You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

669 lines
20 KiB

7 years ago
7 years ago
7 years ago
3 years ago
6 years ago
3 years ago
6 years ago
6 years ago
6 years ago
6 years ago
6 years ago
3 years ago
4 years ago
3 years ago
3 years ago
6 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
7 years ago
7 years ago
3 years ago
4 years ago
4 years ago
7 years ago
7 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
3 years ago
  1. package s3api
  2. import (
  3. "bytes"
  4. "context"
  5. "encoding/xml"
  6. "errors"
  7. "fmt"
  8. "math"
  9. "net/http"
  10. "strings"
  11. "time"
  12. "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil"
  13. "github.com/seaweedfs/seaweedfs/weed/s3api/s3bucket"
  14. "github.com/seaweedfs/seaweedfs/weed/filer"
  15. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  16. "github.com/seaweedfs/seaweedfs/weed/storage/needle"
  17. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  18. "github.com/aws/aws-sdk-go/aws"
  19. "github.com/aws/aws-sdk-go/service/s3"
  20. "github.com/seaweedfs/seaweedfs/weed/glog"
  21. "github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
  22. util_http "github.com/seaweedfs/seaweedfs/weed/util/http"
  23. )
  24. func (s3a *S3ApiServer) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
  25. glog.V(3).Infof("ListBucketsHandler")
  26. var identity *Identity
  27. var s3Err s3err.ErrorCode
  28. if s3a.iam.isEnabled() {
  29. identity, s3Err = s3a.iam.authUser(r)
  30. if s3Err != s3err.ErrNone {
  31. s3err.WriteErrorResponse(w, r, s3Err)
  32. return
  33. }
  34. }
  35. var response ListAllMyBucketsResult
  36. entries, _, err := s3a.list(s3a.option.BucketsPath, "", "", false, math.MaxInt32)
  37. if err != nil {
  38. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  39. return
  40. }
  41. identityId := r.Header.Get(s3_constants.AmzIdentityId)
  42. var listBuckets ListAllMyBucketsList
  43. for _, entry := range entries {
  44. if entry.IsDirectory {
  45. if identity != nil && !identity.canDo(s3_constants.ACTION_LIST, entry.Name, "") {
  46. continue
  47. }
  48. listBuckets.Bucket = append(listBuckets.Bucket, ListAllMyBucketsEntry{
  49. Name: entry.Name,
  50. CreationDate: time.Unix(entry.Attributes.Crtime, 0).UTC(),
  51. })
  52. }
  53. }
  54. response = ListAllMyBucketsResult{
  55. Owner: CanonicalUser{
  56. ID: identityId,
  57. DisplayName: identityId,
  58. },
  59. Buckets: listBuckets,
  60. }
  61. writeSuccessResponseXML(w, r, response)
  62. }
  63. func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request) {
  64. bucket, _ := s3_constants.GetBucketAndObject(r)
  65. glog.V(3).Infof("PutBucketHandler %s", bucket)
  66. // validate the bucket name
  67. err := s3bucket.VerifyS3BucketName(bucket)
  68. if err != nil {
  69. glog.Errorf("put invalid bucket name: %v %v", bucket, err)
  70. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidBucketName)
  71. return
  72. }
  73. // avoid duplicated buckets
  74. errCode := s3err.ErrNone
  75. if err := s3a.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  76. if resp, err := client.CollectionList(context.Background(), &filer_pb.CollectionListRequest{
  77. IncludeEcVolumes: true,
  78. IncludeNormalVolumes: true,
  79. }); err != nil {
  80. glog.Errorf("list collection: %v", err)
  81. return fmt.Errorf("list collections: %v", err)
  82. } else {
  83. for _, c := range resp.Collections {
  84. if s3a.getCollectionName(bucket) == c.Name {
  85. errCode = s3err.ErrBucketAlreadyExists
  86. break
  87. }
  88. }
  89. }
  90. return nil
  91. }); err != nil {
  92. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  93. return
  94. }
  95. if exist, err := s3a.exists(s3a.option.BucketsPath, bucket, true); err == nil && exist {
  96. errCode = s3err.ErrBucketAlreadyExists
  97. }
  98. if errCode != s3err.ErrNone {
  99. s3err.WriteErrorResponse(w, r, errCode)
  100. return
