forked from TrueCloudLab/frostfs-s3-gw
b695e6a3b4
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
188 lines
4.3 KiB
Go
188 lines
4.3 KiB
Go
package handler
|
|
|
|
import (
|
|
"context"
|
|
"encoding/xml"
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"github.com/gorilla/mux"
|
|
"github.com/nspcc-dev/neofs-api-go/pkg/acl"
|
|
"github.com/nspcc-dev/neofs-node/pkg/policy"
|
|
"github.com/nspcc-dev/neofs-s3-gw/api"
|
|
"github.com/nspcc-dev/neofs-s3-gw/api/layer"
|
|
"github.com/nspcc-dev/neofs-s3-gw/creds/accessbox"
|
|
"go.uber.org/zap"
|
|
)
|
|
|
|
// keywords of predefined basic ACL values.
|
|
const (
|
|
basicACLPrivate = "private"
|
|
basicACLReadOnly = "public-read"
|
|
basicACLPublic = "public-read-write"
|
|
defaultPolicy = "REP 3"
|
|
|
|
publicBasicRule = 0x0FFFFFFF
|
|
)
|
|
|
|
type createBucketParams struct {
|
|
XMLName xml.Name `xml:"http://s3.amazonaws.com/doc/2006-03-01/ CreateBucketConfiguration" json:"-"`
|
|
LocationConstraint string
|
|
}
|
|
|
|
func (h *handler) PutObjectHandler(w http.ResponseWriter, r *http.Request) {
|
|
var (
|
|
err error
|
|
info *layer.ObjectInfo
|
|
req = mux.Vars(r)
|
|
bkt = req["bucket"]
|
|
obj = req["object"]
|
|
rid = api.GetRequestID(r.Context())
|
|
)
|
|
|
|
metadata := parseMetadata(r)
|
|
|
|
params := &layer.PutObjectParams{
|
|
Bucket: bkt,
|
|
Object: obj,
|
|
Reader: r.Body,
|
|
Size: r.ContentLength,
|
|
Header: metadata,
|
|
}
|
|
|
|
if info, err = h.obj.PutObject(r.Context(), params); err != nil {
|
|
h.log.Error("could not upload object",
|
|
zap.String("request_id", rid),
|
|
zap.String("bucket_name", bkt),
|
|
zap.String("object_name", obj),
|
|
zap.Error(err))
|
|
|
|
api.WriteErrorResponse(r.Context(), w, api.Error{
|
|
Code: api.GetAPIError(api.ErrInternalError).Code,
|
|
Description: err.Error(),
|
|
HTTPStatusCode: http.StatusInternalServerError,
|
|
}, r.URL)
|
|
|
|
return
|
|
}
|
|
|
|
w.Header().Set(api.ETag, info.HashSum)
|
|
api.WriteSuccessResponseHeadersOnly(w)
|
|
}
|
|
|
|
func parseMetadata(r *http.Request) map[string]string {
|
|
res := make(map[string]string)
|
|
for k, v := range r.Header {
|
|
if strings.HasPrefix(k, api.MetadataPrefix) {
|
|
key := strings.TrimPrefix(k, api.MetadataPrefix)
|
|
res[key] = v[0]
|
|
}
|
|
}
|
|
return res
|
|
}
|
|
|
|
func (h *handler) CreateBucketHandler(w http.ResponseWriter, r *http.Request) {
|
|
var (
|
|
err error
|
|
p = layer.CreateBucketParams{}
|
|
req = mux.Vars(r)
|
|
)
|
|
p.Name = req["bucket"]
|
|
if val, ok := r.Header["X-Amz-Acl"]; ok {
|
|
p.ACL, err = parseBasicACL(val[0])
|
|
} else {
|
|
p.ACL = publicBasicRule
|
|
}
|
|
|
|
if err != nil {
|
|
h.registerAndSendError(w, r, err, "could not parse basic ACL")
|
|
return
|
|
}
|
|
|
|
createParams, err := parseLocationConstraint(r)
|
|
if err != nil {
|
|
h.registerAndSendError(w, r, err, "could not parse body")
|
|
return
|
|
}
|
|
|
|
boxData, err := getBoxData(r.Context())
|
|
if err != nil {
|
|
h.registerAndSendError(w, r, err, "could not get boxData")
|
|
return
|
|
}
|
|
|
|
if createParams.LocationConstraint != "" {
|
|
for _, placementPolicy := range boxData.Policies {
|
|
if placementPolicy.LocationConstraint == createParams.LocationConstraint {
|
|
p.Policy = placementPolicy.Policy
|
|
break
|
|
}
|
|
}
|
|
}
|
|
if p.Policy == nil {
|
|
p.Policy, err = policy.Parse(defaultPolicy)
|
|
if err != nil {
|
|
h.registerAndSendError(w, r, err, "could not parse policy")
|
|
return
|
|
}
|
|
}
|
|
|
|
cid, err := h.obj.CreateBucket(r.Context(), &p, boxData)
|
|
if err != nil {
|
|
h.registerAndSendError(w, r, err, "could not create bucket")
|
|
return
|
|
}
|
|
|
|
h.log.Info("bucket is created",
|
|
zap.String("container_id", cid.String()))
|
|
|
|
api.WriteSuccessResponseHeadersOnly(w)
|
|
}
|
|
|
|
func parseLocationConstraint(r *http.Request) (*createBucketParams, error) {
|
|
if r.ContentLength == 0 {
|
|
return new(createBucketParams), nil
|
|
}
|
|
|
|
params := new(createBucketParams)
|
|
if err := xml.NewDecoder(r.Body).Decode(params); err != nil {
|
|
return nil, err
|
|
}
|
|
return params, nil
|
|
}
|
|
|
|
func parseBasicACL(basicACL string) (uint32, error) {
|
|
switch basicACL {
|
|
case basicACLPublic:
|
|
return acl.PublicBasicRule, nil
|
|
case basicACLPrivate:
|
|
return acl.PrivateBasicRule, nil
|
|
case basicACLReadOnly:
|
|
return acl.ReadOnlyBasicRule, nil
|
|
default:
|
|
basicACL = strings.Trim(strings.ToLower(basicACL), "0x")
|
|
|
|
value, err := strconv.ParseUint(basicACL, 16, 32)
|
|
if err != nil {
|
|
return 0, fmt.Errorf("can't parse basic ACL: %s", basicACL)
|
|
}
|
|
|
|
return uint32(value), nil
|
|
}
|
|
}
|
|
|
|
func getBoxData(ctx context.Context) (*accessbox.Box, error) {
|
|
var boxData *accessbox.Box
|
|
data, ok := ctx.Value(api.BoxData).(*accessbox.Box)
|
|
if !ok || data == nil {
|
|
return nil, fmt.Errorf("couldn't get box data from context")
|
|
}
|
|
|
|
boxData = data
|
|
if boxData.Gate == nil {
|
|
boxData.Gate = &accessbox.GateData{}
|
|
}
|
|
return boxData, nil
|
|
}
|