forked from minio/console
-
Notifications
You must be signed in to change notification settings - Fork 1
/
admin_inspect.go
126 lines (111 loc) · 4.24 KB
/
admin_inspect.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package restapi
import (
"encoding/base64"
"fmt"
"io"
"net/http"
"strings"
"unicode/utf8"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
"github.com/secure-io/sio-go"
"github.com/trinet2005/oss-admin-go"
"github.com/trinet2005/oss-console/models"
"github.com/trinet2005/oss-console/restapi/operations"
inspectApi "github.com/trinet2005/oss-console/restapi/operations/inspect"
)
func registerInspectHandler(api *operations.ConsoleAPI) {
api.InspectInspectHandler = inspectApi.InspectHandlerFunc(func(params inspectApi.InspectParams, principal *models.Principal) middleware.Responder {
if v, err := base64.URLEncoding.DecodeString(params.File); err == nil && utf8.Valid(v) {
params.File = string(v)
}
if v, err := base64.URLEncoding.DecodeString(params.Volume); err == nil && utf8.Valid(v) {
params.Volume = string(v)
}
k, r, err := getInspectResult(principal, ¶ms)
if err != nil {
return inspectApi.NewInspectDefault(err.Code).WithPayload(err.APIError)
}
return middleware.ResponderFunc(processInspectResponse(¶ms, k, r))
})
}
func getInspectResult(session *models.Principal, params *inspectApi.InspectParams) ([]byte, io.ReadCloser, *CodedAPIError) {
ctx := params.HTTPRequest.Context()
mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
if err != nil {
return nil, nil, ErrorWithContext(ctx, err)
}
cfg := madmin.InspectOptions{
File: params.File,
Volume: params.Volume,
}
// TODO: Remove encryption option and always encrypt.
// Maybe also add public key field.
if params.Encrypt != nil && *params.Encrypt {
cfg.PublicKey, _ = base64.StdEncoding.DecodeString("MIIBCgKCAQEAs/128UFS9A8YSJY1XqYKt06dLVQQCGDee69T+0Tip/1jGAB4z0/3QMpH0MiS8Wjs4BRWV51qvkfAHzwwdU7y6jxU05ctb/H/WzRj3FYdhhHKdzear9TLJftlTs+xwj2XaADjbLXCV1jGLS889A7f7z5DgABlVZMQd9BjVAR8ED3xRJ2/ZCNuQVJ+A8r7TYPGMY3wWvhhPgPk3Lx4WDZxDiDNlFs4GQSaESSsiVTb9vyGe/94CsCTM6Cw9QG6ifHKCa/rFszPYdKCabAfHcS3eTr0GM+TThSsxO7KfuscbmLJkfQev1srfL2Ii2RbnysqIJVWKEwdW05ID8ryPkuTuwIDAQAB")
}
// create a MinIO Admin Client interface implementation
// defining the client to be used
adminClient := AdminClient{Client: mAdmin}
k, r, err := adminClient.inspect(ctx, cfg)
if err != nil {
return nil, nil, ErrorWithContext(ctx, err)
}
return k, r, nil
}
// borrowed from mc cli
func decryptInspectV1(key [32]byte, r io.Reader) io.ReadCloser {
stream, err := sio.AES_256_GCM.Stream(key[:])
if err != nil {
return nil
}
nonce := make([]byte, stream.NonceSize())
return io.NopCloser(stream.DecryptReader(r, nonce, nil))
}
func processInspectResponse(params *inspectApi.InspectParams, k []byte, r io.ReadCloser) func(w http.ResponseWriter, _ runtime.Producer) {
isEnc := params.Encrypt != nil && *params.Encrypt
return func(w http.ResponseWriter, _ runtime.Producer) {
ext := "enc"
if len(k) == 32 && !isEnc {
ext = "zip"
r = decryptInspectV1(*(*[32]byte)(k), r)
}
fileName := fmt.Sprintf("inspect-%s-%s.%s", params.Volume, params.File, ext)
fileName = strings.Map(func(r rune) rune {
switch {
case r >= 'A' && r <= 'Z':
return r
case r >= 'a' && r <= 'z':
return r
case r >= '0' && r <= '9':
return r
default:
if strings.ContainsAny(string(r), "-+._") {
return r
}
return '_'
}
}, fileName)
w.Header().Set("Content-Type", "application/octet-stream")
w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=\"%s\"", fileName))
_, err := io.Copy(w, r)
if err != nil {
LogError("Unable to write all the data: %v", err)
}
}
}