You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

207 lines
5.2 KiB

7 years ago
7 years ago
7 years ago
4 years ago
6 years ago
4 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
6 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
7 years ago
4 years ago
7 years ago
4 years ago
4 years ago
4 years ago
7 years ago
7 years ago
  1. package s3api
  2. import (
  3. "context"
  4. "encoding/xml"
  5. "fmt"
  6. "github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
  7. "math"
  8. "net/http"
  9. "time"
  10. xhttp "github.com/chrislusf/seaweedfs/weed/s3api/http"
  11. "github.com/chrislusf/seaweedfs/weed/s3api/s3err"
  12. "github.com/aws/aws-sdk-go/aws"
  13. "github.com/aws/aws-sdk-go/service/s3"
  14. "github.com/chrislusf/seaweedfs/weed/glog"
  15. "github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
  16. )
  17. type ListAllMyBucketsResult struct {
  18. XMLName xml.Name `xml:"http://s3.amazonaws.com/doc/2006-03-01/ ListAllMyBucketsResult"`
  19. Owner *s3.Owner
  20. Buckets []*s3.Bucket `xml:"Buckets>Bucket"`
  21. }
  22. func (s3a *S3ApiServer) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
  23. glog.V(3).Infof("ListBucketsHandler")
  24. var identity *Identity
  25. var s3Err s3err.ErrorCode
  26. if s3a.iam.isEnabled() {
  27. identity, s3Err = s3a.iam.authUser(r)
  28. if s3Err != s3err.ErrNone {
  29. s3err.WriteErrorResponse(w, s3Err, r)
  30. return
  31. }
  32. }
  33. var response ListAllMyBucketsResult
  34. entries, _, err := s3a.list(s3a.option.BucketsPath, "", "", false, math.MaxInt32)
  35. if err != nil {
  36. s3err.WriteErrorResponse(w, s3err.ErrInternalError, r)
  37. return
  38. }
  39. identityId := r.Header.Get(xhttp.AmzIdentityId)
  40. var buckets []*s3.Bucket
  41. for _, entry := range entries {
  42. if entry.IsDirectory {
  43. if identity != nil && !identity.canDo(s3_constants.ACTION_LIST, entry.Name) {
  44. continue
  45. }
  46. buckets = append(buckets, &s3.Bucket{
  47. Name: aws.String(entry.Name),
  48. CreationDate: aws.Time(time.Unix(entry.Attributes.Crtime, 0).UTC()),
  49. })
  50. }
  51. }
  52. response = ListAllMyBucketsResult{
  53. Owner: &s3.Owner{
  54. ID: aws.String(identityId),
  55. DisplayName: aws.String(identityId),
  56. },
  57. Buckets: buckets,
  58. }
  59. writeSuccessResponseXML(w, response)
  60. }
  61. func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request) {
  62. bucket, _ := getBucketAndObject(r)
  63. glog.V(3).Infof("PutBucketHandler %s", bucket)
  64. // avoid duplicated buckets
  65. errCode := s3err.ErrNone
  66. if err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
  67. if resp, err := client.CollectionList(context.Background(), &filer_pb.CollectionListRequest{
  68. IncludeEcVolumes: true,
  69. IncludeNormalVolumes: true,
  70. }); err != nil {
  71. glog.Errorf("list collection: %v", err)
  72. return fmt.Errorf("list collections: %v", err)
  73. } else {
  74. for _, c := range resp.Collections {
  75. if bucket == c.Name {
  76. errCode = s3err.ErrBucketAlreadyExists
  77. break
  78. }
  79. }
  80. }
  81. return nil
  82. }); err != nil {
  83. s3err.WriteErrorResponse(w, s3err.ErrInternalError, r)
  84. return
  85. }
  86. if exist, err := s3a.exists(s3a.option.BucketsPath, bucket, true); err == nil && exist {
  87. errCode = s3err.ErrBucketAlreadyExists
  88. }
  89. if errCode != s3err.ErrNone {
  90. s3err.WriteErrorResponse(w, errCode, r)
  91. return
  92. }
  93. fn := func(entry *filer_pb.Entry) {
  94. if identityId := r.Header.Get(xhttp.AmzIdentityId); identityId != "" {
  95. if entry.Extended == nil {
  96. entry.Extended = make(map[string][]byte)
  97. }
  98. entry.Extended[xhttp.AmzIdentityId] = []byte(identityId)
  99. }
  100. }
  101. // create the folder for bucket, but lazily create actual collection
  102. if err := s3a.mkdir(s3a.option.BucketsPath, bucket, fn); err != nil {
  103. glog.Errorf("PutBucketHandler mkdir: %v", err)
  104. s3err.WriteErrorResponse(w, s3err.ErrInternalError, r)
  105. return
  106. }
  107. writeSuccessResponseEmpty(w)
  108. }
  109. func (s3a *S3ApiServer) DeleteBucketHandler(w http.ResponseWriter, r *http.Request) {
  110. bucket, _ := getBucketAndObject(r)
  111. glog.V(3).Infof("DeleteBucketHandler %s", bucket)
  112. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  113. s3err.WriteErrorResponse(w, err, r)
  114. return
  115. }
  116. err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
  117. // delete collection
  118. deleteCollectionRequest := &filer_pb.DeleteCollectionRequest{
  119. Collection: bucket,
  120. }
  121. glog.V(1).Infof("delete collection: %v", deleteCollectionRequest)
  122. if _, err := client.DeleteCollection(context.Background(), deleteCollectionRequest); err != nil {
  123. return fmt.Errorf("delete collection %s: %v", bucket, err)
  124. }
  125. return nil
  126. })
  127. err = s3a.rm(s3a.option.BucketsPath, bucket, false, true)
  128. if err != nil {
  129. s3err.WriteErrorResponse(w, s3err.ErrInternalError, r)
  130. return
  131. }
  132. s3err.WriteEmptyResponse(w, http.StatusNoContent)
  133. }
  134. func (s3a *S3ApiServer) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
  135. bucket, _ := getBucketAndObject(r)
  136. glog.V(3).Infof("HeadBucketHandler %s", bucket)
  137. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  138. s3err.WriteErrorResponse(w, err, r)
  139. return
  140. }
  141. writeSuccessResponseEmpty(w)
  142. }
  143. func (s3a *S3ApiServer) checkBucket(r *http.Request, bucket string) s3err.ErrorCode {
  144. entry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  145. if entry == nil || err == filer_pb.ErrNotFound {
  146. return s3err.ErrNoSuchBucket
  147. }
  148. if !s3a.hasAccess(r, entry) {
  149. return s3err.ErrAccessDenied
  150. }
  151. return s3err.ErrNone
  152. }
  153. func (s3a *S3ApiServer) hasAccess(r *http.Request, entry *filer_pb.Entry) bool {
  154. isAdmin := r.Header.Get(xhttp.AmzIsAdmin) != ""
  155. if isAdmin {
  156. return true
  157. }
  158. if entry.Extended == nil {
  159. return true
  160. }
  161. identityId := r.Header.Get(xhttp.AmzIdentityId)
  162. if id, ok := entry.Extended[xhttp.AmzIdentityId]; ok {
  163. if identityId != string(id) {
  164. return false
  165. }
  166. }
  167. return true
  168. }