Merge pull request #6 from rzrbld/feature/fix-release

Feature/fix release
rzrbld · Mar 27, 2020 · c8b7b60 · c8b7b60
2 parents fe1d93b + 500b0ec
commit c8b7b60
Show file tree

Hide file tree

Showing 11 changed files with 202 additions and 122 deletions.
diff --git a/README.md b/README.md
@@ -9,15 +9,15 @@ Here is a Web UI for this API - [adminio-ui](https://github.com/rzrbld/adminio-u
 
 ### Run full stack demo
 obtain [docker-compose.yml](https://raw.githubusercontent.com/rzrbld/adminio-ui/master/docker-compose.yml) from [adminio-ui](https://github.com/rzrbld/adminio-ui) repository. And run it:
-`` docker-compose -f docker-compose.yml up ``
+`docker-compose -f docker-compose.yml up`
 
 it will bring up:
 
  - minio server on 9000 port
  - adminio API on 8080 port
  - adminio UI on 80 port
 
-after that you can go to `` http://localhost `` and try out
+after that you can go to `http://localhost` and try out
 
 ### Run with docker
 ```
@@ -34,7 +34,7 @@ docker run -d \
 ### Run manually
  - [start](https://docs.min.io/) minio server
  - set env variables
- - compile and run ./main form `src` folder
+ - go to `src` folder and compile with `go build main.go`, then run `./main` binary
 
 ### Config Env variables
 | Variable   |      Description      |  Default |
@@ -56,10 +56,10 @@ docker run -d \
 | `ADMINIO_COOKIE_BLOCK_KEY` | block key for session cookies. AES only supports key sizes of 16, 24 or 32 bytes | bnfYuphzxPhJMR823YNezH83fuHuddFC |
 | `ADMINIO_COOKIE_NAME` | name for the session cookie | adminiosessionid |
 | `ADMINIO_AUDIT_LOG_ENABLE` | enable audit log, mae sense if oauth is enabled, othervise set to false | false |
-| `ADMINIO_METRICS_ENABLE` | enable default iris\golang metrics and bucket sizes metric on /metric/ uri path | false |
-| `ADMINIO_PROBES_ENABLE` | enable liveness and readiness probes for k8s installations | false |
+| `ADMINIO_METRICS_ENABLE` | enable default iris/golang metrics and bucket sizes metric on `/metric/` uri path | false |
+| `ADMINIO_PROBES_ENABLE` | enable liveness and readiness probes for k8s at `/ready/` and `/live/` uri path installations | false |
 
-### Supported oauth providers
+### List of supported oauth providers
 
  - amazon
  - auth0
@@ -77,4 +77,4 @@ docker run -d \
 
  ### example config
  - prometheus config for adminio metrics: `examples/prometheus.yml`
- - bucket policy: `examples/policy.xml`
+ - bucket lifecycle: `examples/lifecycle.xml`
diff --git a/examples/policy.xml → examples/lifecycle.xml b/examples/policy.xml → examples/lifecycle.xml
diff --git a/src/handlers/auth.go b/src/handlers/auth.go
@@ -14,7 +14,7 @@ var AuthLogout = func(ctx iris.Context) {
 var AuthRoot = func(ctx iris.Context) {
 	// try to get the user without re-authenticating
 	if gothUser, err := auth.CompleteUserAuth(ctx); err == nil {
-		ctx.ViewData("", gothUser)
+		auth.Redirect(ctx)
 		ctx.JSON(iris.Map{"name": gothUser.UserID, "auth": true, "oauth": cnf.OauthEnable})
 	} else {
 		auth.BeginAuthHandler(ctx)
@@ -37,5 +37,5 @@ var AuthCallback = func(ctx iris.Context) {
 		ctx.Writef("%v", err)
 		return
 	}
-	auth.RedirectOnCallback(ctx)
+	auth.Redirect(ctx)
 }
diff --git a/src/handlers/buckets.go b/src/handlers/buckets.go
@@ -36,21 +36,30 @@ var BuckListExtended = func(ctx iris.Context) {
 var BuckMake = func(ctx iris.Context) {
 	var newBucket = ctx.FormValue("newBucket")
 	var newBucketRegion = ctx.FormValue("newBucketRegion")
+
 	if newBucketRegion == "" {
