2021-04-18 12:41:13 -07:00
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
|
|
//
|
|
|
|
// This file is part of MinIO Object Storage stack
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2016-12-16 11:56:15 +05:30
|
|
|
|
|
|
|
package cmd
|
|
|
|
|
2018-01-22 14:54:55 -08:00
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
|
2018-04-22 07:53:54 +05:30
|
|
|
"github.com/gorilla/mux"
|
2021-05-06 08:52:02 -07:00
|
|
|
"github.com/minio/madmin-go"
|
2018-01-22 14:54:55 -08:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2020-04-07 19:30:59 -07:00
|
|
|
adminPathPrefix = minioReservedBucketPath + "/admin"
|
|
|
|
adminAPIVersionV2 = madmin.AdminAPIVersionV2
|
|
|
|
adminAPIVersion = madmin.AdminAPIVersion
|
|
|
|
adminAPIVersionPrefix = SlashSeparator + adminAPIVersion
|
|
|
|
adminAPIVersionV2Prefix = SlashSeparator + adminAPIVersionV2
|
2018-01-22 14:54:55 -08:00
|
|
|
)
|
2016-12-16 11:56:15 +05:30
|
|
|
|
2019-04-09 11:39:42 -07:00
|
|
|
// adminAPIHandlers provides HTTP handlers for MinIO admin API.
|
2019-11-04 09:30:59 -08:00
|
|
|
type adminAPIHandlers struct{}
|
2016-12-16 11:56:15 +05:30
|
|
|
|
|
|
|
// registerAdminRouter - Add handler functions for each service REST API routes.
|
2020-05-25 00:17:52 -07:00
|
|
|
func registerAdminRouter(router *mux.Router, enableConfigOps, enableIAMOps bool) {
|
2016-12-16 11:56:15 +05:30
|
|
|
|
|
|
|
adminAPI := adminAPIHandlers{}
|
|
|
|
// Admin router
|
2019-11-04 09:30:59 -08:00
|
|
|
adminRouter := router.PathPrefix(adminPathPrefix).Subrouter()
|
2018-01-22 14:54:55 -08:00
|
|
|
|
2017-01-04 13:09:22 +05:30
|
|
|
/// Service operations
|
2016-12-16 11:56:15 +05:30
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
adminVersions := []string{
|
|
|
|
adminAPIVersionPrefix,
|
|
|
|
adminAPIVersionV2Prefix,
|
|
|
|
}
|
2017-01-04 13:09:22 +05:30
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
for _, adminVersion := range adminVersions {
|
|
|
|
// Restart and stop MinIO service.
|
2020-05-11 10:34:08 -07:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/service").HandlerFunc(httpTraceAll(adminAPI.ServiceHandler)).Queries("action", "{action:.*}")
|
2020-04-07 19:30:59 -07:00
|
|
|
// Update MinIO servers.
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update").HandlerFunc(httpTraceAll(adminAPI.ServerUpdateHandler)).Queries("updateURL", "{updateURL:.*}")
|
2019-10-23 09:31:14 +05:30
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Info operations
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/info").HandlerFunc(httpTraceAll(adminAPI.ServerInfoHandler))
|
2017-02-15 19:45:45 +01:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// StorageInfo operations
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/storageinfo").HandlerFunc(httpTraceAll(adminAPI.StorageInfoHandler))
|
|
|
|
// DataUsageInfo operations
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/datausageinfo").HandlerFunc(httpTraceAll(adminAPI.DataUsageInfoHandler))
|
2020-02-05 03:20:39 +01:00
|
|
|
|
2020-06-12 20:04:01 -07:00
|
|
|
if globalIsDistErasure || globalIsErasure {
|
2020-04-07 19:30:59 -07:00
|
|
|
/// Heal operations
|
2018-12-31 23:16:44 +05:30
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Heal processing endpoint.
