Deuxfleurs/garage
42
39
Fork 55
Code Issues 71 Pull requests 7 Releases 29 Wiki Activity

Web server access control

Browse source
This commit is contained in:
Quentin 2020-12-17 20:43:14 +01:00
parent 011ff87b5f
commit 3132deca58
1 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/web/web_server.rs
View file

@ -13,6 +13,8 @@ use idna::domain_to_unicode;
use crate::error::*;
use garage_api::s3_get::{handle_get, handle_head};
use garage_table::*;
use garage_model::bucket_table::*;
use garage_model::garage::Garage;
use garage_util::error::Error as GarageError;
@ -76,6 +78,20 @@ async fn serve_file(garage: Arc<Garage>, req: Request<Body>) -> Result<Response<
let root = &garage.config.s3_web.root_domain;
let bucket = host_to_bucket(&host, root);
// Check bucket is exposed as a website
let bucket_desc = garage
.bucket_table
.get(&EmptyKey, &bucket.to_string())
.await?
.filter(|b| !b.is_deleted())
.ok_or(Error::NotFound)?;
match bucket_desc.state.get() {
BucketState::Deleted => Err(Error::NotFound),
BucketState::Present(params) if !params.website.get() => Err(Error::NotFound),
_ => Ok(()),
}?;
// Get path
let path = req.uri().path().to_string();
let index = &garage.config.s3_web.index;