TrustedCopy is good enough to allow dropping
By definition, a trusted repository is trusted to always have its location tracking log accurate. Thus, it should never be in a position where content is being dropped from it concurrently, as that would result in the location tracking log not being accurate.
This commit is contained in:
Joey Hess
parent
e4a33967a1
commit
7f5958eec2
2 changed files with 22 additions and 21 deletions
|
|
@ -104,7 +104,7 @@ verifyEnoughCopies
|
|||
-> [Remote] -- remotes to check to see if they have it
|
||||
-> Annex Bool
|
||||
verifyEnoughCopies nolocmsg key need skip preverified tocheck =
|
||||
helper [] [] (deDupVerifiedCopies preverified) (nub tocheck)
|
||||
helper [] [] preverified (nub tocheck)
|
||||
where
|
||||
helper bad missing have []
|
||||
| NumCopies (length have) >= need = return True
|
||||
|
|
@ -117,7 +117,7 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck =
|
|||
if verifiedEnoughCopies need stillhave
|
||||
then return True
|
||||
else helper bad missing stillhave (r:rs)
|
||||
| any isFullVerification have = helper bad missing have rs
|
||||
| any safeVerification have = helper bad missing have rs
|
||||
| otherwise = do
|
||||
haskey <- Remote.hasKey r key
|
||||
case haskey of
|
||||
|
|
@ -128,23 +128,25 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck =
|
|||
{- Check whether enough verification has been done of copies to allow
|
||||
- dropping content safely.
|
||||
-
|
||||
- Unless numcopies is 0, at least one VerifiedCopyLock is required.
|
||||
- This prevents races between concurrent drops from dropping the last
|
||||
- copy, no matter what.
|
||||
- Unless numcopies is 0, at least one VerifiedCopyLock or TrustedCopy
|
||||
- is required. A VerifiedCopyLock prevents races between concurrent
|
||||
- drops from dropping the last copy, no matter what.
|
||||
-
|
||||
- The other N-1 copies can be less strong verifications. While those
|
||||
- are subject to concurrent drop races, and so could be dropped
|
||||
- all at once, causing numcopies to be violated, this is the best that can
|
||||
- be done without requiring all special remotes to support locking.
|
||||
- The other N-1 copies can be less strong verifications, like
|
||||
- RecentlyVerifiedCopy. While those are subject to concurrent drop races,
|
||||
- and so could be dropped all at once, causing numcopies to be violated,
|
||||
- this is the best that can be done without requiring all special remotes
|
||||
- to support locking.
|
||||
-}
|
||||
verifiedEnoughCopies :: NumCopies -> [VerifiedCopy] -> Bool
|
||||
verifiedEnoughCopies (NumCopies n) l
|
||||
| n == 0 = True
|
||||
| otherwise = length (deDupVerifiedCopies l) >= n && any isFullVerification l
|
||||
| otherwise = length (deDupVerifiedCopies l) >= n && any safeVerification l
|
||||
|
||||
isFullVerification :: VerifiedCopy -> Bool
|
||||
isFullVerification (VerifiedCopyLock _) = True
|
||||
isFullVerification _ = False
|
||||
safeVerification :: VerifiedCopy -> Bool
|
||||
safeVerification (VerifiedCopyLock _) = True
|
||||
safeVerification (TrustedCopy _) = True
|
||||
safeVerification (RecentlyVerifiedCopy _) = False
|
||||
|
||||
notEnoughCopies :: Key -> NumCopies -> [VerifiedCopy] -> [UUID] -> [Remote] -> String -> Annex ()
|
||||
notEnoughCopies key need have skip bad nolocmsg = do
|
||||
|
|
|
|||
|
|
@ -30,14 +30,13 @@ fromNumCopies (NumCopies n) = n
|
|||
|
||||
-- A verification that a copy of a key exists in a repository.
|
||||
data VerifiedCopy
|
||||
{- Use when a repository cannot be accessed, but it's
|
||||
- a trusted repository, which is on record as containing a key
|
||||
- and is presumably not going to lose its copy.
|
||||
- This is the weakest level of verification. -}
|
||||
= TrustedCopy V
|
||||
{- Represents a recent verification that a copy of an
|
||||
- object exists in a repository with the given UUID. -}
|
||||
| RecentlyVerifiedCopy V
|
||||
= RecentlyVerifiedCopy V
|
||||
{- Use when a repository cannot be accessed, but it's
|
||||
- a trusted repository, which is on record as containing a key
|
||||
- and is presumably not going to lose its copy. -}
|
||||
| TrustedCopy V
|
||||
{- The strongest proof of the existence of a copy.
|
||||
- Until its associated action is called to unlock it,
|
||||
- the copy is locked in the repository and is guaranteed
|
||||
|
|
@ -72,9 +71,9 @@ instance Show V where
|
|||
strongestVerifiedCopy :: VerifiedCopy -> VerifiedCopy -> VerifiedCopy
|
||||
strongestVerifiedCopy a@(VerifiedCopyLock _) _ = a
|
||||
strongestVerifiedCopy _ b@(VerifiedCopyLock _) = b
|
||||
strongestVerifiedCopy a@(TrustedCopy _) _ = a
|
||||
strongestVerifiedCopy _ b@(TrustedCopy _) = b
|
||||
strongestVerifiedCopy a@(RecentlyVerifiedCopy _) _ = a
|
||||
strongestVerifiedCopy _ b@(RecentlyVerifiedCopy _) = b
|
||||
strongestVerifiedCopy a@(TrustedCopy _) _ = a
|
||||
|
||||
-- Retains stronger verifications over weaker for the same uuid.
|
||||
deDupVerifiedCopies :: [VerifiedCopy] -> [VerifiedCopy]
|
||||
|
|
|
|||
Loading…
Reference in a new issue