diff options
Diffstat (limited to 'garage.go')
| -rw-r--r-- | garage.go | 100 |
1 files changed, 29 insertions, 71 deletions
@@ -2,16 +2,15 @@ package main import ( "context" - "errors" "fmt" garage "git.deuxfleurs.fr/garage-sdk/garage-admin-sdk-golang" - "github.com/go-ldap/ldap/v3" "github.com/gorilla/mux" "log" "net/http" "strings" ) + func gadmin() (*garage.APIClient, context.Context) { // Set Host and other parameters configuration := garage.NewConfiguration() @@ -48,7 +47,9 @@ func grgGetKey(accessKey string) (*garage.KeyInfo, error) { return resp, nil } -func grgCreateWebsite(gkey, bucket string) (*garage.BucketInfo, error) { + + +func grgCreateWebsite(gkey, bucket string, quotas *UserQuota) (*garage.BucketInfo, error) { client, ctx := gadmin() br := garage.NewCreateBucketRequest() @@ -79,9 +80,7 @@ func grgCreateWebsite(gkey, bucket string) (*garage.BucketInfo, error) { wr.SetIndexDocument("index.html") wr.SetErrorDocument("error.html") - qr := garage.NewUpdateBucketRequestQuotas() - qr.SetMaxSize(1024 * 1024 * 50) // 50MB - qr.SetMaxObjects(10000) //10k objects + qr := quotas.DefaultWebsiteQuota() ur := garage.NewUpdateBucketRequest() ur.SetWebsiteAccess(*wr) @@ -153,85 +152,37 @@ func grgGetBucket(bid string) (*garage.BucketInfo, error) { } -func checkS3(login *LoginStatus) (*garage.KeyInfo, error) { - if login == nil { - return nil, errors.New("Login can't be nil") - } - keyID := login.UserEntry.GetAttributeValue("garage_s3_access_key") - if keyID == "" { - keyPair, err := grgCreateKey(login.Info.Username) - if err != nil { - return nil, err - } - modify_request := ldap.NewModifyRequest(login.Info.DN, nil) - modify_request.Replace("garage_s3_access_key", []string{*keyPair.AccessKeyId}) - // @FIXME compatibility feature for bagage (SFTP+webdav) - // you can remove it once bagage will be updated to fetch the key from garage directly - // or when bottin will be able to dynamically fetch it. - modify_request.Replace("garage_s3_secret_key", []string{*keyPair.SecretAccessKey}) - err = login.conn.Modify(modify_request) - return keyPair, err - } - // Note: we could simply return the login info, but LX asked we do not - // store the secrets in LDAP in the future. - keyPair, err := grgGetKey(keyID) - return keyPair, err -} - -func checkLoginAndS3(w http.ResponseWriter, r *http.Request) (*LoginStatus, *garage.KeyInfo, error) { - login := checkLogin(w, r) - if login == nil { - return nil, nil, errors.New("LDAP login failed") - } - keyPair, err := checkS3(login) - return login, keyPair, err -} - -type keyView struct { - Status *LoginStatus - Key *garage.KeyInfo -} +// --- Start page rendering functions func handleGarageKey(w http.ResponseWriter, r *http.Request) { - login, s3key, err := checkLoginAndS3(w, r) - if err != nil { - log.Println(err) + user := RequireUserHtml(w, r) + if user == nil { return } - view := keyView{Status: login, Key: s3key} tKey := getTemplate("garage_key.html") - tKey.Execute(w, &view) -} - -type webListView struct { - Status *LoginStatus - Key *garage.KeyInfo + tKey.Execute(w, user) } func handleGarageWebsiteList(w http.ResponseWriter, r *http.Request) { - login, s3key, err := checkLoginAndS3(w, r) - if err != nil { - log.Println(err) + user := RequireUserHtml(w, r) + if user == nil { return } - view := webListView{Status: login, Key: s3key} tWebsiteList := getTemplate("garage_website_list.html") - tWebsiteList.Execute(w, &view) + tWebsiteList.Execute(w, user) } func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) { - _, s3key, err := checkLoginAndS3(w, r) - if err != nil { - log.Println(err) + user := RequireUserHtml(w, r) + if user == nil { return } tWebsiteNew := getTemplate("garage_website_new.html") if r.Method == "POST" { r.ParseForm() - log.Println(r.Form) bucket := strings.Join(r.Form["bucket"], "") if bucket == "" { @@ -244,7 +195,15 @@ func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) { return } - binfo, err := grgCreateWebsite(*s3key.AccessKeyId, bucket) + keyInfo, err := user.S3KeyInfo() + if err != nil { + log.Println(err) + // @FIXME we need to return the error to the user + tWebsiteNew.Execute(w, nil) + return + } + + binfo, err := grgCreateWebsite(*keyInfo.AccessKeyId, bucket, user.Quota) if err != nil { log.Println(err) // @FIXME we need to return the error to the user @@ -260,8 +219,7 @@ func handleGarageWebsiteNew(w http.ResponseWriter, r *http.Request) { } type webInspectView struct { - Status *LoginStatus - Key *garage.KeyInfo + User *LoggedUser Bucket *garage.BucketInfo IndexDoc string ErrorDoc string @@ -271,13 +229,14 @@ type webInspectView struct { } func handleGarageWebsiteInspect(w http.ResponseWriter, r *http.Request) { - login, s3key, err := checkLoginAndS3(w, r) - if err != nil { - log.Println(err) + user := RequireUserHtml(w, r) + if user == nil { return } bucketId := mux.Vars(r)["bucket"] + // @FIXME check that user owns the bucket.... + binfo, err := grgGetBucket(bucketId) if err != nil { log.Println(err) @@ -288,8 +247,7 @@ func handleGarageWebsiteInspect(w http.ResponseWriter, r *http.Request) { q := binfo.GetQuotas() view := webInspectView{ - Status: login, - Key: s3key, + User: user, Bucket: binfo, IndexDoc: (&wc).GetIndexDocument(), ErrorDoc: (&wc).GetErrorDocument(), |