2021-04-18 15:41:13 -04:00
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
|
|
//
|
|
|
|
// This file is part of MinIO Object Storage stack
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2016-12-16 01:26:15 -05:00
|
|
|
|
|
|
|
package cmd
|
|
|
|
|
2018-01-22 17:54:55 -05:00
|
|
|
import (
|
|
|
|
"net/http"
|
2023-07-13 17:52:21 -04:00
|
|
|
"reflect"
|
|
|
|
"runtime"
|
|
|
|
"strings"
|
2018-01-22 17:54:55 -05:00
|
|
|
|
2021-07-12 13:49:50 -04:00
|
|
|
"github.com/klauspost/compress/gzhttp"
|
|
|
|
"github.com/klauspost/compress/gzip"
|
2023-06-19 20:53:08 -04:00
|
|
|
"github.com/minio/madmin-go/v3"
|
2021-08-09 15:45:59 -04:00
|
|
|
"github.com/minio/minio/internal/logger"
|
2023-01-23 06:12:47 -05:00
|
|
|
"github.com/minio/mux"
|
2018-01-22 17:54:55 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2023-07-06 01:28:26 -04:00
|
|
|
adminPathPrefix = minioReservedBucketPath + "/admin"
|
|
|
|
adminAPIVersion = madmin.AdminAPIVersion
|
|
|
|
adminAPIVersionPrefix = SlashSeparator + adminAPIVersion
|
|
|
|
adminAPISiteReplicationDevNull = "/site-replication/devnull"
|
|
|
|
adminAPISiteReplicationNetPerf = "/site-replication/netperf"
|
2023-08-10 10:14:46 -04:00
|
|
|
adminAPIClientDevNull = "/speedtest/client/devnull"
|
|
|
|
adminAPIClientDevExtraTime = "/speedtest/client/devnull/extratime"
|
2018-01-22 17:54:55 -05:00
|
|
|
)
|
2016-12-16 01:26:15 -05:00
|
|
|
|
2023-07-13 17:52:21 -04:00
|
|
|
var gzipHandler = func() func(http.Handler) http.HandlerFunc {
|
|
|
|
gz, err := gzhttp.NewWrapper(gzhttp.MinSize(1000), gzhttp.CompressionLevel(gzip.BestSpeed))
|
|
|
|
if err != nil {
|
|
|
|
// Static params, so this is very unlikely.
|
|
|
|
logger.Fatal(err, "Unable to initialize server")
|
|
|
|
}
|
|
|
|
return gz
|
|
|
|
}()
|
|
|
|
|
|
|
|
// Set of handler options as bit flags
|
|
|
|
type hFlag uint8
|
|
|
|
|
|
|
|
const (
|
|
|
|
// this flag disables gzip compression of responses
|
|
|
|
noGZFlag = 1 << iota
|
|
|
|
|
|
|
|
// this flag enables tracing body and headers instead of just headers
|
|
|
|
traceAllFlag
|
|
|
|
|
|
|
|
// pass this flag to skip checking if object layer is available
|
|
|
|
noObjLayerFlag
|
|
|
|
)
|
|
|
|
|
|
|
|
// Has checks if the the given flag is enabled in `h`.
|
|
|
|
func (h hFlag) Has(flag hFlag) bool {
|
|
|
|
// Use bitwise-AND and check if the result is non-zero.
|
|
|
|
return h&flag != 0
|
|
|
|
}
|
|
|
|
|
|
|
|
func getHandlerName(f http.HandlerFunc) string {
|
|
|
|
name := runtime.FuncForPC(reflect.ValueOf(f).Pointer()).Name()
|
|
|
|
name = strings.TrimPrefix(name, "github.com/minio/minio/cmd.adminAPIHandlers.")
|
|
|
|
name = strings.TrimSuffix(name, "Handler-fm")
|
|
|
|
name = strings.TrimSuffix(name, "-fm")
|
|
|
|
return name
|
|
|
|
}
|
|
|
|
|
|
|
|
// adminMiddleware performs some common admin handler functionality for all
|
|
|
|
// handlers:
|
|
|
|
//
|
|
|
|
// - updates request context with `logger.ReqInfo` and api name based on the
|
|
|
|
// name of the function handler passed (this handler must be a method of
|
|
|
|
// `adminAPIHandlers`).