  101. }
  102. fn := func(entry *filer_pb.Entry) {
  103. if identityId := r.Header.Get(s3_constants.AmzIdentityId); identityId != "" {
  104. if entry.Extended == nil {
  105. entry.Extended = make(map[string][]byte)
  106. }
  107. entry.Extended[s3_constants.AmzIdentityId] = []byte(identityId)
  108. }
  109. }
  110. // create the folder for bucket, but lazily create actual collection
  111. if err := s3a.mkdir(s3a.option.BucketsPath, bucket, fn); err != nil {
  112. glog.Errorf("PutBucketHandler mkdir: %v", err)
  113. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  114. return
  115. }
  116. w.Header().Set("Location", "/"+bucket)
  117. writeSuccessResponseEmpty(w, r)
  118. }
  119. func (s3a *S3ApiServer) DeleteBucketHandler(w http.ResponseWriter, r *http.Request) {
  120. bucket, _ := s3_constants.GetBucketAndObject(r)
  121. glog.V(3).Infof("DeleteBucketHandler %s", bucket)
  122. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  123. s3err.WriteErrorResponse(w, r, err)
  124. return
  125. }
  126. err := s3a.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  127. if !s3a.option.AllowDeleteBucketNotEmpty {
  128. entries, _, err := s3a.list(s3a.option.BucketsPath+"/"+bucket, "", "", false, 2)
  129. if err != nil {
  130. return fmt.Errorf("failed to list bucket %s: %v", bucket, err)
  131. }
  132. for _, entry := range entries {
  133. if entry.Name != s3_constants.MultipartUploadsFolder {
  134. return errors.New(s3err.GetAPIError(s3err.ErrBucketNotEmpty).Code)
  135. }
  136. }
  137. }
  138. // delete collection
  139. deleteCollectionRequest := &filer_pb.DeleteCollectionRequest{
  140. Collection: s3a.getCollectionName(bucket),
  141. }
  142. glog.V(1).Infof("delete collection: %v", deleteCollectionRequest)
  143. if _, err := client.DeleteCollection(context.Background(), deleteCollectionRequest); err != nil {
  144. return fmt.Errorf("delete collection %s: %v", bucket, err)
  145. }
  146. return nil
  147. })
  148. if err != nil {
  149. s3ErrorCode := s3err.ErrInternalError
  150. if err.Error() == s3err.GetAPIError(s3err.ErrBucketNotEmpty).Code {
  151. s3ErrorCode = s3err.ErrBucketNotEmpty
  152. }
  153. s3err.WriteErrorResponse(w, r, s3ErrorCode)
  154. return
  155. }
  156. err = s3a.rm(s3a.option.BucketsPath, bucket, false, true)
  157. if err != nil {
  158. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  159. return
  160. }
  161. s3err.WriteEmptyResponse(w, r, http.StatusNoContent)
  162. }
  163. func (s3a *S3ApiServer) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
  164. bucket, _ := s3_constants.GetBucketAndObject(r)
  165. glog.V(3).Infof("HeadBucketHandler %s", bucket)
  166. if entry, err := s3a.getEntry(s3a.option.BucketsPath, bucket); entry == nil || err == filer_pb.ErrNotFound {
  167. s3err.WriteErrorResponse(w, r, s3err.ErrNoSuchBucket)
  168. return
  169. }
  170. writeSuccessResponseEmpty(w, r)
  171. }
  172. func (s3a *S3ApiServer) checkBucket(r *http.Request, bucket string) s3err.ErrorCode {
  173. entry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  174. if entry == nil || err == filer_pb.ErrNotFound {
  175. return s3err.ErrNoSuchBucket
  176. }
  177. //if iam is enabled, the access was already checked before
  178. if s3a.iam.isEnabled() {
  179. return s3err.ErrNone
  180. }
  181. if !s3a.hasAccess(r, entry) {
  182. return s3err.ErrAccessDenied
  183. }
  184. return s3err.ErrNone
  185. }
  186. func (s3a *S3ApiServer) hasAccess(r *http.Request, entry *filer_pb.Entry) bool {
  187. isAdmin := r.Header.Get(s3_constants.AmzIsAdmin) != ""
  188. if isAdmin {
  189. return true
  190. }
  191. if entry.Extended == nil {
  192. return true
  193. }
  194. identityId := r.Header.Get(s3_constants.AmzIdentityId)
  195. if id, ok := entry.Extended[s3_constants.AmzIdentityId]; ok {
  196. if identityId != string(id) {
  197. glog.V(3).Infof("hasAccess: %s != %s (entry.Extended = %v)", identityId, id, entry.Extended)
