From 52c52033700ce88ff2cc6f14fc6803f17984ceb9 Mon Sep 17 00:00:00 2001 From: Xiang Li Date: Mon, 17 Aug 2015 13:30:39 -0700 Subject: [PATCH] *: key handler should write auth error as etcd error --- client/keys.go | 15 ++++++++------- error/error.go | 3 +++ etcdserver/etcdhttp/client.go | 7 ++++++- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/client/keys.go b/client/keys.go index 32379b51d..aff162c02 100644 --- a/client/keys.go +++ b/client/keys.go @@ -28,13 +28,14 @@ import ( ) const ( - ErrorCodeKeyNotFound = 100 - ErrorCodeTestFailed = 101 - ErrorCodeNotFile = 102 - ErrorCodeNotDir = 104 - ErrorCodeNodeExist = 105 - ErrorCodeRootROnly = 107 - ErrorCodeDirNotEmpty = 108 + ErrorCodeKeyNotFound = 100 + ErrorCodeTestFailed = 101 + ErrorCodeNotFile = 102 + ErrorCodeNotDir = 104 + ErrorCodeNodeExist = 105 + ErrorCodeRootROnly = 107 + ErrorCodeDirNotEmpty = 108 + ErrorCodeUnauthorized = 110 ErrorCodePrevValueRequired = 201 ErrorCodeTTLNaN = 202 diff --git a/error/error.go b/error/error.go index 0148c9dd2..92f2b8b9a 100644 --- a/error/error.go +++ b/error/error.go @@ -35,6 +35,7 @@ var errors = map[int]string{ EcodeRootROnly: "Root is read only", EcodeDirNotEmpty: "Directory not empty", ecodeExistingPeerAddr: "Peer address has existed", + EcodeUnauthorized: "The request requires user authentication", // Post form related errors ecodeValueRequired: "Value is Required in POST form", @@ -68,6 +69,7 @@ var errorStatus = map[int]int{ EcodeKeyNotFound: http.StatusNotFound, EcodeNotFile: http.StatusForbidden, EcodeDirNotEmpty: http.StatusForbidden, + EcodeUnauthorized: http.StatusUnauthorized, EcodeTestFailed: http.StatusPreconditionFailed, EcodeNodeExist: http.StatusPreconditionFailed, EcodeRaftInternal: http.StatusInternalServerError, @@ -85,6 +87,7 @@ const ( EcodeRootROnly = 107 EcodeDirNotEmpty = 108 ecodeExistingPeerAddr = 109 + EcodeUnauthorized = 110 ecodeValueRequired = 200 EcodePrevValueRequired = 201 diff --git a/etcdserver/etcdhttp/client.go b/etcdserver/etcdhttp/client.go index 32391e843..d70bea1cf 100644 --- a/etcdserver/etcdhttp/client.go +++ b/etcdserver/etcdhttp/client.go @@ -132,7 +132,7 @@ func (h *keysHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } // The path must be valid at this point (we've parsed the request successfully). if !hasKeyPrefixAccess(h.sec, r, r.URL.Path[len(keysPrefix):], rr.Recursive) { - writeNoAuth(w) + writeKeyNoAuth(w) return } @@ -549,6 +549,11 @@ func writeKeyEvent(w http.ResponseWriter, ev *store.Event, rt etcdserver.RaftTim return json.NewEncoder(w).Encode(ev) } +func writeKeyNoAuth(w http.ResponseWriter) { + e := etcdErr.NewError(etcdErr.EcodeUnauthorized, "Insufficient credentials", 0) + e.WriteTo(w) +} + func handleKeyWatch(ctx context.Context, w http.ResponseWriter, wa store.Watcher, stream bool, rt etcdserver.RaftTimer) { defer wa.Remove() ech := wa.EventChan()