diff --git a/src/api/api_server.rs b/src/api/api_server.rs index 315116c8..a0c7655c 100644 --- a/src/api/api_server.rs +++ b/src/api/api_server.rs @@ -92,11 +92,6 @@ async fn handler( } async fn handler_inner(garage: Arc, req: Request) -> Result, Error> { - let (api_key, content_sha256) = check_payload_signature(&garage, &req).await?; - let api_key = api_key.ok_or_else(|| { - Error::Forbidden("Garage does not support anonymous access yet".to_string()) - })?; - let authority = req .headers() .get(header::HOST) @@ -115,6 +110,17 @@ async fn handler_inner(garage: Arc, req: Request) -> Result return handle_request_without_bucket(garage, req, api_key, endpoint).await, Some(bucket) => bucket.to_string(), diff --git a/src/api/s3_router.rs b/src/api/s3_router.rs index 51020a81..2a68d79e 100644 --- a/src/api/s3_router.rs +++ b/src/api/s3_router.rs @@ -410,6 +410,12 @@ pub enum Endpoint { part_number: u64, upload_id: String, }, + // This endpoint is not documented with others because it has special use case : + // It's intended to be used with HTML forms, using a multipart/form-data body. + // It works a lot like presigned requests, but everything is in the form instead + // of being query parameters of the URL, so authenticating it is a bit different. + PostObject { + }, }} impl Endpoint { @@ -543,6 +549,7 @@ impl Endpoint { UPLOADS => CreateMultipartUpload, ], no_key: [ + EMPTY => PostObject, DELETE => DeleteObjects, ] } @@ -1165,6 +1172,7 @@ mod tests { POST "/{Key+}?restore&versionId=VersionId" => RestoreObject PUT "/my-movie.m2ts?partNumber=1&uploadId=VCVsb2FkIElEIGZvciBlbZZpbmcncyBteS1tb3ZpZS5tMnRzIHVwbG9hZR" => UploadPart PUT "/Key+?partNumber=2&uploadId=UploadId" => UploadPart + POST "/" => PostObject ); // no bucket, won't work with the rest of the test suite assert!(matches!(