|
|
|
|
//
|
|
|
|
// - sets up call to send AuditLog
|
|
|
|
//
|
|
|
|
// Note that, while this is a middleware function (i.e. it takes a handler
|
|
|
|
// function and returns one), due to flags being passed based on required
|
|
|
|
// conditions, it is done per-"handler function registration" in the router.
|
|
|
|
//
|
|
|
|
// When no flags are passed, gzip compression, http tracing of headers and
|
|
|
|
// checking of object layer availability are all enabled. Use flags to modify
|
|
|
|
// this behavior.
|
|
|
|
func adminMiddleware(f http.HandlerFunc, flags ...hFlag) http.HandlerFunc {
|
|
|
|
// Collect all flags with bitwise-OR and assign operator
|
|
|
|
var handlerFlags hFlag
|
|
|
|
for _, flag := range flags {
|
|
|
|
handlerFlags |= flag
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get name of the handler using reflection. NOTE: The passed in handler
|
|
|
|
// function must be a method of `adminAPIHandlers` for this extraction to
|
|
|
|
// work as expected.
|
|
|
|
handlerName := getHandlerName(f)
|
|
|
|
|
|
|
|
var handler http.HandlerFunc = func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
// Update request context with `logger.ReqInfo`.
|
|
|
|
r = r.WithContext(newContext(r, w, handlerName))
|
|
|
|
|
|
|
|
defer logger.AuditLog(r.Context(), w, r, mustGetClaimsFromToken(r))
|
|
|
|
|
|
|
|
// Check if object layer is available, if not return error early.
|
|
|
|
if !handlerFlags.Has(noObjLayerFlag) {
|
|
|
|
objectAPI := newObjectLayerFn()
|
|
|
|
if objectAPI == nil || globalNotificationSys == nil {
|
|
|
|
writeErrorResponseJSON(r.Context(), w, errorCodes.ToAPIErr(ErrServerNotInitialized), r.URL)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Apply http tracing "middleware" based on presence of flag.
|
|
|
|
var f2 http.HandlerFunc
|
|
|
|
if handlerFlags.Has(traceAllFlag) {
|
|
|
|
f2 = httpTraceAll(f)
|
|
|
|
} else {
|
|
|
|
f2 = httpTraceHdrs(f)
|
|
|
|
}
|
|
|
|
|
|
|
|
// call the final handler
|
|
|
|
f2(w, r)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Enable compression of responses based on presence of flag.
|
|
|
|
if !handlerFlags.Has(noGZFlag) {
|
|
|
|
handler = gzipHandler(handler)
|
|
|
|
}
|
|
|
|
|
|
|
|
return handler
|
|
|
|
}
|
|
|
|
|
2019-04-09 14:39:42 -04:00
|
|
|
// adminAPIHandlers provides HTTP handlers for MinIO admin API.
|
2019-11-04 12:30:59 -05:00
|
|
|
type adminAPIHandlers struct{}
|
2016-12-16 01:26:15 -05:00
|
|
|
|
|
|
|
// registerAdminRouter - Add handler functions for each service REST API routes.
|
2021-07-10 11:32:52 -04:00
|
|
|
func registerAdminRouter(router *mux.Router, enableConfigOps bool) {
|
2016-12-16 01:26:15 -05:00
|
|
|
adminAPI := adminAPIHandlers{}
|
|
|
|
// Admin router
|
2019-11-04 12:30:59 -05:00
|
|
|
adminRouter := router.PathPrefix(adminPathPrefix).Subrouter()
|
2018-01-22 17:54:55 -05:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
adminVersions := []string{
|
|
|
|
adminAPIVersionPrefix,
|
|
|
|
}
|
2017-01-04 02:39:22 -05:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
for _, adminVersion := range adminVersions {
|
|
|
|
// Restart and stop MinIO service.
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/service").HandlerFunc(adminMiddleware(adminAPI.ServiceHandler, traceAllFlag)).Queries("action", "{action:.*}")
|
2020-04-07 22:30:59 -04:00
|
|
|
// Update MinIO servers.