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/").HandlerFunc(httpTraceAll(adminAPI.HealHandler))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}").HandlerFunc(httpTraceAll(adminAPI.HealHandler))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}/{prefix:.*}").HandlerFunc(httpTraceAll(adminAPI.HealHandler))
|
2019-06-26 00:42:24 +01:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/background-heal/status").HandlerFunc(httpTraceAll(adminAPI.BackgroundHealStatusHandler))
|
2018-12-31 23:16:44 +05:30
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
/// Health operations
|
2019-10-22 22:59:13 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
}
|
2018-10-09 14:00:01 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Profiling operations
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/profiling/start").HandlerFunc(httpTraceAll(adminAPI.StartProfilingHandler)).
|
|
|
|
Queries("profilerType", "{profilerType:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/profiling/download").HandlerFunc(httpTraceAll(adminAPI.DownloadProfilingHandler))
|
2018-10-13 00:18:43 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Config KV operations.
|
|
|
|
if enableConfigOps {
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-config-kv").HandlerFunc(httpTraceHdrs(adminAPI.GetConfigKVHandler)).Queries("key", "{key:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/set-config-kv").HandlerFunc(httpTraceHdrs(adminAPI.SetConfigKVHandler))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/del-config-kv").HandlerFunc(httpTraceHdrs(adminAPI.DelConfigKVHandler))
|
2020-04-16 14:49:12 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Enable config help in all modes.
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/help-config-kv").HandlerFunc(httpTraceAll(adminAPI.HelpConfigKVHandler)).Queries("subSys", "{subSys:.*}", "key", "{key:.*}")
|
|
|
|
|
|
|
|
// Config KV history operations.
|
|
|
|
if enableConfigOps {
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-config-history-kv").HandlerFunc(httpTraceAll(adminAPI.ListConfigHistoryKVHandler)).Queries("count", "{count:[0-9]+}")
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/clear-config-history-kv").HandlerFunc(httpTraceHdrs(adminAPI.ClearConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/restore-config-history-kv").HandlerFunc(httpTraceHdrs(adminAPI.RestoreConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
|
|
|
|
}
|
2018-10-16 12:48:19 -07:00
|
|
|
|
2020-04-16 14:49:12 -07:00
|
|
|
/// Config import/export bulk operations
|
2020-04-07 19:30:59 -07:00
|
|
|
if enableConfigOps {
|
|
|
|
// Get config
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/config").HandlerFunc(httpTraceHdrs(adminAPI.GetConfigHandler))
|
|
|
|
// Set config
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/config").HandlerFunc(httpTraceHdrs(adminAPI.SetConfigHandler))
|
|
|
|
}
|
2018-10-16 12:48:19 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
if enableIAMOps {
|
|
|
|
// -- IAM APIs --
|
2020-03-17 18:36:13 +01:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Add policy IAM
|
2021-02-12 23:05:09 -08:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-canned-policy").HandlerFunc(httpTraceAll(adminAPI.AddCannedPolicy)).Queries("name", "{name:.*}")
|
2019-09-26 11:23:13 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Add user IAM
|
2020-11-27 17:23:57 -08:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/accountinfo").HandlerFunc(httpTraceAll(adminAPI.AccountInfoHandler))
|
2020-05-15 18:16:45 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-user").HandlerFunc(httpTraceHdrs(adminAPI.AddUser)).Queries("accessKey", "{accessKey:.*}")
|
2018-10-09 14:00:01 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-status").HandlerFunc(httpTraceHdrs(adminAPI.SetUserStatus)).Queries("accessKey", "{accessKey:.*}").Queries("status", "{status:.*}")
|
2019-08-13 13:41:06 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Service accounts ops
