mirror of
https://github.com/minio/minio.git
synced 2025-01-11 15:03:22 -05:00
web: Handle private bucket match from prefix to exact match.
Filter out 'privateBucket' if any from listBuckets output.
This commit is contained in:
parent
185d29a899
commit
91a7b13529
@ -19,6 +19,8 @@ package main
|
|||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"path"
|
||||||
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
@ -28,7 +30,7 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
iso8601Format = "20060102T150405Z"
|
iso8601Format = "20060102T150405Z"
|
||||||
privateBucket = "/minio"
|
privateBucket = "minio"
|
||||||
)
|
)
|
||||||
|
|
||||||
// HandlerFunc - useful to chain different middleware http.Handler
|
// HandlerFunc - useful to chain different middleware http.Handler
|
||||||
@ -99,19 +101,14 @@ func setBrowserRedirectHandler(h http.Handler) http.Handler {
|
|||||||
func (h redirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
func (h redirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
// Re-direction handled specifically for browsers.
|
// Re-direction handled specifically for browsers.
|
||||||
if strings.Contains(r.Header.Get("User-Agent"), "Mozilla") {
|
if strings.Contains(r.Header.Get("User-Agent"), "Mozilla") {
|
||||||
|
// Following re-direction code handles redirects only for
|
||||||
|
// these specific incoming URLs.
|
||||||
|
// '/' is redirected to '/locationPrefix'
|
||||||
|
// '/rpc' is redirected to '/locationPrefix/rpc'
|
||||||
|
// '/login' is redirected to '/locationPrefix/login'
|
||||||
switch r.URL.Path {
|
switch r.URL.Path {
|
||||||
case "/":
|
case "/", "/rpc", "/login":
|
||||||
// This could be the default route for browser, redirect
|
location := path.Join(h.locationPrefix, r.URL.Path)
|
||||||
// to 'locationPrefix/'.
|
|
||||||
fallthrough
|
|
||||||
case "/rpc":
|
|
||||||
// This is '/rpc' API route for browser, redirect to
|
|
||||||
// 'locationPrefix/rpc'.
|
|
||||||
fallthrough
|
|
||||||
case "/login":
|
|
||||||
// This is '/login' route for browser, redirect to
|
|
||||||
// 'locationPrefix/login'.
|
|
||||||
location := h.locationPrefix + r.URL.Path
|
|
||||||
// Redirect to new location.
|
// Redirect to new location.
|
||||||
http.Redirect(w, r, location, http.StatusTemporaryRedirect)
|
http.Redirect(w, r, location, http.StatusTemporaryRedirect)
|
||||||
return
|
return
|
||||||
@ -149,7 +146,7 @@ func setPrivateBucketHandler(h http.Handler) http.Handler {
|
|||||||
|
|
||||||
func (h minioPrivateBucketHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
func (h minioPrivateBucketHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
// For all non browser requests, reject access to 'privateBucket'.
|
// For all non browser requests, reject access to 'privateBucket'.
|
||||||
if !strings.Contains(r.Header.Get("User-Agent"), "Mozilla") && strings.HasPrefix(r.URL.Path, privateBucket) {
|
if !strings.Contains(r.Header.Get("User-Agent"), "Mozilla") && filepath.Base(r.URL.Path) == privateBucket {
|
||||||
writeErrorResponse(w, r, AllAccessDisabled, r.URL.Path)
|
writeErrorResponse(w, r, AllAccessDisabled, r.URL.Path)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -174,10 +174,13 @@ func (web *webAPI) ListBuckets(r *http.Request, args *ListBucketsArgs, reply *Li
|
|||||||
return &json2.Error{Message: e.Error()}
|
return &json2.Error{Message: e.Error()}
|
||||||
}
|
}
|
||||||
for _, bucket := range buckets {
|
for _, bucket := range buckets {
|
||||||
reply.Buckets = append(reply.Buckets, BucketInfo{
|
// List all buckets which are not private.
|
||||||
Name: bucket.Name,
|
if bucket.Name != privateBucket {
|
||||||
CreationDate: bucket.CreationDate,
|
reply.Buckets = append(reply.Buckets, BucketInfo{
|
||||||
})
|
Name: bucket.Name,
|
||||||
|
CreationDate: bucket.CreationDate,
|
||||||
|
})
|
||||||
|
}
|
||||||
}
|
}
|
||||||
reply.UIVersion = uiVersion
|
reply.UIVersion = uiVersion
|
||||||
return nil
|
return nil
|
||||||
|
Loading…
Reference in New Issue
Block a user