Skip to content

Commit

Permalink
[raz] Improve RazGSConnection class for better code readability
Browse files Browse the repository at this point in the history
  • Loading branch information
Harshg999 committed Feb 1, 2024
1 parent 667ae06 commit 4d65618
Showing 1 changed file with 16 additions and 23 deletions.
39 changes: 16 additions & 23 deletions desktop/core/src/desktop/lib/fs/gc/gsconnection.py
Original file line number Diff line number Diff line change
Expand Up @@ -28,21 +28,28 @@
LOG = logging.getLogger()


class SignedUrlGSConnection(GSConnection):
class RazGSConnection(GSConnection):
"""
Contact GS via a presigned Url of the resource hence not requiring any GS credentials.
Class asking a RAZ server presigned URLs for all the operations on GS resources hence not requiring any GS credentials.
Some operations can be denied depending on the privileges of the users in Ranger.
This is a client replacing the building of the Http Request of the GS resource via asking a third party providing for a presigned Urls.
This client replaces the building of the Http Request of the GS resource via asking RAZ for presigned URLs.
The request information is then injected into the regular boto HTTPRequest as the format is the same. Raw calls via the requests
lib would work but the unmarshalling back from XML to boto2 Python object is tedious.
The main logic consists in some light overrides in S3Connection#make_request() and AWSAuthConnection#make_request() so that we
Then fill-up the boto HttpRequest with the presigned Url data and lets boto executes the request as usual,
so that we get the XML unmarshalling for free.
Flow:
1. signed_url = self.get_signed_url(/bucket/dir/key)
2. request = http_request(signed_url)
3. return self._mexe(requests)
The main logic consists in some light overrides in GSConnection#make_request() and AWSAuthConnection#make_request() so that we
send an updated HTTPRequest.
https://github.com/boto/boto/blob/develop/boto/s3/connection.py
https://github.com/boto/boto/blob/develop/boto/connection.py
Example of a presigned GS Url declaring a `list bucket` call:
https://hue-gs-bucket.storage.googleapis.com/?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA23E77ZX2HVY76YGL%2F20210505%2Fus-west-1%2Fs3%2Faws4_request&X-Amz-Date=20210505T171457Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=994d0ec2ca19a00aa2925fe62cab0e727591b1951a8a47504b2b9124facbd6cf
https://github.com/boto/boto/blob/develop/boto/gs/connection.py
https://github.com/boto/boto/blob/develop/boto/connection.py
"""
def __init__(self, username, gs_access_key_id=None, gs_secret_access_key=None,
is_secure=True, port=None, proxy=None, proxy_port=None,
Expand All @@ -56,7 +63,7 @@ def __init__(self, username, gs_access_key_id=None, gs_secret_access_key=None,
# No auth handler with RAZ
anon = RAZ.IS_ENABLED.get()

super(SignedUrlGSConnection, self).__init__(
super(GSConnection, self).__init__(
gs_access_key_id=gs_access_key_id, gs_secret_access_key=gs_secret_access_key,
is_secure=is_secure, port=port, proxy=proxy, proxy_port=proxy_port,
proxy_user=proxy_user, proxy_pass=proxy_pass,
Expand All @@ -66,20 +73,6 @@ def __init__(self, username, gs_access_key_id=None, gs_secret_access_key=None,
)


class RazGSConnection(SignedUrlGSConnection):
"""
Class asking a RAZ server presigned Urls for all the operations on GS resources.
Some operations can be denied depending on the privileges of the users in Ranger.
Then fill-up the boto HttpRequest with the presigned Url data and lets boto executes the request as usual,
so that we get the XML unmarshalling for free.
Flow:
1. signed_url = self.get_signed_url(/bucket/dir/key)
2. request = http_request(signed_url)
3. return self._mexe(requests)
"""

def make_request(self, method, bucket='', key='', headers=None, data='',
query_args=None, sender=None, override_num_retries=None,
retry_handler=None):
Expand Down

0 comments on commit 4d65618

Please sign in to comment.