首先MiddleWare核心代码,这段代码卸载swift的源代码目录下,~/swift/swift/common/middleware下新建deletionpreventing.py:
import os from swift.common.swob import Request, Response class DeletionPreventingMiddleware(object): def __init__(self, app,conf): self.app = app print "vincent middleware" print app def __call__(self, env, start_response): print "it in deletionprevention middleware" if env['REQUEST_METHOD'] != 'DELETE': print "not put method" return self.app(env, start_response) return Response( status=403, body="Delete prohibited", content_type="text/plain")(env, start_response) def filter_factory(global_conf, **local_conf): conf = global_conf.copy() conf.update(local_conf) print conf def deletionpreventing_filter(app): print "deletion" return DeletionPreventingMiddleware(app, conf) return deletionpreventing_filter
在/etc/swift/proxy-server.conf中添加中间件
[pipeline:main]
pipeline = catch_errors healthcheck cache ratelimit tempauth deletionpreventing proxy-logging proxy-server
[filter:deletionpreventing]
use = egg:swift#deletionpreventing
myconf=value1
其中deletionpriventing就是我们自己定义的中间件
然后在~/swift/swift.egg-info目录下的entry_point.txt中添加中间件:
deletionpreventing = swift.common.middleware.deletionpreventing:filter_factory
在~/swift/setup.cfg中添加中间件(这一步可以不做)
deletionpreventing = swift.common.middleware.deletionpreventing:filter_factory
测试运行:
swift@vincent-virtual-machine ~/swift $ curl -v -H "X-Storage-User:test:tester" -H "X-Storage-Pass:testing" http://127.0.0.1:8080/auth/v1.0 * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET /auth/v1.0 HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 127.0.0.1:8080 > Accept: */* > X-Storage-User:test:tester > X-Storage-Pass:testing > < HTTP/1.1 200 OK < X-Storage-Url: http://127.0.0.1:8080/v1/AUTH_test < X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45 < Content-Type: text/html; charset=UTF-8 < X-Storage-Token: AUTH_tkf36387dd367b474383cfac60979bed45 < X-Trans-Id: tx0b4c7f7dee284e0d9dd5b-005630e592 < Content-Length: 0 < Date: Wed, 28 Oct 2015 15:11:14 GMT < * Connection #0 to host 127.0.0.1 left intact swift@vincent-virtual-machine ~/swift $
查看列表:
swift@vincent-virtual-machine ~/swift $ curl -v -H "X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45" http://127.0.0.1:8080/v1/AUTH_test/ * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET /v1/AUTH_test/ HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 127.0.0.1:8080 > Accept: */* > X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45 > < HTTP/1.1 200 OK < Content-Length: 20 < X-Account-Object-Count: 2 < X-Account-Storage-Policy-Policy-0-Bytes-Used: 12 < X-Account-Storage-Policy-Policy-0-Container-Count: 4 < X-Timestamp: 1444721178.82674 < X-Account-Storage-Policy-Policy-0-Object-Count: 2 < X-Account-Bytes-Used: 12 < X-Account-Container-Count: 4 < Content-Type: text/plain; charset=utf-8 < Accept-Ranges: bytes < X-Trans-Id: tx1533138aaa0c4c6b99dfc-005630e60f < Date: Wed, 28 Oct 2015 15:13:19 GMT < ab ab2 hello hello1 * Connection #0 to host 127.0.0.1 left intact swift@vincent-virtual-machine ~/swift $
测试PUT请求:
swift@vincent-virtual-machine ~/swift $ curl -X PUT -v -H "X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45" http://127.0.0.1:8080/v1/AUTH_test/ab3 * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > PUT /v1/AUTH_test/ab3 HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 127.0.0.1:8080 > Accept: */* > X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45 > < HTTP/1.1 201 Created < Content-Length: 0 < Content-Type: text/html; charset=UTF-8 < X-Trans-Id: tx6010eaabf2e64f4fa69dd-005630e642 < Date: Wed, 28 Oct 2015 15:14:10 GMT < * Connection #0 to host 127.0.0.1 left intact swift@vincent-virtual-machine ~/swift $ curl -v -H "X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45" http://127.0.0.1:8080/v1/AUTH_test/ * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > GET /v1/AUTH_test/ HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 127.0.0.1:8080 > Accept: */* > X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45 > < HTTP/1.1 200 OK < Content-Length: 24 < X-Account-Object-Count: 2 < X-Account-Storage-Policy-Policy-0-Bytes-Used: 12 < X-Account-Storage-Policy-Policy-0-Container-Count: 5 < X-Timestamp: 1444721178.82674 < X-Account-Storage-Policy-Policy-0-Object-Count: 2 < X-Account-Bytes-Used: 12 < X-Account-Container-Count: 5 < Content-Type: text/plain; charset=utf-8 < Accept-Ranges: bytes < X-Trans-Id: tx6c0f7ff0121740a190b6f-005630e646 < Date: Wed, 28 Oct 2015 15:14:14 GMT < ab ab2 ab3 hello hello1 * Connection #0 to host 127.0.0.1 left intact
PUT成功
测试DELETE请求:
swift@vincent-virtual-machine ~/swift $ curl -X DELETE -v -H "X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45" http://127.0.0.1:8080/v1/AUTH_test/ab3 * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0) > DELETE /v1/AUTH_test/ab3 HTTP/1.1 > User-Agent: curl/7.35.0 > Host: 127.0.0.1:8080 > Accept: */* > X-Auth-Token: AUTH_tkf36387dd367b474383cfac60979bed45 > < HTTP/1.1 403 Forbidden < Content-Length: 17 < Content-Type: text/plain < X-Trans-Id: tx5426c7feb84c41f29b837-005630e66f < Date: Wed, 28 Oct 2015 15:14:55 GMT < * Connection #0 to host 127.0.0.1 left intact Delete prohibitedswift@vincent-virtual-machine ~/swift $
DELETE请求失败,说明中间件起作用了