storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/admin-router.go

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/admin-router.go (about)

     1  /*
     2   * MinIO Cloud Storage, (C) 2016, 2017, 2018, 2019 MinIO, Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package cmd
    18  
    19  import (
    20  	"net/http"
    21  
    22  	"github.com/gorilla/mux"
    23  
    24  	"storj.io/minio/pkg/madmin"
    25  )
    26  
    27  const (
    28  	adminPathPrefix         = minioReservedBucketPath + "/admin"
    29  	adminAPIVersionV2       = madmin.AdminAPIVersionV2
    30  	adminAPIVersion         = madmin.AdminAPIVersion
    31  	adminAPIVersionPrefix   = SlashSeparator + adminAPIVersion
    32  	adminAPIVersionV2Prefix = SlashSeparator + adminAPIVersionV2
    33  )
    34  
    35  // adminAPIHandlers provides HTTP handlers for MinIO admin API.
    36  type adminAPIHandlers struct{}
    37  
    38  // registerAdminRouter - Add handler functions for each service REST API routes.
    39  func registerAdminRouter(router *mux.Router, enableConfigOps, enableIAMOps bool) {
    40  
    41  	adminAPI := adminAPIHandlers{}
    42  	// Admin router
    43  	adminRouter := router.PathPrefix(adminPathPrefix).Subrouter()
    44  
    45  	/// Service operations
    46  
    47  	adminVersions := []string{
    48  		adminAPIVersionPrefix,
    49  		adminAPIVersionV2Prefix,
    50  	}
    51  
    52  	for _, adminVersion := range adminVersions {
    53  		// Restart and stop MinIO service.
    54  		adminRouter.Methods(http.MethodPost).Path(adminVersion+"/service").HandlerFunc(HTTPTraceAll(adminAPI.ServiceHandler)).Queries("action", "{action:.*}")
    55  		// Update MinIO servers.
    56  		adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update").HandlerFunc(HTTPTraceAll(adminAPI.ServerUpdateHandler)).Queries("updateURL", "{updateURL:.*}")
    57  
    58  		// Info operations
    59  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/info").HandlerFunc(HTTPTraceAll(adminAPI.ServerInfoHandler))
    60  
    61  		// StorageInfo operations
    62  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/storageinfo").HandlerFunc(HTTPTraceAll(adminAPI.StorageInfoHandler))
    63  		// DataUsageInfo operations
    64  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/datausageinfo").HandlerFunc(HTTPTraceAll(adminAPI.DataUsageInfoHandler))
    65  
    66  		if globalIsDistErasure || globalIsErasure {
    67  			/// Heal operations
    68  
    69  			// Heal processing endpoint.
    70  			adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/").HandlerFunc(HTTPTraceAll(adminAPI.HealHandler))
    71  			adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}").HandlerFunc(HTTPTraceAll(adminAPI.HealHandler))
    72  			adminRouter.Methods(http.MethodPost).Path(adminVersion + "/heal/{bucket}/{prefix:.*}").HandlerFunc(HTTPTraceAll(adminAPI.HealHandler))
    73  
    74  			adminRouter.Methods(http.MethodPost).Path(adminVersion + "/background-heal/status").HandlerFunc(HTTPTraceAll(adminAPI.BackgroundHealStatusHandler))
    75  
    76  			/// Health operations
    77  
    78  		}
    79  
    80  		// Profiling operations
    81  		adminRouter.Methods(http.MethodPost).Path(adminVersion+"/profiling/start").HandlerFunc(HTTPTraceAll(adminAPI.StartProfilingHandler)).
    82  			Queries("profilerType", "{profilerType:.*}")
    83  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/profiling/download").HandlerFunc(HTTPTraceAll(adminAPI.DownloadProfilingHandler))
    84  
    85  		// Config KV operations.
    86  		if enableConfigOps {
    87  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-config-kv").HandlerFunc(HTTPTraceHdrs(adminAPI.GetConfigKVHandler)).Queries("key", "{key:.*}")
    88  			adminRouter.Methods(http.MethodPut).Path(adminVersion + "/set-config-kv").HandlerFunc(HTTPTraceHdrs(adminAPI.SetConfigKVHandler))
    89  			adminRouter.Methods(http.MethodDelete).Path(adminVersion + "/del-config-kv").HandlerFunc(HTTPTraceHdrs(adminAPI.DelConfigKVHandler))
    90  		}
    91  
    92  		// Enable config help in all modes.
    93  		adminRouter.Methods(http.MethodGet).Path(adminVersion+"/help-config-kv").HandlerFunc(HTTPTraceAll(adminAPI.HelpConfigKVHandler)).Queries("subSys", "{subSys:.*}", "key", "{key:.*}")
    94  
    95  		// Config KV history operations.
