github
/
Cloudreve
mirror of https://github.com/cloudreve/Cloudreve
1
0
Fork 0
Code Issues Releases Wiki Activity

Test: s3 policy

pull/630/head
HFO4 2020-10-26 15:33:28 +08:00
parent 95f318e069
commit 746aa3e8ef
7 changed files with 86 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
go.sum
View File

@ -239,6 +239,7 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible h1:dqpmYaez7VBT7PCRBcBxkzlDOiTk7Td8ATiia1b1GuE= github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible h1:dqpmYaez7VBT7PCRBcBxkzlDOiTk7Td8ATiia1b1GuE=
github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4= github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4=

24
middleware/auth.go
View File

@ -175,7 +175,7 @@ func QiniuCallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, user := uploadCallbackCheck(c) resp, user := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }
@ -185,12 +185,12 @@ func QiniuCallbackAuth() gin.HandlerFunc {
ok, err := mac.VerifyCallback(c.Request) ok, err := mac.VerifyCallback(c.Request)
if err != nil { if err != nil {
util.Log().Debug("无法验证回调请求,%s", err) util.Log().Debug("无法验证回调请求,%s", err)
c.JSON(401, serializer.QiniuCallbackFailed{Error: "无法验证回调请求"}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "无法验证回调请求"})
c.Abort() c.Abort()
return return
} }
if !ok { if !ok {
c.JSON(401, serializer.QiniuCallbackFailed{Error: "回调签名无效"}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "回调签名无效"})
c.Abort() c.Abort()
return return
} }
@ -205,7 +205,7 @@ func OSSCallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, _ := uploadCallbackCheck(c) resp, _ := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }
@ -213,7 +213,7 @@ func OSSCallbackAuth() gin.HandlerFunc {
err := oss.VerifyCallbackSignature(c.Request) err := oss.VerifyCallbackSignature(c.Request)
if err != nil { if err != nil {
util.Log().Debug("回调签名验证失败,%s", err) util.Log().Debug("回调签名验证失败,%s", err)
c.JSON(401, serializer.QiniuCallbackFailed{Error: "回调签名验证失败"}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "回调签名验证失败"})
c.Abort() c.Abort()
return return
} }
@ -228,7 +228,7 @@ func UpyunCallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, user := uploadCallbackCheck(c) resp, user := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }
@ -237,7 +237,7 @@ func UpyunCallbackAuth() gin.HandlerFunc {
body, err := ioutil.ReadAll(c.Request.Body) body, err := ioutil.ReadAll(c.Request.Body)
c.Request.Body.Close() c.Request.Body.Close()
if err != nil { if err != nil {
c.JSON(401, serializer.QiniuCallbackFailed{Error: err.Error()}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: err.Error()})
c.Abort() c.Abort()
return return
} }
@ -253,7 +253,7 @@ func UpyunCallbackAuth() gin.HandlerFunc {
// 计算正文MD5 // 计算正文MD5
actualContentMD5 := fmt.Sprintf("%x", md5.Sum(body)) actualContentMD5 := fmt.Sprintf("%x", md5.Sum(body))
if actualContentMD5 != contentMD5 { if actualContentMD5 != contentMD5 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: "MD5不一致"}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "MD5不一致"})
c.Abort() c.Abort()
return return
} }
@ -268,7 +268,7 @@ func UpyunCallbackAuth() gin.HandlerFunc {
// 对比签名 // 对比签名
if signature != actualSignature { if signature != actualSignature {
c.JSON(401, serializer.QiniuCallbackFailed{Error: "鉴权失败"}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "鉴权失败"})
c.Abort() c.Abort()
return return
} }
@ -284,7 +284,7 @@ func OneDriveCallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, _ := uploadCallbackCheck(c) resp, _ := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }
@ -303,7 +303,7 @@ func COSCallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, _ := uploadCallbackCheck(c) resp, _ := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }
@ -318,7 +318,7 @@ func S3CallbackAuth() gin.HandlerFunc {
// 验证key并查找用户 // 验证key并查找用户
resp, _ := uploadCallbackCheck(c) resp, _ := uploadCallbackCheck(c)
if resp.Code != 0 { if resp.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
c.Abort() c.Abort()
return return
} }

