kc, err := MakeKeepClient()
c.Assert(err, Equals, nil)
- hash, replicas, err := kc.PutB([]byte("foo"))
- c.Check(hash, Equals, fmt.Sprintf("%x", md5.Sum([]byte("foo"))))
- c.Check(replicas, Equals, 2)
- c.Check(err, Equals, nil)
+ hash := fmt.Sprintf("%x", md5.Sum([]byte("foo")))
+ {
+ n, _, err := kc.Ask(hash)
+ c.Check(err, Equals, BlockNotFound)
+ c.Check(n, Equals, int64(0))
+ }
+ {
+ hash2, replicas, err := kc.PutB([]byte("foo"))
+ c.Check(hash2, Equals, hash)
+ c.Check(replicas, Equals, 2)
+ c.Check(err, Equals, nil)
+ }
{
r, n, url2, err := kc.Get(hash)
c.Check(err, Equals, nil)
c.Check(err2, Equals, nil)
c.Check(content, DeepEquals, []byte("foo"))
}
-
{
n, url2, err := kc.Ask(hash)
c.Check(err, Equals, nil)
listen string
no_get bool
no_put bool
- no_head bool
default_replicas int
pidfile string
)
flag.BoolVar(
&no_get,
"no-get",
- true,
+ false,
"If set, disable GET operations")
flag.BoolVar(
false,
"If set, disable PUT operations")
- flag.BoolVar(
- &no_head,
- "no-head",
- true,
- "If set, disable HEAD operations")
-
flag.IntVar(
&default_replicas,
"default-replicas",
flag.Parse()
- /*if no_get == false || no_head == false {
- log.Print("Must specify -no-get and -no-head")
+ /*if no_get == false {
+ log.Print("Must specify -no-get")
return
}*/
}
// Start listening for requests.
- http.Serve(listener, MakeRESTRouter(!no_get, !no_put, !no_head, kc))
+ http.Serve(listener, MakeRESTRouter(!no_get, !no_put, kc))
}
type ApiTokenCache struct {
func MakeRESTRouter(
enable_get bool,
enable_put bool,
- enable_head bool,
kc keepclient.KeepClient) *mux.Router {
t := &ApiTokenCache{tokens: make(map[string]int64), expireTime: 300}
ph := rest.Handle(`/{hash:[0-9a-f]{32}}`, PutBlockHandler{kc, t})
if enable_get {
- gh.Methods("GET")
- ghsig.Methods("GET")
+ gh.Methods("GET", "HEAD")
+ ghsig.Methods("GET", "HEAD")
}
if enable_put {
ph.Methods("PUT")
}
- if enable_head {
- gh.Methods("HEAD")
- ghsig.Methods("HEAD")
- }
-
return rest
}
func (this GetBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Request) {
+
+ if !CheckAuthorizationHeader(this.KeepClient, this.ApiTokenCache, req) {
+ http.Error(resp, "Missing or invalid Authorization header", http.StatusForbidden)
+ }
+
hash := mux.Vars(req)["hash"]
signature := mux.Vars(req)["signature"]
timestamp := mux.Vars(req)["timestamp"]
}
func (this PutBlockHandler) ServeHTTP(resp http.ResponseWriter, req *http.Request) {
+
+ log.Print("PutBlockHandler start")
+
if !CheckAuthorizationHeader(this.KeepClient, this.ApiTokenCache, req) {
http.Error(resp, "Missing or invalid Authorization header", http.StatusForbidden)
}
os.Setenv("ARVADOS_API_HOST_INSECURE", "true")
SetupProxyService()
+
+ os.Args = []string{"keepproxy", "-listen=:29950"}
+ go main()
+ time.Sleep(100 * time.Millisecond)
}
func (s *ServerRequiredSuite) TearDownSuite(c *C) {
+ listener.Close()
+
cwd, _ := os.Getwd()
defer os.Chdir(cwd)
log.Print("keepclient created")
- os.Args = []string{"keepproxy", "-listen=:29950"}
- go main()
-
- time.Sleep(100 * time.Millisecond)
-
- log.Print("keepproxy main started")
-
hash := fmt.Sprintf("%x", md5.Sum([]byte("foo")))
- // Uncomment this when actual keep server supports HEAD
- /*{
+ {
_, _, err := kc.Ask(hash)
c.Check(err, Equals, keepclient.BlockNotFound)
log.Print("Ask 1")
- }*/
+ }
{
hash2, rep, err := kc.PutB([]byte("foo"))
log.Print("PutB")
}
- // Uncomment this when actual keep server supports HEAD
- /*{
+ {
blocklen, _, err := kc.Ask(hash)
+ c.Assert(err, Equals, nil)
c.Check(blocklen, Equals, int64(3))
- c.Check(err, Equals, nil)
log.Print("Ask 2")
- }*/
+ }
{
reader, blocklen, _, err := kc.Get(hash)
+ c.Assert(err, Equals, nil)
all, err := ioutil.ReadAll(reader)
c.Check(all, DeepEquals, []byte("foo"))
c.Check(blocklen, Equals, int64(3))
- c.Check(err, Equals, nil)
log.Print("Get")
}
- // Close internal listener socket.
- listener.Close()
-
log.Print("TestPutAndGet done")
}
+
+func (s *ServerRequiredSuite) TestPutAskGetForbidden(c *C) {
+ log.Print("TestPutAndGet start")
+
+ os.Setenv("ARVADOS_EXTERNAL_CLIENT", "true")
+ kc, err := keepclient.MakeKeepClient()
+ kc.ApiToken = "123xyz"
+ c.Check(kc.External, Equals, true)
+ c.Check(kc.Using_proxy, Equals, true)
+ c.Check(len(kc.Service_roots), Equals, 1)
+ c.Check(kc.Service_roots[0], Equals, "http://localhost:29950")
+ c.Check(err, Equals, nil)
+ os.Setenv("ARVADOS_EXTERNAL_CLIENT", "")
+
+ log.Print("keepclient created")
+
+ hash := fmt.Sprintf("%x", md5.Sum([]byte("foo")))
+
+ {
+ _, _, err := kc.Ask(hash)
+ c.Check(err, Equals, keepclient.BlockNotFound)
+ log.Print("Ask 1")
+ }
+
+ {
+ hash2, rep, err := kc.PutB([]byte("foo"))
+ c.Check(hash2, Equals, hash)
+ c.Check(rep, Equals, 0)
+ c.Check(err, Equals, keepclient.InsufficientReplicasError)
+ log.Print("PutB")
+ }
+
+ {
+ blocklen, _, err := kc.Ask(hash)
+ c.Assert(err, Equals, keepclient.BlockNotFound)
+ c.Check(blocklen, Equals, int64(0))
+ log.Print("Ask 2")
+ }
+
+ {
+ _, blocklen, _, err := kc.Get(hash)
+ c.Assert(err, Equals, keepclient.BlockNotFound)
+ c.Check(blocklen, Equals, int64(0))
+ log.Print("Get")
+ }
+
+ log.Print("TestPutAndGetForbidden done")
+}