chrislu
8 months ago
3 changed files with 387 additions and 359 deletions
-
360weed/s3api/s3api_object_handlers.go
-
179weed/s3api/s3api_object_handlers_delete.go
-
207weed/s3api/s3api_object_handlers_put.go
@ -0,0 +1,179 @@ |
|||||
|
package s3api |
||||
|
|
||||
|
import ( |
||||
|
"encoding/xml" |
||||
|
"fmt" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants" |
||||
|
"golang.org/x/exp/slices" |
||||
|
"io" |
||||
|
"net/http" |
||||
|
"strings" |
||||
|
|
||||
|
"github.com/seaweedfs/seaweedfs/weed/filer" |
||||
|
|
||||
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3err" |
||||
|
|
||||
|
"github.com/seaweedfs/seaweedfs/weed/glog" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/util" |
||||
|
) |
||||
|
|
||||
|
const ( |
||||
|
deleteMultipleObjectsLimit = 1000 |
||||
|
) |
||||
|
|
||||
|
func (s3a *S3ApiServer) DeleteObjectHandler(w http.ResponseWriter, r *http.Request) { |
||||
|
|
||||
|
bucket, object := s3_constants.GetBucketAndObject(r) |
||||
|
glog.V(3).Infof("DeleteObjectHandler %s %s", bucket, object) |
||||
|
|
||||
|
destUrl := s3a.toFilerUrl(bucket, object) |
||||
|
|
||||
|
s3a.proxyToFiler(w, r, destUrl, true, func(proxyResponse *http.Response, w http.ResponseWriter) (statusCode int) { |
||||
|
statusCode = http.StatusNoContent |
||||
|
for k, v := range proxyResponse.Header { |
||||
|
w.Header()[k] = v |
||||
|
} |
||||
|
w.WriteHeader(statusCode) |
||||
|
return statusCode |
||||
|
}) |
||||
|
} |
||||
|
|
||||
|
// / ObjectIdentifier carries key name for the object to delete.
|
||||
|
type ObjectIdentifier struct { |
||||
|
ObjectName string `xml:"Key"` |
||||
|
} |
||||
|
|
||||
|
// DeleteObjectsRequest - xml carrying the object key names which needs to be deleted.
|
||||
|
type DeleteObjectsRequest struct { |
||||
|
// Element to enable quiet mode for the request
|
||||
|
Quiet bool |
||||
|
// List of objects to be deleted
|
||||
|
Objects []ObjectIdentifier `xml:"Object"` |
||||
|
} |
||||
|
|
||||
|
// DeleteError structure.
|
||||
|
type DeleteError struct { |
||||
|
Code string |
||||
|
Message string |
||||
|
Key string |
||||
|
} |
||||
|
|
||||
|
// DeleteObjectsResponse container for multiple object deletes.
|
||||
|
type DeleteObjectsResponse struct { |
||||
|
XMLName xml.Name `xml:"http://s3.amazonaws.com/doc/2006-03-01/ DeleteResult" json:"-"` |
||||
|
|
||||
|
// Collection of all deleted objects
|
||||
|
DeletedObjects []ObjectIdentifier `xml:"Deleted,omitempty"` |
||||
|
|
||||
|
// Collection of errors deleting certain objects.
