diff options
author | Saturnino Abril <saturnino.abril@gmail.com> | 2017-09-06 03:42:18 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-06 03:42:18 +0800 |
commit | 8d680cf64ec7fb6c8b242b8048989d0f0550cb68 (patch) | |
tree | 700d39986d1973b51c875ab9bf50241762fc3e54 /utils | |
parent | 7405f66036537095b52c277d9b56969df33bfa57 (diff) | |
download | chat-8d680cf64ec7fb6c8b242b8048989d0f0550cb68.tar.gz chat-8d680cf64ec7fb6c8b242b8048989d0f0550cb68.tar.bz2 chat-8d680cf64ec7fb6c8b242b8048989d0f0550cb68.zip |
[PLT-7475] Add S3 region to system console and add S3 validation (#7373)
* add S3 region to system console and add S3 validation
* update translation message
* add bool as return value to Validate* functions
* update Validate* functions to be pure
Diffstat (limited to 'utils')
-rw-r--r-- | utils/config.go | 74 | ||||
-rw-r--r-- | utils/file.go | 36 |
2 files changed, 92 insertions, 18 deletions
diff --git a/utils/config.go b/utils/config.go index b99194c46..b8ec43eb5 100644 --- a/utils/config.go +++ b/utils/config.go @@ -18,6 +18,7 @@ import ( l4g "github.com/alecthomas/log4go" "github.com/fsnotify/fsnotify" + s3 "github.com/minio/minio-go" "github.com/spf13/viper" "net/http" @@ -46,6 +47,25 @@ var ClientCfg map[string]string = map[string]string{} var originalDisableDebugLvl l4g.Level = l4g.DEBUG var siteURL = "" +var AWS_S3_ENDPOINT_MAP = map[string]string{ + "s3.amazonaws.com": "us-east-1", + "s3-us-east-2.amazonaws.com": "us-east-2", + "s3-us-west-2.amazonaws.com": "us-west-2", + "s3-us-west-1.amazonaws.com": "us-west-1", + "s3.ca-central-1.amazonaws.com": "ca-central-1", + "s3-eu-west-1.amazonaws.com": "eu-west-1", + "s3-eu-west-2.amazonaws.com": "eu-west-2", + "s3-eu-central-1.amazonaws.com": "eu-central-1", + "s3-ap-south-1.amazonaws.com": "ap-south-1", + "s3-ap-southeast-1.amazonaws.com": "ap-southeast-1", + "s3-ap-southeast-2.amazonaws.com": "ap-southeast-2", + "s3-ap-northeast-1.amazonaws.com": "ap-northeast-1", + "s3-ap-northeast-2.amazonaws.com": "ap-northeast-2", + "s3-sa-east-1.amazonaws.com": "sa-east-1", + "s3-us-gov-west-1.amazonaws.com": "us-gov-west-1", + "s3.cn-north-1.amazonaws.com.cn": "cn-north-1", +} + func GetSiteURL() string { return siteURL } @@ -689,3 +709,57 @@ func IsLeader() bool { return true } } + +func ValidateAmazonS3Endpoint(endpoint string) bool { + _, valid := AWS_S3_ENDPOINT_MAP[endpoint] + + return valid +} + +func ValidateAmazonS3Region(region string) bool { + for _, awsRegion := range AWS_S3_ENDPOINT_MAP { + if awsRegion == region { + return true + } + } + + return false +} + +func ValidateAmazonS3Bucket(cfg *model.Config) (bool, string, *model.AppError) { + if *cfg.FileSettings.AmazonS3Bucket == "" { + return false, "", model.NewAppError("ValidateAmazonS3Bucket", "utils.config.bucket_empty.app_error", nil, "", http.StatusBadRequest) + } + + endpoint := *cfg.FileSettings.AmazonS3Endpoint + bucket := *cfg.FileSettings.AmazonS3Bucket + accessKey := cfg.FileSettings.AmazonS3AccessKeyId + secretKey := cfg.FileSettings.AmazonS3SecretAccessKey + secure := *cfg.FileSettings.AmazonS3SSL + + s3Clnt, err := s3.New(endpoint, accessKey, secretKey, secure) + if err != nil { + return false, "", model.NewAppError("ValidateAmazonS3Bucket", "utils.config.bad_connection_to_s3_or_minio.app_error", nil, err.Error(), http.StatusBadRequest) + } + + bucketLocation, err := s3Clnt.GetBucketLocation(bucket) + if err != nil { + bucketLocation = *cfg.FileSettings.AmazonS3Region + + exists, err := s3Clnt.BucketExists(bucket) + if err != nil { + return false, "", model.NewAppError("ValidateAmazonS3Bucket", "utils.config.error_checking_bucket_exist.app_error", nil, err.Error(), http.StatusBadRequest) + } + + if !exists { + err := s3Clnt.MakeBucket(bucket, bucketLocation) + if err != nil { + l4g.Error(T("utils.config.create_amazon_bucket_error"), bucket) + return false, "", model.NewAppError("ValidateAmazonS3Bucket", "utils.config.error_creating_bucket.app_error", nil, err.Error(), http.StatusBadRequest) + } + l4g.Warn(T("utils.config.create_amazon_bucket"), bucket) + } + } + + return true, bucketLocation, nil +} diff --git a/utils/file.go b/utils/file.go