 		newBucketRegion = cnf.Region
 	}
 
-	err := minioClnt.MakeBucket(newBucket, newBucketRegion)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err := minioClnt.MakeBucket(newBucket, newBucketRegion)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var BuckDelete = func(ctx iris.Context) {
 	var bucketName = ctx.FormValue("bucketName")
 
-	err := minioClnt.RemoveBucket(bucketName)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err := minioClnt.RemoveBucket(bucketName)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var BuckGetLifecycle = func(ctx iris.Context) {
@@ -65,15 +74,19 @@ var BuckSetLifecycle = func(ctx iris.Context) {
 	var bucketName = ctx.FormValue("bucketName")
 	var lifecycle = ctx.FormValue("lifecycle")
 
-	err := minioClnt.SetBucketLifecycle(bucketName, lifecycle)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err := minioClnt.SetBucketLifecycle(bucketName, lifecycle)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var BuckGetEvents = func(ctx iris.Context) {
 	var bucket = ctx.FormValue("bucket")
-	bn, err := minioClnt.GetBucketNotification(bucket)
 
+	bn, err := minioClnt.GetBucketNotification(bucket)
 	var res = resph.BodyResHandler(ctx, err, bn)
 	ctx.JSON(res)
 }
@@ -88,50 +101,58 @@ var BuckSetEvents = func(ctx iris.Context) {
 	var filterPrefix = ctx.FormValue("filterPrefix")
 	var filterSuffix = ctx.FormValue("filterSuffix")
 
-	bucketNotify, err := minioClnt.GetBucketNotification(bucket)
-
-	var newNotification = minio.NewNotificationConfig(stsARN)
-	for _, event := range eventTypes {
-		switch event {
-		case "put":
-			newNotification.AddEvents(minio.ObjectCreatedAll)
-		case "delete":
-			newNotification.AddEvents(minio.ObjectRemovedAll)
-		case "get":
-			newNotification.AddEvents(minio.ObjectAccessedAll)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		bucketNotify, err := minioClnt.GetBucketNotification(bucket)
+
+		var newNotification = minio.NewNotificationConfig(stsARN)
+		for _, event := range eventTypes {
+			switch event {
+			case "put":
+				newNotification.AddEvents(minio.ObjectCreatedAll)
+			case "delete":
+				newNotification.AddEvents(minio.ObjectRemovedAll)
+			case "get":
+				newNotification.AddEvents(minio.ObjectAccessedAll)
+			}
 		}
-	}
-	if filterPrefix != "" {
-		newNotification.AddFilterPrefix(filterPrefix)
-	}
-	if filterSuffix != "" {
-		newNotification.AddFilterSuffix(filterSuffix)
-	}
-
-	switch arrARN[2] {
-	case "sns":
-		if bucketNotify.AddTopic(newNotification) {
-			err = fmt.Errorf("Overlapping Topic configs")
+		if filterPrefix != "" {
+			newNotification.AddFilterPrefix(filterPrefix)
 		}
-	case "sqs":
-		if bucketNotify.AddQueue(newNotification) {
-			err = fmt.Errorf("Overlapping Queue configs")
+		if filterSuffix != "" {
+			newNotification.AddFilterSuffix(filterSuffix)
 		}
-	case "lambda":
-		if bucketNotify.AddLambda(newNotification) {
-			err = fmt.Errorf("Overlapping lambda configs")
+
+		switch arrARN[2] {
+		case "sns":
+			if bucketNotify.AddTopic(newNotification) {
+				err = fmt.Errorf("Overlapping Topic configs")
+			}
+		case "sqs":
+			if bucketNotify.AddQueue(newNotification) {
+				err = fmt.Errorf("Overlapping Queue configs")
+			}
+		case "lambda":
+			if bucketNotify.AddLambda(newNotification) {
+				err = fmt.Errorf("Overlapping lambda configs")
+			}
 		}
-	}
 
