CKAN: Ticket #853: Understand how to upload to storage without having primary storage keys

status, description changed; resolution set

wwaites — Tue, 07 Dec 2010 11:59:03 GMT

status changed from new to closed
resolution set to fixed
description modified (diff)

done in http://bitbucket.org/ww/ofs need to merge back into main ofs repo

status changed; resolution deleted

pudo — Mon, 03 Jan 2011 09:39:10 GMT

status changed from closed to reopened
resolution fixed deleted

Looking at the changeset this cannot be functional yet: where is the implementation of the policy document exchange. It seems to me like this is currently adding the actual credentials to the request (self.ofs.conn.add_aws_auth_header(headers, 'PUT', path)).

c.f.:

priority, type, description, summary changed

rgrp — Tue, 04 Jan 2011 11:17:04 GMT

priority changed from awaiting triage to critical
type changed from defect to enhancement
description modified (diff)
summary changed from plumbing for rest upload to Understand how to upload to storage without having primary storage keys

summary changed

rgrp — Tue, 04 Jan 2011 11:19:19 GMT

summary changed from Understand how to upload to storage without having primary storage keys to Client upload to storage without having primary storage keys

status changed; resolution set

wwaites — Sun, 09 Jan 2011 17:36:21 GMT

status changed from reopened to closed
resolution set to fixed

we don't need a policy document exchange. it's simpler than that. the "server" instance has already permissions to upload. it just calculates the headers and such that are needed (based on the "client"'s initial headers) and gives them to the "client" the client then uploads without knowing the "server"'s credentials. The "client" never needs any of its own goostor credentials at all.

the only separate step is to make the widget readable by the world.

ticket #879 is to expose this as a small set of API calls.