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/add-service-account").HandlerFunc(httpTraceHdrs(adminAPI.AddServiceAccount))
|
2021-04-15 06:51:14 +01:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update-service-account").HandlerFunc(httpTraceHdrs(adminAPI.UpdateServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-service-account").HandlerFunc(httpTraceHdrs(adminAPI.InfoServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
2020-04-24 20:10:09 +01:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-service-accounts").HandlerFunc(httpTraceHdrs(adminAPI.ListServiceAccounts))
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/delete-service-account").HandlerFunc(httpTraceHdrs(adminAPI.DeleteServiceAccount)).Queries("accessKey", "{accessKey:.*}")
|
2018-10-09 14:00:01 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
if adminVersion == adminAPIVersionV2Prefix {
|
|
|
|
// Info policy IAM v2
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-canned-policy").HandlerFunc(httpTraceHdrs(adminAPI.InfoCannedPolicyV2)).Queries("name", "{name:.*}")
|
2018-10-13 00:18:43 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// List policies v2
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-canned-policies").HandlerFunc(httpTraceHdrs(adminAPI.ListCannedPoliciesV2))
|
|
|
|
} else {
|
|
|
|
// Info policy IAM latest
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-canned-policy").HandlerFunc(httpTraceHdrs(adminAPI.InfoCannedPolicy)).Queries("name", "{name:.*}")
|
2019-08-13 13:41:06 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// List policies latest
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-canned-policies").HandlerFunc(httpTraceHdrs(adminAPI.ListCannedPolicies))
|
|
|
|
}
|
2019-08-02 14:25:00 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Remove policy IAM
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-canned-policy").HandlerFunc(httpTraceHdrs(adminAPI.RemoveCannedPolicy)).Queries("name", "{name:.*}")
|
2019-08-02 14:25:00 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Set user or group policy
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-or-group-policy").
|
|
|
|
HandlerFunc(httpTraceHdrs(adminAPI.SetPolicyForUserOrGroup)).
|
|
|
|
Queries("policyName", "{policyName:.*}", "userOrGroup", "{userOrGroup:.*}", "isGroup", "{isGroup:true|false}")
|
2019-08-02 14:25:00 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Remove user IAM
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-user").HandlerFunc(httpTraceHdrs(adminAPI.RemoveUser)).Queries("accessKey", "{accessKey:.*}")
|
2019-08-02 14:25:00 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// List users
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-users").HandlerFunc(httpTraceHdrs(adminAPI.ListUsers))
|
2018-10-17 17:25:16 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// User info
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/user-info").HandlerFunc(httpTraceHdrs(adminAPI.GetUserInfo)).Queries("accessKey", "{accessKey:.*}")
|
|
|
|
|
|
|
|
// Add/Remove members from group
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/update-group-members").HandlerFunc(httpTraceHdrs(adminAPI.UpdateGroupMembers))
|
|
|
|
|
|
|
|
// Get Group
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/group").HandlerFunc(httpTraceHdrs(adminAPI.GetGroup)).Queries("group", "{group:.*}")
|
|
|
|
|
|
|
|
// List Groups
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/groups").HandlerFunc(httpTraceHdrs(adminAPI.ListGroups))
|
|
|
|
|
|
|
|
// Set Group Status
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-group-status").HandlerFunc(httpTraceHdrs(adminAPI.SetGroupStatus)).Queries("group", "{group:.*}").Queries("status", "{status:.*}")
|
2020-04-30 15:55:54 -07:00
|
|
|
}
|
2020-04-07 19:30:59 -07:00
|
|
|
|
2020-06-12 20:04:01 -07:00
|
|
|
if globalIsDistErasure || globalIsErasure {
|
2021-01-04 09:43:31 -08:00
|
|
|
// GetBucketQuotaConfig
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-bucket-quota").HandlerFunc(
