seaweedfs/weed/s3api/s3api_bucket_handlers.go

203 lines
5 KiB
Go
Raw Normal View History

2018-07-18 09:37:09 +00:00
package s3api
import (
"context"
"encoding/xml"
2018-07-18 09:37:09 +00:00
"fmt"
2020-12-25 08:38:56 +00:00
"github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
"math"
2018-07-22 00:39:10 +00:00
"net/http"
"time"
2018-07-24 08:38:08 +00:00
2020-11-11 08:20:59 +00:00
xhttp "github.com/chrislusf/seaweedfs/weed/s3api/http"
"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/s3"
2020-02-25 19:13:06 +00:00
2018-07-24 08:38:08 +00:00
"github.com/chrislusf/seaweedfs/weed/glog"
"github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
)
type ListAllMyBucketsResult struct {
2019-03-15 22:55:34 +00:00
XMLName xml.Name `xml:"http://s3.amazonaws.com/doc/2006-03-01/ ListAllMyBucketsResult"`
Owner *s3.Owner
Buckets []*s3.Bucket `xml:"Buckets>Bucket"`
}
2018-07-18 09:37:09 +00:00
func (s3a *S3ApiServer) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
2020-12-25 08:38:56 +00:00
var identity *Identity
var s3Err s3err.ErrorCode
if s3a.iam.isEnabled() {
identity, s3Err = s3a.iam.authUser(r)
if s3Err != s3err.ErrNone {
writeErrorResponse(w, s3Err, r.URL)
return
}
}
var response ListAllMyBucketsResult
2018-07-18 09:37:09 +00:00
entries, _, err := s3a.list(s3a.option.BucketsPath, "", "", false, math.MaxInt32)
2018-07-18 09:37:09 +00:00
2018-09-03 20:03:16 +00:00
if err != nil {
2020-09-19 21:09:58 +00:00
writeErrorResponse(w, s3err.ErrInternalError, r.URL)
2018-09-03 20:03:16 +00:00
return
}
2018-07-18 09:37:09 +00:00
2020-11-11 08:20:59 +00:00
identityId := r.Header.Get(xhttp.AmzIdentityId)
var buckets []*s3.Bucket
2018-09-03 20:03:16 +00:00
for _, entry := range entries {
if entry.IsDirectory {
2021-01-06 12:21:57 +00:00
if identity != nil && !identity.canDo(s3_constants.ACTION_ADMIN, entry.Name) {
2020-11-12 21:57:54 +00:00
continue
2020-11-11 08:20:59 +00:00
}
buckets = append(buckets, &s3.Bucket{
Name: aws.String(entry.Name),
CreationDate: aws.Time(time.Unix(entry.Attributes.Crtime, 0).UTC()),
2018-09-03 20:03:16 +00:00
})
2018-07-18 09:37:09 +00:00
}
2018-09-03 20:03:16 +00:00
}
2018-07-18 09:37:09 +00:00
response = ListAllMyBucketsResult{
Owner: &s3.Owner{
2020-11-11 08:20:59 +00:00
ID: aws.String(identityId),
DisplayName: aws.String(identityId),
2018-09-03 20:03:16 +00:00
},
Buckets: buckets,
2018-07-18 09:37:09 +00:00
}
writeSuccessResponseXML(w, encodeResponse(response))
}
func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request) {
2020-07-26 19:58:58 +00:00
bucket, _ := getBucketAndObject(r)
2020-10-15 17:52:17 +00:00
// avoid duplicated buckets
errCode := s3err.ErrNone
if err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
if resp, err := client.CollectionList(context.Background(), &filer_pb.CollectionListRequest{
IncludeEcVolumes: true,
IncludeNormalVolumes: true,
}); err != nil {
glog.Errorf("list collection: %v", err)
return fmt.Errorf("list collections: %v", err)
2020-10-25 03:12:04 +00:00
} else {
2020-10-15 17:52:17 +00:00
for _, c := range resp.Collections {
if bucket == c.Name {
errCode = s3err.ErrBucketAlreadyExists
break
}
}
}
return nil
}); err != nil {
