[#195] Add PUT and GET default lock configuration

Signed-off-by: Denis Kirillov <denis@nspcc.ru>
2022-02-28 11:29:03 +03:00 · 2022-02-28 11:29:03 +03:00 · fe9eb9cedc
commit fe9eb9cedc
parent b96c3c5a33
5 changed files with 147 additions and 9 deletions
--- a/api/data/info.go
+++ b/api/data/info.go
@ -47,7 +47,8 @@ type (

 	// BucketSettings stores settings such as versioning.
 	BucketSettings struct {
-		VersioningEnabled bool `json:"versioning_enabled"`
+		VersioningEnabled bool                     `json:"versioning_enabled"`
+		LockConfiguration *ObjectLockConfiguration `json:"lock_configuration"`
 	}

 	// CORSConfiguration stores CORS configuration of a request.
--- a/api/data/locking.go
+++ b/api/data/locking.go
@ -0,0 +1,18 @@
+package data
+
+type (
+	ObjectLockConfiguration struct {
+		ObjectLockEnabled string          `xml:"ObjectLockEnabled" json:"ObjectLockEnabled"`
+		Rule              *ObjectLockRule `xml:"Rule" json:"Rule"`
+	}
+
+	ObjectLockRule struct {
+		DefaultRetention *DefaultRetention `xml:"DefaultRetention" json:"DefaultRetention"`
+	}
+
+	DefaultRetention struct {
+		Days  int64  `xml:"Days" json:"Days"`
+		Mode  string `xml:"Mode" json:"Mode"`
+		Years int64  `xml:"Years" json:"Years"`
+	}
+)
--- a/api/handler/locking.go
+++ b/api/handler/locking.go
@ -0,0 +1,123 @@
+package handler
+
+import (
+	"encoding/xml"
+	"fmt"
+	"net/http"
+
+	"github.com/nspcc-dev/neofs-s3-gw/api"
+	"github.com/nspcc-dev/neofs-s3-gw/api/data"
+	apiErrors "github.com/nspcc-dev/neofs-s3-gw/api/errors"
+	"github.com/nspcc-dev/neofs-s3-gw/api/layer"
+)
+
+func (h *handler) PutBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
+	reqInfo := api.GetReqInfo(r.Context())
+
+	bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)
+	if err != nil {
+		h.logAndSendError(w, "could not get bucket info", reqInfo, err)
+		return
+	}
+	if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {
+		h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)
+		return
+	}
+
+	if !bktInfo.ObjectLockEnabled {
+		h.logAndSendError(w, "couldn't put object locking configuration", reqInfo,
+			apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotAllowed))
+		return
+	}
+
+	lockingConf := &data.ObjectLockConfiguration{}
+	if err = xml.NewDecoder(r.Body).Decode(lockingConf); err != nil {
+		h.logAndSendError(w, "couldn't parse locking configuration", reqInfo, err)
+		return
+	}
+
+	if err = checkLockConfiguration(lockingConf); err != nil {
+		h.logAndSendError(w, "invalid lock configuration", reqInfo, err)
+		return
+	}
+
+	settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
+	if err != nil {
+		h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)
+		return
+	}
+
+	settings.LockConfiguration = lockingConf
+
+	sp := &layer.PutSettingsParams{
+		BktInfo:  bktInfo,
+		Settings: settings,
+	}
+
+	if err = h.obj.PutBucketSettings(r.Context(), sp); err != nil {
+		h.logAndSendError(w, "couldn't put bucket settings", reqInfo, err)
+		return
+	}
+}
+
+func (h *handler) GetBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
+	reqInfo := api.GetReqInfo(r.Context())
+
+	bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)
+	if err != nil {
+		h.logAndSendError(w, "could not get bucket info", reqInfo, err)
+		return
+	}
+	if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {
+		h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)
+		return
+	}
+
+	settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
+	if err != nil {
+		h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)
+		return
+	}
+
+	if !bktInfo.ObjectLockEnabled {
+		h.logAndSendError(w, "object lock disabled", reqInfo,
+			apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotFound))
+		return
+	}
+
+	if settings.LockConfiguration == nil {
+		settings.LockConfiguration = &data.ObjectLockConfiguration{}
+	}
+	if settings.LockConfiguration.ObjectLockEnabled == "" {
+		settings.LockConfiguration.ObjectLockEnabled = enabledValue
+	}
+
+	if err = api.EncodeToResponse(w, settings.LockConfiguration); err != nil {
+		h.logAndSendError(w, "something went wrong", reqInfo, err)
+	}
+}
+
+func checkLockConfiguration(conf *data.ObjectLockConfiguration) error {
+	if conf.ObjectLockEnabled != "" && conf.ObjectLockEnabled != enabledValue {
+		return fmt.Errorf("invalid ObjectLockEnabled value: %s", conf.ObjectLockEnabled)
+	}
+
+	if conf.Rule == nil || conf.Rule.DefaultRetention == nil {
+		return nil
+	}
+
+	retention := conf.Rule.DefaultRetention
+	if retention.Mode != "GOVERNANCE" && retention.Mode != "COMPLIANCE" {
+		return fmt.Errorf("invalid Mode value: %s", retention.Mode)
+	}
+
+	if retention.Days == 0 && retention.Years == 0 {
+		return fmt.Errorf("you must specify Days or Years")
+	}
+
+	if retention.Days != 0 && retention.Years != 0 {
+		return fmt.Errorf("you cannot specify Days and Years at the same time")
+	}
+
+	return nil
+}
--- a/api/handler/response.go
+++ b/api/handler/response.go
@ -188,6 +188,10 @@ type Tag struct {
 	Value string
 }

+const (
+	enabledValue = "Enabled"
+)
+
 // MarshalXML - StringMap marshals into XML.
 func (s StringMap) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
 	tokens := []xml.Token{start}
--- a/api/handler/unimplemented.go
+++ b/api/handler/unimplemented.go
@ -59,10 +59,6 @@ func (h *handler) DeleteBucketWebsiteHandler(w http.ResponseWriter, r *http.Requ
 	h.logAndSendError(w, "not implemented", api.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotImplemented))
 }

-func (h *handler) GetBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
-	h.logAndSendError(w, "not implemented", api.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotImplemented))
-}
-
 func (h *handler) ListenBucketNotificationHandler(w http.ResponseWriter, r *http.Request) {
 	h.logAndSendError(w, "not implemented", api.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotImplemented))
 }
@ -78,7 +74,3 @@ func (h *handler) PutBucketLifecycleHandler(w http.ResponseWriter, r *http.Reque
 func (h *handler) PutBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) {
 	h.logAndSendError(w, "not implemented", api.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotImplemented))
 }
-
-func (h *handler) PutBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
-	h.logAndSendError(w, "not implemented", api.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotImplemented))
-}