2020-08-19 23:36:34 +00:00
|
|
|
package handler
|
|
|
|
|
|
|
|
import (
|
2023-07-06 13:37:53 +00:00
|
|
|
"io"
|
2020-08-19 23:36:34 +00:00
|
|
|
"net/http"
|
|
|
|
|
2023-03-07 14:38:08 +00:00
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/data"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
|
2023-07-05 14:05:45 +00:00
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
|
2020-08-19 23:36:34 +00:00
|
|
|
"go.uber.org/zap"
|
|
|
|
)
|
|
|
|
|
2021-06-30 12:29:01 +00:00
|
|
|
const sizeToDetectType = 512
|
2021-01-14 17:39:48 +00:00
|
|
|
|
2023-06-01 13:45:28 +00:00
|
|
|
func getRangeToDetectContentType(maxSize uint64) *layer.RangeParams {
|
|
|
|
end := maxSize
|
2021-06-30 12:29:01 +00:00
|
|
|
if sizeToDetectType < end {
|
|
|
|
end = sizeToDetectType
|
|
|
|
}
|
|
|
|
|
|
|
|
return &layer.RangeParams{
|
|
|
|
Start: 0,
|
|
|
|
End: end - 1,
|
|
|
|
}
|
2021-01-14 17:39:48 +00:00
|
|
|
}
|
|
|
|
|
2020-08-19 23:36:34 +00:00
|
|
|
func (h *handler) HeadObjectHandler(w http.ResponseWriter, r *http.Request) {
|
2023-07-05 14:05:45 +00:00
|
|
|
reqInfo := middleware.GetReqInfo(r.Context())
|
2020-08-19 23:36:34 +00:00
|
|
|
|
2022-03-18 13:04:09 +00:00
|
|
|
bktInfo, err := h.getBucketAndCheckOwner(r, reqInfo.BucketName)
|
2022-03-09 13:15:17 +00:00
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "could not get bucket info", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
2021-08-23 08:19:41 +00:00
|
|
|
|
2022-06-01 14:09:28 +00:00
|
|
|
conditional, err := parseConditionalHeaders(r.Header)
|
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "could not parse request params", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-08-10 10:03:09 +00:00
|
|
|
p := &layer.HeadObjectParams{
|
2022-03-18 13:04:09 +00:00
|
|
|
BktInfo: bktInfo,
|
2021-08-10 10:03:09 +00:00
|
|
|
Object: reqInfo.ObjectName,
|
2021-08-19 06:55:22 +00:00
|
|
|
VersionID: reqInfo.URL.Query().Get(api.QueryVersionID),
|
2021-08-10 10:03:09 +00:00
|
|
|
}
|
|
|
|
|
2022-08-05 00:54:21 +00:00
|
|
|
extendedInfo, err := h.obj.GetExtendedObjectInfo(r.Context(), p)
|
2022-06-28 13:35:05 +00:00
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "could not find object", reqInfo, err)
|
2020-08-19 23:36:34 +00:00
|
|
|
return
|
2021-06-30 12:29:01 +00:00
|
|
|
}
|
2022-06-28 13:35:05 +00:00
|
|
|
info := extendedInfo.ObjectInfo
|
2022-06-01 14:09:28 +00:00
|
|
|
|
2022-11-09 10:07:18 +00:00
|
|
|
encryptionParams, err := formEncryptionParams(r)
|
2022-08-01 16:52:09 +00:00
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "invalid sse headers", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-08-11 08:48:58 +00:00
|
|
|
if err = encryptionParams.MatchObjectEncryption(layer.FormEncryptionInfo(info.Headers)); err != nil {
|
2022-08-01 16:52:09 +00:00
|
|
|
h.logAndSendError(w, "encryption doesn't match object", reqInfo, errors.GetAPIError(errors.ErrBadRequest), zap.Error(err))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-06-01 14:09:28 +00:00
|
|
|