44
middleware/auth_test.go
View File

@ -747,3 +747,47 @@ func TestIsAdmin(t *testing.T) {
asserts.False(c.IsAborted()) asserts.False(c.IsAborted())
} }
} }
func TestS3CallbackAuth(t *testing.T) {
asserts := assert.New(t)
rec := httptest.NewRecorder()
AuthFunc := S3CallbackAuth()
// Callback Key 相关验证失败
{
c, _ := gin.CreateTestContext(rec)
c.Params = []gin.Param{
{"key", "testUpyunBackRemote"},
}
c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil)
AuthFunc(c)
asserts.True(c.IsAborted())
}
// 成功
{
cache.Set(
"callback_testCallBackUpyun",
serializer.UploadSession{
UID: 1,
PolicyID: 512,
VirtualPath: "/",
},
0,
)
cache.Deletes([]string{"1"}, "policy_")
mock.ExpectQuery("SELECT(.+)users(.+)").
WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1))
mock.ExpectQuery("SELECT(.+)groups(.+)").
WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[702]"))
mock.ExpectQuery("SELECT(.+)policies(.+)").
WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123"))
c, _ := gin.CreateTestContext(rec)
c.Params = []gin.Param{
{"key", "testCallBackUpyun"},
}
c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1")))
AuthFunc(c)
asserts.False(c.IsAborted())
}
}

22
models/policy_test.go
View File

@ -209,6 +209,28 @@ func TestPolicy_GetUploadURL(t *testing.T) {
asserts.Equal("http://127.0.0.1", policy.GetUploadURL()) asserts.Equal("http://127.0.0.1", policy.GetUploadURL())
} }
// S3 未填写自动生成
{
policy := Policy{
Type: "s3",
Server: "",
BucketName: "bucket",
OptionsSerialized: PolicyOption{Region: "us-east"},
}
asserts.Equal("https://bucket.s3.us-east.amazonaws.com/", policy.GetUploadURL())
}
// s3 自己指定
{
policy := Policy{
Type: "s3",
Server: "https://s3.us-east.amazonaws.com/",
BucketName: "bucket",
OptionsSerialized: PolicyOption{Region: "us-east"},
}
asserts.Equal("https://s3.us-east.amazonaws.com/bucket", policy.GetUploadURL())
}
} }
func TestPolicy_IsPathGenerateNeeded(t *testing.T) { func TestPolicy_IsPathGenerateNeeded(t *testing.T) {

4
pkg/filesystem/filesystem_test.go
View File

@ -102,6 +102,10 @@ func TestDispatchHandler(t *testing.T) {
fs.Policy = &model.Policy{Type: "onedrive"} fs.Policy = &model.Policy{Type: "onedrive"}
err = fs.DispatchHandler() err = fs.DispatchHandler()
asserts.NoError(err) asserts.NoError(err)
fs.Policy = &model.Policy{Type: "s3"}
err = fs.DispatchHandler()
asserts.NoError(err)
} }
func TestNewFileSystemFromCallback(t *testing.T) { func TestNewFileSystemFromCallback(t *testing.T) {

4
pkg/serializer/upload.go
View File

@ -46,8 +46,8 @@ type UploadCallback struct {
Size uint64 `json:"size"` Size uint64 `json:"size"`
} }
// QiniuCallbackFailed 七牛存储策略上传回调失败响应 // GeneralUploadCallbackFailed 存储策略上传回调失败响应
type QiniuCallbackFailed struct { type GeneralUploadCallbackFailed struct {
Error string `json:"error"` Error string `json:"error"`
} }

2
routers/controllers/callback.go
View File

@ -27,7 +27,7 @@ func QiniuCallback(c *gin.Context) {
if err := c.ShouldBindJSON(&callbackBody); err == nil { if err := c.ShouldBindJSON(&callbackBody); err == nil {
res := callback.ProcessCallback(callbackBody, c) res := callback.ProcessCallback(callbackBody, c)
if res.Code != 0 { if res.Code != 0 {
c.JSON(401, serializer.QiniuCallbackFailed{Error: res.Msg}) c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: res.Msg})
} else { } else {
c.JSON(200, res) c.JSON(200, res)
} }