  198. return false
  199. }
  200. }
  201. return true
  202. }
  203. // GetBucketAclHandler Get Bucket ACL
  204. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAcl.html
  205. func (s3a *S3ApiServer) GetBucketAclHandler(w http.ResponseWriter, r *http.Request) {
  206. // collect parameters
  207. bucket, _ := s3_constants.GetBucketAndObject(r)
  208. glog.V(3).Infof("GetBucketAclHandler %s", bucket)
  209. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  210. s3err.WriteErrorResponse(w, r, err)
  211. return
  212. }
  213. amzAccountId := r.Header.Get(s3_constants.AmzAccountId)
  214. amzDisplayName := s3a.iam.GetAccountNameById(amzAccountId)
  215. response := AccessControlPolicy{
  216. Owner: CanonicalUser{
  217. ID: amzAccountId,
  218. DisplayName: amzDisplayName,
  219. },
  220. }
  221. response.AccessControlList.Grant = append(response.AccessControlList.Grant, Grant{
  222. Grantee: Grantee{
  223. ID: amzAccountId,
  224. DisplayName: amzDisplayName,
  225. Type: "CanonicalUser",
  226. XMLXSI: "CanonicalUser",
  227. XMLNS: "http://www.w3.org/2001/XMLSchema-instance"},
  228. Permission: s3.PermissionFullControl,
  229. })
  230. writeSuccessResponseXML(w, r, response)
  231. }
  232. // PutBucketAclHandler Put bucket ACL only responds success if the ACL is private.
  233. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAcl.html //
  234. func (s3a *S3ApiServer) PutBucketAclHandler(w http.ResponseWriter, r *http.Request) {
  235. // collect parameters
  236. bucket, _ := s3_constants.GetBucketAndObject(r)
  237. glog.V(3).Infof("PutBucketAclHandler %s", bucket)
  238. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  239. s3err.WriteErrorResponse(w, r, err)
  240. return
  241. }
  242. cannedAcl := r.Header.Get(s3_constants.AmzCannedAcl)
  243. switch {
  244. case cannedAcl == "":
  245. acl := &s3.AccessControlPolicy{}
  246. if err := xmlDecoder(r.Body, acl, r.ContentLength); err != nil {
  247. glog.Errorf("PutBucketAclHandler: %s", err)
  248. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
  249. return
  250. }
  251. if len(acl.Grants) == 1 && acl.Grants[0].Permission != nil && *acl.Grants[0].Permission == s3_constants.PermissionFullControl {
  252. writeSuccessResponseEmpty(w, r)
  253. return
  254. }
  255. case cannedAcl == s3_constants.CannedAclPrivate:
  256. writeSuccessResponseEmpty(w, r)
  257. return
  258. }
  259. s3err.WriteErrorResponse(w, r, s3err.ErrNotImplemented)
  260. }
  261. // GetBucketLifecycleConfigurationHandler Get Bucket Lifecycle configuration
  262. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html
  263. func (s3a *S3ApiServer) GetBucketLifecycleConfigurationHandler(w http.ResponseWriter, r *http.Request) {
  264. // collect parameters
  265. bucket, _ := s3_constants.GetBucketAndObject(r)
  266. glog.V(3).Infof("GetBucketLifecycleConfigurationHandler %s", bucket)
  267. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  268. s3err.WriteErrorResponse(w, r, err)
  269. return
  270. }
  271. fc, err := filer.ReadFilerConf(s3a.option.Filer, s3a.option.GrpcDialOption, nil)
  272. if err != nil {
  273. glog.Errorf("GetBucketLifecycleConfigurationHandler: %s", err)
  274. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  275. return
  276. }
  277. ttls := fc.GetCollectionTtls(s3a.getCollectionName(bucket))
  278. if len(ttls) == 0 {
  279. s3err.WriteErrorResponse(w, r, s3err.ErrNoSuchLifecycleConfiguration)
  280. return
  281. }
  282. response := Lifecycle{}
  283. for locationPrefix, internalTtl := range ttls {
  284. ttl, _ := needle.ReadTTL(internalTtl)
  285. days := int(ttl.Minutes() / 60 / 24)
  286. if days == 0 {
  287. continue
  288. }
  289. prefix, found := strings.CutPrefix(locationPrefix, fmt.Sprintf("%s/%s/", s3a.option.BucketsPath, bucket))
  290. if !found {
  291. continue
  292. }
  293. response.Rules = append(response.Rules, Rule{
