IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Allow regions to be set and honored for S3 driver. (#7010)

Browse Source 
This is necessary for certain users where
GetBucketLocation API is disabled using IAM
policies. There is a field AmazonS3Region
which we need to re-purpose and use to support
this properly.

Fixes https://github.com/mattermost/platform/issues/6999
This commit is contained in:
Harshavardhana
2017-07-31 09:22:52 -07:00
committed by Harrison Healey
parent c506c5cac6
commit 489602efe5
5 changed files with 49 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
api/file_test.go
View File

@@ -20,6 +20,7 @@ import (
"github.com/mattermost/platform/utils"
s3 "github.com/minio/minio-go"
"github.com/minio/minio-go/pkg/credentials"
)
func TestUploadFile(t *testing.T) {
@@ -820,11 +821,19 @@ func readTestFile(name string) ([]byte, error) {
}
}
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool) (*s3.Client, error) {
// Similar to s3.New() but allows initialization of signature v2 or signature v4 client.
// If signV2 input is false, function always returns signature v4.
//
// Additionally this function also takes a user defined region, if set
// disables automatic region lookup.
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, region string) (*s3.Client, error) {
var creds *credentials.Credentials
if signV2 {
return s3.NewV2(endpoint, accessKey, secretKey, secure)
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV2)
} else {
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV4)
}
return s3.NewV4(endpoint, accessKey, secretKey, secure)
return s3.NewWithCredentials(endpoint, creds, secure, region)
}
func cleanupTestFile(info *model.FileInfo) error {
@@ -834,7 +843,8 @@ func cleanupTestFile(info *model.FileInfo) error {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
return err
}

6
api/user_test.go
View File

@@ -695,7 +695,8 @@ func TestUserCreateImage(t *testing.T) {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
t.Fatal(err)
}
@@ -800,7 +801,8 @@ func TestUserUploadProfileImage(t *testing.T) {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
t.Fatal(err)
}

20
api4/apitestlib.go
View File

@@ -23,8 +23,9 @@ import (
"github.com/mattermost/platform/utils"
"github.com/mattermost/platform/wsapi"
s3 "github.com/minio/minio-go"
"github.com/mattermost/platform/jobs"
s3 "github.com/minio/minio-go"
"github.com/minio/minio-go/pkg/credentials"
)
type TestHelper struct {
@@ -641,11 +642,19 @@ func readTestFile(name string) ([]byte, error) {
}
}
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool) (*s3.Client, error) {
// Similar to s3.New() but allows initialization of signature v2 or signature v4 client.
// If signV2 input is false, function always returns signature v4.
//
// Additionally this function also takes a user defined region, if set
// disables automatic region lookup.
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, region string) (*s3.Client, error) {
var creds *credentials.Credentials
if signV2 {
return s3.NewV2(endpoint, accessKey, secretKey, secure)
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV2)
} else {
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV4)
}
return s3.NewV4(endpoint, accessKey, secretKey, secure)
return s3.NewWithCredentials(endpoint, creds, secure, region)
}
func cleanupTestFile(info *model.FileInfo) error {
@@ -655,7 +664,8 @@ func cleanupTestFile(info *model.FileInfo) error {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
return err
}

22
app/file.go
View File

@@ -28,6 +28,7 @@ import (
"github.com/mattermost/platform/model"
"github.com/mattermost/platform/utils"
s3 "github.com/minio/minio-go"
"github.com/minio/minio-go/pkg/credentials"
"github.com/rwcarlsen/goexif/exif"
_ "golang.org/x/image/bmp"
)
@@ -60,11 +61,17 @@ const (
// Similar to s3.New() but allows initialization of signature v2 or signature v4 client.
// If signV2 input is false, function always returns signature v4.
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool) (*s3.Client, error) {
//
// Additionally this function also takes a user defined region, if set
// disables automatic region lookup.
func s3New(endpoint, accessKey, secretKey string, secure bool, signV2 bool, region string) (*s3.Client, error) {
var creds *credentials.Credentials
if signV2 {
return s3.NewV2(endpoint, accessKey, secretKey, secure)
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV2)
} else {
creds = credentials.NewStatic(accessKey, secretKey, "", credentials.SignatureV4)
}
return s3.NewV4(endpoint, accessKey, secretKey, secure)
return s3.NewWithCredentials(endpoint, creds, secure, region)
}
func ReadFile(path string) ([]byte, *model.AppError) {
@@ -74,7 +81,8 @@ func ReadFile(path string) ([]byte, *model.AppError) {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
return nil, model.NewLocAppError("ReadFile", "api.file.read_file.s3.app_error", nil, err.Error())
}
@@ -107,7 +115,8 @@ func MoveFile(oldPath, newPath string) *model.AppError {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
return model.NewLocAppError("moveFile", "api.file.write_file.s3.app_error", nil, err.Error())
}
@@ -146,7 +155,8 @@ func WriteFile(f []byte, path string) *model.AppError {
secretKey := utils.Cfg.FileSettings.AmazonS3SecretAccessKey
secure := *utils.Cfg.FileSettings.AmazonS3SSL
signV2 := *utils.Cfg.FileSettings.AmazonS3SignV2
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2)
region := utils.Cfg.FileSettings.AmazonS3Region
s3Clnt, err := s3New(endpoint, accessKey, secretKey, secure, signV2, region)
if err != nil {
return model.NewLocAppError("WriteFile", "api.file.write_file.s3.app_error", nil, err.Error())
}

5
model/config.go
View File

@@ -526,11 +526,6 @@ func (o *Config) SetDefaults() {
o.FileSettings.AmazonS3Endpoint = "s3.amazonaws.com"
}
if o.FileSettings.AmazonS3Region == "" {
// Defaults to "us-east-1" region.
o.FileSettings.AmazonS3Region = "us-east-1"
}
if o.FileSettings.AmazonS3SSL == nil {
o.FileSettings.AmazonS3SSL = new(bool)
*o.FileSettings.AmazonS3SSL = true // Secure by default.