fix: filer do not support IP whitelist right now #7094 (#7095)

* fix: filer do not support IP whitelist right now #7094 * Apply suggestion from @gemini-code-assist[bot] Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> --------- Co-authored-by: Chris Lu <chrislusf@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
4 weeks ago · dfac1315ca
1 changed files with 5 additions and 4 deletions
--- a/weed/server/filer_server.go
+++ b/weed/server/filer_server.go
@ -173,8 +173,11 @@ func NewFilerServer(defaultMux, readonlyMux *http.ServeMux, option *FilerOption)
 		}
 	})
 	fs.filer.Cipher = option.Cipher
-	whiteList := util.StringSplit(v.GetString("guard.white_list"), ",")
-	fs.filerGuard = security.NewGuard(whiteList, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec)
+	// we do not support IP whitelist right now https://github.com/seaweedfs/seaweedfs/issues/7094
+	if v.GetString("guard.white_list") != "" {
+		glog.Warningf("filer: guard.white_list is configured but the IP whitelist feature is currently disabled. See https://github.com/seaweedfs/seaweedfs/issues/7094")
+	}
+	fs.filerGuard = security.NewGuard([]string{}, signingKey, expiresAfterSec, readSigningKey, readExpiresAfterSec)
 	fs.volumeGuard = security.NewGuard([]string{}, volumeSigningKey, volumeExpiresAfterSec, volumeReadSigningKey, volumeReadExpiresAfterSec)

 	fs.checkWithMaster()
@ -254,6 +257,4 @@ func (fs *FilerServer) Reload() {
 	glog.V(0).Infoln("Reload filer server...")

 	util.LoadConfiguration("security", false)
-	v := util.GetViper()
-	fs.filerGuard.UpdateWhiteList(util.StringSplit(v.GetString("guard.white_list"), ","))
 }