index 19fa335c4..d8926cfaa 100644 --- a/utils/file.go +++ b/utils/file.go @@ -48,13 +48,13 @@ func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, regi func TestFileConnection() *model.AppError { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region - bucket := Cfg.FileSettings.AmazonS3Bucket + region := *Cfg.FileSettings.AmazonS3Region + bucket := *Cfg.FileSettings.AmazonS3Bucket s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { @@ -91,17 +91,17 @@ func TestFileConnection() *model.AppError { func ReadFile(path string) ([]byte, *model.AppError) { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region + region := *Cfg.FileSettings.AmazonS3Region s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { return nil, model.NewLocAppError("ReadFile", "api.file.read_file.s3.app_error", nil, err.Error()) } - bucket := Cfg.FileSettings.AmazonS3Bucket + bucket := *Cfg.FileSettings.AmazonS3Bucket minioObject, err := s3Clnt.GetObject(bucket, path) defer minioObject.Close() if err != nil { @@ -125,12 +125,12 @@ func ReadFile(path string) ([]byte, *model.AppError) { func MoveFile(oldPath, newPath string) *model.AppError { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region + region := *Cfg.FileSettings.AmazonS3Region encrypt := false if *Cfg.FileSettings.AmazonS3SSE && IsLicensed() && *License().Features.Compliance { encrypt = true @@ -139,7 +139,7 @@ func MoveFile(oldPath, newPath string) *model.AppError { if err != nil { return model.NewLocAppError("moveFile", "api.file.write_file.s3.app_error", nil, err.Error()) } - bucket := Cfg.FileSettings.AmazonS3Bucket + bucket := *Cfg.FileSettings.AmazonS3Bucket source := s3.NewSourceInfo(bucket, oldPath, nil) destination, err := s3.NewDestinationInfo(bucket, newPath, nil, CopyMetadata(encrypt)) @@ -169,12 +169,12 @@ func MoveFile(oldPath, newPath string) *model.AppError { func WriteFile(f []byte, path string) *model.AppError { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region + region := *Cfg.FileSettings.AmazonS3Region encrypt := false if *Cfg.FileSettings.AmazonS3SSE && IsLicensed() && *License().Features.Compliance { encrypt = true @@ -185,7 +185,7 @@ func WriteFile(f []byte, path string) *model.AppError { return model.NewLocAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error()) } - bucket := Cfg.FileSettings.AmazonS3Bucket + bucket := *Cfg.FileSettings.AmazonS3Bucket ext := filepath.Ext(path) metaData := S3Metadata(encrypt, "binary/octet-stream") if model.IsFileExtImage(ext) { @@ -222,19 +222,19 @@ func writeFileLocally(f []byte, path string) *model.AppError { func RemoveFile(path string) *model.AppError { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region + region := *Cfg.FileSettings.AmazonS3Region s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { return model.NewLocAppError("RemoveFile", "utils.file.remove_file.s3.app_error", nil, err.Error()) } - bucket := Cfg.FileSettings.AmazonS3Bucket + bucket := *Cfg.FileSettings.AmazonS3Bucket if err := s3Clnt.RemoveObject(bucket, path); err != nil { return model.NewLocAppError("RemoveFile", "utils.file.remove_file.s3.app_error", nil, err.Error()) } @@ -271,12 +271,12 @@ func getPathsFromObjectInfos(in <-chan s3.ObjectInfo) <-chan string { func RemoveDirectory(path string) *model.AppError { if *Cfg.FileSettings.DriverName == model.IMAGE_DRIVER_S3 { - endpoint := Cfg.FileSettings.AmazonS3Endpoint + endpoint := *Cfg.FileSettings.AmazonS3Endpoint accessKey := Cfg.FileSettings.AmazonS3AccessKeyId secretKey := Cfg.FileSettings.AmazonS3SecretAccessKey secure := *Cfg.FileSettings.AmazonS3SSL signV2 := *Cfg.FileSettings.AmazonS3SignV2 - region := Cfg.FileSettings.AmazonS3Region + region := *Cfg.FileSettings.AmazonS3Region s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region) if err != nil { @@ -285,7 +285,7 @@ func RemoveDirectory(path string) *model.AppError { doneCh := make(chan struct{}) - bucket := Cfg.FileSettings.AmazonS3Bucket + bucket := *Cfg.FileSettings.AmazonS3Bucket for err := range s3Clnt.RemoveObjects(bucket, getPathsFromObjectInfos(s3Clnt.ListObjects(bucket, path, true, doneCh))) { if err.Err != nil { doneCh <- struct{}{} |