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update").HandlerFunc(adminMiddleware(adminAPI.ServerUpdateHandler, traceAllFlag)).Queries("updateURL", "{updateURL:.*}")
|
2019-10-23 00:01:14 -04:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// Info operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/info").HandlerFunc(adminMiddleware(adminAPI.ServerInfoHandler, traceAllFlag, noObjLayerFlag))
|
|
|
|
adminRouter.Methods(http.MethodGet, http.MethodPost).Path(adminVersion + "/inspect-data").HandlerFunc(adminMiddleware(adminAPI.InspectDataHandler, noGZFlag, traceAllFlag))
|
2017-02-15 13:45:45 -05:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// StorageInfo operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/storageinfo").HandlerFunc(adminMiddleware(adminAPI.StorageInfoHandler, traceAllFlag))
|
2020-04-07 22:30:59 -04:00
|
|
|
// DataUsageInfo operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/datausageinfo").HandlerFunc(adminMiddleware(adminAPI.DataUsageInfoHandler, traceAllFlag))
|
2022-07-05 17:45:49 -04:00
|
|
|
// Metrics operation
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/metrics").HandlerFunc(adminMiddleware(adminAPI.MetricsHandler, traceAllFlag))
|
2020-02-04 21:20:39 -05:00
|
|
|
|
2020-06-12 23:04:01 -04:00
|
|
|
if globalIsDistErasure || globalIsErasure {
|
2021-11-16 12:28:29 -05:00
|
|
|
// Heal operations
|
2018-12-31 12:46:44 -05:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// Heal processing endpoint.
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/").HandlerFunc(adminMiddleware(adminAPI.HealHandler, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}").HandlerFunc(adminMiddleware(adminAPI.HealHandler, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}/{prefix:.*}").HandlerFunc(adminMiddleware(adminAPI.HealHandler, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/background-heal/status").HandlerFunc(adminMiddleware(adminAPI.BackgroundHealStatusHandler, traceAllFlag))
|
2022-01-10 12:07:49 -05:00
|
|
|
|
|
|
|
// Pool operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/pools/list").HandlerFunc(adminMiddleware(adminAPI.ListPools, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/pools/status").HandlerFunc(adminMiddleware(adminAPI.StatusPool, traceAllFlag)).Queries("pool", "{pool:.*}")
|
2022-01-10 12:07:49 -05:00
|
|
|
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/pools/decommission").HandlerFunc(adminMiddleware(adminAPI.StartDecommission, traceAllFlag)).Queries("pool", "{pool:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/pools/cancel").HandlerFunc(adminMiddleware(adminAPI.CancelDecommission, traceAllFlag)).Queries("pool", "{pool:.*}")
|
2022-10-25 15:36:57 -04:00
|
|
|
|
|
|
|
// Rebalance operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/rebalance/start").HandlerFunc(adminMiddleware(adminAPI.RebalanceStart, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/rebalance/status").HandlerFunc(adminMiddleware(adminAPI.RebalanceStatus, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/rebalance/stop").HandlerFunc(adminMiddleware(adminAPI.RebalanceStop, traceAllFlag))
|
2020-04-07 22:30:59 -04:00
|
|
|
}
|
2018-10-09 17:00:01 -04:00
|
|
|
|
2022-04-08 15:44:35 -04:00
|
|
|
// Profiling operations - deprecated API
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/profiling/start").HandlerFunc(adminMiddleware(adminAPI.StartProfilingHandler, traceAllFlag, noObjLayerFlag)).
|
2020-04-07 22:30:59 -04:00
|
|
|
Queries("profilerType", "{profilerType:.*}")
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/profiling/download").HandlerFunc(adminMiddleware(adminAPI.DownloadProfilingHandler, traceAllFlag, noObjLayerFlag))
|
2022-04-08 15:44:35 -04:00
|
|
|
// Profiling operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/profile").HandlerFunc(adminMiddleware(adminAPI.ProfileHandler, traceAllFlag, noObjLayerFlag))
|
2018-10-13 03:18:43 -04:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// Config KV operations.
|
|
|
|
if enableConfigOps {
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-config-kv").HandlerFunc(adminMiddleware(adminAPI.GetConfigKVHandler)).Queries("key", "{key:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/set-config-kv").HandlerFunc(adminMiddleware(adminAPI.SetConfigKVHandler))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/del-config-kv").HandlerFunc(adminMiddleware(adminAPI.DelConfigKVHandler))
|
2020-04-16 17:49:12 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Enable config help in all modes.
