mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-04-23 12:38:21 -05:00
set secureview flag based on addr
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
This commit is contained in:
Generated
Vendored
+21
-20
@@ -56,12 +56,12 @@ func init() {
|
||||
|
||||
// Config holds the config options for the HTTP appprovider service
|
||||
type Config struct {
|
||||
Prefix string `mapstructure:"prefix"`
|
||||
GatewaySvc string `mapstructure:"gatewaysvc"`
|
||||
Insecure bool `mapstructure:"insecure"`
|
||||
WebBaseURI string `mapstructure:"webbaseuri"`
|
||||
Web Web `mapstructure:"web"`
|
||||
SecureViewApp string `mapstructure:"secure_view_app"`
|
||||
Prefix string `mapstructure:"prefix"`
|
||||
GatewaySvc string `mapstructure:"gatewaysvc"`
|
||||
Insecure bool `mapstructure:"insecure"`
|
||||
WebBaseURI string `mapstructure:"webbaseuri"`
|
||||
Web Web `mapstructure:"web"`
|
||||
SecureViewAppAddr string `mapstructure:"secure_view_app_addr"`
|
||||
}
|
||||
|
||||
// Web holds the config options for the URL parameters for Web
|
||||
@@ -342,16 +342,7 @@ func (s *svc) handleList(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
res := filterAppsByUserAgent(listRes.MimeTypes, r.UserAgent())
|
||||
|
||||
// if app name or address matches the configured secure view app add that flag to the response
|
||||
for _, mt := range res {
|
||||
for _, app := range mt.AppProviders {
|
||||
if app.Name == s.conf.SecureViewApp {
|
||||
app.SecureView = true
|
||||
}
|
||||
}
|
||||
}
|
||||
res := buildApps(listRes.MimeTypes, r.UserAgent(), s.conf.SecureViewAppAddr)
|
||||
|
||||
js, err := json.Marshal(map[string]interface{}{"mime-types": res})
|
||||
if err != nil {
|
||||
@@ -569,19 +560,29 @@ type ProviderInfo struct {
|
||||
SecureView bool `json:"secure_view"`
|
||||
}
|
||||
|
||||
// filterAppsByUserAgent rewrites the mime type info to only include apps that can be called by the user agent
|
||||
// it also wraps the provider info to be able to add a secure view flag
|
||||
func filterAppsByUserAgent(mimeTypes []*appregistry.MimeTypeInfo, userAgent string) []*MimeTypeInfo {
|
||||
// buildApps rewrites the mime type info to only include apps that
|
||||
// * have a name
|
||||
// * can be called by the user agent, eg Desktop-only
|
||||
//
|
||||
// it also
|
||||
// * wraps the provider info to be able to add a secure view flag
|
||||
// * adds a secure view flag if the address matches the secure view app address and
|
||||
// * removes the address from the provider info to not expose internal addresses
|
||||
func buildApps(mimeTypes []*appregistry.MimeTypeInfo, userAgent, secureViewAppAddr string) []*MimeTypeInfo {
|
||||
ua := ua.Parse(userAgent)
|
||||
res := []*MimeTypeInfo{}
|
||||
for _, m := range mimeTypes {
|
||||
apps := []*ProviderInfo{}
|
||||
for _, p := range m.AppProviders {
|
||||
ep := &ProviderInfo{ProviderInfo: *p}
|
||||
if p.Address == secureViewAppAddr {
|
||||
ep.SecureView = true
|
||||
}
|
||||
p.Address = "" // address is internal only and not needed in the client
|
||||
// apps are called by name, so if it has no name it cannot be called and should not be advertised
|
||||
// also filter Desktop-only apps if ua is not Desktop
|
||||
if p.Name != "" && (ua.Desktop || !p.DesktopOnly) {
|
||||
apps = append(apps, &ProviderInfo{ProviderInfo: *p})
|
||||
apps = append(apps, ep)
|
||||
}
|
||||
}
|
||||
if len(apps) > 0 {
|
||||
|
||||
+25
-28
@@ -32,6 +32,9 @@ import (
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
// ErrBlobIDEmpty is returned when the BlobID is empty
|
||||
var ErrBlobIDEmpty = fmt.Errorf("blobstore: BlobID is empty")
|
||||
|
||||
// Blobstore provides an interface to an filesystem based blobstore
|
||||
type Blobstore struct {
|
||||
root string
|
||||
@@ -51,10 +54,12 @@ func New(root string) (*Blobstore, error) {
|
||||
|
||||
// Upload stores some data in the blobstore under the given key
|
||||
func (bs *Blobstore) Upload(node *node.Node, source string) error {
|
||||
dest, err := bs.path(node)
|
||||
if err != nil {
|
||||
return err
|
||||
if node.BlobID == "" {
|
||||
return ErrBlobIDEmpty
|
||||
}
|
||||
|
||||
dest := bs.Path(node)
|
||||
|
||||
// ensure parent path exists
|
||||
if err := os.MkdirAll(filepath.Dir(dest), 0700); err != nil {
|
||||
return errors.Wrap(err, "Decomposedfs: oCIS blobstore: error creating parent folders for blob")
|
||||
@@ -87,10 +92,11 @@ func (bs *Blobstore) Upload(node *node.Node, source string) error {
|
||||
|
||||
// Download retrieves a blob from the blobstore for reading
|
||||
func (bs *Blobstore) Download(node *node.Node) (io.ReadCloser, error) {
|
||||
dest, err := bs.path(node)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
if node.BlobID == "" {
|
||||
return nil, ErrBlobIDEmpty
|
||||
}
|
||||
|
||||
dest := bs.Path(node)
|
||||
file, err := os.Open(dest)
|
||||
if err != nil {
|
||||
return nil, errors.Wrapf(err, "could not read blob '%s'", dest)
|
||||
@@ -100,10 +106,10 @@ func (bs *Blobstore) Download(node *node.Node) (io.ReadCloser, error) {
|
||||
|
||||
// Delete deletes a blob from the blobstore
|
||||
func (bs *Blobstore) Delete(node *node.Node) error {
|
||||
dest, err := bs.path(node)
|
||||
if err != nil {
|
||||
return err
|
||||
if node.BlobID == "" {
|
||||
return ErrBlobIDEmpty
|
||||
}
|
||||
dest := bs.Path(node)
|
||||
if err := utils.RemoveItem(dest); err != nil {
|
||||
return errors.Wrapf(err, "could not delete blob '%s'", dest)
|
||||
}
|
||||
@@ -111,37 +117,28 @@ func (bs *Blobstore) Delete(node *node.Node) error {
|
||||
}
|
||||
|
||||
// List lists all blobs in the Blobstore
|
||||
func (bs *Blobstore) List() ([]string, error) {
|
||||
func (bs *Blobstore) List() ([]*node.Node, error) {
|
||||
dirs, err := filepath.Glob(filepath.Join(bs.root, "spaces", "*", "*", "blobs", "*", "*", "*", "*", "*"))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
blobids := make([]string, 0, len(dirs))
|
||||
blobids := make([]*node.Node, 0, len(dirs))
|
||||
for _, d := range dirs {
|
||||
seps := strings.Split(d, "/")
|
||||
var b string
|
||||
var now bool
|
||||
for _, s := range seps {
|
||||
if now {
|
||||
b += s
|
||||
}
|
||||
if s == "blobs" {
|
||||
now = true
|
||||
}
|
||||
}
|
||||
blobids = append(blobids, b)
|
||||
_, s, _ := strings.Cut(d, "spaces")
|
||||
spaceraw, blobraw, _ := strings.Cut(s, "blobs")
|
||||
blobids = append(blobids, &node.Node{
|
||||
SpaceID: strings.ReplaceAll(spaceraw, "/", ""),
|
||||
BlobID: strings.ReplaceAll(blobraw, "/", ""),
|
||||
})
|
||||
}
|
||||
return blobids, nil
|
||||
}
|
||||
|
||||
func (bs *Blobstore) path(node *node.Node) (string, error) {
|
||||
if node.BlobID == "" {
|
||||
return "", fmt.Errorf("blobstore: BlobID is empty")
|
||||
}
|
||||
func (bs *Blobstore) Path(node *node.Node) string {
|
||||
return filepath.Join(
|
||||
bs.root,
|
||||
filepath.Clean(filepath.Join(
|
||||
"/", "spaces", lookup.Pathify(node.SpaceID, 1, 2), "blobs", lookup.Pathify(node.BlobID, 4, 2)),
|
||||
),
|
||||
), nil
|
||||
)
|
||||
}
|
||||
|
||||
+15
-12
@@ -84,7 +84,7 @@ func (bs *Blobstore) Upload(node *node.Node, source string) error {
|
||||
}
|
||||
defer reader.Close()
|
||||
|
||||
_, err = bs.client.PutObject(context.Background(), bs.bucket, bs.path(node), reader, node.Blobsize, minio.PutObjectOptions{
|
||||
_, err = bs.client.PutObject(context.Background(), bs.bucket, bs.Path(node), reader, node.Blobsize, minio.PutObjectOptions{
|
||||
ContentType: "application/octet-stream",
|
||||
SendContentMd5: bs.defaultPutOptions.SendContentMd5,
|
||||
ConcurrentStreamParts: bs.defaultPutOptions.ConcurrentStreamParts,
|
||||
@@ -95,21 +95,21 @@ func (bs *Blobstore) Upload(node *node.Node, source string) error {
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "could not store object '%s' into bucket '%s'", bs.path(node), bs.bucket)
|
||||
return errors.Wrapf(err, "could not store object '%s' into bucket '%s'", bs.Path(node), bs.bucket)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Download retrieves a blob from the blobstore for reading
|
||||
func (bs *Blobstore) Download(node *node.Node) (io.ReadCloser, error) {
|
||||
reader, err := bs.client.GetObject(context.Background(), bs.bucket, bs.path(node), minio.GetObjectOptions{})
|
||||
reader, err := bs.client.GetObject(context.Background(), bs.bucket, bs.Path(node), minio.GetObjectOptions{})
|
||||
if err != nil {
|
||||
return nil, errors.Wrapf(err, "could not download object '%s' from bucket '%s'", bs.path(node), bs.bucket)
|
||||
return nil, errors.Wrapf(err, "could not download object '%s' from bucket '%s'", bs.Path(node), bs.bucket)
|
||||
}
|
||||
|
||||
stat, err := reader.Stat()
|
||||
if err != nil {
|
||||
return nil, errors.Wrapf(err, "blob path: %s", bs.path(node))
|
||||
return nil, errors.Wrapf(err, "blob path: %s", bs.Path(node))
|
||||
}
|
||||
|
||||
if node.Blobsize != stat.Size {
|
||||
@@ -121,31 +121,34 @@ func (bs *Blobstore) Download(node *node.Node) (io.ReadCloser, error) {
|
||||
|
||||
// Delete deletes a blob from the blobstore
|
||||
func (bs *Blobstore) Delete(node *node.Node) error {
|
||||
err := bs.client.RemoveObject(context.Background(), bs.bucket, bs.path(node), minio.RemoveObjectOptions{})
|
||||
err := bs.client.RemoveObject(context.Background(), bs.bucket, bs.Path(node), minio.RemoveObjectOptions{})
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "could not delete object '%s' from bucket '%s'", bs.path(node), bs.bucket)
|
||||
return errors.Wrapf(err, "could not delete object '%s' from bucket '%s'", bs.Path(node), bs.bucket)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// List lists all blobs in the Blobstore
|
||||
func (bs *Blobstore) List() ([]string, error) {
|
||||
func (bs *Blobstore) List() ([]*node.Node, error) {
|
||||
ch := bs.client.ListObjects(context.Background(), bs.bucket, minio.ListObjectsOptions{Recursive: true})
|
||||
|
||||
var err error
|
||||
ids := make([]string, 0)
|
||||
ids := make([]*node.Node, 0)
|
||||
for oi := range ch {
|
||||
if oi.Err != nil {
|
||||
err = oi.Err
|
||||
continue
|
||||
}
|
||||
_, blobid, _ := strings.Cut(oi.Key, "/")
|
||||
ids = append(ids, strings.ReplaceAll(blobid, "/", ""))
|
||||
spaceid, blobid, _ := strings.Cut(oi.Key, "/")
|
||||
ids = append(ids, &node.Node{
|
||||
SpaceID: strings.ReplaceAll(spaceid, "/", ""),
|
||||
BlobID: strings.ReplaceAll(blobid, "/", ""),
|
||||
})
|
||||
}
|
||||
return ids, err
|
||||
}
|
||||
|
||||
func (bs *Blobstore) path(node *node.Node) string {
|
||||
func (bs *Blobstore) Path(node *node.Node) string {
|
||||
// https://aws.amazon.com/de/premiumsupport/knowledge-center/s3-prefix-nested-folders-difference/
|
||||
// Prefixes are used to partion a bucket. A prefix is everything except the filename.
|
||||
// For a file `BucketName/foo/bar/lorem.ipsum`, `BucketName/foo/bar/` is the prefix.
|
||||
|
||||
Reference in New Issue
Block a user