mirror of
https://github.com/mariadb-operator/mariadb-operator.git
synced 2025-08-19 16:24:15 +00:00
Minor improvements in response writer
This commit is contained in:
mmontes11
2
Makefile
2
Makefile
@ -12,7 +12,7 @@ endif
|
||||
SHELL = /usr/bin/env bash -o pipefail
|
||||
.SHELLFLAGS = -ec
|
||||
|
||||
VERSION ?= 0.0.30-dev8
|
||||
VERSION ?= 0.0.30-dev
|
||||
|
||||
# mariadb-operator
|
||||
IMG_NAME ?= docker-registry3.mariadb.com/mariadb-operator/mariadb-operator
|
||||
|
||||
@ -43,7 +43,7 @@ func (g *Galera) GetState(w http.ResponseWriter, r *http.Request) {
|
||||
bytes, err := g.fileManager.ReadStateFile(recovery.GaleraStateFileName)
|
||||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
g.responseWriter.Write(w, galeraErrors.NewAPIError("galera state not found"), http.StatusNotFound)
|
||||
g.responseWriter.Write(w, http.StatusNotFound, galeraErrors.NewAPIError("galera state not found"))
|
||||
return
|
||||
}
|
||||
g.responseWriter.WriteErrorf(w, "error reading galera state: %v", err)
|
||||
@ -74,7 +74,7 @@ func (b *Galera) IsBootstrapEnabled(w http.ResponseWriter, r *http.Request) {
|
||||
func (b *Galera) EnableBootstrap(w http.ResponseWriter, r *http.Request) {
|
||||
bootstrap, err := b.decodeAndValidateBootstrap(r)
|
||||
if err != nil {
|
||||
b.responseWriter.Write(w, err, http.StatusBadRequest)
|
||||
b.responseWriter.Write(w, http.StatusBadRequest, err)
|
||||
return
|
||||
}
|
||||
|
||||
@ -101,7 +101,7 @@ func (b *Galera) DisableBootstrap(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
if err := b.fileManager.DeleteConfigFile(recovery.BootstrapFileName); err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
b.responseWriter.Write(w, galeraErrors.NewAPIError("bootstrap config not found"), http.StatusNotFound)
|
||||
b.responseWriter.Write(w, http.StatusNotFound, galeraErrors.NewAPIError("bootstrap config not found"))
|
||||
return
|
||||
}
|
||||
b.responseWriter.WriteErrorf(w, "error deleting bootstrap config: %v", err)
|
||||
|
||||
@ -6,6 +6,7 @@ import (
|
||||
|
||||
"github.com/go-logr/logr"
|
||||
"github.com/mariadb-operator/mariadb-operator/pkg/galera/errors"
|
||||
mdbreflect "github.com/mariadb-operator/mariadb-operator/pkg/reflect"
|
||||
)
|
||||
|
||||
type ResponseWriter struct {
|
||||
@ -18,23 +19,26 @@ func NewResponseWriter(logger *logr.Logger) *ResponseWriter {
|
||||
}
|
||||
}
|
||||
|
||||
func (r *ResponseWriter) Write(w http.ResponseWriter, v any, statusCode int) {
|
||||
func (r *ResponseWriter) Write(w http.ResponseWriter, statusCode int, v any) {
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(statusCode)
|
||||
if err := json.NewEncoder(w).Encode(v); err != nil {
|
||||
r.logger.Error(err, "error encoding json")
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
|
||||
if !mdbreflect.IsNil(v) {
|
||||
if err := json.NewEncoder(w).Encode(v); err != nil {
|
||||
r.logger.Error(err, "error encoding json")
|
||||
http.Error(w, "Internal server error", http.StatusInternalServerError)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func (r *ResponseWriter) WriteOK(w http.ResponseWriter, v any) {
|
||||
r.Write(w, v, http.StatusOK)
|
||||
r.Write(w, http.StatusOK, v)
|
||||
}
|
||||
|
||||
func (r *ResponseWriter) WriteError(w http.ResponseWriter, msg string) {
|
||||
r.Write(w, errors.NewAPIError(msg), http.StatusInternalServerError)
|
||||
r.Write(w, http.StatusInternalServerError, errors.NewAPIError(msg))
|
||||
}
|
||||
|
||||
func (r *ResponseWriter) WriteErrorf(w http.ResponseWriter, format string, a ...any) {
|
||||
r.Write(w, errors.NewAPIErrorf(format, a...), http.StatusInternalServerError)
|
||||
r.Write(w, http.StatusInternalServerError, errors.NewAPIErrorf(format, a...))
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@ func (a *KubernetesAuth) Handler(next http.Handler) http.Handler {
|
||||
token, err := authToken(r)
|
||||
if err != nil {
|
||||
a.logger.V(1).Info("Error getting Authorization header", "err", err)
|
||||
a.responseWriter.Write(w, newAPIError("unauthorized"), http.StatusUnauthorized)
|
||||
a.responseWriter.Write(w, http.StatusUnauthorized, newAPIError("unauthorized"))
|
||||
return
|
||||
}
|
||||
tokenReview := &authv1.TokenReview{
|
||||
@ -52,22 +52,22 @@ func (a *KubernetesAuth) Handler(next http.Handler) http.Handler {
|
||||
}
|
||||
if err := a.k8sClient.Create(r.Context(), tokenReview); err != nil {
|
||||
a.logger.V(1).Info("Error verifying token in TokenReview API", "err", err)
|
||||
a.responseWriter.Write(w, newAPIError("unauthorized"), http.StatusUnauthorized)
|
||||
a.responseWriter.Write(w, http.StatusUnauthorized, newAPIError("unauthorized"))
|
||||
return
|
||||
}
|
||||
if !tokenReview.Status.Authenticated {
|
||||
a.logger.V(1).Info("TokenReview not valid")
|
||||
a.responseWriter.Write(w, newAPIError("unauthorized"), http.StatusUnauthorized)
|
||||
a.responseWriter.Write(w, http.StatusUnauthorized, newAPIError("unauthorized"))
|
||||
return
|
||||
}
|
||||
if tokenReview.Status.User.Username == "" {
|
||||
a.logger.V(1).Info("Username not found")
|
||||
a.responseWriter.Write(w, newAPIError("unauthorized"), http.StatusUnauthorized)
|
||||
a.responseWriter.Write(w, http.StatusUnauthorized, newAPIError("unauthorized"))
|
||||
return
|
||||
}
|
||||
if a.trusted.String() != tokenReview.Status.User.Username {
|
||||
a.logger.V(1).Info("Username not allowed", "username", tokenReview.Status.User.Username)
|
||||
a.responseWriter.Write(w, newAPIError("forbidden"), http.StatusForbidden)
|
||||
a.responseWriter.Write(w, http.StatusForbidden, newAPIError("forbidden"))
|
||||
return
|
||||
}
|
||||
next.ServeHTTP(w, r)
|
||||
|
||||
Reference in New Issue
Block a user