diff --git a/go.sum b/go.sum index 00f2c4d..bb6ef14 100644 --- a/go.sum +++ b/go.sum @@ -239,6 +239,7 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible h1:dqpmYaez7VBT7PCRBcBxkzlDOiTk7Td8ATiia1b1GuE= github.com/tencentcloud/tencentcloud-sdk-go v3.0.125+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4= diff --git a/middleware/auth.go b/middleware/auth.go index 33924f1..cd2fe43 100644 --- a/middleware/auth.go +++ b/middleware/auth.go @@ -175,7 +175,7 @@ func QiniuCallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, user := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } @@ -185,12 +185,12 @@ func QiniuCallbackAuth() gin.HandlerFunc { ok, err := mac.VerifyCallback(c.Request) if err != nil { util.Log().Debug("无法验证回调请求,%s", err) - c.JSON(401, serializer.QiniuCallbackFailed{Error: "无法验证回调请求"}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "无法验证回调请求"}) c.Abort() return } if !ok { - c.JSON(401, serializer.QiniuCallbackFailed{Error: "回调签名无效"}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "回调签名无效"}) c.Abort() return } @@ -205,7 +205,7 @@ func OSSCallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, _ := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } @@ -213,7 +213,7 @@ func OSSCallbackAuth() gin.HandlerFunc { err := oss.VerifyCallbackSignature(c.Request) if err != nil { util.Log().Debug("回调签名验证失败,%s", err) - c.JSON(401, serializer.QiniuCallbackFailed{Error: "回调签名验证失败"}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "回调签名验证失败"}) c.Abort() return } @@ -228,7 +228,7 @@ func UpyunCallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, user := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } @@ -237,7 +237,7 @@ func UpyunCallbackAuth() gin.HandlerFunc { body, err := ioutil.ReadAll(c.Request.Body) c.Request.Body.Close() if err != nil { - c.JSON(401, serializer.QiniuCallbackFailed{Error: err.Error()}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: err.Error()}) c.Abort() return } @@ -253,7 +253,7 @@ func UpyunCallbackAuth() gin.HandlerFunc { // 计算正文MD5 actualContentMD5 := fmt.Sprintf("%x", md5.Sum(body)) if actualContentMD5 != contentMD5 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: "MD5不一致"}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "MD5不一致"}) c.Abort() return } @@ -268,7 +268,7 @@ func UpyunCallbackAuth() gin.HandlerFunc { // 对比签名 if signature != actualSignature { - c.JSON(401, serializer.QiniuCallbackFailed{Error: "鉴权失败"}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "鉴权失败"}) c.Abort() return } @@ -284,7 +284,7 @@ func OneDriveCallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, _ := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } @@ -303,7 +303,7 @@ func COSCallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, _ := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } @@ -318,7 +318,7 @@ func S3CallbackAuth() gin.HandlerFunc { // 验证key并查找用户 resp, _ := uploadCallbackCheck(c) if resp.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: resp.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) c.Abort() return } diff --git a/middleware/auth_test.go b/middleware/auth_test.go index 2f60f6c..e2531e3 100644 --- a/middleware/auth_test.go +++ b/middleware/auth_test.go @@ -747,3 +747,47 @@ func TestIsAdmin(t *testing.T) { asserts.False(c.IsAborted()) } } + +func TestS3CallbackAuth(t *testing.T) { + asserts := assert.New(t) + rec := httptest.NewRecorder() + AuthFunc := S3CallbackAuth() + + // Callback Key 相关验证失败 + { + c, _ := gin.CreateTestContext(rec) + c.Params = []gin.Param{ + {"key", "testUpyunBackRemote"}, + } + c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil) + AuthFunc(c) + asserts.True(c.IsAborted()) + } + + // 成功 + { + cache.Set( + "callback_testCallBackUpyun", + serializer.UploadSession{ + UID: 1, + PolicyID: 512, + VirtualPath: "/", + }, + 0, + ) + cache.Deletes([]string{"1"}, "policy_") + mock.ExpectQuery("SELECT(.+)users(.+)"). + WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) + mock.ExpectQuery("SELECT(.+)groups(.+)"). + WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[702]")) + mock.ExpectQuery("SELECT(.+)policies(.+)"). + WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) + c, _ := gin.CreateTestContext(rec) + c.Params = []gin.Param{ + {"key", "testCallBackUpyun"}, + } + c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) + AuthFunc(c) + asserts.False(c.IsAborted()) + } +} diff --git a/models/policy_test.go b/models/policy_test.go index a079d8e..5519ff6 100644 --- a/models/policy_test.go +++ b/models/policy_test.go @@ -209,6 +209,28 @@ func TestPolicy_GetUploadURL(t *testing.T) { asserts.Equal("http://127.0.0.1", policy.GetUploadURL()) } + // S3 未填写自动生成 + { + policy := Policy{ + Type: "s3", + Server: "", + BucketName: "bucket", + OptionsSerialized: PolicyOption{Region: "us-east"}, + } + asserts.Equal("https://bucket.s3.us-east.amazonaws.com/", policy.GetUploadURL()) + } + + // s3 自己指定 + { + policy := Policy{ + Type: "s3", + Server: "https://s3.us-east.amazonaws.com/", + BucketName: "bucket", + OptionsSerialized: PolicyOption{Region: "us-east"}, + } + asserts.Equal("https://s3.us-east.amazonaws.com/bucket", policy.GetUploadURL()) + } + } func TestPolicy_IsPathGenerateNeeded(t *testing.T) { diff --git a/pkg/filesystem/filesystem_test.go b/pkg/filesystem/filesystem_test.go index f699b6d..140024f 100644 --- a/pkg/filesystem/filesystem_test.go +++ b/pkg/filesystem/filesystem_test.go @@ -102,6 +102,10 @@ func TestDispatchHandler(t *testing.T) { fs.Policy = &model.Policy{Type: "onedrive"} err = fs.DispatchHandler() asserts.NoError(err) + + fs.Policy = &model.Policy{Type: "s3"} + err = fs.DispatchHandler() + asserts.NoError(err) } func TestNewFileSystemFromCallback(t *testing.T) { diff --git a/pkg/serializer/upload.go b/pkg/serializer/upload.go index c473483..426ad40 100644 --- a/pkg/serializer/upload.go +++ b/pkg/serializer/upload.go @@ -46,8 +46,8 @@ type UploadCallback struct { Size uint64 `json:"size"` } -// QiniuCallbackFailed 七牛存储策略上传回调失败响应 -type QiniuCallbackFailed struct { +// GeneralUploadCallbackFailed 存储策略上传回调失败响应 +type GeneralUploadCallbackFailed struct { Error string `json:"error"` } diff --git a/routers/controllers/callback.go b/routers/controllers/callback.go index 3d80d44..69f93bb 100644 --- a/routers/controllers/callback.go +++ b/routers/controllers/callback.go @@ -27,7 +27,7 @@ func QiniuCallback(c *gin.Context) { if err := c.ShouldBindJSON(&callbackBody); err == nil { res := callback.ProcessCallback(callbackBody, c) if res.Code != 0 { - c.JSON(401, serializer.QiniuCallbackFailed{Error: res.Msg}) + c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: res.Msg}) } else { c.JSON(200, res) }