minio/handler-utils.go

/*
 * Minio Cloud Storage, (C) 2015, 2016 Minio, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package main

import (
	"io"
	"io/ioutil"
	"mime/multipart"
	"net/http"
	"strings"
	"time"
)

// Validates location constraint in PutBucket request body.
// The location value in the request body should match the
// region configured at serverConfig, otherwise error is returned.
func isValidLocationConstraint(r *http.Request) (s3Error APIErrorCode) {
	serverRegion := serverConfig.GetRegion()
	// If the request has no body with content-length set to 0,
	// we do not have to validate location constraint. Bucket will
	// be created at default region.
	if r.ContentLength == 0 {
		return ErrNone
	}
	locationConstraint := createBucketLocationConfiguration{}
	if err := xmlDecoder(r.Body, &locationConstraint, r.ContentLength); err != nil {
		if err == io.EOF && r.ContentLength == -1 {
			// EOF is a valid condition here when ContentLength is -1.
			return ErrNone
		}
		errorIf(err, "Unable to xml decode location constraint")
		// Treat all other failures as XML parsing errors.
		return ErrMalformedXML
	} // Successfully decoded, proceed to verify the region.

	// Once region has been obtained we proceed to verify it.
	incomingRegion := locationConstraint.Location
	if incomingRegion == "" {
		// Location constraint is empty for region "us-east-1",
		// in accordance with protocol.
		incomingRegion = "us-east-1"
	}
	// Return errInvalidRegion if location constraint does not match
	// with configured region.
	s3Error = ErrNone
	if serverRegion != incomingRegion {
		s3Error = ErrInvalidRegion
	}
	return s3Error
}

// Supported headers that needs to be extracted.
var supportedHeaders = []string{
	"content-type",
	"cache-control",
	"content-encoding",
	"content-disposition",
	// Add more supported headers here.
}

// extractMetadataFromHeader extracts metadata from HTTP header.
func extractMetadataFromHeader(header http.Header) map[string]string {
	metadata := make(map[string]string)
	// Save standard supported headers.
	for _, supportedHeader := range supportedHeaders {
		canonicalHeader := http.CanonicalHeaderKey(supportedHeader)
		// HTTP headers are case insensitive, look for both canonical
		// and non canonical entries.
		if _, ok := header[canonicalHeader]; ok {
			metadata[supportedHeader] = header.Get(canonicalHeader)
		} else if _, ok := header[supportedHeader]; ok {
			metadata[supportedHeader] = header.Get(supportedHeader)
		}
	}
	// Go through all other headers for any additional headers that needs to be saved.
	for key := range header {
		cKey := http.CanonicalHeaderKey(key)
		if strings.HasPrefix(cKey, "X-Amz-Meta-") {
			metadata[cKey] = header.Get(cKey)
		} else if strings.HasPrefix(key, "X-Minio-Meta-") {
			metadata[cKey] = header.Get(cKey)
		}
	}
	// Return.
	return metadata
}

// Extract form fields and file data from a HTTP POST Policy
func extractPostPolicyFormValues(reader *multipart.Reader) (filePart io.Reader, fileName string, formValues map[string]string, err error) {
	/// HTML Form values
	formValues = make(map[string]string)
	fileName = ""
	for err == nil {
		var part *multipart.Part
		part, err = reader.NextPart()
		if part != nil {
			canonicalFormName := http.CanonicalHeaderKey(part.FormName())
			if canonicalFormName != "File" {
				var buffer []byte
				limitReader := io.LimitReader(part, maxFormFieldSize+1)
				buffer, err = ioutil.ReadAll(limitReader)
				if err != nil {
					return nil, "", nil, err
				}
				if int64(len(buffer)) > maxFormFieldSize {
					return nil, "", nil, errSizeUnexpected
				}
				formValues[canonicalFormName] = string(buffer)
			} else {
				filePart = io.LimitReader(part, maxObjectSize)
				fileName = part.FileName()
				// As described in S3 spec, we expect file to be the last form field
				break
			}
		}
	}
	return filePart, fileName, formValues, nil
}

// Send whitespace character, once every 5secs, until CompleteMultipartUpload is done.
// CompleteMultipartUpload method of the object layer indicates that it's done via doneCh
func sendWhiteSpaceChars(w http.ResponseWriter, doneCh <-chan struct{}) {
	for {
		select {
		case <-time.After(5 * time.Second):
			w.Write([]byte(" "))
		case <-doneCh:
			return
		}
	}
}
Cleanup: Moving IsValidLocationContraint to handler utils 2016-04-29 05:01:11 +02:00			`/*`
			`* Minio Cloud Storage, (C) 2015, 2016 Minio, Inc.`
			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`

