resolv

2022-03-30 06:31:19 -05:00
parent ea0b41d91c ce8ef60c59
commit 549e341c6f
11 changed files with 204 additions and 234 deletions
--- a/weed/iamapi/iamapi_management_handlers.go
+++ b/weed/iamapi/iamapi_management_handlers.go
@@ -4,10 +4,6 @@ import (
 	"crypto/sha1"
 	"encoding/json"
 	"fmt"
-	"github.com/chrislusf/seaweedfs/weed/glog"
-	"github.com/chrislusf/seaweedfs/weed/pb/iam_pb"
-	"github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
-	"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
 	"math/rand"
 	"net/http"
 	"net/url"
@@ -16,6 +12,11 @@ import (
 	"sync"
 	"time"

+	"github.com/chrislusf/seaweedfs/weed/glog"
+	"github.com/chrislusf/seaweedfs/weed/pb/iam_pb"
+	"github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
+	"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
+
 	"github.com/aws/aws-sdk-go/service/iam"
 )

@@ -155,6 +156,22 @@ func (iama *IamApiServer) GetUser(s3cfg *iam_pb.S3ApiConfiguration, userName str
 	return resp, fmt.Errorf(iam.ErrCodeNoSuchEntityException)
 }

+func (iama *IamApiServer) UpdateUser(s3cfg *iam_pb.S3ApiConfiguration, values url.Values) (resp UpdateUserResponse, err error) {
+	userName := values.Get("UserName")
+	newUserName := values.Get("NewUserName")
+	if newUserName != "" {
+		for _, ident := range s3cfg.Identities {
+			if userName == ident.Name {
+				ident.Name = newUserName
+				return resp, nil
+			}
+		}
+	} else {
+		return resp, nil
+	}
+	return resp, fmt.Errorf(iam.ErrCodeNoSuchEntityException)
+}
+
 func GetPolicyDocument(policy *string) (policyDocument PolicyDocument, err error) {
 	if err = json.Unmarshal([]byte(*policy), &policyDocument); err != nil {
 		return PolicyDocument{}, err
@@ -396,6 +413,13 @@ func (iama *IamApiServer) DoActions(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 		changed = false
+	case "UpdateUser":
+		response, err = iama.UpdateUser(s3cfg, values)
+		if err != nil {
+			glog.Errorf("UpdateUser: %+v", err)
+			s3err.WriteErrorResponse(w, r, s3err.ErrInvalidRequest)
+			return
+		}
 	case "DeleteUser":
 		userName := values.Get("UserName")
 		response, err = iama.DeleteUser(s3cfg, userName)
--- a/weed/iamapi/iamapi_response.go
+++ b/weed/iamapi/iamapi_response.go
@@ -66,6 +66,11 @@ type GetUserResponse struct {
 	} `xml:"GetUserResult"`
 }

+type UpdateUserResponse struct {
+	CommonResponse
+	XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ UpdateUserResponse"`
+}
+
 type CreateAccessKeyResponse struct {
 	CommonResponse
 	XMLName               xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ CreateAccessKeyResponse"`
--- a/weed/iamapi/iamapi_test.go
+++ b/weed/iamapi/iamapi_test.go
@@ -2,6 +2,10 @@ package iamapi

 import (
 	"encoding/xml"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/iam"
@@ -9,9 +13,6 @@ import (
 	"github.com/gorilla/mux"
 	"github.com/jinzhu/copier"
 	"github.com/stretchr/testify/assert"
-	"net/http"
-	"net/http/httptest"
-	"testing"
 )

 var GetS3ApiConfiguration func(s3cfg *iam_pb.S3ApiConfiguration) (err error)
@@ -161,8 +162,20 @@ func TestGetUserPolicy(t *testing.T) {
 	assert.Equal(t, http.StatusOK, response.Code)
 }

-func TestDeleteUser(t *testing.T) {
+func TestUpdateUser(t *testing.T) {
 	userName := aws.String("Test")
+	newUserName := aws.String("Test-New")
+	params := &iam.UpdateUserInput{NewUserName: newUserName, UserName: userName}
+	req, _ := iam.New(session.New()).UpdateUserRequest(params)
+	_ = req.Build()
+	out := UpdateUserResponse{}
+	response, err := executeRequest(req.HTTPRequest, out)
+	assert.Equal(t, nil, err)
+	assert.Equal(t, http.StatusOK, response.Code)
+}
+
+func TestDeleteUser(t *testing.T) {
+	userName := aws.String("Test-New")
 	params := &iam.DeleteUserInput{UserName: userName}
 	req, _ := iam.New(session.New()).DeleteUserRequest(params)
 	_ = req.Build()
--- a/weed/s3api/filer_multipart.go
+++ b/weed/s3api/filer_multipart.go
@@ -1,6 +1,7 @@
 package s3api

 import (
+	"encoding/hex"
 	"encoding/xml"
 	"fmt"
 	"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
@@ -93,10 +94,15 @@ func (s3a *S3ApiServer) completeMultipartUpload(input *s3.CompleteMultipartUploa