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/help-config-kv").HandlerFunc(adminMiddleware(adminAPI.HelpConfigKVHandler, traceAllFlag)).Queries("subSys", "{subSys:.*}", "key", "{key:.*}")
|
2020-04-16 17:49:12 -04:00
|
|
|
|
|
|
|
// Config KV history operations.
|
|
|
|
if enableConfigOps {
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-config-history-kv").HandlerFunc(adminMiddleware(adminAPI.ListConfigHistoryKVHandler, traceAllFlag)).Queries("count", "{count:[0-9]+}")
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/clear-config-history-kv").HandlerFunc(adminMiddleware(adminAPI.ClearConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/restore-config-history-kv").HandlerFunc(adminMiddleware(adminAPI.RestoreConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
|
2020-04-07 22:30:59 -04:00
|
|
|
}
|
2018-10-16 15:48:19 -04:00
|
|
|
|
2021-11-16 12:28:29 -05:00
|
|
|
// Config import/export bulk operations
|
2020-04-07 22:30:59 -04:00
|
|
|
if enableConfigOps {
|
|
|
|
// Get config
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/config").HandlerFunc(adminMiddleware(adminAPI.GetConfigHandler))
|
2020-04-07 22:30:59 -04:00
|
|
|
// Set config
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/config").HandlerFunc(adminMiddleware(adminAPI.SetConfigHandler))
|
2020-04-07 22:30:59 -04:00
|
|
|
}
|
2018-10-16 15:48:19 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// -- IAM APIs --
|
2020-03-17 13:36:13 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Add policy IAM
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-canned-policy").HandlerFunc(adminMiddleware(adminAPI.AddCannedPolicy, traceAllFlag)).Queries("name", "{name:.*}")
|
2019-09-26 14:23:13 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Add user IAM
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/accountinfo").HandlerFunc(adminMiddleware(adminAPI.AccountInfoHandler, traceAllFlag))
|
2020-05-15 21:16:45 -04:00
|
|
|
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-user").HandlerFunc(adminMiddleware(adminAPI.AddUser)).Queries("accessKey", "{accessKey:.*}")
|
2018-10-09 17:00:01 -04:00
|
|
|
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-status").HandlerFunc(adminMiddleware(adminAPI.SetUserStatus)).Queries("accessKey", "{accessKey:.*}").Queries("status", "{status:.*}")
|
2019-08-13 16:41:06 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Service accounts ops
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/add-service-account").HandlerFunc(adminMiddleware(adminAPI.AddServiceAccount))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update-service-account").HandlerFunc(adminMiddleware(adminAPI.UpdateServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-service-account").HandlerFunc(adminMiddleware(adminAPI.InfoServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-service-accounts").HandlerFunc(adminMiddleware(adminAPI.ListServiceAccounts))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/delete-service-account").HandlerFunc(adminMiddleware(adminAPI.DeleteServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
2018-10-09 17:00:01 -04:00
|
|
|
|
2022-12-13 11:38:50 -05:00
|
|
|
// STS accounts ops
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/temporary-account-info").HandlerFunc(adminMiddleware(adminAPI.TemporaryAccountInfo)).Queries("accessKey", "{accessKey:.*}")
|
2022-12-13 11:38:50 -05:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Info policy IAM latest
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-canned-policy").HandlerFunc(adminMiddleware(adminAPI.InfoCannedPolicy)).Queries("name", "{name:.*}")
|
2021-07-10 11:32:52 -04:00
|
|
|
// List policies latest
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-canned-policies").HandlerFunc(adminMiddleware(adminAPI.ListBucketPolicies)).Queries("bucket", "{bucket:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-canned-policies").HandlerFunc(adminMiddleware(adminAPI.ListCannedPolicies))
|
2019-08-02 17:25:00 -04:00
|
|
|
|
2022-12-19 13:37:03 -05:00
|
|
|
// Builtin IAM policy associations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/idp/builtin/policy-entities").HandlerFunc(adminMiddleware(adminAPI.ListPolicyMappingEntities))
|
2022-12-19 13:37:03 -05:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Remove policy IAM
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-canned-policy").HandlerFunc(adminMiddleware(adminAPI.RemoveCannedPolicy)).Queries("name", "{name:.*}")
|
2019-08-02 17:25:00 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Set user or group policy
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-or-group-policy").
|
2023-07-13 17:52:21 -04:00
|
|
|
HandlerFunc(adminMiddleware(adminAPI.SetPolicyForUserOrGroup)).