			`package main`

			`import (`
			`"io"`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`"io/ioutil"`
			`"mime/multipart"`
api: xmlDecoder should honor contentLength. (#2226) This is needed so that we avoid reading large amounts of data from compromised clients. 2016-07-19 06:20:17 +02:00			`"net/http"`
api: extract http headers with some supported header list. (#2268) 2016-07-23 05:31:45 +02:00			`"strings"`
api: Add new ListenBucketNotificationHandler. (#2336) This API is precursor before implementing `minio lambda` and `mc` continous replication. This new api is an extention to BucketNofication APIs. // Request ``` GET /bucket?notificationARN=arn:minio:lambda:us-east-1:10:minio HTTP/1.1 ... ... ``` // Response ``` {"Records": ...} ... ... ... {"Records": ...} ``` 2016-08-05 07:01:58 +02:00			`"time"`
Cleanup: Moving IsValidLocationContraint to handler utils 2016-04-29 05:01:11 +02:00			`)`

api: xmlDecoder should honor contentLength. (#2226) This is needed so that we avoid reading large amounts of data from compromised clients. 2016-07-19 06:20:17 +02:00			`// Validates location constraint in PutBucket request body.`
			`// The location value in the request body should match the`
			`// region configured at serverConfig, otherwise error is returned.`
			`func isValidLocationConstraint(r *http.Request) (s3Error APIErrorCode) {`
			`serverRegion := serverConfig.GetRegion()`
			`// If the request has no body with content-length set to 0,`
			`// we do not have to validate location constraint. Bucket will`
			`// be created at default region.`
			`if r.ContentLength == 0 {`
			`return ErrNone`
			`}`
			`locationConstraint := createBucketLocationConfiguration{}`
			`if err := xmlDecoder(r.Body, &locationConstraint, r.ContentLength); err != nil {`
			`if err == io.EOF && r.ContentLength == -1 {`
			`// EOF is a valid condition here when ContentLength is -1.`
			`return ErrNone`
Cleanup: Moving IsValidLocationContraint to handler utils 2016-04-29 05:01:11 +02:00			`}`
api: xmlDecoder should honor contentLength. (#2226) This is needed so that we avoid reading large amounts of data from compromised clients. 2016-07-19 06:20:17 +02:00			`errorIf(err, "Unable to xml decode location constraint")`
			`// Treat all other failures as XML parsing errors.`
			`return ErrMalformedXML`
			`} // Successfully decoded, proceed to verify the region.`

			`// Once region has been obtained we proceed to verify it.`
			`incomingRegion := locationConstraint.Location`
			`if incomingRegion == "" {`
			`// Location constraint is empty for region "us-east-1",`
			`// in accordance with protocol.`
			`incomingRegion = "us-east-1"`
			`}`
			`// Return errInvalidRegion if location constraint does not match`
			`// with configured region.`
			`s3Error = ErrNone`
			`if serverRegion != incomingRegion {`
			`s3Error = ErrInvalidRegion`
Cleanup: Moving IsValidLocationContraint to handler utils 2016-04-29 05:01:11 +02:00			`}`
api: xmlDecoder should honor contentLength. (#2226) This is needed so that we avoid reading large amounts of data from compromised clients. 2016-07-19 06:20:17 +02:00			`return s3Error`
Cleanup: Moving IsValidLocationContraint to handler utils 2016-04-29 05:01:11 +02:00			`}`
api: extract http headers with some supported header list. (#2268) 2016-07-23 05:31:45 +02:00
			`// Supported headers that needs to be extracted.`
			`var supportedHeaders = []string{`
			`"content-type",`
			`"cache-control",`
			`"content-encoding",`
			`"content-disposition",`
			`// Add more supported headers here.`
			`}`