-	err = minioClnt.SetBucketNotification(bucket, bucketNotify)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+		err = minioClnt.SetBucketNotification(bucket, bucketNotify)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var BuckRemoveEvents = func(ctx iris.Context) {
 	var bucket = ctx.FormValue("bucket")
-	err := minioClnt.RemoveAllBucketNotification(bucket)
 
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err := minioClnt.RemoveAllBucketNotification(bucket)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
diff --git a/src/handlers/groups.go b/src/handlers/groups.go
@@ -11,19 +11,27 @@ import (
 
 var GrSetStatus = func(ctx iris.Context) {
 	var group = ctx.FormValue("group")
-	var status = madmin.GroupStatus(ctx.FormValue("status"))
 
-	err = madmClnt.SetGroupStatus(group, status)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		var status = madmin.GroupStatus(group)
+		err = madmClnt.SetGroupStatus(group, status)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var GrSetDescription = func(ctx iris.Context) {
 	var group = ctx.FormValue("group")
 
-	grp, err := madmClnt.GetGroupDescription(group)
-	var res = resph.BodyResHandler(ctx, err, grp)
-	ctx.JSON(res)
+  if resph.CheckAuthBeforeRequest(ctx) != false {
+		grp, err := madmClnt.GetGroupDescription(group)
+		var res = resph.BodyResHandler(ctx, err, grp)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var GrUpdateMembers = func(ctx iris.Context) {
@@ -37,9 +45,14 @@ var GrUpdateMembers = func(ctx iris.Context) {
 		ctx.JSON(iris.Map{"error": err.Error()})
 	}
 
-	err = madmClnt.UpdateGroupMembers(gar)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err = madmClnt.UpdateGroupMembers(gar)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
+
 }
 
 var GrList = func(ctx iris.Context) {

diff --git a/src/handlers/policy.go b/src/handlers/policy.go
@@ -18,18 +18,26 @@ var PolAdd = func(ctx iris.Context) {
 	p.policyName = ctx.FormValue("policyName")
 	p.policyString = ctx.FormValue("policyString")
 
-	err = madmClnt.AddCannedPolicy(p.policyName, p.policyString)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err = madmClnt.AddCannedPolicy(p.policyName, p.policyString)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var PolDelete = func(ctx iris.Context) {
 	p := policySet{}
 	p.policyName = ctx.FormValue("policyName")
 
-	err = madmClnt.RemoveCannedPolicy(p.policyName)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+  if resph.CheckAuthBeforeRequest(ctx) != false {
+		err = madmClnt.RemoveCannedPolicy(p.policyName)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
 
 var PolSet = func(ctx iris.Context) {
@@ -45,7 +53,11 @@ var PolSet = func(ctx iris.Context) {
 		ctx.JSON(iris.Map{"error": err.Error()})
 	}
 
-	err = madmClnt.SetPolicy(p.policyName, p.entityName, isGroupBool)
-	var res = resph.DefaultResHandler(ctx, err)
-	ctx.JSON(res)
+	if resph.CheckAuthBeforeRequest(ctx) != false {
+		err = madmClnt.SetPolicy(p.policyName, p.entityName, isGroupBool)
+		var res = resph.DefaultResHandler(ctx, err)
+		ctx.JSON(res)
+	} else {
+		ctx.JSON(resph.DefaultAuthError())
+	}
 }
diff --git a/src/handlers/probes.go b/src/handlers/probes.go
@@ -5,12 +5,7 @@ import (
 	resph "github.com/rzrbld/adminio-api/response"
 )
 
-var Readiness = func(ctx iris.Context) {
-	var res = resph.DefaultResConstructor(ctx, nil)
-	ctx.JSON(res)
-}
-
-var Liveness = func(ctx iris.Context) {
-	var res = resph.DefaultResConstructor(ctx, nil)
+var Probes = func(ctx iris.Context) {
+	var res = resph.DefaultResConstructor(nil)
 	ctx.JSON(res)
 }