|
2021-07-10 11:32:52 -04:00
|
|
|
Queries("policyName", "{policyName:.*}", "userOrGroup", "{userOrGroup:.*}", "isGroup", "{isGroup:true|false}")
|
2019-08-02 17:25:00 -04:00
|
|
|
|
2023-06-22 01:44:50 -04:00
|
|
|
// Attach/Detach policies to/from user or group
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp/builtin/policy/{operation}").HandlerFunc(adminMiddleware(adminAPI.AttachDetachPolicyBuiltin))
|
2022-12-13 15:13:23 -05:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Remove user IAM
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-user").HandlerFunc(adminMiddleware(adminAPI.RemoveUser)).Queries("accessKey", "{accessKey:.*}")
|
2019-08-02 17:25:00 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// List users
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-users").HandlerFunc(adminMiddleware(adminAPI.ListBucketUsers)).Queries("bucket", "{bucket:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-users").HandlerFunc(adminMiddleware(adminAPI.ListUsers))
|
2018-10-17 20:25:16 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// User info
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/user-info").HandlerFunc(adminMiddleware(adminAPI.GetUserInfo)).Queries("accessKey", "{accessKey:.*}")
|
2021-07-10 11:32:52 -04:00
|
|
|
// Add/Remove members from group
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/update-group-members").HandlerFunc(adminMiddleware(adminAPI.UpdateGroupMembers))
|
2020-04-07 22:30:59 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Get Group
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/group").HandlerFunc(adminMiddleware(adminAPI.GetGroup)).Queries("group", "{group:.*}")
|
2020-04-07 22:30:59 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// List Groups
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/groups").HandlerFunc(adminMiddleware(adminAPI.ListGroups))
|
2020-04-07 22:30:59 -04:00
|
|
|
|
2021-07-10 11:32:52 -04:00
|
|
|
// Set Group Status
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-group-status").HandlerFunc(adminMiddleware(adminAPI.SetGroupStatus)).Queries("group", "{group:.*}").Queries("status", "{status:.*}")
|
2020-04-07 22:30:59 -04:00
|
|
|
|
2022-06-23 12:25:15 -04:00
|
|
|
// Export IAM info to zipped file
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/export-iam").HandlerFunc(adminMiddleware(adminAPI.ExportIAM, noGZFlag))
|
2022-06-23 12:25:15 -04:00
|
|
|
|
|
|
|
// Import IAM info
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/import-iam").HandlerFunc(adminMiddleware(adminAPI.ImportIAM, noGZFlag))
|
2022-06-23 12:25:15 -04:00
|
|
|
|
2022-07-05 21:18:04 -04:00
|
|
|
// IDentity Provider configuration APIs
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/idp-config/{type}/{name}").HandlerFunc(adminMiddleware(adminAPI.AddIdentityProviderCfg))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp-config/{type}/{name}").HandlerFunc(adminMiddleware(adminAPI.UpdateIdentityProviderCfg))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/idp-config/{type}").HandlerFunc(adminMiddleware(adminAPI.ListIdentityProviderCfg))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/idp-config/{type}/{name}").HandlerFunc(adminMiddleware(adminAPI.GetIdentityProviderCfg))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/idp-config/{type}/{name}").HandlerFunc(adminMiddleware(adminAPI.DeleteIdentityProviderCfg))
|
2022-07-05 21:18:04 -04:00
|
|
|
|
2023-12-15 16:00:43 -05:00
|
|
|
// LDAP specific service accounts ops
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/idp/ldap/add-service-account").HandlerFunc(adminMiddleware(adminAPI.AddServiceAccountLDAP))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/idp/ldap/list-access-keys").
|
|
|
|
HandlerFunc(adminMiddleware(adminAPI.ListAccessKeysLDAP)).