  294. ID: prefix,
  295. Status: Enabled,
  296. Prefix: Prefix{val: prefix, set: true},
  297. Expiration: Expiration{Days: days, set: true},
  298. })
  299. }
  300. writeSuccessResponseXML(w, r, response)
  301. }
  302. // PutBucketLifecycleConfigurationHandler Put Bucket Lifecycle configuration
  303. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html
  304. func (s3a *S3ApiServer) PutBucketLifecycleConfigurationHandler(w http.ResponseWriter, r *http.Request) {
  305. // collect parameters
  306. bucket, _ := s3_constants.GetBucketAndObject(r)
  307. glog.V(3).Infof("PutBucketLifecycleConfigurationHandler %s", bucket)
  308. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  309. s3err.WriteErrorResponse(w, r, err)
  310. return
  311. }
  312. lifeCycleConfig := Lifecycle{}
  313. if err := xmlDecoder(r.Body, &lifeCycleConfig, r.ContentLength); err != nil {
  314. glog.Warningf("PutBucketLifecycleConfigurationHandler xml decode: %s", err)
  315. s3err.WriteErrorResponse(w, r, s3err.ErrMalformedXML)
  316. return
  317. }
  318. fc, err := filer.ReadFilerConf(s3a.option.Filer, s3a.option.GrpcDialOption, nil)
  319. if err != nil {
  320. glog.Errorf("PutBucketLifecycleConfigurationHandler read filer config: %s", err)
  321. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  322. return
  323. }
  324. collectionName := s3a.getCollectionName(bucket)
  325. collectionTtls := fc.GetCollectionTtls(collectionName)
  326. changed := false
  327. for _, rule := range lifeCycleConfig.Rules {
  328. if rule.Status != Enabled {
  329. continue
  330. }
  331. var rulePrefix string
  332. switch {
  333. case rule.Filter.Prefix.set:
  334. rulePrefix = rule.Filter.Prefix.val
  335. case rule.Prefix.set:
  336. rulePrefix = rule.Prefix.val
  337. case !rule.Expiration.Date.IsZero() || rule.Transition.Days > 0 || !rule.Transition.Date.IsZero():
  338. s3err.WriteErrorResponse(w, r, s3err.ErrNotImplemented)
  339. return
  340. }
  341. if rule.Expiration.Days == 0 {
  342. continue
  343. }
  344. locConf := &filer_pb.FilerConf_PathConf{
  345. LocationPrefix: fmt.Sprintf("%s/%s/%s", s3a.option.BucketsPath, bucket, rulePrefix),
  346. Collection: collectionName,
  347. Ttl: fmt.Sprintf("%dd", rule.Expiration.Days),
  348. }
  349. if ttl, ok := collectionTtls[locConf.LocationPrefix]; ok && ttl == locConf.Ttl {
  350. continue
  351. }
  352. if err := fc.AddLocationConf(locConf); err != nil {
  353. glog.Errorf("PutBucketLifecycleConfigurationHandler add location config: %s", err)
  354. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  355. return
  356. }
  357. changed = true
  358. }
  359. if changed {
  360. var buf bytes.Buffer
  361. if err := fc.ToText(&buf); err != nil {
  362. glog.Errorf("PutBucketLifecycleConfigurationHandler save config to text: %s", err)
  363. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  364. }
  365. if err := s3a.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  366. return filer.SaveInsideFiler(client, filer.DirectoryEtcSeaweedFS, filer.FilerConfName, buf.Bytes())
  367. }); err != nil {
  368. glog.Errorf("PutBucketLifecycleConfigurationHandler save config inside filer: %s", err)
  369. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  370. return
  371. }
  372. }
  373. writeSuccessResponseEmpty(w, r)
  374. }
  375. // DeleteBucketLifecycleHandler Delete Bucket Lifecycle
  376. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html
  377. func (s3a *S3ApiServer) DeleteBucketLifecycleHandler(w http.ResponseWriter, r *http.Request) {
  378. // collect parameters
  379. bucket, _ := s3_constants.GetBucketAndObject(r)
  380. glog.V(3).Infof("DeleteBucketLifecycleHandler %s", bucket)
  381. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  382. s3err.WriteErrorResponse(w, r, err)
  383. return
  384. }
  385. fc, err := filer.ReadFilerConf(s3a.option.Filer, s3a.option.GrpcDialOption, nil)
