X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/808533d055f202609b2387307b6e2f97def39d2a..75280895b5ad79df5df9f33d759a359b9f111dd9:/services/keep-web/handler.go

diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index f69f396f26..b5c11e553c 100644
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -10,7 +10,6 @@ import (
 	"html"
 	"html/template"
 	"io"
-	"log"
 	"net/http"
 	"net/url"
 	"os"
@@ -26,11 +25,13 @@ import (
 	"git.curoverse.com/arvados.git/sdk/go/health"
 	"git.curoverse.com/arvados.git/sdk/go/httpserver"
 	"git.curoverse.com/arvados.git/sdk/go/keepclient"
+	log "github.com/sirupsen/logrus"
 	"golang.org/x/net/webdav"
 )
 
 type handler struct {
 	Config        *Config
+	MetricsAPI    http.Handler
 	clientPool    *arvadosclient.ClientPool
 	setupOnce     sync.Once
 	healthHandler http.Handler
@@ -90,14 +91,7 @@ func (h *handler) setup() {
 }
 
 func (h *handler) serveStatus(w http.ResponseWriter, r *http.Request) {
-	status := struct {
-		cacheStats
-		Version string
-	}{
-		cacheStats: h.Config.Cache.Stats(),
-		Version:    version,
-	}
-	json.NewEncoder(w).Encode(status)
+	json.NewEncoder(w).Encode(struct{ Version string }{version})
 }
 
 // updateOnSuccess wraps httpserver.ResponseWriter. If the handler
@@ -141,23 +135,34 @@ func (uos *updateOnSuccess) WriteHeader(code int) {
 }
 
 var (
+	corsAllowHeadersHeader = strings.Join([]string{
+		"Authorization", "Content-Type", "Range",
+		// WebDAV request headers:
+		"Depth", "Destination", "If", "Lock-Token", "Overwrite", "Timeout",
+	}, ", ")
 	writeMethod = map[string]bool{
-		"COPY":   true,
-		"DELETE": true,
-		"MKCOL":  true,
-		"MOVE":   true,
-		"PUT":    true,
-		"RMCOL":  true,
+		"COPY":      true,
+		"DELETE":    true,
+		"LOCK":      true,
+		"MKCOL":     true,
+		"MOVE":      true,
+		"PROPPATCH": true,
+		"PUT":       true,
+		"RMCOL":     true,
+		"UNLOCK":    true,
 	}
 	webdavMethod = map[string]bool{
-		"COPY":     true,
-		"DELETE":   true,
-		"MKCOL":    true,
-		"MOVE":     true,
-		"OPTIONS":  true,
-		"PROPFIND": true,
-		"PUT":      true,
-		"RMCOL":    true,
+		"COPY":      true,
+		"DELETE":    true,
+		"LOCK":      true,
+		"MKCOL":     true,
+		"MOVE":      true,
+		"OPTIONS":   true,
+		"PROPFIND":  true,
+		"PROPPATCH": true,
+		"PUT":       true,
+		"RMCOL":     true,
+		"UNLOCK":    true,
 	}
 	browserMethod = map[string]bool{
 		"GET":  true,
@@ -183,6 +188,9 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 	if xff := r.Header.Get("X-Forwarded-For"); xff != "" {
 		remoteAddr = xff + "," + remoteAddr
 	}
+	if xfp := r.Header.Get("X-Forwarded-Proto"); xfp != "" && xfp != "http" {
+		r.URL.Scheme = xfp
+	}
 
 	w := httpserver.WrapResponseWriter(wOrig)
 	defer func() {
@@ -191,13 +199,12 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 		} else if w.WroteStatus() == 0 {
 			w.WriteHeader(statusCode)
 		} else if w.WroteStatus() != statusCode {
-			httpserver.Log(r.RemoteAddr, "WARNING",
+			log.WithField("RequestID", r.Header.Get("X-Request-Id")).Warn(
 				fmt.Sprintf("Our status changed from %d to %d after we sent headers", w.WroteStatus(), statusCode))
 		}
 		if statusText == "" {
 			statusText = http.StatusText(statusCode)
 		}
-		httpserver.Log(remoteAddr, statusCode, statusText, w.WroteBodyBytes(), r.Method, r.Host, r.URL.Path, r.URL.RawQuery)
 	}()
 