|
|
|
|
httpTraceHdrs(adminAPI.GetBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
|
|
|
|
// PutBucketQuotaConfig
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-bucket-quota").HandlerFunc(
|
|
|
|
httpTraceHdrs(adminAPI.PutBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
|
|
|
|
|
|
|
|
// Bucket replication operations
|
|
|
|
// GetBucketTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-remote-targets").HandlerFunc(
|
|
|
|
httpTraceHdrs(adminAPI.ListRemoteTargetsHandler)).Queries("bucket", "{bucket:.*}", "type", "{type:.*}")
|
|
|
|
// SetRemoteTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-remote-target").HandlerFunc(
|
|
|
|
httpTraceHdrs(adminAPI.SetRemoteTargetHandler)).Queries("bucket", "{bucket:.*}")
|
|
|
|
// RemoveRemoteTargetHandler
|
|
|
|
adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-remote-target").HandlerFunc(
|
|
|
|
httpTraceHdrs(adminAPI.RemoveRemoteTargetHandler)).Queries("bucket", "{bucket:.*}", "arn", "{arn:.*}")
|
2021-04-19 10:30:42 -07:00
|
|
|
|
|
|
|
// Remote Tier management operations
|
|
|
|
adminRouter.Methods(http.MethodPut).Path(adminVersion + "/tier").HandlerFunc(httpTraceHdrs(adminAPI.AddTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion + "/tier/{tier}").HandlerFunc(httpTraceHdrs(adminAPI.EditTierHandler))
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/tier").HandlerFunc(httpTraceHdrs(adminAPI.ListTierHandler))
|
2020-04-07 19:30:59 -07:00
|
|
|
}
|
2021-01-04 09:43:31 -08:00
|
|
|
|
2020-06-12 20:04:01 -07:00
|
|
|
if globalIsDistErasure {
|
2021-01-25 10:01:27 -08:00
|
|
|
// Top locks
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/top/locks").HandlerFunc(httpTraceHdrs(adminAPI.TopLocksHandler))
|
2021-01-25 10:01:27 -08:00
|
|
|
// Force unlocks paths
|
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/force-unlock").
|
|
|
|
Queries("paths", "{paths:.*}").HandlerFunc(httpTraceHdrs(adminAPI.ForceUnlockHandler))
|
2020-04-07 19:30:59 -07:00
|
|
|
}
|
2019-01-24 07:22:14 -08:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// HTTP Trace
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/trace").HandlerFunc(adminAPI.TraceHandler)
|
2019-09-04 22:19:44 +02:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// Console Logs
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/log").HandlerFunc(httpTraceAll(adminAPI.ConsoleLogHandler))
|
2019-09-03 11:10:48 -07:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
// -- KMS APIs --
|
|
|
|
//
|
2020-07-09 03:50:43 +02:00
|
|
|
adminRouter.Methods(http.MethodPost).Path(adminVersion+"/kms/key/create").HandlerFunc(httpTraceAll(adminAPI.KMSCreateKeyHandler)).Queries("key-id", "{key-id:.*}")
|
2020-04-07 19:30:59 -07:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/kms/key/status").HandlerFunc(httpTraceAll(adminAPI.KMSKeyStatusHandler))
|
2019-09-04 22:19:44 +02:00
|
|
|
|
2020-04-07 19:30:59 -07:00
|
|
|
if !globalIsGateway {
|
2020-11-21 02:22:53 +05:30
|
|
|
// Keep obdinfo for backward compatibility with mc
|
2020-09-16 02:02:54 +01:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/obdinfo").
|
2020-11-21 02:22:53 +05:30
|
|
|
HandlerFunc(httpTraceHdrs(adminAPI.HealthInfoHandler))
|
|
|
|
// -- Health API --
|
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/healthinfo").
|
|
|
|
HandlerFunc(httpTraceHdrs(adminAPI.HealthInfoHandler))
|
2020-10-09 20:36:00 -07:00
|
|
|
adminRouter.Methods(http.MethodGet).Path(adminVersion + "/bandwidth").
|
|
|
|
HandlerFunc(httpTraceHdrs(adminAPI.BandwidthMonitorHandler))
|
2020-04-07 19:30:59 -07:00
|
|
|
}
|
2020-03-26 21:07:39 -07:00
|
|
|
}
|
|
|
|
|
2019-11-04 09:30:59 -08:00
|
|
|
// If none of the routes match add default error handler routes
|
2020-09-29 04:33:49 +08:00
|
|
|
adminRouter.NotFoundHandler = httpTraceAll(errorResponseHandler)
|
2020-10-28 09:18:35 -07:00
|
|
|
adminRouter.MethodNotAllowedHandler = httpTraceAll(methodNotAllowedHandler("Admin"))
|
2016-12-16 11:56:15 +05:30
|
|
|
}
|