diff options
author | Harshavardhana <harsha@minio.io> | 2017-07-31 09:22:52 -0700 |
---|---|---|
committer | Harrison Healey <harrisonmhealey@gmail.com> | 2017-07-31 12:22:52 -0400 |
commit | 489602efe5e099f57bb2b58b7c67f8fc104ff5db (patch) | |
tree | 1b5c021ba02d6495f85e9dd8d2a43406f74e0308 /app/file.go | |
parent | c506c5cac6627a42af778d744cdd36d6d7abaeb2 (diff) | |
download | chat-489602efe5e099f57bb2b58b7c67f8fc104ff5db.tar.gz chat-489602efe5e099f57bb2b58b7c67f8fc104ff5db.tar.bz2 chat-489602efe5e099f57bb2b58b7c67f8fc104ff5db.zip |
Allow regions to be set and honored for S3 driver. (#7010)
This is necessary for certain users where
GetBucketLocation API is disabled using IAM
policies. There is a field AmazonS3Region
which we need to re-purpose and use to support
this properly.
Fixes https://github.com/mattermost/platform/issues/6999
Diffstat (limited to 'app/file.go')
-rw-r--r-- | app/file.go | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/app/file.go b/app/file.go index 31df445b3..74f70ec16 100644 --- a/app/file.go +++ b/app/file.go @@ -28,6 +28,7 @@ import ( "github.com/mattermost/platform/model" "github.com/mattermost/platform/utils" s3 "github.com/minio/minio-go" + "github.com/minio/minio-go/pkg/credentials" "github.com/rwcarlsen/goexif/exif" _ "golang.org/x/image/bmp" ) @@ -60,11 +61,17 @@ const ( // Similar to s3.New() but allows initialization of signature v2 or signature v4 client. // If signV2 input is false, function always returns signature v4. -func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool) (*s3.Client, error) { +// +// Additionally this function also takes a user defined region, if set +// disables automatic region lookup. +func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, region string) (*s3.Client, error) { + var creds *credentials.Credentials if signV2 { - return s3.NewV2(endpoint, accessKey, secretKey, secure) + creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV2) + } else { + creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV4) } - return s3.NewV4(endpoint, accessKey, secretKey, secure) + return s3.NewWithCredentials(endpoint, creds, secure, region) } func ReadFile(path string) ([]byte, *model.AppError) { @@ -74,7 +81,8 @@ func ReadFile(path string) ([]byte, *model.AppError) { secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey secure := *utils.Cfg.FileSettings.AmazonS3SSL signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2 - s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2) + region := utils.Cfg.FileSettings.AmazonS3Region + s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { return nil, model.NewLocAppError("ReadFile", "api.file.read_file.s3.app_error", nil, err.Error()) } @@ -107,7 +115,8 @@ func MoveFile(oldPath, newPath string) *model.AppError { secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey secure := *utils.Cfg.FileSettings.AmazonS3SSL signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2 - s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2) + region := utils.Cfg.FileSettings.AmazonS3Region + s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { return model.NewLocAppError("moveFile", "api.file.write_file.s3.app_error", nil, err.Error()) } @@ -146,7 +155,8 @@ func WriteFile(f []byte, path string) *model.AppError { secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey secure := *utils.Cfg.FileSettings.AmazonS3SSL signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2 - s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2) + region := utils.Cfg.FileSettings.AmazonS3Region + s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { return model.NewLocAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error()) } |