 	for _, entry := range entries {
 		if strings.HasSuffix(entry.Name, ".part") && !entry.IsDirectory {
-			_, found := findByPartNumber(entry.Name, completedParts)
+			partETag, found := findByPartNumber(entry.Name, completedParts)
 			if !found {
 				continue
 			}
+			entryETag := hex.EncodeToString(entry.Attributes.GetMd5())
+			if partETag != "" && len(partETag) == 32 && entryETag != "" && entryETag != partETag {
+				glog.Errorf("completeMultipartUpload %s ETag mismatch chunk: %s part: %s", entry.Name, entryETag, partETag)
+				return nil, s3err.ErrInvalidPart
+			}
 			for _, chunk := range entry.Chunks {
 				p := &filer_pb.FileChunk{
 					FileId:    chunk.GetFileIdString(),
@@ -175,7 +181,15 @@ func findByPartNumber(fileName string, parts []CompletedPart) (etag string, foun
 	if parts[x].PartNumber != partNumber {
 		return
 	}
-	return parts[x].ETag, true
+	y := 0
+	for i, part := range parts[x:] {
+		if part.PartNumber == partNumber {
+			y = i
+		} else {
+			break
+		}
+	}
+	return parts[x+y].ETag, true
 }

 func (s3a *S3ApiServer) abortMultipartUpload(input *s3.AbortMultipartUploadInput) (output *s3.AbortMultipartUploadOutput, code s3err.ErrorCode) {
--- a/weed/s3api/filer_multipart_test.go
+++ b/weed/s3api/filer_multipart_test.go
@@ -61,6 +61,10 @@ func Test_findByPartNumber(t *testing.T) {
 			ETag:       "xxx",
 			PartNumber: 1,
 		},
+		CompletedPart{
+			ETag:       "lll",
+			PartNumber: 1,
+		},
 		CompletedPart{
 			ETag:       "yyy",
 			PartNumber: 3,
@@ -83,7 +87,7 @@ func Test_findByPartNumber(t *testing.T) {
 				"0001.part",
 				parts,
 			},
-			"xxx",
+			"lll",
 			true,
 		},
 		{
--- a/weed/s3api/s3api_object_handlers.go
+++ b/weed/s3api/s3api_object_handlers.go
@@ -27,6 +27,10 @@ import (
 	"github.com/chrislusf/seaweedfs/weed/util"
 )

+const (
+	deleteMultipleObjectsLimmit = 1000
+)
+
 func mimeDetect(r *http.Request, dataReader io.Reader) io.ReadCloser {
 	mimeBuffer := make([]byte, 512)
 	size, _ := dataReader.Read(mimeBuffer)
@@ -217,6 +221,11 @@ func (s3a *S3ApiServer) DeleteMultipleObjectsHandler(w http.ResponseWriter, r *h
 		return
 	}

+	if len(deleteObjects.Objects) > deleteMultipleObjectsLimmit {
+		s3err.WriteErrorResponse(w, r, s3err.ErrInvalidMaxDeleteObjects)
+		return
+	}
+
 	var deletedObjects []ObjectIdentifier
 	var deleteErrors []DeleteError
 	var auditLog *s3err.AccessLog
--- a/weed/s3api/s3err/s3api_errors.go
+++ b/weed/s3api/s3err/s3api_errors.go
@@ -61,6 +61,7 @@ const (
 	ErrInvalidMaxKeys
 	ErrInvalidMaxUploads
 	ErrInvalidMaxParts
+	ErrInvalidMaxDeleteObjects
 	ErrInvalidPartNumberMarker
 	ErrInvalidPart
 	ErrInternalError
@@ -157,6 +158,11 @@ var errorCodeResponse = map[ErrorCode]APIError{
 		Description:    "Argument max-parts must be an integer between 0 and 2147483647",
 		HTTPStatusCode: http.StatusBadRequest,
 	},
+	ErrInvalidMaxDeleteObjects: {
+		Code:           "InvalidArgument",
+		Description:    "Argument objects can contain a list of up to 1000 keys",
+		HTTPStatusCode: http.StatusBadRequest,
+	},
 	ErrInvalidPartNumberMarker: {
 		Code:           "InvalidArgument",
 		Description:    "Argument partNumberMarker must be an integer.",
--- a/weed/server/raft_server.go
+++ b/weed/server/raft_server.go
@@ -86,7 +86,7 @@ func NewRaftServer(option *RaftServerOption) (*RaftServer, error) {
 		os.RemoveAll(path.Join(s.dataDir, "conf"))
 		os.RemoveAll(path.Join(s.dataDir, "snapshot"))
 	}
-	if err := os.MkdirAll(path.Join(s.dataDir, "snapshot"), 0600); err != nil {
+	if err := os.MkdirAll(path.Join(s.dataDir, "snapshot"), 0700); err != nil {
 		return nil, err
 	}