whitequark.org
+12
-9
src/audit.go
+12
-9
src/audit.go
···
378
378
return audited.Backend.DeleteManifest(ctx, name, opts)
379
379
}
380
380
381
-
func (audited *auditedBackend) FreezeDomain(ctx context.Context, domain string, freeze bool) (err error) {
382
-
var event AuditEvent
383
-
if freeze {
384
-
event = AuditEvent_FreezeDomain
385
-
} else {
386
-
event = AuditEvent_UnfreezeDomain
387
-
}
381
+
func (audited *auditedBackend) FreezeDomain(ctx context.Context, domain string) (err error) {
382
+
audited.appendNewAuditRecord(ctx, &AuditRecord{
383
+
Event: AuditEvent_FreezeDomain.Enum(),
384
+
Domain: proto.String(domain),
385
+
})
386
+
387
+
return audited.Backend.FreezeDomain(ctx, domain)
388
+
}
389
+
390
+
func (audited *auditedBackend) UnfreezeDomain(ctx context.Context, domain string) (err error) {
388
391
audited.appendNewAuditRecord(ctx, &AuditRecord{
389
-
Event: event.Enum(),
392
+
Event: AuditEvent_UnfreezeDomain.Enum(),
390
393
Domain: proto.String(domain),
391
394
})
392
395
393
-
return audited.Backend.FreezeDomain(ctx, domain, freeze)
396
+
return audited.Backend.UnfreezeDomain(ctx, domain)
394
397
}
+5
-2
src/backend.go
+5
-2
src/backend.go
···
134
134
// Create a domain. This allows us to start serving content for the domain.
135
135
CreateDomain(ctx context.Context, domain string) error
136
136
137
-
// Freeze or thaw a domain. This allows a site to be administratively locked, e.g. if it
137
+
// Freeze a domain. This allows a site to be administratively locked, e.g. if it
138
138
// is discovered serving abusive content.
139
-
FreezeDomain(ctx context.Context, domain string, freeze bool) error
139
+
FreezeDomain(ctx context.Context, domain string) error
140
+
141
+
// Thaw a domain. This removes the previously placed administrative lock (if any).
142
+
UnfreezeDomain(ctx context.Context, domain string) error
140
143
141
144
// Append a record to the audit log.
142
145
AppendAuditLog(ctx context.Context, id AuditID, record *AuditRecord) error
+9
-9
src/backend_fs.go
+9
-9
src/backend_fs.go
···
442
442
return nil // no-op
443
443
}
444
444
445
-
func (fs *FSBackend) FreezeDomain(ctx context.Context, domain string, freeze bool) error {
446
-
if freeze {
447
-
return fs.siteRoot.WriteFile(domainFrozenMarkerName(domain), []byte{}, 0o644)
445
+
func (fs *FSBackend) FreezeDomain(ctx context.Context, domain string) error {
446
+
return fs.siteRoot.WriteFile(domainFrozenMarkerName(domain), []byte{}, 0o644)
447
+
}
448
+
449
+
func (fs *FSBackend) UnfreezeDomain(ctx context.Context, domain string) error {
450
+
err := fs.siteRoot.Remove(domainFrozenMarkerName(domain))
451
+
if errors.Is(err, os.ErrNotExist) {
452
+
return nil
448
453
} else {
449
-
err := fs.siteRoot.Remove(domainFrozenMarkerName(domain))
450
-
if errors.Is(err, os.ErrNotExist) {
451
-
return nil
452
-
} else {
453
-
return err
454
-
}
454
+
return err
455
455
}
456
456
}
457
457
+16
-15
src/backend_s3.go
+16
-15
src/backend_s3.go
···
718
718
return err
719
719
}
720
720
721
-
func (s3 *S3Backend) FreezeDomain(ctx context.Context, domain string, freeze bool) error {
722
-
if freeze {
723
-
logc.Printf(ctx, "s3: freeze domain %s\n", domain)
721
+
func (s3 *S3Backend) FreezeDomain(ctx context.Context, domain string) error {
722
+
logc.Printf(ctx, "s3: freeze domain %s\n", domain)
724
723
725
-
_, err := s3.client.PutObject(ctx, s3.bucket, domainFrozenObjectName(domain),
726
-
&bytes.Reader{}, 0, minio.PutObjectOptions{})
727
-
return err
724
+
_, err := s3.client.PutObject(ctx, s3.bucket, domainFrozenObjectName(domain),
725
+
&bytes.Reader{}, 0, minio.PutObjectOptions{})
726
+
return err
727
+
728
+
}
729
+
730
+
func (s3 *S3Backend) UnfreezeDomain(ctx context.Context, domain string) error {
731
+
logc.Printf(ctx, "s3: unfreeze domain %s\n", domain)
732
+
733
+
err := s3.client.RemoveObject(ctx, s3.bucket, domainFrozenObjectName(domain),
734
+
minio.RemoveObjectOptions{})
735
+
if errResp := minio.ToErrorResponse(err); errResp.Code == "NoSuchKey" {
736
+
return nil
728
737
} else {
729
-
logc.Printf(ctx, "s3: thaw domain %s\n", domain)
730
-
731
-
err := s3.client.RemoveObject(ctx, s3.bucket, domainFrozenObjectName(domain),
732
-
minio.RemoveObjectOptions{})
733
-
if errResp := minio.ToErrorResponse(err); errResp.Code == "NoSuchKey" {
734
-
return nil
735
-
} else {
736
-
return err
737
-
}
738
+
return err
738
739
}
739
740
}
740
741
+6
-3
src/main.go
+6
-3
src/main.go
···
422
422
freeze = false
423
423
}
424
424
425
-
if err = backend.FreezeDomain(ctx, domain, freeze); err != nil {
426
-
logc.Fatalln(ctx, err)
427
-
}
428
425
if freeze {
426
+
if err = backend.FreezeDomain(ctx, domain); err != nil {
427
+
logc.Fatalln(ctx, err)
428
+
}
429
429
logc.Println(ctx, "frozen")
430
430
} else {
431
+
if err = backend.UnfreezeDomain(ctx, domain); err != nil {
432
+
logc.Fatalln(ctx, err)
433
+
}
431
434
logc.Println(ctx, "thawed")
432
435
}
433
436
+10
-3
src/observe.go
+10
-3
src/observe.go
···
452
452
return
453
453
}
454
454
455
-
func (backend *observedBackend) FreezeDomain(ctx context.Context, domain string, freeze bool) (err error) {
456
-
span, ctx := ObserveFunction(ctx, "FreezeDomain", "domain.name", domain, "domain.frozen", freeze)
457
-
err = backend.inner.FreezeDomain(ctx, domain, freeze)
455
+
func (backend *observedBackend) FreezeDomain(ctx context.Context, domain string) (err error) {
456
+
span, ctx := ObserveFunction(ctx, "FreezeDomain", "domain.name", domain)
457
+
err = backend.inner.FreezeDomain(ctx, domain)
458
+
span.Finish()
459
+
return
460
+
}
461
+
462
+
func (backend *observedBackend) UnfreezeDomain(ctx context.Context, domain string) (err error) {
463
+
span, ctx := ObserveFunction(ctx, "UnfreezeDomain", "domain.name", domain)
464
+
err = backend.inner.UnfreezeDomain(ctx, domain)
458
465
span.Finish()
459
466
return
460
467
}