PermissionError.HTTPCode, "-")
 			http.Error(resp, PermissionError.Error(), PermissionError.HTTPCode)
 			return
 		} else if IsExpired(timestamp) {
+			log.Printf("%s %s %d %s", req.Method, hash, ExpiredError.HTTPCode, "-")
 			http.Error(resp, ExpiredError.Error(), ExpiredError.HTTPCode)
 			return
 		} else {
 			req_locator := req.URL.Path[1:] // strip leading slash
 			if !VerifySignature(req_locator, GetApiToken(req)) {
+				log.Printf("%s %s %d %s", req.Method, hash, PermissionError.HTTPCode, "-")
 				http.Error(resp, PermissionError.Error(), PermissionError.HTTPCode)
 				return
 			}
@@ -170,6 +178,7 @@ func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
 		if err == NotFoundError {
 			log.Printf("%s: not found, giving up\n", hash)
 		}
+		log.Printf("%s %s %d %s", req.Method, hash, err.(*KeepError).HTTPCode, "-")
 		http.Error(resp, err.Error(), err.(*KeepError).HTTPCode)
 		return
 	}
@@ -178,7 +187,9 @@ func GetBlockHandler(resp http.ResponseWriter, req *http.Request) {
 
 	_, err = resp.Write(block)
 	if err != nil {
-		log.Printf("GetBlockHandler: writing response: %s", err)
+		log.Printf("%s %s %d %s", req.Method, hash, err.(*KeepError).HTTPCode, len(block), "-")
+	} else {
+		log.Printf("%s %s %d %d", req.Method, hash, 200, len(block))
 	}
 
 	return
@@ -191,12 +202,11 @@ func PutBlockHandler(resp http.ResponseWriter, req *http.Request) {
 
 	hash := mux.Vars(req)["hash"]
 
-	log.Printf("%s %s", req.Method, hash)
-
 	// Read the block data to be stored.
 	// If the request exceeds BLOCKSIZE bytes, issue a HTTP 500 error.
 	//
 	if req.ContentLength > BLOCKSIZE {
+		log.Printf("%s %s %d %d", req.Method, hash, TooLongError.HTTPCode, req.ContentLength)
 		http.Error(resp, TooLongError.Error(), TooLongError.HTTPCode)
 		return
 	}
@@ -204,8 +214,10 @@ func PutBlockHandler(resp http.ResponseWriter, req *http.Request) {
 	buf := make([]byte, req.ContentLength)
 	nread, err := io.ReadFull(req.Body, buf)
 	if err != nil {
+		log.Printf("%s %s %d %d", req.Method, hash, 500, req.ContentLength)
 		http.Error(resp, err.Error(), 500)
 	} else if int64(nread) < req.ContentLength {
+		log.Printf("%s %s %d %d", req.Method, hash, 500, req.ContentLength)
 		http.Error(resp, "request truncated", 500)
 	} else {
 		if err := PutBlock(buf, hash); err == nil {
@@ -217,9 +229,11 @@ func PutBlockHandler(resp http.ResponseWriter, req *http.Request) {
 				expiry := time.Now().Add(permission_ttl)
 				return_hash = SignLocator(return_hash, api_token, expiry)
 			}
+			log.Printf("%s %s %d %d", req.Method, hash, 200, req.ContentLength)
 			resp.Write([]byte(return_hash + "\n"))
 		} else {
 			ke := err.(*KeepError)
+			log.Printf("%s %s %d %d", req.Method, hash, ke.HTTPCode, req.ContentLength)
 			http.Error(resp, ke.Error(), ke.HTTPCode)
 		}
 	}
@@ -230,18 +244,15 @@ func PutBlockHandler(resp http.ResponseWriter, req *http.Request) {
 //     A HandleFunc to address /index and /index/{prefix} requests.
 //
 func IndexHandler(resp http.ResponseWriter, req *http.Request) {
-	prefix := mux.Vars(req)["prefix"]
-
-	// Only the data manager may issue /index requests,
-	// and only if enforce_permissions is enabled.
-	// All other requests return 403 Forbidden.
-	api_token := GetApiToken(req)
-	if !enforce_permissions ||
-		api_token == "" ||
-		data_manager_token != api_token {
-		http.Error(resp, PermissionError.Error(), PermissionError.HTTPCode)
+	// Reject unauthorized requests.
+	if !IsDataManagerToken(GetApiToken(req)) {
+		http.Error(resp, UnauthorizedError.Error(), UnauthorizedError.HTTPCode)
+		log.Printf("%s %s: %s\n", req.Method, req.URL, UnauthorizedError.Error())
 		return
 	}
+
+	prefix := mux.Vars(req)["prefix"]
+
 	var index string
 	for _, vol := range KeepVM.Volumes() {
 		index = index + vol.Index(prefix)
@@ -445,8 +456,7 @@ type PullRequest struct {
 
 func PullHandler(resp http.ResponseWriter, req *http.Request) {
 	// Reject unauthorized requests.
-	api_token := GetApiToken(req)
-	if !IsDataManagerToken(api_token) {
+	if !IsDataManagerToken(GetApiToken(req)) {
 		http.Error(resp, UnauthorizedError.Error(), UnauthorizedError.HTTPCode)
 		log.Printf("%s %s: %s\n", req.Method, req.URL, UnauthorizedError.Error())
 		return
@@ -487,8 +497,7 @@ type TrashRequest struct {
 
 func TrashHandler(resp http.ResponseWriter, req *http.Request) {
 	// Reject unauthorized requests.
-	api_token := GetApiToken(req)
-	if !IsDataManagerToken(api_token) {
+	if !IsDataManagerToken(GetApiToken(req)) {
 		http.Error(resp, UnauthorizedError.Error(), UnauthorizedError.HTTPCode)
 		log.Printf("%s %s: %s\n", req.Method, req.URL, UnauthorizedError.Error())
 		return