diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2015-10-08 18:32:31 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-10-08 18:34:48 -0400 |
| commit | 9b613b4275987d2a5424c8995b304e2a45e9cc66 (patch) | |
| tree | 621f39c1fd54073a80064db1a16734b1de10e126 /Annex/NumCopies.hs | |
| parent | 51b93b1606bac86ffc66d4cf3a457888a6800778 (diff) | |
TrustedCopy is good enough to allow dropping
By definition, a trusted repository is trusted to always have its location
tracking log accurate. Thus, it should never be in a position where content
is being dropped from it concurrently, as that would result in the location
tracking log not being accurate.
Diffstat (limited to 'Annex/NumCopies.hs')
| -rw-r--r-- | Annex/NumCopies.hs | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/Annex/NumCopies.hs b/Annex/NumCopies.hs index 750946570..a06ef0c5e 100644 --- a/Annex/NumCopies.hs +++ b/Annex/NumCopies.hs @@ -104,7 +104,7 @@ verifyEnoughCopies -> [Remote] -- remotes to check to see if they have it -> Annex Bool verifyEnoughCopies nolocmsg key need skip preverified tocheck = - helper [] [] (deDupVerifiedCopies preverified) (nub tocheck) + helper [] [] preverified (nub tocheck) where helper bad missing have [] | NumCopies (length have) >= need = return True @@ -117,7 +117,7 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = if verifiedEnoughCopies need stillhave then return True else helper bad missing stillhave (r:rs) - | any isFullVerification have = helper bad missing have rs + | any safeVerification have = helper bad missing have rs | otherwise = do haskey <- Remote.hasKey r key case haskey of @@ -128,23 +128,25 @@ verifyEnoughCopies nolocmsg key need skip preverified tocheck = {- Check whether enough verification has been done of copies to allow - dropping content safely. - - - Unless numcopies is 0, at least one VerifiedCopyLock is required. - - This prevents races between concurrent drops from dropping the last - - copy, no matter what. + - Unless numcopies is 0, at least one VerifiedCopyLock or TrustedCopy + - is required. A VerifiedCopyLock prevents races between concurrent + - drops from dropping the last copy, no matter what. - - - The other N-1 copies can be less strong verifications. While those - - are subject to concurrent drop races, and so could be dropped - - all at once, causing numcopies to be violated, this is the best that can - - be done without requiring all special remotes to support locking. + - The other N-1 copies can be less strong verifications, like + - RecentlyVerifiedCopy. While those are subject to concurrent drop races, + - and so could be dropped all at once, causing numcopies to be violated, + - this is the best that can be done without requiring all special remotes + - to support locking. -} verifiedEnoughCopies :: NumCopies -> [VerifiedCopy] -> Bool verifiedEnoughCopies (NumCopies n) l | n == 0 = True - | otherwise = length (deDupVerifiedCopies l) >= n && any isFullVerification l + | otherwise = length (deDupVerifiedCopies l) >= n && any safeVerification l -isFullVerification :: VerifiedCopy -> Bool -isFullVerification (VerifiedCopyLock _) = True -isFullVerification _ = False +safeVerification :: VerifiedCopy -> Bool +safeVerification (VerifiedCopyLock _) = True +safeVerification (TrustedCopy _) = True +safeVerification (RecentlyVerifiedCopy _) = False notEnoughCopies :: Key -> NumCopies -> [VerifiedCopy] -> [UUID] -> [Remote] -> String -> Annex () notEnoughCopies key need have skip bad nolocmsg = do |