Fix DummyHandlers to authorize and send/validate correct XMLs (#7223)

master
Harshavardhana 6 years ago committed by kannappanr
parent 13c3b8afe2
commit b8955fe577
  1. 60
      cmd/dummy-handlers.go

@ -1,5 +1,5 @@
/* /*
* Minio Cloud Storage, (C) 2018 Minio, Inc. * Minio Cloud Storage, (C) 2018, 2019 Minio, Inc.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -21,6 +21,7 @@ import (
"net/http" "net/http"
"github.com/gorilla/mux" "github.com/gorilla/mux"
"github.com/minio/minio/pkg/policy"
) )
// Data types used for returning dummy tagging XML. // Data types used for returning dummy tagging XML.
@ -95,25 +96,29 @@ func (api objectAPIHandlers) DeleteBucketWebsiteHandler(w http.ResponseWriter, r
w.(http.Flusher).Flush() w.(http.Flusher).Flush()
} }
type allowedMethod string
// Define strings
const (
GET allowedMethod = http.MethodGet
PUT allowedMethod = http.MethodPut
HEAD allowedMethod = http.MethodHead
POST allowedMethod = http.MethodPost
DELETE allowedMethod = http.MethodDelete
)
// GetBucketCorsHandler - GET bucket cors, a dummy api // GetBucketCorsHandler - GET bucket cors, a dummy api
func (api objectAPIHandlers) GetBucketCorsHandler(w http.ResponseWriter, r *http.Request) { func (api objectAPIHandlers) GetBucketCorsHandler(w http.ResponseWriter, r *http.Request) {
ctx := newContext(r, w, "GetBucketCorsHandler") ctx := newContext(r, w, "GetBucketCorsHandler")
type allowedMethod int
const (
GET allowedMethod = iota
PUT
HEAD
POST
DELETE
)
type corsRule struct { type corsRule struct {
AllowedMethod allowedMethod `xml:"AllowedMethod"` AllowedHeaders []string `xml:"AllowedHeaders"`
AllowedOrigin string `xml:"AllowedOrigin"` AllowedMethods []allowedMethod `xml:"AllowedMethod"`
ExposeHeader string `xml:"ExposeHeader"` AllowedOrigins []string `xml:"AllowedOrigin"`
ID string `xml:"ID"` ExposeHeaders []string `xml:"ExposeHeader"`
MaxAgeSeconds int64 `xml:"MaxAgeSeconds"` MaxAgeSeconds int64 `xml:"MaxAgeSeconds"`
} }
type corsConfiguration struct { type corsConfiguration struct {
XMLName xml.Name `xml:"CORSConfiguration"` XMLName xml.Name `xml:"CORSConfiguration"`
CorsRule []corsRule `xml:"CORSRule"` CorsRule []corsRule `xml:"CORSRule"`
@ -128,6 +133,13 @@ func (api objectAPIHandlers) GetBucketCorsHandler(w http.ResponseWriter, r *http
return return
} }
// Allow getBucketCors if policy action is set, since this is a dummy call
// we are simply re-purposing the bucketPolicyAction.
if s3Error := checkRequestAuthType(ctx, r, policy.GetBucketPolicyAction, bucket, ""); s3Error != ErrNone {
writeErrorResponse(w, s3Error, r.URL, guessIsBrowserReq(r))
return
}
// Validate if bucket exists, before proceeding further... // Validate if bucket exists, before proceeding further...
_, err := objAPI.GetBucketInfo(ctx, bucket) _, err := objAPI.GetBucketInfo(ctx, bucket)
if err != nil { if err != nil {
@ -135,10 +147,8 @@ func (api objectAPIHandlers) GetBucketCorsHandler(w http.ResponseWriter, r *http
return return
} }
tags := &tagging{} cors := &corsConfiguration{}
tags.TagSet.Tag = append(tags.TagSet.Tag, tagElem{}) if err := xml.NewEncoder(w).Encode(cors); err != nil {
if err := xml.NewEncoder(w).Encode(tags); err != nil {
writeErrorResponse(w, toAPIErrorCode(ctx, err), r.URL, guessIsBrowserReq(r)) writeErrorResponse(w, toAPIErrorCode(ctx, err), r.URL, guessIsBrowserReq(r))
return return
} }
@ -159,6 +169,13 @@ func (api objectAPIHandlers) GetBucketTaggingHandler(w http.ResponseWriter, r *h
return return
} }
// Allow getBucketTagging if policy action is set, since this is a dummy call
// we are simply re-purposing the bucketPolicyAction.
if s3Error := checkRequestAuthType(ctx, r, policy.GetBucketPolicyAction, bucket, ""); s3Error != ErrNone {
writeErrorResponse(w, s3Error, r.URL, guessIsBrowserReq(r))
return
}
// Validate if bucket exists, before proceeding further... // Validate if bucket exists, before proceeding further...
_, err := objAPI.GetBucketInfo(ctx, bucket) _, err := objAPI.GetBucketInfo(ctx, bucket)
if err != nil { if err != nil {
@ -191,6 +208,13 @@ func (api objectAPIHandlers) GetObjectTaggingHandler(w http.ResponseWriter, r *h
return return
} }
// Allow getObjectTagging if policy action is set, since this is a dummy call
// we are simply re-purposing the bucketPolicyAction.
if s3Error := checkRequestAuthType(ctx, r, policy.GetBucketPolicyAction, bucket, ""); s3Error != ErrNone {
writeErrorResponse(w, s3Error, r.URL, guessIsBrowserReq(r))
return
}
// Validate if object exists, before proceeding further... // Validate if object exists, before proceeding further...
_, err := objAPI.GetObjectInfo(ctx, bucket, object, ObjectOptions{}) _, err := objAPI.GetObjectInfo(ctx, bucket, object, ObjectOptions{})
if err != nil { if err != nil {

Loading…
Cancel
Save