			`// extractMetadataFromHeader extracts metadata from HTTP header.`
			`func extractMetadataFromHeader(header http.Header) map[string]string {`
			`metadata := make(map[string]string)`
			`// Save standard supported headers.`
			`for _, supportedHeader := range supportedHeaders {`
			`canonicalHeader := http.CanonicalHeaderKey(supportedHeader)`
			`// HTTP headers are case insensitive, look for both canonical`
			`// and non canonical entries.`
			`if _, ok := header[canonicalHeader]; ok {`
			`metadata[supportedHeader] = header.Get(canonicalHeader)`
			`} else if _, ok := header[supportedHeader]; ok {`
			`metadata[supportedHeader] = header.Get(supportedHeader)`
			`}`
			`}`
			`// Go through all other headers for any additional headers that needs to be saved.`
			`for key := range header {`
			`cKey := http.CanonicalHeaderKey(key)`
			`if strings.HasPrefix(cKey, "X-Amz-Meta-") {`
			`metadata[cKey] = header.Get(cKey)`
			`} else if strings.HasPrefix(key, "X-Minio-Meta-") {`
			`metadata[cKey] = header.Get(cKey)`
			`}`
			`}`
			`// Return.`
			`return metadata`
			`}`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`// Extract form fields and file data from a HTTP POST Policy`
			`func extractPostPolicyFormValues(reader *multipart.Reader) (filePart io.Reader, fileName string, formValues map[string]string, err error) {`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`/// HTML Form values`
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`formValues = make(map[string]string)`
			`fileName = ""`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`for err == nil {`
			`var part *multipart.Part`
			`part, err = reader.NextPart()`
			`if part != nil {`
POST Policy, multiple fixes: AccessDenied with unmet conditions, ${filename} in Key, missing filename in multipart (#2304) * Unsatisfied conditions will return AccessDenied instead of MissingFields * Require form-field `file` in POST policy and make `filename` an optional attribute * S3 feature: Replace in Key by filename attribute passed in multipart 2016-07-28 02:51:55 +02:00			`canonicalFormName := http.CanonicalHeaderKey(part.FormName())`
			`if canonicalFormName != "File" {`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`var buffer []byte`
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`limitReader := io.LimitReader(part, maxFormFieldSize+1)`
			`buffer, err = ioutil.ReadAll(limitReader)`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`if err != nil {`
POST Policy, multiple fixes: AccessDenied with unmet conditions, ${filename} in Key, missing filename in multipart (#2304) * Unsatisfied conditions will return AccessDenied instead of MissingFields * Require form-field `file` in POST policy and make `filename` an optional attribute * S3 feature: Replace in Key by filename attribute passed in multipart 2016-07-28 02:51:55 +02:00			`return nil, "", nil, err`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`}`
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`if int64(len(buffer)) > maxFormFieldSize {`
			`return nil, "", nil, errSizeUnexpected`
			`}`
POST Policy, multiple fixes: AccessDenied with unmet conditions, ${filename} in Key, missing filename in multipart (#2304) * Unsatisfied conditions will return AccessDenied instead of MissingFields * Require form-field `file` in POST policy and make `filename` an optional attribute * S3 feature: Replace in Key by filename attribute passed in multipart 2016-07-28 02:51:55 +02:00			`formValues[canonicalFormName] = string(buffer)`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`} else {`
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`filePart = io.LimitReader(part, maxObjectSize)`
POST Policy, multiple fixes: AccessDenied with unmet conditions, ${filename} in Key, missing filename in multipart (#2304) * Unsatisfied conditions will return AccessDenied instead of MissingFields * Require form-field `file` in POST policy and make `filename` an optional attribute * S3 feature: Replace in Key by filename attribute passed in multipart 2016-07-28 02:51:55 +02:00			`fileName = part.FileName()`
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients 2016-07-28 21:02:22 +02:00			`// As described in S3 spec, we expect file to be the last form field`
			`break`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`}`
			`}`
			`}`
POST Policy, multiple fixes: AccessDenied with unmet conditions, ${filename} in Key, missing filename in multipart (#2304) * Unsatisfied conditions will return AccessDenied instead of MissingFields * Require form-field `file` in POST policy and make `filename` an optional attribute * S3 feature: Replace in Key by filename attribute passed in multipart 2016-07-28 02:51:55 +02:00			`return filePart, fileName, formValues, nil`
api: Implement bucket notification. (#2271) * Implement basic S3 notifications through queues Supports multiple queues and three basic queue types: 1. NilQueue -- messages don't get sent anywhere 2. LogQueue -- messages get logged 3. AmqpQueue -- messages are sent to an AMQP queue * api: Implement bucket notification. Supports two different queue types - AMQP - ElasticSearch. * Add support for redis 2016-07-24 07:51:12 +02:00			`}`
api: Add new ListenBucketNotificationHandler. (#2336) This API is precursor before implementing `minio lambda` and `mc` continous replication. This new api is an extention to BucketNofication APIs. // Request ``` GET /bucket?notificationARN=arn:minio:lambda:us-east-1:10:minio HTTP/1.1 ... ... ``` // Response ``` {"Records": ...} ... ... ... {"Records": ...} ``` 2016-08-05 07:01:58 +02:00
			`// Send whitespace character, once every 5secs, until CompleteMultipartUpload is done.`
			`// CompleteMultipartUpload method of the object layer indicates that it's done via doneCh`
			`func sendWhiteSpaceChars(w http.ResponseWriter, doneCh <-chan struct{}) {`
			`for {`
			`select {`
			`case <-time.After(5 * time.Second):`
			`w.Write([]byte(" "))`
			`case <-doneCh:`
			`return`
			`}`
			`}`
			`}`