Return proper errors when admin API is not initialized (#6988)

Especially in gateway IAM admin APIs are not enabled if etcd is not enabled, we should enable admin API though but only enable IAM and Config APIs with etcd configured.
6 years ago · e7c902bbbc
parent 5a5895203b
commit e7c902bbbc
5 changed files with 48 additions and 36 deletions
--- a/cmd/admin-handlers_test.go
+++ b/cmd/admin-handlers_test.go
@ -277,7 +277,7 @@ func prepareAdminXLTestBed() (*adminXLTestBed, error) {

 	// Setup admin mgmt REST API handlers.
 	adminRouter := mux.NewRouter()
-	registerAdminRouter(adminRouter)
+	registerAdminRouter(adminRouter, true)

 	return &adminXLTestBed{
 		xlDirs:   xlDirs,
--- a/cmd/admin-router.go
+++ b/cmd/admin-router.go
@ -31,7 +31,7 @@ type adminAPIHandlers struct {
 }

 // registerAdminRouter - Add handler functions for each service REST API routes.
-func registerAdminRouter(router *mux.Router) {
+func registerAdminRouter(router *mux.Router, enableIAM bool) {

 	adminAPI := adminAPIHandlers{}
 	// Admin router
@ -69,6 +69,7 @@ func registerAdminRouter(router *mux.Router) {

 	/// Config operations

+	if enableIAM {
 		// Update credentials
 		adminV1Router.Methods(http.MethodPut).Path("/config/credential").HandlerFunc(httpTraceHdrs(adminAPI.UpdateAdminCredentialsHandler))
 		// Get config
@ -104,7 +105,8 @@ func registerAdminRouter(router *mux.Router) {

 		// List policies
 		adminV1Router.Methods(http.MethodGet).Path("/list-canned-policies").HandlerFunc(httpTraceHdrs(adminAPI.ListCannedPolicies))
+	}

-	// If none of the routes match.
-	adminV1Router.NotFoundHandler = http.HandlerFunc(httpTraceHdrs(notFoundHandler))
+	// If none of the routes match, return error.
+	adminV1Router.NotFoundHandler = http.HandlerFunc(httpTraceHdrs(notFoundHandlerJSON))
 }
--- a/cmd/gateway-main.go
+++ b/cmd/gateway-main.go
@ -173,11 +173,12 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
 	if globalEtcdClient != nil {
 		// Enable STS router if etcd is enabled.
 		registerSTSRouter(router)
-
-		// Enable admin router if etcd is enabled.
-		registerAdminRouter(router)
 	}

+	// Enable IAM admin APIs if etcd is enabled, if not just enable basic
+	// operations such as profiling, server info etc.
+	registerAdminRouter(router, globalEtcdClient != nil)
+
 	// Add healthcheck router
 	registerHealthCheckRouter(router)

@ -307,5 +308,8 @@ func StartGateway(ctx *cli.Context, gw Gateway) {
 		printGatewayStartupMessage(getAPIEndpoints(), gatewayName)
 	}

+	// Set uptime time after object layer has initialized.
+	globalBootTime = UTCNow()
+
 	handleSignals()
 }
--- a/cmd/handler-utils.go
+++ b/cmd/handler-utils.go
@ -351,6 +351,12 @@ func getResource(path string, host string, domain string) (string, error) {
 	return slashSeparator + pathJoin(bucket, path), nil
 }

+// If none of the http routes match respond with MethodNotAllowed, in JSON
+func notFoundHandlerJSON(w http.ResponseWriter, r *http.Request) {
+	writeErrorResponseJSON(w, ErrMethodNotAllowed, r.URL)
+	return
+}
+
 // If none of the http routes match respond with MethodNotAllowed
 func notFoundHandler(w http.ResponseWriter, r *http.Request) {
 	writeErrorResponse(w, ErrMethodNotAllowed, r.URL, guessIsBrowserReq(r))
--- a/cmd/routers.go
+++ b/cmd/routers.go
@ -107,8 +107,8 @@ func configureServerHandler(endpoints EndpointList) (http.Handler, error) {
 	// Add Admin RPC router
 	registerAdminRPCRouter(router)

-	// Add Admin router.
-	registerAdminRouter(router)
+	// Add Admin router, all APIs are enabled in server mode.
+	registerAdminRouter(router, true)

 	// Add healthcheck router
 	registerHealthCheckRouter(router)