writeErrorResponse(w, s3err.ErrInternalError, r.URL)
return
}
2020-11-12 06:11:03 +00:00
if exist, err := s3a.exists(s3a.option.BucketsPath, bucket, true); err == nil && exist {
errCode = s3err.ErrBucketAlreadyExists
}
2020-10-15 17:52:17 +00:00
if errCode != s3err.ErrNone {
writeErrorResponse(w, errCode, r.URL)
return
}
2020-11-11 08:20:59 +00:00
fn := func(entry *filer_pb.Entry) {
if identityId := r.Header.Get(xhttp.AmzIdentityId); identityId != "" {
2020-11-12 03:50:19 +00:00
if entry.Extended == nil {
entry.Extended = make(map[string][]byte)
}
2020-11-11 08:20:59 +00:00
entry.Extended[xhttp.AmzIdentityId] = []byte(identityId)
}
}
2018-09-03 20:03:16 +00:00
// create the folder for bucket, but lazily create actual collection
2020-11-11 08:20:59 +00:00
if err := s3a.mkdir(s3a.option.BucketsPath, bucket, fn); err != nil {
2020-10-15 17:52:17 +00:00
glog.Errorf("PutBucketHandler mkdir: %v", err)
2020-09-19 21:09:58 +00:00
writeErrorResponse(w, s3err.ErrInternalError, r.URL)
return
}
writeSuccessResponseEmpty(w)
}
func (s3a *S3ApiServer) DeleteBucketHandler(w http.ResponseWriter, r *http.Request) {
2020-07-26 19:58:58 +00:00
bucket, _ := getBucketAndObject(r)
if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
writeErrorResponse(w, err, r.URL)
return
}
2020-11-12 09:59:31 +00:00
err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
// delete collection
deleteCollectionRequest := &filer_pb.DeleteCollectionRequest{
Collection: bucket,
}
glog.V(1).Infof("delete collection: %v", deleteCollectionRequest)
2020-02-26 06:23:59 +00:00
if _, err := client.DeleteCollection(context.Background(), deleteCollectionRequest); err != nil {
2018-07-20 07:58:10 +00:00
return fmt.Errorf("delete collection %s: %v", bucket, err)
}
return nil
})
err = s3a.rm(s3a.option.BucketsPath, bucket, false, true)
2018-09-03 20:16:26 +00:00
if err != nil {
2020-09-19 21:09:58 +00:00
writeErrorResponse(w, s3err.ErrInternalError, r.URL)
return
}
writeResponse(w, http.StatusNoContent, nil, mimeNone)
}
2018-07-19 08:43:27 +00:00
func (s3a *S3ApiServer) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
2020-07-26 19:58:58 +00:00
bucket, _ := getBucketAndObject(r)
2018-07-19 08:43:27 +00:00
if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
writeErrorResponse(w, err, r.URL)
return
}
writeSuccessResponseEmpty(w)
}
func (s3a *S3ApiServer) checkBucket(r *http.Request, bucket string) s3err.ErrorCode {
2020-11-12 21:30:08 +00:00
entry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
2020-11-12 21:30:46 +00:00
if entry == nil || err == filer_pb.ErrNotFound {
return s3err.ErrNoSuchBucket
2018-07-19 08:43:27 +00:00
}
2020-11-12 09:59:31 +00:00
2020-11-12 21:57:54 +00:00
if !s3a.hasAccess(r, entry) {
return s3err.ErrAccessDenied
}
return s3err.ErrNone
2018-07-19 08:43:27 +00:00
}
2020-11-12 21:57:54 +00:00
func (s3a *S3ApiServer) hasAccess(r *http.Request, entry *filer_pb.Entry) bool {
isAdmin := r.Header.Get(xhttp.AmzIsAdmin) != ""
if isAdmin {
return true
}
if entry.Extended == nil {
return true
}
identityId := r.Header.Get(xhttp.AmzIdentityId)
if id, ok := entry.Extended[xhttp.AmzIdentityId]; ok {
if identityId != string(id) {
return false
}
}
return true
}