frostfs-s3-gw/api/handler/locking.go

package handler

import (
	"encoding/xml"
	"fmt"
	"net/http"

	"github.com/nspcc-dev/neofs-s3-gw/api"
	"github.com/nspcc-dev/neofs-s3-gw/api/data"
	apiErrors "github.com/nspcc-dev/neofs-s3-gw/api/errors"
	"github.com/nspcc-dev/neofs-s3-gw/api/layer"
)

func (h *handler) PutBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
	reqInfo := api.GetReqInfo(r.Context())

	bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)
	if err != nil {
		h.logAndSendError(w, "could not get bucket info", reqInfo, err)
		return
	}
	if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {
		h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)
		return
	}

	if !bktInfo.ObjectLockEnabled {
		h.logAndSendError(w, "couldn't put object locking configuration", reqInfo,
			apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotAllowed))
		return
	}

	lockingConf := &data.ObjectLockConfiguration{}
	if err = xml.NewDecoder(r.Body).Decode(lockingConf); err != nil {
		h.logAndSendError(w, "couldn't parse locking configuration", reqInfo, err)
		return
	}

	if err = checkLockConfiguration(lockingConf); err != nil {
		h.logAndSendError(w, "invalid lock configuration", reqInfo, err)
		return
	}

	settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
	if err != nil {
		h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)
		return
	}

	settings.LockConfiguration = lockingConf

	sp := &layer.PutSettingsParams{
		BktInfo:  bktInfo,
		Settings: settings,
	}

	if err = h.obj.PutBucketSettings(r.Context(), sp); err != nil {
		h.logAndSendError(w, "couldn't put bucket settings", reqInfo, err)
		return
	}
}

func (h *handler) GetBucketObjectLockConfigHandler(w http.ResponseWriter, r *http.Request) {
	reqInfo := api.GetReqInfo(r.Context())

	bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)
	if err != nil {
		h.logAndSendError(w, "could not get bucket info", reqInfo, err)
		return
	}
	if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {
		h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)
		return
	}

	settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
	if err != nil {
		h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)
		return
	}

	if !bktInfo.ObjectLockEnabled {
		h.logAndSendError(w, "object lock disabled", reqInfo,
			apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotFound))
		return
	}

	if settings.LockConfiguration == nil {
		settings.LockConfiguration = &data.ObjectLockConfiguration{}
	}
	if settings.LockConfiguration.ObjectLockEnabled == "" {
		settings.LockConfiguration.ObjectLockEnabled = enabledValue
	}

	if err = api.EncodeToResponse(w, settings.LockConfiguration); err != nil {
		h.logAndSendError(w, "something went wrong", reqInfo, err)
	}
}

func checkLockConfiguration(conf *data.ObjectLockConfiguration) error {
	if conf.ObjectLockEnabled != "" && conf.ObjectLockEnabled != enabledValue {
		return fmt.Errorf("invalid ObjectLockEnabled value: %s", conf.ObjectLockEnabled)
	}

	if conf.Rule == nil || conf.Rule.DefaultRetention == nil {
		return nil
	}

	retention := conf.Rule.DefaultRetention
	if retention.Mode != "GOVERNANCE" && retention.Mode != "COMPLIANCE" {
		return fmt.Errorf("invalid Mode value: %s", retention.Mode)
	}

	if retention.Days == 0 && retention.Years == 0 {
		return fmt.Errorf("you must specify Days or Years")
	}

	if retention.Days != 0 && retention.Years != 0 {
		return fmt.Errorf("you cannot specify Days and Years at the same time")
	}

	return nil
}
[#195] Add PUT and GET default lock configuration Signed-off-by: Denis Kirillov <denis@nspcc.ru> 2022-02-28 08:29:03 +00:00			`package handler`

			`import (`
			`"encoding/xml"`
			`"fmt"`
			`"net/http"`

			`"github.com/nspcc-dev/neofs-s3-gw/api"`
			`"github.com/nspcc-dev/neofs-s3-gw/api/data"`
			`apiErrors "github.com/nspcc-dev/neofs-s3-gw/api/errors"`
			`"github.com/nspcc-dev/neofs-s3-gw/api/layer"`
			`)`

