Skip to content

improvement/CLDSRV-451-specific-7.70-apis-update #5495

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bert-e merged 2 commits into from
Dec 15, 2023
Merged

improvement/CLDSRV-451-specific-7.70-apis-update #5495

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
836fc80
CLDSRV-451: updating buckettagging apis for impDeny
benzekrimaha Dec 14, 2023
717228b
CLDSRV-451: bump Cloudserver version
benzekrimaha Dec 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleCurrents.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const monitoring = require('../../utilities/metrics');
const { getLocationConstraintErrorMessage, processCurrents,
Expand Down Expand Up @@ -77,7 +77,7 @@ function listLifecycleCurrents(authInfo, locationConstraints, request, log, call
maxScannedLifecycleListingEntries,
};

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleNonCurrents.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors, versioning } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const versionIdUtils = versioning.VersionID;
const monitoring = require('../../utilities/metrics');
Expand Down Expand Up @@ -83,7 +83,7 @@ function listLifecycleNonCurrents(authInfo, locationConstraints, request, log, c
listParams.versionIdMarker = params['version-id-marker'] ?
versionIdUtils.decode(params['version-id-marker']) : undefined;

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleOrphanDeleteMarkers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const monitoring = require('../../utilities/metrics');
const { processOrphans, validateMaxScannedEntries } = require('../apiUtils/object/lifecycle');
Expand Down Expand Up @@ -68,7 +68,7 @@ function listLifecycleOrphanDeleteMarkers(authInfo, locationConstraints, request
maxScannedLifecycleListingEntries,
};

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
8 changes: 4 additions & 4 deletions lib/api/bucketDeleteTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const { pushMetric } = require('../utapi/utilities');
const metadata = require('../metadata/wrapper');
const util = require('node:util');
Expand All @@ -19,18 +19,18 @@ async function bucketDeleteTagging(authInfo, request, log, callback) {
log.debug('processing request', { method: 'bucketDeleteTagging', bucketName });

let bucket;
const metadataValidateBucketPromise = util.promisify(metadataValidateBucket);
const metadataValidateBucketPromise = util.promisify(standardMetadataValidateBucket);
let updateBucketPromise = util.promisify(metadata.updateBucket);
// necessary to bind metadata as updateBucket calls 'this', causing undefined otherwise
updateBucketPromise = updateBucketPromise.bind(metadata);
const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketDeleteTagging',
requestType: request.apiMethods || 'bucketDeleteTagging',
};

try {
bucket = await metadataValidateBucketPromise(metadataValParams, log);
bucket = await metadataValidateBucketPromise(metadataValParams, request.actionImplicitDenies, log);
bucket.setTags([]);
// eslint-disable-next-line no-unused-expressions
await updateBucketPromise(bucket.getName(), bucket, log);
Expand Down
8 changes: 4 additions & 4 deletions lib/api/bucketGetTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const util = require('node:util');
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { checkExpectedBucketOwner } = require('./apiUtils/authorization/bucketOwner');
Expand Down Expand Up @@ -64,21 +64,21 @@ async function bucketGetTagging(authInfo, request, log, callback) {
log.debug('processing request', { method: 'bucketGetTagging' });

const { bucketName, headers } = request;
const metadataValidateBucketPromise = util.promisify(metadataValidateBucket);
const metadataValidateBucketPromise = util.promisify(standardMetadataValidateBucket);
const checkExpectedBucketOwnerPromise = util.promisify(checkExpectedBucketOwner);

const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketGetTagging',
requestType: request.apiMethods || 'bucketGetTagging',
request,
};

let bucket;
let xml = null;

try {
bucket = await metadataValidateBucketPromise(metadataValParams, log);
bucket = await metadataValidateBucketPromise(metadataValParams, request.actionImplicitDenies, log);
// eslint-disable-next-line no-unused-expressions
await checkExpectedBucketOwnerPromise(headers, bucket, log);
const tags = bucket.getTags();
Expand Down
6 changes: 3 additions & 3 deletions lib/api/bucketPutTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ const { s3middleware } = require('arsenal');


const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const metadata = require('../metadata/wrapper');
const { pushMetric } = require('../utapi/utilities');
const { checkExpectedBucketOwner } = require('./apiUtils/authorization/bucketOwner');
Expand Down Expand Up @@ -38,11 +38,11 @@ function bucketPutTagging(authInfo, request, log, callback) {
const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketPutTagging',
requestType: request.apiMethods || 'bucketPutTagging',
};
let bucket = null;
return waterfall([
next => metadataValidateBucket(metadataValParams, log,
next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
(err, b) => {
bucket = b;
return next(err);
Expand Down
90 changes: 0 additions & 90 deletions lib/metadata/metadataUtils.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,70 +169,6 @@ function validateBucket(bucket, params, log, actionImplicitDenies = {}) {
}
return null;
}