  386. if err != nil {
  387. glog.Errorf("DeleteBucketLifecycleHandler read filer config: %s", err)
  388. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  389. return
  390. }
  391. collectionTtls := fc.GetCollectionTtls(s3a.getCollectionName(bucket))
  392. changed := false
  393. for prefix, ttl := range collectionTtls {
  394. bucketPrefix := fmt.Sprintf("%s/%s/", s3a.option.BucketsPath, bucket)
  395. if strings.HasPrefix(prefix, bucketPrefix) && strings.HasSuffix(ttl, "d") {
  396. pathConf, found := fc.GetLocationConf(prefix)
  397. if found {
  398. pathConf.Ttl = ""
  399. fc.SetLocationConf(pathConf)
  400. }
  401. changed = true
  402. }
  403. }
  404. if changed {
  405. var buf bytes.Buffer
  406. if err := fc.ToText(&buf); err != nil {
  407. glog.Errorf("DeleteBucketLifecycleHandler save config to text: %s", err)
  408. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  409. }
  410. if err := s3a.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  411. return filer.SaveInsideFiler(client, filer.DirectoryEtcSeaweedFS, filer.FilerConfName, buf.Bytes())
  412. }); err != nil {
  413. glog.Errorf("DeleteBucketLifecycleHandler save config inside filer: %s", err)
  414. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  415. return
  416. }
  417. }
  418. s3err.WriteEmptyResponse(w, r, http.StatusNoContent)
  419. }
  420. // GetBucketLocationHandler Get bucket location
  421. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLocation.html
  422. func (s3a *S3ApiServer) GetBucketLocationHandler(w http.ResponseWriter, r *http.Request) {
  423. writeSuccessResponseXML(w, r, CreateBucketConfiguration{})
  424. }
  425. // GetBucketRequestPaymentHandler Get bucket location
  426. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html
  427. func (s3a *S3ApiServer) GetBucketRequestPaymentHandler(w http.ResponseWriter, r *http.Request) {
  428. writeSuccessResponseXML(w, r, RequestPaymentConfiguration{Payer: "BucketOwner"})
  429. }
  430. // PutBucketOwnershipControls https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketOwnershipControls.html
  431. func (s3a *S3ApiServer) PutBucketOwnershipControls(w http.ResponseWriter, r *http.Request) {
  432. bucket, _ := s3_constants.GetBucketAndObject(r)
  433. glog.V(3).Infof("PutBucketOwnershipControls %s", bucket)
  434. errCode := s3a.checkAccessByOwnership(r, bucket)
  435. if errCode != s3err.ErrNone {
  436. s3err.WriteErrorResponse(w, r, errCode)
  437. return
  438. }
  439. if r.Body == nil || r.Body == http.NoBody {
  440. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
  441. return
  442. }
  443. var v s3.OwnershipControls
  444. defer util_http.CloseRequest(r)
  445. err := xmlutil.UnmarshalXML(&v, xml.NewDecoder(r.Body), "")
  446. if err != nil {
  447. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
  448. return
  449. }
  450. if len(v.Rules) != 1 {
  451. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
  452. return
  453. }
  454. printOwnership := true
  455. ownership := *v.Rules[0].ObjectOwnership
  456. switch ownership {
  457. case s3_constants.OwnershipObjectWriter:
  458. case s3_constants.OwnershipBucketOwnerPreferred:
  459. case s3_constants.OwnershipBucketOwnerEnforced:
  460. printOwnership = false
  461. default:
  462. s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
  463. return
  464. }
  465. bucketEntry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  466. if err != nil {
  467. if err == filer_pb.ErrNotFound {
  468. s3err.WriteErrorResponse(w, r, s3err.ErrNoSuchBucket)
  469. return
  470. }
  471. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  472. return
  473. }
  474. oldOwnership, ok := bucketEntry.Extended[s3_constants.ExtOwnershipKey]
  475. if !ok || string(oldOwnership) != ownership {
  476. if bucketEntry.Extended == nil {
  477. bucketEntry.Extended = make(map[string][]byte)
  478. }
