diff --git a/Annex/NumCopies.hs b/Annex/NumCopies.hs index 7509465703..a06ef0c5e9 100644 --- a/Annex/NumCopies.hs +++ b/Annex/NumCopies.hs @@ -104,7 +104,7 @@ verifyEnoughCopies -> [Remote] -- remotes to check to see if they have it -> Annex Bool verifyEnoughCopies nolocmsg key need skip preverified tocheck = - helper [] [] (deDupVerifiedCopies preverified) (nub tocheck) + helper [] [] preverified (nub tocheck) where helper bad missing have [] | NumCopies (length have) >= need = return True @@ -117,7 +117,7 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = if verifiedEnoughCopies need stillhave then return True else helper bad missing stillhave (r:rs) - | any isFullVerification have = helper bad missing have rs + | any safeVerification have = helper bad missing have rs | otherwise = do haskey <- Remote.hasKey r key case haskey of @@ -128,23 +128,25 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = {- Check whether enough verification has been done of copies to allow - dropping content safely. - - - Unless numcopies is 0, at least one VerifiedCopyLock is required. - - This prevents races between concurrent drops from dropping the last - - copy, no matter what. + - Unless numcopies is 0, at least one VerifiedCopyLock or TrustedCopy + - is required. A VerifiedCopyLock prevents races between concurrent + - drops from dropping the last copy, no matter what. - - - The other N-1 copies can be less strong verifications. While those - - are subject to concurrent drop races, and so could be dropped - - all at once, causing numcopies to be violated, this is the best that can - - be done without requiring all special remotes to support locking. + - The other N-1 copies can be less strong verifications, like + - RecentlyVerifiedCopy. While those are subject to concurrent drop races, + - and so could be dropped all at once, causing numcopies to be violated, + - this is the best that can be done without requiring all special remotes + - to support locking. -} verifiedEnoughCopies :: NumCopies -> [VerifiedCopy] -> Bool verifiedEnoughCopies (NumCopies n) l | n == 0 = True - | otherwise = length (deDupVerifiedCopies l) >= n && any isFullVerification l + | otherwise = length (deDupVerifiedCopies l) >= n && any safeVerification l -isFullVerification :: VerifiedCopy -> Bool -isFullVerification (VerifiedCopyLock _) = True -isFullVerification _ = False +safeVerification :: VerifiedCopy -> Bool +safeVerification (VerifiedCopyLock _) = True +safeVerification (TrustedCopy _) = True +safeVerification (RecentlyVerifiedCopy _) = False notEnoughCopies :: Key -> NumCopies -> [VerifiedCopy] -> [UUID] -> [Remote] -> String -> Annex () notEnoughCopies key need have skip bad nolocmsg = do diff --git a/Types/NumCopies.hs b/Types/NumCopies.hs index 0acb7cc3b0..1a3b973cc3 100644 --- a/Types/NumCopies.hs +++ b/Types/NumCopies.hs @@ -30,14 +30,13 @@ fromNumCopies (NumCopies n) = n -- A verification that a copy of a key exists in a repository. data VerifiedCopy - {- Use when a repository cannot be accessed, but it's - - a trusted repository, which is on record as containing a key - - and is presumably not going to lose its copy. - - This is the weakest level of verification. -} - = TrustedCopy V {- Represents a recent verification that a copy of an - object exists in a repository with the given UUID. -} - | RecentlyVerifiedCopy V + = RecentlyVerifiedCopy V + {- Use when a repository cannot be accessed, but it's + - a trusted repository, which is on record as containing a key + - and is presumably not going to lose its copy. -} + | TrustedCopy V {- The strongest proof of the existence of a copy. - Until its associated action is called to unlock it, - the copy is locked in the repository and is guaranteed @@ -72,9 +71,9 @@ instance Show V where strongestVerifiedCopy :: VerifiedCopy -> VerifiedCopy -> VerifiedCopy strongestVerifiedCopy a@(VerifiedCopyLock _) _ = a strongestVerifiedCopy _ b@(VerifiedCopyLock _) = b +strongestVerifiedCopy a@(TrustedCopy _) _ = a +strongestVerifiedCopy _ b@(TrustedCopy _) = b strongestVerifiedCopy a@(RecentlyVerifiedCopy _) _ = a -strongestVerifiedCopy _ b@(RecentlyVerifiedCopy _) = b -strongestVerifiedCopy a@(TrustedCopy _) _ = a -- Retains stronger verifications over weaker for the same uuid. deDupVerifiedCopies :: [VerifiedCopy] -> [VerifiedCopy]