mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
S3: configurable access for anonymous user
fix https://github.com/chrislusf/seaweedfs/issues/1413
This commit is contained in:
parent
cbd80253e3
commit
2b74abf766
|
@ -107,6 +107,16 @@ func (iam *IdentityAccessManagement) lookupByAccessKey(accessKey string) (identi
|
|||
return nil, nil, false
|
||||
}
|
||||
|
||||
func (iam *IdentityAccessManagement) lookupAnonymous() (identity *Identity, found bool) {
|
||||
|
||||
for _, ident := range iam.identities {
|
||||
if ident.Name == "anonymous" {
|
||||
return ident, true
|
||||
}
|
||||
}
|
||||
return nil, false
|
||||
}
|
||||
|
||||
func (iam *IdentityAccessManagement) Auth(f http.HandlerFunc, action Action) http.HandlerFunc {
|
||||
|
||||
if !iam.isEnabled() {
|
||||
|
@ -127,6 +137,7 @@ func (iam *IdentityAccessManagement) Auth(f http.HandlerFunc, action Action) htt
|
|||
func (iam *IdentityAccessManagement) authRequest(r *http.Request, action Action) ErrorCode {
|
||||
var identity *Identity
|
||||
var s3Err ErrorCode
|
||||
var found bool
|
||||
switch getRequestAuthType(r) {
|
||||
case authTypeStreamingSigned:
|
||||
return ErrNone
|
||||
|
@ -146,7 +157,10 @@ func (iam *IdentityAccessManagement) authRequest(r *http.Request, action Action)
|
|||
glog.V(3).Infof("jwt auth type")
|
||||
return ErrNotImplemented
|
||||
case authTypeAnonymous:
|
||||
identity, found = iam.lookupAnonymous()
|
||||
if !found {
|
||||
return ErrAccessDenied
|
||||
}
|
||||
default:
|
||||
return ErrNotImplemented
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue