mirror of
https://github.com/versity/versitygw.git
synced 2026-07-02 16:54:25 +00:00
1625c5963e
Enhances the static website hosting implementation with more complete S3-compatible behavior across request handling, backend storage, validation, CORS, and errors. Adds dedicated website endpoint handling for GET, HEAD, and OPTIONS requests, including index document resolution, error document serving, redirect-all support, pre-fetch and post-error routing rules, query string preservation in redirects, public access checks before object reads, and method-not-allowed responses. Improves error handling for website responses by returning S3-compatible HTML error bodies with request IDs, host IDs, x-amz-error-code, x-amz-error-message, and specialized error fields. This also fixes website-related validation errors to return more accurate S3-style error codes and messages, including invalid redirect protocols, invalid HTTP redirect/error codes, conflicting routing rule replacements, routing rule limits, and oversized website configuration requests. Adds website CORS support for GET, HEAD, and OPTIONS preflight requests, including bucket CORS lookup through website host bucket resolution, allowed origin/method/header validation, exposed header handling, ETag exposure, Vary headers, max-age handling, and CORS access-denied responses. Adds debug logging around website configuration parsing, validation failures, CORS checks, backend lookup failures, and internal website error paths to make failures easier to diagnose. Adds compressed website configuration storage so larger configs fit backend metadata limits, including gzip storage for POSIX extended attributes and base64-encoded compressed metadata for Azure. Also adds Azure PutBucketWebsite, GetBucketWebsite, and DeleteBucketWebsite support. Adds and expands test coverage for website config validation, S3-compatible HTML error bodies, website routing behavior, public access enforcement, HEAD behavior, CORS handling, PutBucketWebsite limits, and end-to-end website hosting through a Docker-based dnsmasq test setup and CI workflow.
160 lines
5.0 KiB
Go
160 lines
5.0 KiB
Go
// Copyright 2026 Versity Software
|
|
// This file is licensed under the Apache License, Version 2.0
|
|
// (the "License"); you may not use this file except in compliance
|
|
// with the License. You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing,
|
|
// software distributed under the License is distributed on an
|
|
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
// KIND, either express or implied. See the License for the
|
|
// specific language governing permissions and limitations
|
|
// under the License.
|
|
|
|
package embedgw
|
|
|
|
import (
|
|
"testing"
|
|
)
|
|
|
|
func TestValidatePortConflicts(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
ports []string
|
|
admPorts []string
|
|
webuiPorts []string
|
|
websitePorts []string
|
|
expectError bool
|
|
description string
|
|
}{
|
|
{
|
|
name: "bare port conflict with bare port",
|
|
ports: []string{":7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{":7071"},
|
|
expectError: true,
|
|
description: "should fail: bare :7071 conflicts with bare :7071",
|
|
},
|
|
{
|
|
name: "bare port conflict with IP:port",
|
|
ports: []string{":7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{"127.0.0.1:7071"},
|
|
expectError: true,
|
|
description: "should fail: bare :7071 conflicts with 127.0.0.1:7071",
|
|
},
|
|
{
|
|
name: "IP:port conflict with bare port",
|
|
ports: []string{"127.0.0.1:7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{":7071"},
|
|
expectError: true,
|
|
description: "should fail: 127.0.0.1:7071 conflicts with bare :7071",
|
|
},
|
|
{
|
|
name: "same IP:port allowed",
|
|
ports: []string{"127.0.0.1:7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{"127.0.0.1:7071"},
|
|
expectError: false,
|
|
description: "should pass: identical IP:port specs are allowed",
|
|
},
|
|
{
|
|
name: "different IP:port no conflict",
|
|
ports: []string{"127.0.0.1:7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{"127.0.0.1:7072"},
|
|
expectError: false,
|
|
description: "should pass: different ports don't conflict",
|
|
},
|
|
{
|
|
name: "different IP same port no conflict when both have IP",
|
|
ports: []string{"127.0.0.1:7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{"192.168.1.1:7071"},
|
|
expectError: false,
|
|
description: "should pass: different IPs with same port are okay",
|
|
},
|
|
{
|
|
name: "admin port conflict with s3 port",
|
|
ports: []string{":7070"},
|
|
admPorts: []string{"127.0.0.1:7070"},
|
|
webuiPorts: []string{},
|
|
expectError: true,
|
|
description: "should fail: admin port conflicts with s3 port",
|
|
},
|
|
{
|
|
name: "all three conflict",
|
|
ports: []string{":8080"},
|
|
admPorts: []string{"127.0.0.1:8080"},
|
|
webuiPorts: []string{"192.168.1.1:8080"},
|
|
expectError: true,
|
|
description: "should fail: bare port conflicts with both admin and webui",
|
|
},
|
|
{
|
|
name: "no conflicts",
|
|
ports: []string{":7070"},
|
|
admPorts: []string{":8080"},
|
|
webuiPorts: []string{":9090"},
|
|
expectError: false,
|
|
description: "should pass: all different ports",
|
|
},
|
|
{
|
|
name: "IPv6 bare port conflict with IPv4 specified",
|
|
ports: []string{":7071"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{"[::1]:7071"},
|
|
expectError: true,
|
|
description: "should fail: bare :7071 conflicts with [::1]:7071",
|
|
},
|
|
{
|
|
name: "multiple ports with one conflict",
|
|
ports: []string{":7070", ":8080"},
|
|
admPorts: []string{":9090"},
|
|
webuiPorts: []string{"127.0.0.1:8080"},
|
|
expectError: true,
|
|
description: "should fail: :8080 conflicts with 127.0.0.1:8080",
|
|
},
|
|
{
|
|
name: "website bare port conflict with s3 port",
|
|
ports: []string{"127.0.0.1:8080"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{},
|
|
websitePorts: []string{":8080"},
|
|
expectError: true,
|
|
description: "should fail: website bare :8080 conflicts with s3 127.0.0.1:8080",
|
|
},
|
|
{
|
|
name: "website no conflict",
|
|
ports: []string{":7070"},
|
|
admPorts: []string{":8080"},
|
|
webuiPorts: []string{":9090"},
|
|
websitePorts: []string{":8081"},
|
|
expectError: false,
|
|
description: "should pass: website uses a distinct port",
|
|
},
|
|
{
|
|
name: "duplicate website unix socket conflict",
|
|
ports: []string{"/tmp/versitygw.sock"},
|
|
admPorts: []string{},
|
|
webuiPorts: []string{},
|
|
websitePorts: []string{"/tmp/versitygw.sock"},
|
|
expectError: true,
|
|
description: "should fail: duplicate unix socket path conflicts across s3 and website",
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
err := validatePortConflicts(tt.ports, tt.admPorts, tt.webuiPorts, tt.websitePorts)
|
|
if tt.expectError && err == nil {
|
|
t.Errorf("%s: expected error but got none", tt.description)
|
|
}
|
|
if !tt.expectError && err != nil {
|
|
t.Errorf("%s: expected no error but got: %v", tt.description, err)
|
|
}
|
|
})
|
|
}
|
|
}
|