    96  		if enableConfigOps {
    97  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-config-history-kv").HandlerFunc(HTTPTraceAll(adminAPI.ListConfigHistoryKVHandler)).Queries("count", "{count:[0-9]+}")
    98  			adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/clear-config-history-kv").HandlerFunc(HTTPTraceHdrs(adminAPI.ClearConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
    99  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/restore-config-history-kv").HandlerFunc(HTTPTraceHdrs(adminAPI.RestoreConfigHistoryKVHandler)).Queries("restoreId", "{restoreId:.*}")
   100  		}
   101  
   102  		/// Config import/export bulk operations
   103  		if enableConfigOps {
   104  			// Get config
   105  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/config").HandlerFunc(HTTPTraceHdrs(adminAPI.GetConfigHandler))
   106  			// Set config
   107  			adminRouter.Methods(http.MethodPut).Path(adminVersion + "/config").HandlerFunc(HTTPTraceHdrs(adminAPI.SetConfigHandler))
   108  		}
   109  
   110  		if enableIAMOps {
   111  			// -- IAM APIs --
   112  
   113  			// Add policy IAM
   114  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-canned-policy").HandlerFunc(HTTPTraceAll(adminAPI.AddCannedPolicy)).Queries("name", "{name:.*}")
   115  
   116  			// Add user IAM
   117  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/accountinfo").HandlerFunc(HTTPTraceAll(adminAPI.AccountInfoHandler))
   118  
   119  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/add-user").HandlerFunc(HTTPTraceHdrs(adminAPI.AddUser)).Queries("accessKey", "{accessKey:.*}")
   120  
   121  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-status").HandlerFunc(HTTPTraceHdrs(adminAPI.SetUserStatus)).Queries("accessKey", "{accessKey:.*}").Queries("status", "{status:.*}")
   122  
   123  			// Service accounts ops
   124  			adminRouter.Methods(http.MethodPut).Path(adminVersion + "/add-service-account").HandlerFunc(HTTPTraceHdrs(adminAPI.AddServiceAccount))
   125  			adminRouter.Methods(http.MethodPost).Path(adminVersion+"/update-service-account").HandlerFunc(HTTPTraceHdrs(adminAPI.UpdateServiceAccount)).Queries("accessKey", "{accessKey:.*}")
   126  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-service-account").HandlerFunc(HTTPTraceHdrs(adminAPI.InfoServiceAccount)).Queries("accessKey", "{accessKey:.*}")
   127  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-service-accounts").HandlerFunc(HTTPTraceHdrs(adminAPI.ListServiceAccounts))
   128  			adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/delete-service-account").HandlerFunc(HTTPTraceHdrs(adminAPI.DeleteServiceAccount)).Queries("accessKey", "{accessKey:.*}")
   129  
   130  			if adminVersion == adminAPIVersionV2Prefix {
   131  				// Info policy IAM v2
   132  				adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-canned-policy").HandlerFunc(HTTPTraceHdrs(adminAPI.InfoCannedPolicyV2)).Queries("name", "{name:.*}")
   133  
   134  				// List policies v2
   135  				adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-canned-policies").HandlerFunc(HTTPTraceHdrs(adminAPI.ListCannedPoliciesV2))
   136  			} else {
   137  				// Info policy IAM latest
   138  				adminRouter.Methods(http.MethodGet).Path(adminVersion+"/info-canned-policy").HandlerFunc(HTTPTraceHdrs(adminAPI.InfoCannedPolicy)).Queries("name", "{name:.*}")
   139  
   140  				// List policies latest
   141  				adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-canned-policies").HandlerFunc(HTTPTraceHdrs(adminAPI.ListCannedPolicies))
   142  			}
   143  
   144  			// Remove policy IAM
   145  			adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-canned-policy").HandlerFunc(HTTPTraceHdrs(adminAPI.RemoveCannedPolicy)).Queries("name", "{name:.*}")
   146  
   147  			// Set user or group policy
   148  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-user-or-group-policy").
   149  				HandlerFunc(HTTPTraceHdrs(adminAPI.SetPolicyForUserOrGroup)).
   150  				Queries("policyName", "{policyName:.*}", "userOrGroup", "{userOrGroup:.*}", "isGroup", "{isGroup:true|false}")
   151  
   152  			// Remove user IAM
   153  			adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-user").HandlerFunc(HTTPTraceHdrs(adminAPI.RemoveUser)).Queries("accessKey", "{accessKey:.*}")
   154  
   155  			// List users
   156  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/list-users").HandlerFunc(HTTPTraceHdrs(adminAPI.ListUsers))
   157  
   158  			// User info
   159  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/user-info").HandlerFunc(HTTPTraceHdrs(adminAPI.GetUserInfo)).Queries("accessKey", "{accessKey:.*}")
   160  
   161  			// Add/Remove members from group
   162  			adminRouter.Methods(http.MethodPut).Path(adminVersion + "/update-group-members").HandlerFunc(HTTPTraceHdrs(adminAPI.UpdateGroupMembers))
   163  
   164  			// Get Group
   165  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/group").HandlerFunc(HTTPTraceHdrs(adminAPI.GetGroup)).Queries("group", "{group:.*}")
   166  
   167  			// List Groups
   168  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/groups").HandlerFunc(HTTPTraceHdrs(adminAPI.ListGroups))
   169  
   170  			// Set Group Status
   171  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-group-status").HandlerFunc(HTTPTraceHdrs(adminAPI.SetGroupStatus)).Queries("group", "{group:.*}").Queries("status", "{status:.*}")
   172  		}
   173  
   174  		if globalIsDistErasure || globalIsErasure {
   175  			// GetBucketQuotaConfig
   176  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/get-bucket-quota").HandlerFunc(
   177  				HTTPTraceHdrs(adminAPI.GetBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
   178  			// PutBucketQuotaConfig
   179  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-bucket-quota").HandlerFunc(
   180  				HTTPTraceHdrs(adminAPI.PutBucketQuotaConfigHandler)).Queries("bucket", "{bucket:.*}")
   181  
   182  			// Bucket replication operations
   183  			// GetBucketTargetHandler
   184  			adminRouter.Methods(http.MethodGet).Path(adminVersion+"/list-remote-targets").HandlerFunc(
   185  				HTTPTraceHdrs(adminAPI.ListRemoteTargetsHandler)).Queries("bucket", "{bucket:.*}", "type", "{type:.*}")
   186  			// SetRemoteTargetHandler
   187  			adminRouter.Methods(http.MethodPut).Path(adminVersion+"/set-remote-target").HandlerFunc(
   188  				HTTPTraceHdrs(adminAPI.SetRemoteTargetHandler)).Queries("bucket", "{bucket:.*}")
   189  			// RemoveRemoteTargetHandler
   190  			adminRouter.Methods(http.MethodDelete).Path(adminVersion+"/remove-remote-target").HandlerFunc(
   191  				HTTPTraceHdrs(adminAPI.RemoveRemoteTargetHandler)).Queries("bucket", "{bucket:.*}", "arn", "{arn:.*}")
   192  		}
   193  
   194  		if globalIsDistErasure {
   195  			// Top locks
   196  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/top/locks").HandlerFunc(HTTPTraceHdrs(adminAPI.TopLocksHandler))
   197  			// Force unlocks paths
   198  			adminRouter.Methods(http.MethodPost).Path(adminVersion+"/force-unlock").
   199  				Queries("paths", "{paths:.*}").HandlerFunc(HTTPTraceHdrs(adminAPI.ForceUnlockHandler))
   200  		}
   201  
   202  		// HTTP Trace
   203  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/trace").HandlerFunc(adminAPI.TraceHandler)
   204  
   205  		// Console Logs
   206  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/log").HandlerFunc(HTTPTraceAll(adminAPI.ConsoleLogHandler))
   207  
   208  		// -- KMS APIs --
   209  		//
   210  		adminRouter.Methods(http.MethodPost).Path(adminVersion+"/kms/key/create").HandlerFunc(HTTPTraceAll(adminAPI.KMSCreateKeyHandler)).Queries("key-id", "{key-id:.*}")
   211  		adminRouter.Methods(http.MethodGet).Path(adminVersion + "/kms/key/status").HandlerFunc(HTTPTraceAll(adminAPI.KMSKeyStatusHandler))
   212  
   213  		if !GlobalIsGateway {
   214  			// Keep obdinfo for backward compatibility with mc
   215  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/obdinfo").
   216  				HandlerFunc(HTTPTraceHdrs(adminAPI.HealthInfoHandler))
   217  			// -- Health API --
   218  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/healthinfo").
   219  				HandlerFunc(HTTPTraceHdrs(adminAPI.HealthInfoHandler))
   220  			adminRouter.Methods(http.MethodGet).Path(adminVersion + "/bandwidth").
   221  				HandlerFunc(HTTPTraceHdrs(adminAPI.BandwidthMonitorHandler))
   222  		}
   223  	}
   224  
   225  	// If none of the routes match add default error handler routes
   226  	adminRouter.NotFoundHandler = HTTPTraceAll(ErrorResponseHandler)
   227  	adminRouter.MethodNotAllowedHandler = HTTPTraceAll(MethodNotAllowedHandler("Admin"))
   228  }