|
||||
|
Errors []DeleteError `xml:"Error,omitempty"` |
||||
|
} |
||||
|
|
||||
|
// DeleteMultipleObjectsHandler - Delete multiple objects
|
||||
|
func (s3a *S3ApiServer) DeleteMultipleObjectsHandler(w http.ResponseWriter, r *http.Request) { |
||||
|
|
||||
|
bucket, _ := s3_constants.GetBucketAndObject(r) |
||||
|
glog.V(3).Infof("DeleteMultipleObjectsHandler %s", bucket) |
||||
|
|
||||
|
deleteXMLBytes, err := io.ReadAll(r.Body) |
||||
|
if err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrInternalError) |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
deleteObjects := &DeleteObjectsRequest{} |
||||
|
if err := xml.Unmarshal(deleteXMLBytes, deleteObjects); err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrMalformedXML) |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
if len(deleteObjects.Objects) > deleteMultipleObjectsLimit { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrInvalidMaxDeleteObjects) |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
var deletedObjects []ObjectIdentifier |
||||
|
var deleteErrors []DeleteError |
||||
|
var auditLog *s3err.AccessLog |
||||
|
|
||||
|
directoriesWithDeletion := make(map[string]int) |
||||
|
|
||||
|
if s3err.Logger != nil { |
||||
|
auditLog = s3err.GetAccessLog(r, http.StatusNoContent, s3err.ErrNone) |
||||
|
} |
||||
|
s3a.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error { |
||||
|
|
||||
|
// delete file entries
|
||||
|
for _, object := range deleteObjects.Objects { |
||||
|
if object.ObjectName == "" { |
||||
|
continue |
||||
|
} |
||||
|
lastSeparator := strings.LastIndex(object.ObjectName, "/") |
||||
|
parentDirectoryPath, entryName, isDeleteData, isRecursive := "", object.ObjectName, true, false |
||||
|
if lastSeparator > 0 && lastSeparator+1 < len(object.ObjectName) { |
||||
|
entryName = object.ObjectName[lastSeparator+1:] |
||||
|
parentDirectoryPath = "/" + object.ObjectName[:lastSeparator] |
||||
|
} |
||||
|
parentDirectoryPath = fmt.Sprintf("%s/%s%s", s3a.option.BucketsPath, bucket, parentDirectoryPath) |
||||
|
|
||||
|
err := doDeleteEntry(client, parentDirectoryPath, entryName, isDeleteData, isRecursive) |
||||
|
if err == nil { |
||||
|
directoriesWithDeletion[parentDirectoryPath]++ |
||||
|
deletedObjects = append(deletedObjects, object) |
||||
|
} else if strings.Contains(err.Error(), filer.MsgFailDelNonEmptyFolder) { |
||||
|
deletedObjects = append(deletedObjects, object) |
||||
|
} else { |
||||
|
delete(directoriesWithDeletion, parentDirectoryPath) |
||||
|
deleteErrors = append(deleteErrors, DeleteError{ |
||||
|
Code: "", |
||||
|
Message: err.Error(), |
||||
|
Key: object.ObjectName, |
||||
|
}) |
||||
|
} |
||||
|
if auditLog != nil { |
||||
|
auditLog.Key = entryName |
||||
|
s3err.PostAccessLog(*auditLog) |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
// purge empty folders, only checking folders with deletions
|
||||
|
for len(directoriesWithDeletion) > 0 { |
||||
|
directoriesWithDeletion = s3a.doDeleteEmptyDirectories(client, directoriesWithDeletion) |
||||
|
} |
||||
|
|
||||
|
return nil |
||||
|
}) |
||||
|
|
||||
|
deleteResp := DeleteObjectsResponse{} |
||||
|
if !deleteObjects.Quiet { |
||||
|
deleteResp.DeletedObjects = deletedObjects |
||||
|
} |
||||
|
deleteResp.Errors = deleteErrors |
||||
|
|
||||
|
writeSuccessResponseXML(w, r, deleteResp) |
||||
|
|
||||
|
} |
||||
|
|
||||
|
func (s3a *S3ApiServer) doDeleteEmptyDirectories(client filer_pb.SeaweedFilerClient, directoriesWithDeletion map[string]int) (newDirectoriesWithDeletion map[string]int) { |
||||
|
var allDirs []string |
||||
|
for dir := range directoriesWithDeletion { |
||||
|
allDirs = append(allDirs, dir) |
||||
|
} |
||||
|
slices.SortFunc(allDirs, func(a, b string) int { |
||||
|
return len(b) - len(a) |
||||
|
}) |
||||
|
newDirectoriesWithDeletion = make(map[string]int) |
||||
|
for _, dir := range allDirs { |
||||
|
parentDir, dirName := util.FullPath(dir).DirAndName() |
