-
Notifications
You must be signed in to change notification settings - Fork 331
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[S3 gateway] Return HTTP 409 (Conflict) when creating existing repo (#…
…2451) * [S3 gateway] Return HTTP 409 (Conflict) when creating existing repo When copying to a new key, Rclone likes to try to create _all_ the S3 path down (it seems to think it's on a POSIXy filesystem so it `mkdir -p`s). A repository cannot be created by the gateway -- there is not enough info on the request -- but if we return a 409 (conflict) then Rclone continues and succeeds. There is no S3 gateway test, so tested manually using Rclone. Fixes #2447. * [CR] Require CreateRepositoryAction (not ReadRepositoryAction)
- Loading branch information
1 parent
3a9b871
commit a0713b3
Showing
4 changed files
with
40 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
package operations | ||
|
||
import ( | ||
"net/http" | ||
|
||
gatewayerrors "github.com/treeverse/lakefs/pkg/gateway/errors" | ||
"github.com/treeverse/lakefs/pkg/permissions" | ||
) | ||
|
||
// PutBucket handles S3 Create Bucket operations. It does *not* actually | ||
// create new repos (there is not enough information in the S3 request to | ||
// create a new repo), but *does* detect whether the repo already exists. | ||
type PutBucket struct{} | ||
|
||
func (controller *PutBucket) RequiredPermissions(_ *http.Request, repoID string) ([]permissions.Permission, error) { | ||
return []permissions.Permission{ | ||
{ | ||
// Mimic S3, which requires s3:CreateBucket to call | ||
// create-bucket, even if we only want to receive | ||
// 409. | ||
Action: permissions.CreateRepositoryAction, | ||
Resource: permissions.RepoArn(repoID), | ||
}, | ||
}, nil | ||
} | ||
|
||
func (controller *PutBucket) Handle(w http.ResponseWriter, req *http.Request, o *RepoOperation) { | ||
o.Incr("put_repo") | ||
if o.Repository == nil { | ||
// No repo, would have to create it, but not enough | ||
// information -- so not supported. | ||
o.EncodeError(w, req, gatewayerrors.ERRLakeFSNotSupported.ToAPIErr()) | ||
} | ||
o.EncodeError(w, req, gatewayerrors.ErrBucketAlreadyExists.ToAPIErr()) | ||
} |