mirror of
https://github.com/facebook/sapling.git
synced 2024-10-10 00:45:18 +03:00
mononoke: actually disable control api when !enable_http_control_api
Summary: Like it says in the title. I also replaced one of our status codes that was wrong. Reviewed By: johansglock Differential Revision: D26844865 fbshipit-source-id: b8c1261d0077cf5dc006827e16667e382db7d189
This commit is contained in:
parent
ad106958f2
commit
7e8332c9a5
@ -39,12 +39,15 @@ pub enum HttpError {
|
||||
#[error("Bad request")]
|
||||
BadRequest(#[source] Error),
|
||||
|
||||
#[error("Method not acceptable")]
|
||||
NotAcceptable,
|
||||
#[error("Forbidden")]
|
||||
Forbidden,
|
||||
|
||||
#[error("Not found")]
|
||||
NotFound,
|
||||
|
||||
#[error("Method not allowed")]
|
||||
MethodNotAllowed,
|
||||
|
||||
#[error("Internal server error")]
|
||||
InternalServerError(#[source] Error),
|
||||
}
|
||||
@ -57,15 +60,17 @@ impl HttpError {
|
||||
pub fn http_response(&self) -> http::Result<Response<Body>> {
|
||||
let status = match self {
|
||||
Self::BadRequest(..) => http::StatusCode::BAD_REQUEST,
|
||||
Self::NotAcceptable => http::StatusCode::NOT_ACCEPTABLE,
|
||||
Self::Forbidden => http::StatusCode::FORBIDDEN,
|
||||
Self::NotFound => http::StatusCode::NOT_FOUND,
|
||||
Self::MethodNotAllowed => http::StatusCode::METHOD_NOT_ALLOWED,
|
||||
Self::InternalServerError(..) => http::StatusCode::INTERNAL_SERVER_ERROR,
|
||||
};
|
||||
|
||||
let body = match self {
|
||||
Self::BadRequest(ref e) => Body::from(format!("{:#}", e)),
|
||||
Self::NotAcceptable => Body::empty(),
|
||||
Self::Forbidden => Body::empty(),
|
||||
Self::NotFound => Body::empty(),
|
||||
Self::MethodNotAllowed => Body::empty(),
|
||||
Self::InternalServerError(ref e) => Body::from(format!("{:#}", e)),
|
||||
};
|
||||
|
||||
@ -229,7 +234,11 @@ where
|
||||
path: &str,
|
||||
) -> Result<Response<Body>, HttpError> {
|
||||
if method != Method::POST {
|
||||
return Err(HttpError::NotAcceptable);
|
||||
return Err(HttpError::MethodNotAllowed);
|
||||
}
|
||||
|
||||
if !self.acceptor().enable_http_control_api {
|
||||
return Err(HttpError::Forbidden);
|
||||
}
|
||||
|
||||
let ok = Response::builder()
|
||||
|
@ -63,7 +63,7 @@ pub async fn handle(
|
||||
return upload(body).await;
|
||||
}
|
||||
|
||||
Err(HttpError::NotAcceptable)
|
||||
Err(HttpError::MethodNotAllowed)
|
||||
}
|
||||
|
||||
fn download(headers: &HeaderMap<HeaderValue>) -> Result<Response<Body>, HttpError> {
|
||||
|
@ -590,9 +590,14 @@ EOF
|
||||
scuba_local_path_censored="$SCUBA_CENSORED_LOGGING_PATH"
|
||||
CONFIG
|
||||
fi
|
||||
|
||||
if [[ -z "$DISABLE_HTTP_CONTROL_API" ]]; then
|
||||
cat >> common/common.toml <<CONFIG
|
||||
enable_http_control_api=true
|
||||
CONFIG
|
||||
fi
|
||||
|
||||
cat >> common/common.toml <<CONFIG
|
||||
[[whitelist_entry]]
|
||||
identity_type = "$ALLOWED_IDENTITY_TYPE"
|
||||
identity_data = "${OVERRIDE_ALLOWED_IDDATA:-$ALLOWED_IDENTITY_DATA}"
|
||||
|
@ -0,0 +1,14 @@
|
||||
# Copyright (c) Facebook, Inc. and its affiliates.
|
||||
#
|
||||
# This software may be used and distributed according to the terms of the
|
||||
# GNU General Public License found in the LICENSE file in the root
|
||||
# directory of this source tree.
|
||||
|
||||
$ . "${TEST_FIXTURES}/library.sh"
|
||||
$ DISABLE_HTTP_CONTROL_API=1 setup_common_config
|
||||
$ mononoke
|
||||
$ wait_for_mononoke
|
||||
|
||||
$ sslcurl -X POST -fsS "https://localhost:$MONONOKE_SOCKET/control/drop_bookmarks_cache"
|
||||
curl: (22) The requested URL returned error: 403 Forbidden
|
||||
[22]
|
Loading…
Reference in New Issue
Block a user