||||
|
if parentDir == s3a.option.BucketsPath { |
||||
|
continue |
||||
|
} |
||||
|
if err := doDeleteEntry(client, parentDir, dirName, false, false); err != nil { |
||||
|
glog.V(4).Infof("directory %s has %d deletion but still not empty: %v", dir, directoriesWithDeletion[dir], err) |
||||
|
} else { |
||||
|
newDirectoriesWithDeletion[parentDir]++ |
||||
|
} |
||||
|
} |
||||
|
return |
||||
|
} |
@ -0,0 +1,207 @@ |
|||||
|
package s3api |
||||
|
|
||||
|
import ( |
||||
|
"crypto/md5" |
||||
|
"encoding/json" |
||||
|
"fmt" |
||||
|
"io" |
||||
|
"net/http" |
||||
|
"strings" |
||||
|
"time" |
||||
|
|
||||
|
"github.com/pquerna/cachecontrol/cacheobject" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3err" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/security" |
||||
|
|
||||
|
"github.com/seaweedfs/seaweedfs/weed/glog" |
||||
|
"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb" |
||||
|
weed_server "github.com/seaweedfs/seaweedfs/weed/server" |
||||
|
) |
||||
|
|
||||
|
func (s3a *S3ApiServer) PutObjectHandler(w http.ResponseWriter, r *http.Request) { |
||||
|
|
||||
|
// http://docs.aws.amazon.com/AmazonS3/latest/dev/UploadingObjects.html
|
||||
|
|
||||
|
bucket, object := s3_constants.GetBucketAndObject(r) |
||||
|
glog.V(3).Infof("PutObjectHandler %s %s", bucket, object) |
||||
|
|
||||
|
_, err := validateContentMd5(r.Header) |
||||
|
if err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrInvalidDigest) |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
if r.Header.Get("Cache-Control") != "" { |
||||
|
if _, err = cacheobject.ParseRequestCacheControl(r.Header.Get("Cache-Control")); err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrInvalidDigest) |
||||
|
return |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
if r.Header.Get("Expires") != "" { |
||||
|
if _, err = time.Parse(http.TimeFormat, r.Header.Get("Expires")); err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrMalformedDate) |
||||
|
return |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
dataReader := r.Body |
||||
|
rAuthType := getRequestAuthType(r) |
||||
|
if s3a.iam.isEnabled() { |
||||
|
var s3ErrCode s3err.ErrorCode |
||||
|
switch rAuthType { |
||||
|
case authTypeStreamingSigned: |
||||
|
dataReader, s3ErrCode = s3a.iam.newSignV4ChunkedReader(r) |
||||
|
case authTypeSignedV2, authTypePresignedV2: |
||||
|
_, s3ErrCode = s3a.iam.isReqAuthenticatedV2(r) |
||||
|
case authTypePresigned, authTypeSigned: |
||||
|
_, s3ErrCode = s3a.iam.reqSignatureV4Verify(r) |
||||
|
} |
||||
|
if s3ErrCode != s3err.ErrNone { |
||||
|
s3err.WriteErrorResponse(w, r, s3ErrCode) |
||||
|
return |
||||
|
} |
||||
|
} else { |
||||
|
if authTypeStreamingSigned == rAuthType { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrAuthNotSetup) |
||||
|
return |
||||
|
} |
||||
|
} |
||||
|
defer dataReader.Close() |
||||
|
|
||||
|
objectContentType := r.Header.Get("Content-Type") |
||||
|
if strings.HasSuffix(object, "/") && r.ContentLength <= 1024 { |
||||
|
if err := s3a.mkdir( |
||||
|
s3a.option.BucketsPath, bucket+strings.TrimSuffix(object, "/"), |
||||
|
func(entry *filer_pb.Entry) { |
||||
|
if objectContentType == "" { |
||||
|
objectContentType = s3_constants.FolderMimeType |
||||
|
} |
||||
|
if r.ContentLength > 0 { |
||||
|
entry.Content, _ = io.ReadAll(r.Body) |
||||
|
} |
||||
|
entry.Attributes.Mime = objectContentType |
||||
|
}); err != nil { |
||||
|
s3err.WriteErrorResponse(w, r, s3err.ErrInternalError) |
||||
|
return |
||||
|
} |
||||
|
} else { |
||||
|
uploadUrl := s3a.toFilerUrl(bucket, object) |
||||
|
if objectContentType == "" { |
||||
|
dataReader = mimeDetect(r, dataReader) |
||||
|
} |
||||
|
|
||||
|
etag, errCode := s3a.putToFiler(r, uploadUrl, dataReader, "", bucket) |
||||
|
|
||||
|
if errCode != s3err.ErrNone { |
||||
|
s3err.WriteErrorResponse(w, r, errCode) |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
setEtag(w, etag) |
||||
