diff options
Diffstat (limited to 'weed/command/filer.go')
| -rw-r--r-- | weed/command/filer.go | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/weed/command/filer.go b/weed/command/filer.go index 0bd508e0b..f58e38403 100644 --- a/weed/command/filer.go +++ b/weed/command/filer.go @@ -9,6 +9,7 @@ import ( "github.com/chrislusf/seaweedfs/weed/glog" "github.com/chrislusf/seaweedfs/weed/server" "github.com/chrislusf/seaweedfs/weed/util" + "strings" ) var ( @@ -31,6 +32,31 @@ type FilerOptions struct { redis_server *string redis_password *string redis_database *int + get_ip_whitelist_option *string + get_root_whitelist_option *string + head_ip_whitelist_option *string + head_root_whitelist_option *string + delete_ip_whitelist_option *string + delete_root_whitelist_option *string + put_ip_whitelist_option *string + put_root_whitelist_option *string + post_ip_whitelist_option *string + post_root_whitelist_option *string + get_secure_key *string + head_secure_key *string + delete_secure_key *string + put_secure_key *string + post_secure_key *string + get_ip_whitelist []string + get_root_whitelist []string + head_ip_whitelist []string + head_root_whitelist []string + delete_ip_whitelist []string + delete_root_whitelist []string + put_ip_whitelist []string + put_root_whitelist []string + post_ip_whitelist []string + post_root_whitelist []string } func init() { @@ -50,6 +76,21 @@ func init() { f.redis_password = cmdFiler.Flag.String("redis.password", "", "password in clear text") f.redis_database = cmdFiler.Flag.Int("redis.database", 0, "the database on the redis server") f.secretKey = cmdFiler.Flag.String("secure.secret", "", "secret to encrypt Json Web Token(JWT)") + f.get_ip_whitelist_option = cmdFiler.Flag.String("whitelist.ip.get", "", "comma separated Ip addresses having get permission. No limit if empty.") + f.get_root_whitelist_option = cmdFiler.Flag.String("whitelist.root.get", "", "comma separated root paths having get permission. No limit if empty.") + f.head_ip_whitelist_option = cmdFiler.Flag.String("whitelist.ip.head", "", "comma separated Ip addresses having head permission. No limit if empty.") + f.head_root_whitelist_option = cmdFiler.Flag.String("whitelist.root.head", "", "comma separated root paths having head permission. No limit if empty.") + f.delete_ip_whitelist_option = cmdFiler.Flag.String("whitelist.ip.delete", "", "comma separated Ip addresses having delete permission. No limit if empty.") + f.delete_root_whitelist_option = cmdFiler.Flag.String("whitelist.root.delete", "", "comma separated root paths having delete permission. No limit if empty.") + f.put_ip_whitelist_option = cmdFiler.Flag.String("whitelist.ip.put", "", "comma separated Ip addresses having put permission. No limit if empty.") + f.put_root_whitelist_option = cmdFiler.Flag.String("whitelist.root.put", "", "comma separated root paths having put permission. No limit if empty.") + f.post_ip_whitelist_option = cmdFiler.Flag.String("whitelist.ip.post", "", "comma separated Ip addresses having post permission. No limit if empty.") + f.post_root_whitelist_option = cmdFiler.Flag.String("whitelist.root.post", "", "comma separated root paths having post permission. No limit if empty.") + f.get_secure_key = cmdFiler.Flag.String("secure.secret.get", "", "secret to encrypt Json Web Token(JWT)") + f.head_secure_key = cmdFiler.Flag.String("secure.secret.head", "", "secret to encrypt Json Web Token(JWT)") + f.delete_secure_key = cmdFiler.Flag.String("secure.secret.delete", "", "secret to encrypt Json Web Token(JWT)") + f.put_secure_key = cmdFiler.Flag.String("secure.secret.put", "", "secret to encrypt Json Web Token(JWT)") + f.post_secure_key = cmdFiler.Flag.String("secure.secret.post", "", "secret to encrypt Json Web Token(JWT)") } @@ -81,6 +122,36 @@ func runFiler(cmd *Command, args []string) bool { glog.Fatalf("Check Meta Folder (-dir) Writable %s : %s", *f.dir, err) } + if *f.get_ip_whitelist_option != "" { + f.get_ip_whitelist = strings.Split(*f.get_ip_whitelist_option, ",") + } + if *f.get_root_whitelist_option != "" { + f.get_root_whitelist = strings.Split(*f.get_root_whitelist_option, ",") + } + if *f.head_ip_whitelist_option != "" { + f.head_ip_whitelist = strings.Split(*f.head_ip_whitelist_option, ",") + } + if *f.head_root_whitelist_option != "" { + f.head_root_whitelist = strings.Split(*f.head_root_whitelist_option, ",") + } + if *f.delete_ip_whitelist_option != "" { + f.delete_ip_whitelist = strings.Split(*f.delete_ip_whitelist_option, ",") + } + if *f.delete_root_whitelist_option != "" { + f.delete_root_whitelist = strings.Split(*f.delete_root_whitelist_option, ",") + } + if *f.put_ip_whitelist_option != "" { + f.put_ip_whitelist = strings.Split(*f.put_ip_whitelist_option, ",") + } + if *f.put_root_whitelist_option != "" { + f.put_root_whitelist = strings.Split(*f.put_root_whitelist_option, ",") + } + if *f.post_ip_whitelist_option != "" { + f.post_ip_whitelist = strings.Split(*f.post_ip_whitelist_option, ",") + } + if *f.post_root_whitelist_option != "" { + f.post_root_whitelist = strings.Split(*f.post_root_whitelist_option, ",") + } r := http.NewServeMux() _, nfs_err := weed_server.NewFilerServer(r, *f.ip, *f.port, *f.master, *f.dir, *f.collection, *f.defaultReplicaPlacement, *f.redirectOnRead, *f.disableDirListing, @@ -88,6 +159,9 @@ func runFiler(cmd *Command, args []string) bool { *f.secretKey, *f.cassandra_server, *f.cassandra_keyspace, *f.redis_server, *f.redis_password, *f.redis_database, + f.get_ip_whitelist, f.head_ip_whitelist, f.delete_ip_whitelist, f.put_ip_whitelist, f.post_ip_whitelist, + f.get_root_whitelist, f.head_root_whitelist, f.delete_root_whitelist, f.put_root_whitelist, f.post_root_whitelist, + *f.get_secure_key, *f.head_secure_key, *f.delete_secure_key, *f.put_secure_key, *f.post_secure_key, ) if nfs_err != nil { glog.Fatalf("Filer startup error: %v", nfs_err) |