|
|
|
|
Queries("userDN", "{userDN:.*}", "listType", "{listType:.*}")
|
|
|
|
|
2022-11-07 17:35:09 -05:00
|
|
|
// LDAP IAM operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/idp/ldap/policy-entities").HandlerFunc(adminMiddleware(adminAPI.ListLDAPPolicyMappingEntities))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp/ldap/policy/{operation}").HandlerFunc(adminMiddleware(adminAPI.AttachDetachPolicyLDAP))
|
2022-07-05 21:18:04 -04:00
|
|
|
// -- END IAM APIs --
|
|
|
|
|
2022-05-30 13:58:37 -04:00
|
|
|
// GetBucketQuotaConfig
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-bucket-quota").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.GetBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
|
2022-05-30 13:58:37 -04:00
|
|
|
// PutBucketQuotaConfig
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-bucket-quota").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.PutBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
|
2022-05-30 13:58:37 -04:00
|
|
|
|
|
|
|
// Bucket replication operations
|
|
|
|
// GetBucketTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-remote-targets").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ListRemoteTargetsHandler)).Queries("bucket", "{bucket:.*}", "type", "{type:.*}")
|
2022-05-30 13:58:37 -04:00
|
|
|
// SetRemoteTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-remote-target").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.SetRemoteTargetHandler)).Queries("bucket", "{bucket:.*}")
|
2022-05-30 13:58:37 -04:00
|
|
|
// RemoveRemoteTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-remote-target").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.RemoveRemoteTargetHandler)).Queries("bucket", "{bucket:.*}", "arn", "{arn:.*}")
|
2022-07-21 14:05:44 -04:00
|
|
|
// ReplicationDiff - MinIO extension API
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/replication/diff").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ReplicationDiffHandler)).Queries("bucket", "{bucket:.*}")
|
2023-07-13 02:51:33 -04:00
|
|
|
// ReplicationMRFHandler - MinIO extension API
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/replication/mrf").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ReplicationMRFHandler)).Queries("bucket", "{bucket:.*}")
|
2022-05-30 13:58:37 -04:00
|
|
|
|
2022-10-03 05:10:15 -04:00
|
|
|
// Batch job operations
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/start-job").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.StartBatchJob))
|
2022-10-03 05:10:15 -04:00
|
|
|
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-jobs").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ListBatchJobs))
|
2022-10-03 05:10:15 -04:00
|
|
|
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/describe-job").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.DescribeBatchJob))
|
2023-03-18 02:42:43 -04:00
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/cancel-job").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.CancelBatchJob))
|
2022-10-03 05:10:15 -04:00
|
|
|
|
2022-06-18 09:55:39 -04:00
|
|
|
// Bucket migration operations
|
|
|
|
// ExportBucketMetaHandler
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/export-bucket-metadata").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ExportBucketMetadataHandler))
|
2022-06-18 09:55:39 -04:00
|
|
|
// ImportBucketMetaHandler
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/import-bucket-metadata").HandlerFunc(
|
2023-07-13 17:52:21 -04:00
|
|
|
adminMiddleware(adminAPI.ImportBucketMetadataHandler))
|
2022-06-18 09:55:39 -04:00
|
|
|
|
2022-05-30 13:58:37 -04:00
|
|
|
// Remote Tier management operations
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/tier").HandlerFunc(adminMiddleware(adminAPI.AddTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/tier/{tier}").HandlerFunc(adminMiddleware(adminAPI.EditTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/tier").HandlerFunc(adminMiddleware(adminAPI.ListTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/tier/{tier}").HandlerFunc(adminMiddleware(adminAPI.RemoveTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/tier/{tier}").HandlerFunc(adminMiddleware(adminAPI.VerifyTierHandler))
|
2022-05-30 13:58:37 -04:00
|
|
|
// Tier stats
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/tier-stats").HandlerFunc(adminMiddleware(adminAPI.TierStatsHandler))
|
2022-05-30 13:58:37 -04:00
|
|
|
|
|
|
|
// Cluster Replication APIs
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/add").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationAdd))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/remove").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationRemove))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/site-replication/info").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationInfo))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/site-replication/metainfo").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationMetaInfo))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/site-replication/status").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationStatus))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + adminAPISiteReplicationDevNull).HandlerFunc(adminMiddleware(adminAPI.SiteReplicationDevNull, noObjLayerFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + adminAPISiteReplicationNetPerf).HandlerFunc(adminMiddleware(adminAPI.SiteReplicationNetPerf, noObjLayerFlag))
|
|
|
|
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/peer/join").HandlerFunc(adminMiddleware(adminAPI.SRPeerJoin))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/site-replication/peer/bucket-ops").HandlerFunc(adminMiddleware(adminAPI.SRPeerBucketOps)).Queries("bucket", "{bucket:.*}").Queries("operation", "{operation:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/peer/iam-item").HandlerFunc(adminMiddleware(adminAPI.SRPeerReplicateIAMItem))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/peer/bucket-meta").HandlerFunc(adminMiddleware(adminAPI.SRPeerReplicateBucketItem))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/site-replication/peer/idp-settings").HandlerFunc(adminMiddleware(adminAPI.SRPeerGetIDPSettings))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/edit").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationEdit))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/peer/edit").HandlerFunc(adminMiddleware(adminAPI.SRPeerEdit))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/peer/remove").HandlerFunc(adminMiddleware(adminAPI.SRPeerRemove))
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/site-replication/resync/op").HandlerFunc(adminMiddleware(adminAPI.SiteReplicationResyncOp)).Queries("operation", "{operation:.*}")
|
2023-11-21 12:48:06 -05:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/site-replication/state/edit").HandlerFunc(adminMiddleware(adminAPI.SRStateEdit))
|
2021-01-04 12:43:31 -05:00
|
|
|
|
2020-06-12 23:04:01 -04:00
|
|
|
if globalIsDistErasure {
|
2021-01-25 13:01:27 -05:00
|
|
|
// Top locks
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/top/locks").HandlerFunc(adminMiddleware(adminAPI.TopLocksHandler))
|
2021-01-25 13:01:27 -05:00
|
|
|
// Force unlocks paths
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/force-unlock").
