You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

202 lines
5.0 KiB

7 years ago
7 years ago
7 years ago
6 years ago
4 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
4 years ago
4 years ago
6 years ago
4 years ago
4 years ago
4 years ago
7 years ago
4 years ago
7 years ago
4 years ago
4 years ago
7 years ago
7 years ago
  1. package s3api
  2. import (
  3. "context"
  4. "encoding/xml"
  5. "fmt"
  6. "github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
  7. "math"
  8. "net/http"
  9. "time"
  10. xhttp "github.com/chrislusf/seaweedfs/weed/s3api/http"
  11. "github.com/chrislusf/seaweedfs/weed/s3api/s3err"
  12. "github.com/aws/aws-sdk-go/aws"
  13. "github.com/aws/aws-sdk-go/service/s3"
  14. "github.com/chrislusf/seaweedfs/weed/glog"
  15. "github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
  16. )
  17. type ListAllMyBucketsResult struct {
  18. XMLName xml.Name `xml:"http://s3.amazonaws.com/doc/2006-03-01/ ListAllMyBucketsResult"`
  19. Owner *s3.Owner
  20. Buckets []*s3.Bucket `xml:"Buckets>Bucket"`
  21. }
  22. func (s3a *S3ApiServer) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
  23. var identity *Identity
  24. var s3Err s3err.ErrorCode
  25. if s3a.iam.isEnabled() {
  26. identity, s3Err = s3a.iam.authUser(r)
  27. if s3Err != s3err.ErrNone {
  28. writeErrorResponse(w, s3Err, r.URL)
  29. return
  30. }
  31. }
  32. var response ListAllMyBucketsResult
  33. entries, _, err := s3a.list(s3a.option.BucketsPath, "", "", false, math.MaxInt32)
  34. if err != nil {
  35. writeErrorResponse(w, s3err.ErrInternalError, r.URL)
  36. return
  37. }
  38. identityId := r.Header.Get(xhttp.AmzIdentityId)
  39. var buckets []*s3.Bucket
  40. for _, entry := range entries {
  41. if entry.IsDirectory {
  42. if identity!=nil && !identity.canDo(s3_constants.ACTION_ADMIN, entry.Name) {
  43. continue
  44. }
  45. buckets = append(buckets, &s3.Bucket{
  46. Name: aws.String(entry.Name),
  47. CreationDate: aws.Time(time.Unix(entry.Attributes.Crtime, 0).UTC()),
  48. })
  49. }
  50. }
  51. response = ListAllMyBucketsResult{
  52. Owner: &s3.Owner{
  53. ID: aws.String(identityId),
  54. DisplayName: aws.String(identityId),
  55. },
  56. Buckets: buckets,
  57. }
  58. writeSuccessResponseXML(w, encodeResponse(response))
  59. }
  60. func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request) {
  61. bucket, _ := getBucketAndObject(r)
  62. // avoid duplicated buckets
  63. errCode := s3err.ErrNone
  64. if err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
  65. if resp, err := client.CollectionList(context.Background(), &filer_pb.CollectionListRequest{
  66. IncludeEcVolumes: true,
  67. IncludeNormalVolumes: true,
  68. }); err != nil {
  69. glog.Errorf("list collection: %v", err)
  70. return fmt.Errorf("list collections: %v", err)
  71. } else {
  72. for _, c := range resp.Collections {
  73. if bucket == c.Name {
  74. errCode = s3err.ErrBucketAlreadyExists
  75. break
  76. }
  77. }
  78. }
  79. return nil
  80. }); err != nil {
  81. writeErrorResponse(w, s3err.ErrInternalError, r.URL)
  82. return
  83. }
  84. if exist, err := s3a.exists(s3a.option.BucketsPath, bucket, true); err == nil && exist {
  85. errCode = s3err.ErrBucketAlreadyExists
  86. }
  87. if errCode != s3err.ErrNone {
  88. writeErrorResponse(w, errCode, r.URL)
  89. return
  90. }
  91. fn := func(entry *filer_pb.Entry) {
  92. if identityId := r.Header.Get(xhttp.AmzIdentityId); identityId != "" {
  93. if entry.Extended == nil {
  94. entry.Extended = make(map[string][]byte)
  95. }
  96. entry.Extended[xhttp.AmzIdentityId] = []byte(identityId)
  97. }
  98. }
  99. // create the folder for bucket, but lazily create actual collection
  100. if err := s3a.mkdir(s3a.option.BucketsPath, bucket, fn); err != nil {
  101. glog.Errorf("PutBucketHandler mkdir: %v", err)
  102. writeErrorResponse(w, s3err.ErrInternalError, r.URL)
  103. return
  104. }
  105. writeSuccessResponseEmpty(w)
  106. }
  107. func (s3a *S3ApiServer) DeleteBucketHandler(w http.ResponseWriter, r *http.Request) {
  108. bucket, _ := getBucketAndObject(r)
  109. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  110. writeErrorResponse(w, err, r.URL)
  111. return
  112. }
  113. err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
  114. // delete collection
  115. deleteCollectionRequest := &filer_pb.DeleteCollectionRequest{
  116. Collection: bucket,
  117. }
  118. glog.V(1).Infof("delete collection: %v", deleteCollectionRequest)
  119. if _, err := client.DeleteCollection(context.Background(), deleteCollectionRequest); err != nil {
  120. return fmt.Errorf("delete collection %s: %v", bucket, err)
  121. }
  122. return nil
  123. })
  124. err = s3a.rm(s3a.option.BucketsPath, bucket, false, true)
  125. if err != nil {
  126. writeErrorResponse(w, s3err.ErrInternalError, r.URL)
  127. return
  128. }
  129. writeResponse(w, http.StatusNoContent, nil, mimeNone)
  130. }
  131. func (s3a *S3ApiServer) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
  132. bucket, _ := getBucketAndObject(r)
  133. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  134. writeErrorResponse(w, err, r.URL)
  135. return
  136. }
  137. writeSuccessResponseEmpty(w)
  138. }
  139. func (s3a *S3ApiServer) checkBucket(r *http.Request, bucket string) s3err.ErrorCode {
  140. entry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  141. if entry == nil || err == filer_pb.ErrNotFound {
  142. return s3err.ErrNoSuchBucket
  143. }
  144. if !s3a.hasAccess(r, entry) {
  145. return s3err.ErrAccessDenied
  146. }
  147. return s3err.ErrNone
  148. }
  149. func (s3a *S3ApiServer) hasAccess(r *http.Request, entry *filer_pb.Entry) bool {
  150. isAdmin := r.Header.Get(xhttp.AmzIsAdmin) != ""
  151. if isAdmin {
  152. return true
  153. }
  154. if entry.Extended == nil {
  155. return true
  156. }
  157. identityId := r.Header.Get(xhttp.AmzIdentityId)
  158. if id, ok := entry.Extended[xhttp.AmzIdentityId]; ok {
  159. if identityId != string(id) {
  160. return false
  161. }
  162. }
  163. return true
  164. }