 	if strings.HasPrefix(r.URL.Path, "/_health/") && r.Method == "GET" {
@@ -210,8 +217,8 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 			statusCode = http.StatusMethodNotAllowed
 			return
 		}
-		w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, Range")
-		w.Header().Set("Access-Control-Allow-Methods", "COPY, DELETE, GET, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PUT, RMCOL")
+		w.Header().Set("Access-Control-Allow-Headers", corsAllowHeadersHeader)
+		w.Header().Set("Access-Control-Allow-Methods", "COPY, DELETE, GET, LOCK, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, RMCOL, UNLOCK")
 		w.Header().Set("Access-Control-Allow-Origin", "*")
 		w.Header().Set("Access-Control-Max-Age", "86400")
 		statusCode = http.StatusOK
@@ -257,6 +264,9 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 	} else if r.URL.Path == "/status.json" {
 		h.serveStatus(w, r)
 		return
+	} else if strings.HasPrefix(r.URL.Path, "/metrics") {
+		h.MetricsAPI.ServeHTTP(w, r)
+		return
 	} else if siteFSDir[pathParts[0]] {
 		useSiteFS = true
 	} else if len(pathParts) >= 1 && strings.HasPrefix(pathParts[0], "c=") {
@@ -314,6 +324,14 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if useSiteFS {
+		if tokens == nil {
+			tokens = auth.CredentialsFromRequest(r).Tokens
+		}
+		h.serveSiteFS(w, r, tokens, credentialsOK, attachment)
+		return
+	}
+
 	targetPath := pathParts[stripParts:]
 	if tokens == nil && len(targetPath) > 0 && strings.HasPrefix(targetPath[0], "t=") {
 		// http://ID.example/t=TOKEN/PATH...
@@ -330,16 +348,11 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 
 	if tokens == nil {
 		if credentialsOK {
-			reqTokens = auth.NewCredentialsFromHTTPRequest(r).Tokens
+			reqTokens = auth.CredentialsFromRequest(r).Tokens
 		}
 		tokens = append(reqTokens, h.Config.AnonymousTokens...)
 	}
 
-	if useSiteFS {
-		h.serveSiteFS(w, r, tokens, credentialsOK, attachment)
-		return
-	}
-
 	if len(targetPath) > 0 && targetPath[0] == "_" {
 		// If a collection has a directory called "t=foo" or
 		// "_", it can be served at
@@ -417,6 +430,7 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 		statusCode, statusText = http.StatusInternalServerError, err.Error()
 		return
 	}
+	kc.RequestID = r.Header.Get("X-Request-Id")
 
 	var basename string
 	if len(targetPath) > 0 {
@@ -424,11 +438,11 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
 	}
 	applyContentDispositionHdr(w, r, basename, attachment)
 
-	client := &arvados.Client{
+	client := (&arvados.Client{
 		APIHost:   arv.ApiServer,
 		AuthToken: arv.ApiToken,
 		Insecure:  arv.ApiInsecure,
-	}
+	}).WithRequestID(r.Header.Get("X-Request-Id"))
 
 	fs, err := collection.FileSystem(client, kc)
 	if err != nil {
@@ -529,11 +543,12 @@ func (h *handler) serveSiteFS(w http.ResponseWriter, r *http.Request, tokens []s
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	client := &arvados.Client{
+	kc.RequestID = r.Header.Get("X-Request-Id")
+	client := (&arvados.Client{
 		APIHost:   arv.ApiServer,
 		AuthToken: arv.ApiToken,
 		Insecure:  arv.ApiInsecure,
-	}
+	}).WithRequestID(r.Header.Get("X-Request-Id"))
 	fs := client.SiteFileSystem(kc)
 	f, err := fs.Open(r.URL.Path)
 	if os.IsNotExist(err) {
@@ -769,6 +784,7 @@ func (h *handler) seeOtherWithCookie(w http.ResponseWriter, r *http.Request, loc
 		u = newu
 	}
 	redir := (&url.URL{
+		Scheme:   r.URL.Scheme,
 		Host:     r.Host,
 		Path:     u.Path,
 		RawQuery: redirQuery.Encode(),