diff options
author | 2015-10-08 18:32:31 -0400 | |
---|---|---|
committer | 2015-10-08 18:34:48 -0400 | |
commit | 9b613b4275987d2a5424c8995b304e2a45e9cc66 (patch) | |
tree | 621f39c1fd54073a80064db1a16734b1de10e126 | |
parent | 51b93b1606bac86ffc66d4cf3a457888a6800778 (diff) |
TrustedCopy is good enough to allow dropping
By definition, a trusted repository is trusted to always have its location
tracking log accurate. Thus, it should never be in a position where content
is being dropped from it concurrently, as that would result in the location
tracking log not being accurate.
-rw-r--r-- | Annex/NumCopies.hs | 28 | ||||
-rw-r--r-- | Types/NumCopies.hs | 15 |
2 files changed, 22 insertions, 21 deletions
diff --git a/Annex/NumCopies.hs b/Annex/NumCopies.hs index 750946570..a06ef0c5e 100644 --- a/Annex/NumCopies.hs +++ b/Annex/NumCopies.hs @@ -104,7 +104,7 @@ verifyEnoughCopies -> [Remote] -- remotes to check to see if they have it -> Annex Bool verifyEnoughCopies nolocmsg key need skip preverified tocheck = - helper [] [] (deDupVerifiedCopies preverified) (nub tocheck) + helper [] [] preverified (nub tocheck) where helper bad missing have [] | NumCopies (length have) >= need = return True @@ -117,7 +117,7 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = if verifiedEnoughCopies need stillhave then return True else helper bad missing stillhave (r:rs) - | any isFullVerification have = helper bad missing have rs + | any safeVerification have = helper bad missing have rs | otherwise = do haskey <- Remote.hasKey r key case haskey of @@ -128,23 +128,25 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = {- Check whether enough verification has been done of copies to allow - dropping content safely. - - - Unless numcopies is 0, at least one VerifiedCopyLock is required. - - This prevents races between concurrent drops from dropping the last - - copy, no matter what. + - Unless numcopies is 0, at least one VerifiedCopyLock or TrustedCopy + - is required. A VerifiedCopyLock prevents races between concurrent + - drops from dropping the last copy, no matter what. - - - The other N-1 copies can be less strong verifications. While those - - are subject to concurrent drop races, and so could be dropped - - all at once, causing numcopies to be violated, this is the best that can - - be done without requiring all special remotes to support locking. + - The other N-1 copies can be less strong verifications, like + - RecentlyVerifiedCopy. While those are subject to concurrent drop races, + - and so could be dropped all at once, causing numcopies to be violated, + - this is the best that can be done without requiring all special remotes + - to support locking. -} verifiedEnoughCopies :: NumCopies -> [VerifiedCopy] -> Bool verifiedEnoughCopies (NumCopies n) l | n == 0 = True - | otherwise = length (deDupVerifiedCopies l) >= n && any isFullVerification l + | otherwise = length (deDupVerifiedCopies l) >= n && any safeVerification l -isFullVerification :: VerifiedCopy -> Bool -isFullVerification (VerifiedCopyLock _) = True -isFullVerification _ = False +safeVerification :: VerifiedCopy -> Bool +safeVerification (VerifiedCopyLock _) = True +safeVerification (TrustedCopy _) = True +safeVerification (RecentlyVerifiedCopy _) = False notEnoughCopies :: Key -> NumCopies -> [VerifiedCopy] -> [UUID] -> [Remote] -> String -> Annex () notEnoughCopies key need have skip bad nolocmsg = do diff --git a/Types/NumCopies.hs b/Types/NumCopies.hs index 0acb7cc3b..1a3b973cc 100644 --- a/Types/NumCopies.hs +++ b/Types/NumCopies.hs @@ -30,14 +30,13 @@ fromNumCopies (NumCopies n) = n -- A verification that a copy of a key exists in a repository. data VerifiedCopy - {- Use when a repository cannot be accessed, but it's - - a trusted repository, which is on record as containing a key - - and is presumably not going to lose its copy. - - This is the weakest level of verification. -} - = TrustedCopy V {- Represents a recent verification that a copy of an - object exists in a repository with the given UUID. -} - | RecentlyVerifiedCopy V + = RecentlyVerifiedCopy V + {- Use when a repository cannot be accessed, but it's + - a trusted repository, which is on record as containing a key + - and is presumably not going to lose its copy. -} + | TrustedCopy V {- The strongest proof of the existence of a copy. - Until its associated action is called to unlock it, - the copy is locked in the repository and is guaranteed @@ -72,9 +71,9 @@ instance Show V where strongestVerifiedCopy :: VerifiedCopy -> VerifiedCopy -> VerifiedCopy strongestVerifiedCopy a@(VerifiedCopyLock _) _ = a strongestVerifiedCopy _ b@(VerifiedCopyLock _) = b +strongestVerifiedCopy a@(TrustedCopy _) _ = a +strongestVerifiedCopy _ b@(TrustedCopy _) = b strongestVerifiedCopy a@(RecentlyVerifiedCopy _) _ = a -strongestVerifiedCopy _ b@(RecentlyVerifiedCopy _) = b -strongestVerifiedCopy a@(TrustedCopy _) _ = a -- Retains stronger verifications over weaker for the same uuid. deDupVerifiedCopies :: [VerifiedCopy] -> [VerifiedCopy] |