Admin API auth and heal related fixes (#5445)

- Fetch region for auth from global state
- Fix SHA256 handling for empty body in heal API
This commit is contained in:
Aditya Manthramurthy 2018-01-25 05:54:00 -08:00 committed by Nitish Tiwari
parent 2dd117f647
commit 5cdcc73bd5
2 changed files with 11 additions and 10 deletions

View File

@ -60,7 +60,7 @@ var (
// Returns Administration API version // Returns Administration API version
func (a adminAPIHandlers) VersionHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) VersionHandler(w http.ResponseWriter, r *http.Request) {
adminAPIErr := checkRequestAuthType(r, "", "", "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponse(w, adminAPIErr, r.URL) writeErrorResponse(w, adminAPIErr, r.URL)
return return
@ -80,7 +80,7 @@ func (a adminAPIHandlers) VersionHandler(w http.ResponseWriter, r *http.Request)
// ---------- // ----------
// Returns server version and uptime. // Returns server version and uptime.
func (a adminAPIHandlers) ServiceStatusHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ServiceStatusHandler(w http.ResponseWriter, r *http.Request) {
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -125,7 +125,7 @@ func (a adminAPIHandlers) ServiceStatusHandler(w http.ResponseWriter, r *http.Re
// Restarts/Stops minio server gracefully. In a distributed setup, // Restarts/Stops minio server gracefully. In a distributed setup,
// restarts all the servers in the cluster. // restarts all the servers in the cluster.
func (a adminAPIHandlers) ServiceStopNRestartHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ServiceStopNRestartHandler(w http.ResponseWriter, r *http.Request) {
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -217,7 +217,7 @@ type ServerInfo struct {
// Get server information // Get server information
func (a adminAPIHandlers) ServerInfoHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ServerInfoHandler(w http.ResponseWriter, r *http.Request) {
// Authenticate request // Authenticate request
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -304,7 +304,7 @@ func validateLockQueryParams(vars url.Values) (string, string, time.Duration,
// Lists locks held on a given bucket, prefix and duration it was held for. // Lists locks held on a given bucket, prefix and duration it was held for.
func (a adminAPIHandlers) ListLocksHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ListLocksHandler(w http.ResponseWriter, r *http.Request) {
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -347,7 +347,7 @@ func (a adminAPIHandlers) ListLocksHandler(w http.ResponseWriter, r *http.Reques
// Clear locks held on a given bucket, prefix and duration it was held for. // Clear locks held on a given bucket, prefix and duration it was held for.
func (a adminAPIHandlers) ClearLocksHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) ClearLocksHandler(w http.ResponseWriter, r *http.Request) {
adminAPIErr := checkRequestAuthType(r, "", "", "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -453,7 +453,7 @@ func (a adminAPIHandlers) HealHandler(w http.ResponseWriter, r *http.Request) {
} }
// Validate request signature. // Validate request signature.
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -563,7 +563,7 @@ func (a adminAPIHandlers) HealHandler(w http.ResponseWriter, r *http.Request) {
func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Request) { func (a adminAPIHandlers) GetConfigHandler(w http.ResponseWriter, r *http.Request) {
// Validate request signature. // Validate request signature.
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -669,7 +669,7 @@ func (a adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http.Reques
} }
// Validate request signature. // Validate request signature.
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponseJSON(w, adminAPIErr, r.URL) writeErrorResponseJSON(w, adminAPIErr, r.URL)
return return
@ -766,7 +766,7 @@ func (a adminAPIHandlers) UpdateCredentialsHandler(w http.ResponseWriter,
r *http.Request) { r *http.Request) {
// Authenticate request // Authenticate request
adminAPIErr := checkAdminRequestAuthType(r, "") adminAPIErr := checkAdminRequestAuthType(r, globalServerConfig.GetRegion())
if adminAPIErr != ErrNone { if adminAPIErr != ErrNone {
writeErrorResponse(w, adminAPIErr, r.URL) writeErrorResponse(w, adminAPIErr, r.URL)
return return

View File

@ -138,6 +138,7 @@ func (adm *AdminClient) Heal(bucket, prefix string, healOpts HealOpts,
var contentBody io.Reader var contentBody io.Reader
if clientToken != "" { if clientToken != "" {
queryVals.Set("clientToken", clientToken) queryVals.Set("clientToken", clientToken)
body = []byte{}
} else { } else {
// Set a body only if clientToken is not given // Set a body only if clientToken is not given
contentBody = bytes.NewReader(body) contentBody = bytes.NewReader(body)