Merge pull request #894 from harshavardhana/putbucket-acl-handler

Add proper router for handling putBucketACLHandler

server-api-acl.go

@@ -58,21 +58,13 @@ func getACLType(req *http.Request) ACLType {
 func getACLTypeString(acl ACLType) string {
 	switch acl {
 	case privateACLType:
-		{
-			return "private"
-		}
+		return "private"
 	case publicReadACLType:
-		{
-			return "public-read"
-		}
+		return "public-read"
 	case publicReadWriteACLType:
-		{
-			return "public-read-write"
-		}
+		return "public-read-write"
 	case unsupportedACLType:
-		{
-			return ""
-		}
+		return ""
 	default:
 		return "private"
 	}

server-api-bucket-handlers.go

@@ -222,17 +222,11 @@ func (api API) PutBucketHandler(w http.ResponseWriter, req *http.Request) {
 		<-op.ProceedCh
 	}
 
-	// uncomment this when we have webcli
-	// without access key credentials one cannot create a bucket
-	// if _, err := StripAccessKeyID(req); err != nil {
-	// 	writeErrorResponse(w, req, AccessDenied,  req.URL.Path)
-	//	return
-	// }
-
-	if isRequestBucketACL(req.URL.Query()) {
-		api.PutBucketACLHandler(w, req)
+	if _, err := stripAccessKeyID(req.Header.Get("Authorization")); err != nil {
+		writeErrorResponse(w, req, AccessDenied, req.URL.Path)
 		return
 	}
+
 	// read from 'x-amz-acl'
 	aclType := getACLType(req)
 	if aclType == unsupportedACLType {

server-api-definitions.go

@@ -192,4 +192,6 @@ var notimplementedBucketResourceNames = map[string]bool{
 // List of not implemented object queries
 var notimplementedObjectResourceNames = map[string]bool{
 	"torrent": true,
+	"acl":     true,
+	"policy":  true,
 }

server-api-generic-handlers.go

@@ -19,6 +19,7 @@ package main
 import (
 	"errors"
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/rs/cors"
@@ -113,9 +114,20 @@ func IgnoreResourcesHandler(h http.Handler) http.Handler {
 
 // Resource handler ServeHTTP() wrapper
 func (h resourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	if ignoreNotImplementedObjectResources(r) || ignoreNotImplementedBucketResources(r) {
-		writeErrorResponse(w, r, NotImplemented, r.URL.Path)
-		return
+	splits := strings.SplitN(r.URL.Path, "/", 3)
+	switch len(splits) {
+	// bucket exists
+	case 2:
+		if ignoreNotImplementedBucketResources(r) {
+			writeErrorResponse(w, r, NotImplemented, r.URL.Path)
+			return
+		}
+	// object exists
+	case 3:
+		if ignoreNotImplementedObjectResources(r) {
+			writeErrorResponse(w, r, NotImplemented, r.URL.Path)
+			return
+		}
 	}
 	h.handler.ServeHTTP(w, r)
 }

server-api-resources.go

@@ -58,9 +58,3 @@ func isRequestUploads(values url.Values) bool {
 	_, ok := values["uploads"]
 	return ok
 }
-
-// check if req query values carry acl resource
-func isRequestBucketACL(values url.Values) bool {
-	_, ok := values["acl"]
-	return ok
-}

server-api-signature-handler.go

@@ -17,6 +17,8 @@
 package main
 
 import (
+	"crypto/sha256"
+	"encoding/hex"
 	"net/http"
 
 	"github.com/minio/minio/pkg/probe"
@@ -71,7 +73,8 @@ func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 					return
 				}
 			}
-			ok, err := signature.DoesSignatureMatch("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")
+			value := sha256.Sum256([]byte(""))
+			ok, err := signature.DoesSignatureMatch(hex.EncodeToString(value[:]))
 			if err != nil {
 				errorIf(err.Trace(), "Unable to verify signature.", nil)
 				writeErrorResponse(w, r, InternalError, r.URL.Path)

server-router.go

@@ -29,6 +29,7 @@ import (
 func registerAPI(mux *router.Router, a API) {
 	mux.HandleFunc("/", a.ListBucketsHandler).Methods("GET")
 	mux.HandleFunc("/{bucket}", a.ListObjectsHandler).Methods("GET")
+	mux.HandleFunc("/{bucket}", a.PutBucketACLHandler).Queries("acl", "").Methods("PUT")
 	mux.HandleFunc("/{bucket}", a.PutBucketHandler).Methods("PUT")
 	mux.HandleFunc("/{bucket}", a.HeadBucketHandler).Methods("HEAD")
 	mux.HandleFunc("/{bucket}", a.PostPolicyBucketHandler).Methods("POST")