if err = checkPreconditions(info, conditional); err != nil {
|
|
|
|
h.logAndSendError(w, "precondition failed", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-05-26 13:11:14 +00:00
|
|
|
t := &layer.ObjectVersion{
|
|
|
|
BktInfo: bktInfo,
|
|
|
|
ObjectName: info.Name,
|
2022-08-04 17:31:33 +00:00
|
|
|
VersionID: info.VersionID(),
|
2022-05-24 06:58:33 +00:00
|
|
|
}
|
|
|
|
|
2022-06-28 13:35:05 +00:00
|
|
|
tagSet, lockInfo, err := h.obj.GetObjectTaggingAndLock(r.Context(), t, extendedInfo.NodeVersion)
|
2021-08-17 11:23:01 +00:00
|
|
|
if err != nil && !errors.IsS3Error(err, errors.ErrNoSuchKey) {
|
2022-05-31 14:28:06 +00:00
|
|
|
h.logAndSendError(w, "could not get object meta data", reqInfo, err)
|
2021-08-17 11:23:01 +00:00
|
|
|
return
|
|
|
|
}
|
2021-08-18 13:48:58 +00:00
|
|
|
|
2021-08-19 06:55:22 +00:00
|
|
|
if len(info.ContentType) == 0 {
|
2022-09-07 06:59:24 +00:00
|
|
|
if info.ContentType = layer.MimeByFilePath(info.Name); len(info.ContentType) == 0 {
|
2022-06-29 10:51:05 +00:00
|
|
|
getParams := &layer.GetObjectParams{
|
|
|
|
ObjectInfo: info,
|
2023-07-06 13:37:53 +00:00
|
|
|
Versioned: p.Versioned(),
|
2022-06-29 10:51:05 +00:00
|
|
|
Range: getRangeToDetectContentType(info.Size),
|
|
|
|
BucketInfo: bktInfo,
|
|
|
|
}
|
2023-07-06 13:37:53 +00:00
|
|
|
|
|
|
|
objPayload, err := h.obj.GetObject(r.Context(), getParams)
|
|
|
|
if err != nil {
|
2022-06-29 10:51:05 +00:00
|
|
|
h.logAndSendError(w, "could not get object", reqInfo, err, zap.Stringer("oid", info.ID))
|
|
|
|
return
|
|
|
|
}
|
2023-07-06 13:37:53 +00:00
|
|
|
|
|
|
|
buffer, err := io.ReadAll(objPayload)
|
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "could not partly read payload to detect content type", reqInfo, err, zap.Stringer("oid", info.ID))
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
info.ContentType = http.DetectContentType(buffer)
|
2021-08-18 13:48:58 +00:00
|
|
|
}
|
2021-01-14 17:39:48 +00:00
|
|
|
}
|
2021-08-18 13:48:58 +00:00
|
|
|
|
2022-05-31 14:28:06 +00:00
|
|
|
if err = h.setLockingHeaders(bktInfo, lockInfo, w.Header()); err != nil {
|
2022-03-09 13:15:17 +00:00
|
|
|
h.logAndSendError(w, "could not get locking info", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-08-05 01:15:24 +00:00
|
|
|
bktSettings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
|
|
|
|
if err != nil {
|
|
|
|
h.logAndSendError(w, "could not get bucket settings", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2023-10-02 08:52:07 +00:00
|
|
|
writeHeaders(w.Header(), r.Header, extendedInfo, len(tagSet), bktSettings.Unversioned(), h.cfg.MD5Enabled())
|
2020-10-24 13:09:22 +00:00
|
|
|
w.WriteHeader(http.StatusOK)
|
2020-08-19 23:36:34 +00:00
|
|
|
}
|
2020-08-22 02:45:48 +00:00
|
|
|
|
|
|
|
func (h *handler) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
|
2023-07-05 14:05:45 +00:00
|
|
|
reqInfo := middleware.GetReqInfo(r.Context())
|
2020-08-22 02:45:48 +00:00
|
|
|
|
2022-03-18 13:04:09 +00:00
|
|
|
bktInfo, err := h.getBucketAndCheckOwner(r, reqInfo.BucketName)