/** metadataValidateBucketAndObj - retrieve bucket and object md from metadata
* and check if user is authorized to access them.
* @param {object} params - function parameters
* @param {AuthInfo} params.authInfo - AuthInfo class instance, requester's info
* @param {string} params.bucketName - name of bucket
* @param {string} params.objectKey - name of object
* @param {string} [params.versionId] - version id if getting specific version
* @param {string} params.requestType - type of request
* @param {object} params.request - http request object
* @param {RequestLogger} log - request logger
* @param {function} callback - callback
* @return {undefined} - and call callback with params err, bucket md
*/
function metadataValidateBucketAndObj(params, log, callback) {
const { authInfo, bucketName, objectKey, versionId, getDeleteMarker,
requestType, request } = params;
async.waterfall([
next => {
// versionId may be 'null', which asks metadata to fetch the null key specifically
const getOptions = { versionId };
if (getDeleteMarker) {
getOptions.getDeleteMarker = true;
}
return metadata.getBucketAndObjectMD(bucketName, objectKey, getOptions, log, next);
},
(getResult, next) => {
const bucket = getResult.bucket ?
BucketInfo.deSerialize(getResult.bucket) : undefined;
if (!bucket) {
log.debug('bucketAttrs is undefined', {
bucket: bucketName,
method: 'metadataValidateBucketAndObj',
});
return next(errors.NoSuchBucket);
}
const validationError = validateBucket(bucket, params, log);
if (validationError) {
return next(validationError, bucket);
}
const objMD = getResult.obj ? JSON.parse(getResult.obj) : undefined;
if (!objMD && versionId === 'null') {
return getNullVersionFromMaster(bucketName, objectKey, log,
(err, nullVer) => next(err, bucket, nullVer));
}
return next(null, bucket, objMD);
},
(bucket, objMD, next) => {
const canonicalID = authInfo.getCanonicalID();
if (!isObjAuthorized(bucket, objMD, requestType, canonicalID, authInfo, log, request)) {
log.debug('access denied for user on object', { requestType });
return next(errors.AccessDenied, bucket);
}
return next(null, bucket, objMD);
},
], (err, bucket, objMD) => {
if (err) {
// still return bucket for cors headers
return callback(err, bucket);
}
return callback(null, bucket, objMD);
});
}

/** standardMetadataValidateBucketAndObj - retrieve bucket and object md from metadata
* and check if user is authorized to access them.
* @param {object} params - function parameters
Expand Down Expand Up @@ -310,30 +246,6 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
return callback(null, bucket, objMD);
});
}

/** metadataValidateBucket - retrieve bucket from metadata and check if user
* is authorized to access it
* @param {object} params - function parameters
* @param {AuthInfo} params.authInfo - AuthInfo class instance, requester's info
* @param {string} params.bucketName - name of bucket
* @param {string} params.requestType - type of request
* @param {string} params.request - http request object
* @param {RequestLogger} log - request logger
* @param {function} callback - callback
* @return {undefined} - and call callback with params err, bucket md
*/
function metadataValidateBucket(params, log, callback) {
const { bucketName } = params;
return metadata.getBucket(bucketName, log, (err, bucket) => {
if (err) {
log.debug('metadata getbucket failed', { error: err });
return callback(err);
}
const validationError = validateBucket(bucket, params, log);
return callback(validationError, bucket);
});
}

/** standardMetadataValidateBucket - retrieve bucket from metadata and check if user
* is authorized to access it
* @param {object} params - function parameters
Expand Down Expand Up @@ -367,8 +279,6 @@ module.exports = {
validateBucket,
metadataGetObject,
metadataGetObjects,
metadataValidateBucketAndObj,
metadataValidateBucket,
standardMetadataValidateBucketAndObj,
standardMetadataValidateBucket,
};
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "s3",
"version": "7.70.35",
"version": "7.70.36",
"description": "S3 connector",
"main": "index.js",
"engines": {
Expand Down