  479. bucketEntry.Extended[s3_constants.ExtOwnershipKey] = []byte(ownership)
  480. err = s3a.updateEntry(s3a.option.BucketsPath, bucketEntry)
  481. if err != nil {
  482. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  483. return
  484. }
  485. }
  486. if printOwnership {
  487. result := &s3.PutBucketOwnershipControlsInput{
  488. OwnershipControls: &v,
  489. }
  490. s3err.WriteAwsXMLResponse(w, r, http.StatusOK, result)
  491. } else {
  492. writeSuccessResponseEmpty(w, r)
  493. }
  494. }
  495. // GetBucketOwnershipControls https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketOwnershipControls.html
  496. func (s3a *S3ApiServer) GetBucketOwnershipControls(w http.ResponseWriter, r *http.Request) {
  497. bucket, _ := s3_constants.GetBucketAndObject(r)
  498. glog.V(3).Infof("GetBucketOwnershipControls %s", bucket)
  499. errCode := s3a.checkAccessByOwnership(r, bucket)
  500. if errCode != s3err.ErrNone {
  501. s3err.WriteErrorResponse(w, r, errCode)
  502. return
  503. }
  504. bucketEntry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  505. if err != nil {
  506. if err == filer_pb.ErrNotFound {
  507. s3err.WriteErrorResponse(w, r, s3err.ErrNoSuchBucket)
  508. return
  509. }
  510. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  511. return
  512. }
  513. v, ok := bucketEntry.Extended[s3_constants.ExtOwnershipKey]
  514. if !ok {
  515. s3err.WriteErrorResponse(w, r, s3err.OwnershipControlsNotFoundError)
  516. return
  517. }
  518. ownership := string(v)
  519. result := &s3.PutBucketOwnershipControlsInput{
  520. OwnershipControls: &s3.OwnershipControls{
  521. Rules: []*s3.OwnershipControlsRule{
  522. {
  523. ObjectOwnership: &ownership,
  524. },
  525. },
  526. },
  527. }
  528. s3err.WriteAwsXMLResponse(w, r, http.StatusOK, result)
  529. }
  530. // DeleteBucketOwnershipControls https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketOwnershipControls.html
  531. func (s3a *S3ApiServer) DeleteBucketOwnershipControls(w http.ResponseWriter, r *http.Request) {
  532. bucket, _ := s3_constants.GetBucketAndObject(r)
  533. glog.V(3).Infof("PutBucketOwnershipControls %s", bucket)
  534. errCode := s3a.checkAccessByOwnership(r, bucket)
  535. if errCode != s3err.ErrNone {
  536. s3err.WriteErrorResponse(w, r, errCode)
  537. return
  538. }
  539. bucketEntry, err := s3a.getEntry(s3a.option.BucketsPath, bucket)
  540. if err != nil {
  541. if err == filer_pb.ErrNotFound {
  542. s3err.WriteErrorResponse(w, r, s3err.ErrNoSuchBucket)
  543. return
  544. }
  545. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  546. return
  547. }
  548. _, ok := bucketEntry.Extended[s3_constants.ExtOwnershipKey]
  549. if !ok {
  550. s3err.WriteErrorResponse(w, r, s3err.OwnershipControlsNotFoundError)
  551. return
  552. }
  553. delete(bucketEntry.Extended, s3_constants.ExtOwnershipKey)
  554. err = s3a.updateEntry(s3a.option.BucketsPath, bucketEntry)
  555. if err != nil {
  556. s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
  557. return
  558. }
  559. emptyOwnershipControls := &s3.OwnershipControls{
  560. Rules: []*s3.OwnershipControlsRule{},
  561. }
  562. s3err.WriteAwsXMLResponse(w, r, http.StatusOK, emptyOwnershipControls)
  563. }
  564. // GetBucketVersioningHandler Get Bucket Versioning status
  565. // https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html
  566. func (s3a *S3ApiServer) GetBucketVersioningHandler(w http.ResponseWriter, r *http.Request) {
  567. bucket, _ := s3_constants.GetBucketAndObject(r)
  568. glog.V(3).Infof("GetBucketVersioning %s", bucket)
  569. if err := s3a.checkBucket(r, bucket); err != s3err.ErrNone {
  570. s3err.WriteErrorResponse(w, r, err)
  571. return
  572. }
  573. s3err.WriteAwsXMLResponse(w, r, http.StatusOK, &s3.PutBucketVersioningInput{
  574. VersioningConfiguration: &s3.VersioningConfiguration{
  575. Status: aws.String(s3.BucketVersioningStatusSuspended),
  576. },
  577. })
  578. }