diff --git a/server-api-acl.go b/server-api-acl.go index fcc3b37ce..283f51e32 100644 --- a/server-api-acl.go +++ b/server-api-acl.go @@ -58,21 +58,13 @@ func getACLType(req *http.Request) ACLType { func getACLTypeString(acl ACLType) string { switch acl { case privateACLType: - { - return "private" - } + return "private" case publicReadACLType: - { - return "public-read" - } + return "public-read" case publicReadWriteACLType: - { - return "public-read-write" - } + return "public-read-write" case unsupportedACLType: - { - return "" - } + return "" default: return "private" } diff --git a/server-api-bucket-handlers.go b/server-api-bucket-handlers.go index a229ec143..bd40c7e6d 100644 --- a/server-api-bucket-handlers.go +++ b/server-api-bucket-handlers.go @@ -222,17 +222,11 @@ func (api API) PutBucketHandler(w http.ResponseWriter, req *http.Request) { <-op.ProceedCh } - // uncomment this when we have webcli - // without access key credentials one cannot create a bucket - // if _, err := StripAccessKeyID(req); err != nil { - // writeErrorResponse(w, req, AccessDenied, req.URL.Path) - // return - // } - - if isRequestBucketACL(req.URL.Query()) { - api.PutBucketACLHandler(w, req) + if _, err := stripAccessKeyID(req.Header.Get("Authorization")); err != nil { + writeErrorResponse(w, req, AccessDenied, req.URL.Path) return } + // read from 'x-amz-acl' aclType := getACLType(req) if aclType == unsupportedACLType { diff --git a/server-api-definitions.go b/server-api-definitions.go index c05f5fc3d..67467cb45 100644 --- a/server-api-definitions.go +++ b/server-api-definitions.go @@ -192,4 +192,6 @@ var notimplementedBucketResourceNames = map[string]bool{ // List of not implemented object queries var notimplementedObjectResourceNames = map[string]bool{ "torrent": true, + "acl": true, + "policy": true, } diff --git a/server-api-generic-handlers.go b/server-api-generic-handlers.go index 933ddc05c..05a9fff25 100644 --- a/server-api-generic-handlers.go +++ b/server-api-generic-handlers.go @@ -19,6 +19,7 @@ package main import ( "errors" "net/http" + "strings" "time" "github.com/rs/cors" @@ -113,9 +114,20 @@ func IgnoreResourcesHandler(h http.Handler) http.Handler { // Resource handler ServeHTTP() wrapper func (h resourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { - if ignoreNotImplementedObjectResources(r) || ignoreNotImplementedBucketResources(r) { - writeErrorResponse(w, r, NotImplemented, r.URL.Path) - return + splits := strings.SplitN(r.URL.Path, "/", 3) + switch len(splits) { + // bucket exists + case 2: + if ignoreNotImplementedBucketResources(r) { + writeErrorResponse(w, r, NotImplemented, r.URL.Path) + return + } + // object exists + case 3: + if ignoreNotImplementedObjectResources(r) { + writeErrorResponse(w, r, NotImplemented, r.URL.Path) + return + } } h.handler.ServeHTTP(w, r) } diff --git a/server-api-resources.go b/server-api-resources.go index 4b03d775c..d71fd4eb7 100644 --- a/server-api-resources.go +++ b/server-api-resources.go @@ -58,9 +58,3 @@ func isRequestUploads(values url.Values) bool { _, ok := values["uploads"] return ok } - -// check if req query values carry acl resource -func isRequestBucketACL(values url.Values) bool { - _, ok := values["acl"] - return ok -} diff --git a/server-api-signature-handler.go b/server-api-signature-handler.go index dfb2af08c..87967a1a2 100644 --- a/server-api-signature-handler.go +++ b/server-api-signature-handler.go @@ -17,6 +17,8 @@ package main import ( + "crypto/sha256" + "encoding/hex" "net/http" "github.com/minio/minio/pkg/probe" @@ -71,7 +73,8 @@ func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { return } } - ok, err := signature.DoesSignatureMatch("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855") + value := sha256.Sum256([]byte("")) + ok, err := signature.DoesSignatureMatch(hex.EncodeToString(value[:])) if err != nil { errorIf(err.Trace(), "Unable to verify signature.", nil) writeErrorResponse(w, r, InternalError, r.URL.Path) diff --git a/server-router.go b/server-router.go index acaac7d95..7615af296 100644 --- a/server-router.go +++ b/server-router.go @@ -29,6 +29,7 @@ import ( func registerAPI(mux *router.Router, a API) { mux.HandleFunc("/", a.ListBucketsHandler).Methods("GET") mux.HandleFunc("/{bucket}", a.ListObjectsHandler).Methods("GET") + mux.HandleFunc("/{bucket}", a.PutBucketACLHandler).Queries("acl", "").Methods("PUT") mux.HandleFunc("/{bucket}", a.PutBucketHandler).Methods("PUT") mux.HandleFunc("/{bucket}", a.HeadBucketHandler).Methods("HEAD") mux.HandleFunc("/{bucket}", a.PostPolicyBucketHandler).Methods("POST")