|
2023-07-13 17:52:21 -04:00
|
|
|
Queries("paths", "{paths:.*}").HandlerFunc(adminMiddleware(adminAPI.ForceUnlockHandler))
|
2020-04-07 22:30:59 -04:00
|
|
|
}
|
2019-01-24 10:22:14 -05:00
|
|
|
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/speedtest").HandlerFunc(adminMiddleware(adminAPI.ObjectSpeedTestHandler, noGZFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/speedtest/object").HandlerFunc(adminMiddleware(adminAPI.ObjectSpeedTestHandler, noGZFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/speedtest/drive").HandlerFunc(adminMiddleware(adminAPI.DriveSpeedtestHandler, noGZFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/speedtest/net").HandlerFunc(adminMiddleware(adminAPI.NetperfHandler, noGZFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/speedtest/site").HandlerFunc(adminMiddleware(adminAPI.SitePerfHandler, noGZFlag))
|
2023-08-10 10:14:46 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + adminAPIClientDevNull).HandlerFunc(adminMiddleware(adminAPI.ClientDevNull, noGZFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + adminAPIClientDevExtraTime).HandlerFunc(adminMiddleware(adminAPI.ClientDevNullExtraTime, noGZFlag))
|
2021-07-27 15:55:56 -04:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// HTTP Trace
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/trace").HandlerFunc(adminMiddleware(adminAPI.TraceHandler, noObjLayerFlag))
|
2019-09-04 16:19:44 -04:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// Console Logs
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/log").HandlerFunc(adminMiddleware(adminAPI.ConsoleLogHandler, traceAllFlag))
|
2019-09-03 14:10:48 -04:00
|
|
|
|
2020-04-07 22:30:59 -04:00
|
|
|
// -- KMS APIs --
|
|
|
|
//
|
2023-07-13 17:52:21 -04:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/kms/status").HandlerFunc(adminMiddleware(adminAPI.KMSStatusHandler, traceAllFlag))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/kms/key/create").HandlerFunc(adminMiddleware(adminAPI.KMSCreateKeyHandler, traceAllFlag)).Queries("key-id", "{key-id:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/kms/key/status").HandlerFunc(adminMiddleware(adminAPI.KMSKeyStatusHandler, traceAllFlag))
|
2019-09-04 16:19:44 -04:00
|
|
|
|
2022-10-24 20:44:15 -04:00
|
|
|
// Keep obdinfo for backward compatibility with mc
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/obdinfo").
|
2023-07-13 17:52:21 -04:00
|
|
|
HandlerFunc(adminMiddleware(adminAPI.HealthInfoHandler))
|
2022-10-24 20:44:15 -04:00
|
|
|
// -- Health API --
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/healthinfo").
|
2023-07-13 17:52:21 -04:00
|
|
|
HandlerFunc(adminMiddleware(adminAPI.HealthInfoHandler))
|
2020-03-27 00:07:39 -04:00
|
|
|
}
|
|
|
|
|
2019-11-04 12:30:59 -05:00
|
|
|
// If none of the routes match add default error handler routes
|
2020-09-28 16:33:49 -04:00
|
|
|
adminRouter.NotFoundHandler = httpTraceAll(errorResponseHandler)
|
2020-10-28 12:18:35 -04:00
|
|
|
adminRouter.MethodNotAllowedHandler = httpTraceAll(methodNotAllowedHandler("Admin"))
|
2016-12-16 01:26:15 -05:00
|
|
|
}
|