|
2021-08-23 08:37:08 +00:00
|
|
|
if err != nil {
|
2021-08-23 08:19:41 +00:00
|
|
|
h.logAndSendError(w, "could not get bucket info", reqInfo, err)
|
|
|
|
return
|
|
|
|
}
|
2020-08-22 02:45:48 +00:00
|
|
|
|
2023-04-14 13:46:51 +00:00
|
|
|
w.Header().Set(api.OwnerID, bktInfo.Owner.EncodeToString())
|
2022-05-25 17:25:43 +00:00
|
|
|
w.Header().Set(api.ContainerID, bktInfo.CID.EncodeToString())
|
2022-11-03 06:34:18 +00:00
|
|
|
w.Header().Set(api.AmzBucketRegion, bktInfo.LocationConstraint)
|
2023-02-10 12:19:29 +00:00
|
|
|
|
2023-09-08 11:17:14 +00:00
|
|
|
if isAvailableToResolve(bktInfo.Zone, h.cfg.ResolveZoneList(), h.cfg.IsResolveListAllow()) {
|
2023-02-10 12:19:29 +00:00
|
|
|
w.Header().Set(api.ContainerName, bktInfo.Name)
|
|
|
|
w.Header().Set(api.ContainerZone, bktInfo.Zone)
|
|
|
|
}
|
|
|
|
|
2023-07-05 14:05:45 +00:00
|
|
|
middleware.WriteResponse(w, http.StatusOK, nil, middleware.MimeNone)
|
2020-08-22 02:45:48 +00:00
|
|
|
}
|
2022-03-09 13:15:17 +00:00
|
|
|
|
2022-05-31 14:28:06 +00:00
|
|
|
func (h *handler) setLockingHeaders(bktInfo *data.BucketInfo, lockInfo *data.LockInfo, header http.Header) error {
|
2022-03-09 13:15:17 +00:00
|
|
|
if !bktInfo.ObjectLockEnabled {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
legalHold := &data.LegalHold{Status: legalHoldOff}
|
2022-05-26 13:11:14 +00:00
|
|
|
retention := &data.Retention{Mode: governanceMode}
|
2022-03-09 13:15:17 +00:00
|
|
|
|
2022-06-27 09:33:36 +00:00
|
|
|
if lockInfo.IsLegalHoldSet() {
|
2022-05-31 14:28:06 +00:00
|
|
|
legalHold.Status = legalHoldOn
|
2022-03-09 13:15:17 +00:00
|
|
|
}
|
2022-06-27 09:33:36 +00:00
|
|
|
if lockInfo.IsRetentionSet() {
|
|
|
|
retention.RetainUntilDate = lockInfo.UntilDate()
|
|
|
|
if lockInfo.IsCompliance() {
|
2022-05-31 14:28:06 +00:00
|
|
|
retention.Mode = complianceMode
|
2022-03-09 13:15:17 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
writeLockHeaders(header, legalHold, retention)
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func writeLockHeaders(h http.Header, legalHold *data.LegalHold, retention *data.Retention) {
|
|
|
|
h.Set(api.AmzObjectLockLegalHold, legalHold.Status)
|
|
|
|
|
|
|
|
if retention.RetainUntilDate != "" {
|
|
|
|
h.Set(api.AmzObjectLockRetainUntilDate, retention.RetainUntilDate)
|
|
|
|
h.Set(api.AmzObjectLockMode, retention.Mode)
|
|
|
|
}
|
|
|
|
}
|
2023-02-10 12:19:29 +00:00
|
|
|
|
|
|
|
func isAvailableToResolve(zone string, list []string, isAllowList bool) bool {
|
|
|
|
// empty zone means container doesn't have proper system name,
|
|
|
|
// so we don't have to resolve it
|
|
|
|
if len(zone) == 0 {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
var zoneInList bool
|
|
|
|
for _, t := range list {
|
|
|
|
if t == zone {
|
|
|
|
zoneInList = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// InList | IsAllowList | Result
|
|
|
|
// 0 0 1
|
|
|
|
// 0 1 0
|
|
|
|
// 1 0 0
|
|
|
|
// 1 1 1
|
|
|
|
return zoneInList == isAllowList
|
|
|
|
}
|