			`func (h handler) PutBucketObjectLockConfigHandler(w http.ResponseWriter, r http.Request) {`
			`reqInfo := api.GetReqInfo(r.Context())`

			`bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)`
			`if err != nil {`
			`h.logAndSendError(w, "could not get bucket info", reqInfo, err)`
			`return`
			`}`
			`if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {`
			`h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)`
			`return`
			`}`

			`if !bktInfo.ObjectLockEnabled {`
			`h.logAndSendError(w, "couldn't put object locking configuration", reqInfo,`
			`apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotAllowed))`
			`return`
			`}`

			`lockingConf := &data.ObjectLockConfiguration{}`
			`if err = xml.NewDecoder(r.Body).Decode(lockingConf); err != nil {`
			`h.logAndSendError(w, "couldn't parse locking configuration", reqInfo, err)`
			`return`
			`}`

			`if err = checkLockConfiguration(lockingConf); err != nil {`
			`h.logAndSendError(w, "invalid lock configuration", reqInfo, err)`
			`return`
			`}`

			`settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)`
			`if err != nil {`
			`h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)`
			`return`
			`}`

			`settings.LockConfiguration = lockingConf`

			`sp := &layer.PutSettingsParams{`
			`BktInfo: bktInfo,`
			`Settings: settings,`
			`}`

			`if err = h.obj.PutBucketSettings(r.Context(), sp); err != nil {`
			`h.logAndSendError(w, "couldn't put bucket settings", reqInfo, err)`
			`return`
			`}`
			`}`

			`func (h handler) GetBucketObjectLockConfigHandler(w http.ResponseWriter, r http.Request) {`
			`reqInfo := api.GetReqInfo(r.Context())`

			`bktInfo, err := h.obj.GetBucketInfo(r.Context(), reqInfo.BucketName)`
			`if err != nil {`
			`h.logAndSendError(w, "could not get bucket info", reqInfo, err)`
			`return`
			`}`
			`if err = checkOwner(bktInfo, r.Header.Get(api.AmzExpectedBucketOwner)); err != nil {`
			`h.logAndSendError(w, "expected owner doesn't match", reqInfo, err)`
			`return`
			`}`

			`settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)`
			`if err != nil {`
			`h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)`
			`return`
			`}`

			`if !bktInfo.ObjectLockEnabled {`
			`h.logAndSendError(w, "object lock disabled", reqInfo,`
			`apiErrors.GetAPIError(apiErrors.ErrObjectLockConfigurationNotFound))`
			`return`
			`}`

			`if settings.LockConfiguration == nil {`
			`settings.LockConfiguration = &data.ObjectLockConfiguration{}`
			`}`
			`if settings.LockConfiguration.ObjectLockEnabled == "" {`
			`settings.LockConfiguration.ObjectLockEnabled = enabledValue`
			`}`

			`if err = api.EncodeToResponse(w, settings.LockConfiguration); err != nil {`
			`h.logAndSendError(w, "something went wrong", reqInfo, err)`
			`}`
			`}`

			`func checkLockConfiguration(conf *data.ObjectLockConfiguration) error {`
			`if conf.ObjectLockEnabled != "" && conf.ObjectLockEnabled != enabledValue {`
			`return fmt.Errorf("invalid ObjectLockEnabled value: %s", conf.ObjectLockEnabled)`
			`}`

			`if conf.Rule == nil \|\| conf.Rule.DefaultRetention == nil {`
			`return nil`
			`}`

			`retention := conf.Rule.DefaultRetention`
			`if retention.Mode != "GOVERNANCE" && retention.Mode != "COMPLIANCE" {`
			`return fmt.Errorf("invalid Mode value: %s", retention.Mode)`
			`}`

			`if retention.Days == 0 && retention.Years == 0 {`
			`return fmt.Errorf("you must specify Days or Years")`
			`}`

			`if retention.Days != 0 && retention.Years != 0 {`
			`return fmt.Errorf("you cannot specify Days and Years at the same time")`
			`}`

			`return nil`
			`}`