Skip to content

INTEGRATION [PR#5495 > development/8.8] improvement/CLDSRV-451-specific-7.70-apis-update #5498

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bert-e merged 8 commits into from
Dec 15, 2023
+23 −111
Merged

INTEGRATION [PR#5495 > development/8.8] improvement/CLDSRV-451-specific-7.70-apis-update #5498

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
836fc80
CLDSRV-451: updating buckettagging apis for impDeny
benzekrimaha Dec 14, 2023
717228b
CLDSRV-451: bump Cloudserver version
benzekrimaha Dec 14, 2023
dd3ec25
Merge remote-tracking branch 'origin/improvement/CLDSRV-451-specific-…
benzekrimaha Dec 14, 2023
cd039d8
Merge remote-tracking branch 'origin/w/8.6/improvement/CLDSRV-451-spe…
benzekrimaha Dec 14, 2023
99068e7
Merge remote-tracking branch 'origin/w/8.7/improvement/CLDSRV-451-spe…
benzekrimaha Dec 14, 2023
ad3ebd3
CLDSRV-451: fix on gettagging
benzekrimaha Dec 14, 2023
5c300b8
Merge branch 'w/8.6/improvement/CLDSRV-451-specific-7.70-apis-update'…
bert-e Dec 14, 2023
2a919af
Merge branch 'w/8.7/improvement/CLDSRV-451-specific-7.70-apis-update'…
bert-e Dec 14, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion lib/api/apiUtils/object/objectRestore.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,8 @@ function objectRestore(metadata, mdUtils, userInfo, request, log, callback) {
return async.waterfall([
// get metadata of bucket and object
function validateBucketAndObject(next) {
return mdUtils.metadataValidateBucketAndObj(mdValueParams, log, (err, bucketMD, objectMD) => {
return mdUtils.standardMetadataValidateBucketAndObj(mdValueParams, request.actionImplicitDenies,
log, (err, bucketMD, objectMD) => {
if (err) {
log.trace('request authorization failed', { method: METHOD, error: err });
return next(err);
Expand Down
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleCurrents.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const monitoring = require('../../utilities/monitoringHandler');
const { getLocationConstraintErrorMessage, processCurrents,
Expand Down Expand Up @@ -77,7 +77,7 @@ function listLifecycleCurrents(authInfo, locationConstraints, request, log, call
maxScannedLifecycleListingEntries,
};

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleNonCurrents.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors, versioning } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const versionIdUtils = versioning.VersionID;
const monitoring = require('../../utilities/monitoringHandler');
Expand Down Expand Up @@ -83,7 +83,7 @@ function listLifecycleNonCurrents(authInfo, locationConstraints, request, log, c
listParams.versionIdMarker = params['version-id-marker'] ?
versionIdUtils.decode(params['version-id-marker']) : undefined;

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
4 changes: 2 additions & 2 deletions lib/api/backbeat/listLifecycleOrphanDeleteMarkers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors } = require('arsenal');
const constants = require('../../../constants');
const services = require('../../services');
const { metadataValidateBucket } = require('../../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../../metadata/metadataUtils');
const { pushMetric } = require('../../utapi/utilities');
const monitoring = require('../../utilities/monitoringHandler');
const { processOrphans, validateMaxScannedEntries } = require('../apiUtils/object/lifecycle');
Expand Down Expand Up @@ -68,7 +68,7 @@ function listLifecycleOrphanDeleteMarkers(authInfo, locationConstraints, request
maxScannedLifecycleListingEntries,
};

return metadataValidateBucket(metadataValParams, log, (err, bucket) => {
return standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
if (err) {
log.debug('error processing request', { method: 'metadataValidateBucket', error: err });
monitoring.promMetrics(
Expand Down
6 changes: 3 additions & 3 deletions lib/api/bucketDeleteTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
const { waterfall } = require('async');
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const { pushMetric } = require('../utapi/utilities');
const monitoring = require('../utilities/monitoringHandler');
const metadata = require('../metadata/wrapper');
Expand All @@ -20,12 +20,12 @@ function bucketDeleteTagging(authInfo, request, log, callback) {
const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketDeleteTagging',
requestType: request.apiMethods || 'bucketDeleteTagging',
};

let bucket = null;
return waterfall([
next => metadataValidateBucket(metadataValParams, log,
next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
(err, b) => {
bucket = b;
bucket.setTags([]);
Expand Down
6 changes: 3 additions & 3 deletions lib/api/bucketGetTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { checkExpectedBucketOwner } = require('./apiUtils/authorization/bucketOwner');
const { pushMetric } = require('../utapi/utilities');
Expand Down Expand Up @@ -67,15 +67,15 @@ function bucketGetTagging(authInfo, request, log, callback) {
const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketGetTagging',
requestType: request.apiMethods || 'bucketGetTagging',
request,
};
let bucket = null;
let xml = null;
let tags = null;

return waterfall([
next => metadataValidateBucket(metadataValParams, log,
next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
(err, b) => {
bucket = b;
return next(err);
Expand Down
6 changes: 3 additions & 3 deletions lib/api/bucketPutTagging.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ const { s3middleware } = require('arsenal');


const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const metadata = require('../metadata/wrapper');
const { pushMetric } = require('../utapi/utilities');
const { checkExpectedBucketOwner } = require('./apiUtils/authorization/bucketOwner');
Expand Down Expand Up @@ -38,11 +38,11 @@ function bucketPutTagging(authInfo, request, log, callback) {
const metadataValParams = {
authInfo,
bucketName,
requestType: 'bucketPutTagging',
requestType: request.apiMethods || 'bucketPutTagging',
};
let bucket = null;
return waterfall([
next => metadataValidateBucket(metadataValParams, log,
next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log,
(err, b) => {
bucket = b;
return next(err);
Expand Down
4 changes: 2 additions & 2 deletions lib/api/metadataSearch.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
const { errors, versioning } = require('arsenal');
const constants = require('../../constants');
const services = require('../services');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const { pushMetric } = require('../utapi/utilities');
const validateSearchParams = require('../api/apiUtils/bucket/validateSearch');
Expand Down Expand Up @@ -103,7 +103,7 @@ function metadataSearch(authInfo, request, log, callback) {
listParams.marker = params.marker;
}

metadataValidateBucket(metadataValParams, log, (err, bucket) => {
standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
const corsHeaders = collectCorsHeaders(request.headers.origin,
request.method, bucket);
if (err) {
Expand Down
90 changes: 0 additions & 90 deletions lib/metadata/metadataUtils.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -169,70 +169,6 @@ function validateBucket(bucket, params, log, actionImplicitDenies = {}) {
}
return null;
}

/** metadataValidateBucketAndObj - retrieve bucket and object md from metadata
* and check if user is authorized to access them.
* @param {object} params - function parameters
* @param {AuthInfo} params.authInfo - AuthInfo class instance, requester's info
* @param {string} params.bucketName - name of bucket
* @param {string} params.objectKey - name of object
* @param {string} [params.versionId] - version id if getting specific version
* @param {string} params.requestType - type of request
* @param {object} params.request - http request object
* @param {RequestLogger} log - request logger
* @param {function} callback - callback
* @return {undefined} - and call callback with params err, bucket md
*/
function metadataValidateBucketAndObj(params, log, callback) {
const { authInfo, bucketName, objectKey, versionId, getDeleteMarker,
requestType, request } = params;
async.waterfall([
next => {
// versionId may be 'null', which asks metadata to fetch the null key specifically
const getOptions = { versionId };
if (getDeleteMarker) {
getOptions.getDeleteMarker = true;
}
return metadata.getBucketAndObjectMD(bucketName, objectKey, getOptions, log, next);
},
(getResult, next) => {
const bucket = getResult.bucket ?
BucketInfo.deSerialize(getResult.bucket) : undefined;
if (!bucket) {
log.debug('bucketAttrs is undefined', {
bucket: bucketName,
method: 'metadataValidateBucketAndObj',
});
return next(errors.NoSuchBucket);
}
const validationError = validateBucket(bucket, params, log);
if (validationError) {
return next(validationError, bucket);
}
const objMD = getResult.obj ? JSON.parse(getResult.obj) : undefined;
if (!objMD && versionId === 'null') {
return getNullVersionFromMaster(bucketName, objectKey, log,
(err, nullVer) => next(err, bucket, nullVer));
}
return next(null, bucket, objMD);
},
(bucket, objMD, next) => {
const canonicalID = authInfo.getCanonicalID();
if (!isObjAuthorized(bucket, objMD, requestType, canonicalID, authInfo, log, request)) {
log.debug('access denied for user on object', { requestType });
return next(errors.AccessDenied, bucket);
}
return next(null, bucket, objMD);
},
], (err, bucket, objMD) => {
if (err) {
// still return bucket for cors headers
return callback(err, bucket);
}
return callback(null, bucket, objMD);
});
}

/** standardMetadataValidateBucketAndObj - retrieve bucket and object md from metadata
* and check if user is authorized to access them.
* @param {object} params - function parameters
Expand Down Expand Up @@ -310,30 +246,6 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
return callback(null, bucket, objMD);
});
}

/** metadataValidateBucket - retrieve bucket from metadata and check if user
* is authorized to access it
* @param {object} params - function parameters
* @param {AuthInfo} params.authInfo - AuthInfo class instance, requester's info
* @param {string} params.bucketName - name of bucket
* @param {string} params.requestType - type of request
* @param {string} params.request - http request object
* @param {RequestLogger} log - request logger
* @param {function} callback - callback
* @return {undefined} - and call callback with params err, bucket md
*/
function metadataValidateBucket(params, log, callback) {
const { bucketName } = params;
return metadata.getBucket(bucketName, log, (err, bucket) => {
if (err) {
log.debug('metadata getbucket failed', { error: err });
return callback(err);
}
const validationError = validateBucket(bucket, params, log);
return callback(validationError, bucket);
});
}

/** standardMetadataValidateBucket - retrieve bucket from metadata and check if user
* is authorized to access it
* @param {object} params - function parameters
Expand Down Expand Up @@ -367,8 +279,6 @@ module.exports = {
validateBucket,
metadataGetObject,
metadataGetObjects,
metadataValidateBucketAndObj,
metadataValidateBucket,
standardMetadataValidateBucketAndObj,
standardMetadataValidateBucket,
};
4 changes: 2 additions & 2 deletions lib/routes/routeVeeam.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ const { deleteVeeamFile } = require('./veeam/delete');
const { auth, s3routes, errors } = require('arsenal');
const { _decodeURI, validPath } = require('./veeam/utils');
const { routesUtils } = require('arsenal/build/lib/s3routes');
const { metadataValidateBucket } = require('../metadata/metadataUtils');
const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
const prepareRequestContexts = require('../api/apiUtils/authorization/prepareRequestContexts');

const { responseXMLBody } = s3routes.routesUtils;
Expand Down Expand Up @@ -127,7 +127,7 @@ function authorizationMiddleware(request, response, api, log, callback) {
};
return next(null, mdValParams);
},
(mdValParams, next) => metadataValidateBucket(mdValParams, log, next),
(mdValParams, next) => standardMetadataValidateBucket(mdValParams, request.actionImplicitDenies, log, next),
], (err, bucketMd) => {
if (err || !bucketMd) {
return responseXMLBody(err, null, response, log);
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@zenko/cloudserver",
"version": "8.8.10",
"version": "8.8.11",
"description": "Zenko CloudServer, an open-source Node.js implementation of a server handling the Amazon S3 protocol",
"main": "index.js",
"engines": {
Expand Down
1 change: 1 addition & 0 deletions tests/unit/api/objectRestore.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ const bucketPutRequest = {
bucketName,
headers: { host: `${bucketName}.s3.amazonaws.com` },
url: '/',
actionImplicitDenies: false,
};

const putObjectRequest = new DummyRequest({
Expand Down