|
} |
||||
|
|
||||
|
writeSuccessResponseEmpty(w, r) |
||||
|
} |
||||
|
|
||||
|
func (s3a *S3ApiServer) putToFiler(r *http.Request, uploadUrl string, dataReader io.Reader, destination string, bucket string) (etag string, code s3err.ErrorCode) { |
||||
|
|
||||
|
hash := md5.New() |
||||
|
var body = io.TeeReader(dataReader, hash) |
||||
|
|
||||
|
proxyReq, err := http.NewRequest("PUT", uploadUrl, body) |
||||
|
|
||||
|
if err != nil { |
||||
|
glog.Errorf("NewRequest %s: %v", uploadUrl, err) |
||||
|
return "", s3err.ErrInternalError |
||||
|
} |
||||
|
|
||||
|
proxyReq.Header.Set("X-Forwarded-For", r.RemoteAddr) |
||||
|
if destination != "" { |
||||
|
proxyReq.Header.Set(s3_constants.SeaweedStorageDestinationHeader, destination) |
||||
|
} |
||||
|
|
||||
|
if s3a.option.FilerGroup != "" { |
||||
|
query := proxyReq.URL.Query() |
||||
|
query.Add("collection", s3a.getCollectionName(bucket)) |
||||
|
proxyReq.URL.RawQuery = query.Encode() |
||||
|
} |
||||
|
|
||||
|
for header, values := range r.Header { |
||||
|
for _, value := range values { |
||||
|
proxyReq.Header.Add(header, value) |
||||
|
} |
||||
|
} |
||||
|
// ensure that the Authorization header is overriding any previous
|
||||
|
// Authorization header which might be already present in proxyReq
|
||||
|
s3a.maybeAddFilerJwtAuthorization(proxyReq, true) |
||||
|
resp, postErr := s3a.client.Do(proxyReq) |
||||
|
|
||||
|
if postErr != nil { |
||||
|
glog.Errorf("post to filer: %v", postErr) |
||||
|
return "", s3err.ErrInternalError |
||||
|
} |
||||
|
defer resp.Body.Close() |
||||
|
|
||||
|
etag = fmt.Sprintf("%x", hash.Sum(nil)) |
||||
|
|
||||
|
resp_body, ra_err := io.ReadAll(resp.Body) |
||||
|
if ra_err != nil { |
||||
|
glog.Errorf("upload to filer response read %d: %v", resp.StatusCode, ra_err) |
||||
|
return etag, s3err.ErrInternalError |
||||
|
} |
||||
|
var ret weed_server.FilerPostResult |
||||
|
unmarshal_err := json.Unmarshal(resp_body, &ret) |
||||
|
if unmarshal_err != nil { |
||||
|
glog.Errorf("failing to read upload to %s : %v", uploadUrl, string(resp_body)) |
||||
|
return "", s3err.ErrInternalError |
||||
|
} |
||||
|
if ret.Error != "" { |
||||
|
glog.Errorf("upload to filer error: %v", ret.Error) |
||||
|
return "", filerErrorToS3Error(ret.Error) |
||||
|
} |
||||
|
|
||||
|
return etag, s3err.ErrNone |
||||
|
} |
||||
|
|
||||
|
func setEtag(w http.ResponseWriter, etag string) { |
||||
|
if etag != "" { |
||||
|
if strings.HasPrefix(etag, "\"") { |
||||
|
w.Header()["ETag"] = []string{etag} |
||||
|
} else { |
||||
|
w.Header()["ETag"] = []string{"\"" + etag + "\""} |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func filerErrorToS3Error(errString string) s3err.ErrorCode { |
||||
|
switch { |
||||
|
case strings.HasPrefix(errString, "existing ") && strings.HasSuffix(errString, "is a directory"): |
||||
|
return s3err.ErrExistingObjectIsDirectory |
||||
|
case strings.HasSuffix(errString, "is a file"): |
||||
|
return s3err.ErrExistingObjectIsFile |
||||
|
default: |
||||
|
return s3err.ErrInternalError |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func (s3a *S3ApiServer) maybeAddFilerJwtAuthorization(r *http.Request, isWrite bool) { |
||||
|
encodedJwt := s3a.maybeGetFilerJwtAuthorizationToken(isWrite) |
||||
|
|
||||
|
if encodedJwt == "" { |
||||
|
return |
||||
|
} |
||||
|
|
||||
|
r.Header.Set("Authorization", "BEARER "+string(encodedJwt)) |
||||
|
} |
||||
|
|
||||
|
func (s3a *S3ApiServer) maybeGetFilerJwtAuthorizationToken(isWrite bool) string { |
||||
|
var encodedJwt security.EncodedJwt |
||||
|
if isWrite { |
||||
|
encodedJwt = security.GenJwtForFilerServer(s3a.filerGuard.SigningKey, s3a.filerGuard.ExpiresAfterSec) |
||||
|
} else { |
||||
|
encodedJwt = security.GenJwtForFilerServer(s3a.filerGuard.ReadSigningKey, s3a.filerGuard.ReadExpiresAfterSec) |
||||
|
} |
||||
|
return string(encodedJwt) |
||||
|
} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue