*: key handler should write auth error as etcd error
parent
27bfb3fcb2
commit
52c5203370
|
@ -35,6 +35,7 @@ const (
|
||||||
ErrorCodeNodeExist = 105
|
ErrorCodeNodeExist = 105
|
||||||
ErrorCodeRootROnly = 107
|
ErrorCodeRootROnly = 107
|
||||||
ErrorCodeDirNotEmpty = 108
|
ErrorCodeDirNotEmpty = 108
|
||||||
|
ErrorCodeUnauthorized = 110
|
||||||
|
|
||||||
ErrorCodePrevValueRequired = 201
|
ErrorCodePrevValueRequired = 201
|
||||||
ErrorCodeTTLNaN = 202
|
ErrorCodeTTLNaN = 202
|
||||||
|
|
|
@ -35,6 +35,7 @@ var errors = map[int]string{
|
||||||
EcodeRootROnly: "Root is read only",
|
EcodeRootROnly: "Root is read only",
|
||||||
EcodeDirNotEmpty: "Directory not empty",
|
EcodeDirNotEmpty: "Directory not empty",
|
||||||
ecodeExistingPeerAddr: "Peer address has existed",
|
ecodeExistingPeerAddr: "Peer address has existed",
|
||||||
|
EcodeUnauthorized: "The request requires user authentication",
|
||||||
|
|
||||||
// Post form related errors
|
// Post form related errors
|
||||||
ecodeValueRequired: "Value is Required in POST form",
|
ecodeValueRequired: "Value is Required in POST form",
|
||||||
|
@ -68,6 +69,7 @@ var errorStatus = map[int]int{
|
||||||
EcodeKeyNotFound: http.StatusNotFound,
|
EcodeKeyNotFound: http.StatusNotFound,
|
||||||
EcodeNotFile: http.StatusForbidden,
|
EcodeNotFile: http.StatusForbidden,
|
||||||
EcodeDirNotEmpty: http.StatusForbidden,
|
EcodeDirNotEmpty: http.StatusForbidden,
|
||||||
|
EcodeUnauthorized: http.StatusUnauthorized,
|
||||||
EcodeTestFailed: http.StatusPreconditionFailed,
|
EcodeTestFailed: http.StatusPreconditionFailed,
|
||||||
EcodeNodeExist: http.StatusPreconditionFailed,
|
EcodeNodeExist: http.StatusPreconditionFailed,
|
||||||
EcodeRaftInternal: http.StatusInternalServerError,
|
EcodeRaftInternal: http.StatusInternalServerError,
|
||||||
|
@ -85,6 +87,7 @@ const (
|
||||||
EcodeRootROnly = 107
|
EcodeRootROnly = 107
|
||||||
EcodeDirNotEmpty = 108
|
EcodeDirNotEmpty = 108
|
||||||
ecodeExistingPeerAddr = 109
|
ecodeExistingPeerAddr = 109
|
||||||
|
EcodeUnauthorized = 110
|
||||||
|
|
||||||
ecodeValueRequired = 200
|
ecodeValueRequired = 200
|
||||||
EcodePrevValueRequired = 201
|
EcodePrevValueRequired = 201
|
||||||
|
|
|
@ -132,7 +132,7 @@ func (h *keysHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
// The path must be valid at this point (we've parsed the request successfully).
|
// The path must be valid at this point (we've parsed the request successfully).
|
||||||
if !hasKeyPrefixAccess(h.sec, r, r.URL.Path[len(keysPrefix):], rr.Recursive) {
|
if !hasKeyPrefixAccess(h.sec, r, r.URL.Path[len(keysPrefix):], rr.Recursive) {
|
||||||
writeNoAuth(w)
|
writeKeyNoAuth(w)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -549,6 +549,11 @@ func writeKeyEvent(w http.ResponseWriter, ev *store.Event, rt etcdserver.RaftTim
|
||||||
return json.NewEncoder(w).Encode(ev)
|
return json.NewEncoder(w).Encode(ev)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func writeKeyNoAuth(w http.ResponseWriter) {
|
||||||
|
e := etcdErr.NewError(etcdErr.EcodeUnauthorized, "Insufficient credentials", 0)
|
||||||
|
e.WriteTo(w)
|
||||||
|
}
|
||||||
|
|
||||||
func handleKeyWatch(ctx context.Context, w http.ResponseWriter, wa store.Watcher, stream bool, rt etcdserver.RaftTimer) {
|
func handleKeyWatch(ctx context.Context, w http.ResponseWriter, wa store.Watcher, stream bool, rt etcdserver.RaftTimer) {
|
||||||
defer wa.Remove()
|
defer wa.Remove()
|
||||||
ech := wa.EventChan()
|
ech := wa.EventChan()
|
||||||
|
|
Loading…
Reference in New Issue