[#507] Add routing for public access block operations

Signed-off-by: Marina Biryukova <m.biryukova@yadro.com>
2024-10-01 11:21:22 +03:00 · 2024-10-01 11:21:22 +03:00 · dbd0bc2252
commit dbd0bc2252
parent 582e6ac642
6 changed files with 92 additions and 28 deletions
--- a/api/handler/not_support.go
+++ b/api/handler/not_support.go
@ -10,3 +10,15 @@ import (
 func (h *handler) DeleteBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) {
 	h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported))
 }
+
+func (h *handler) DeletePublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) {
+	h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported))
+}
+
+func (h *handler) GetPublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) {
+	h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported))
+}
+
+func (h *handler) PutPublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) {
+	h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported))
+}
--- a/api/middleware/constants.go
+++ b/api/middleware/constants.go
@ -48,6 +48,9 @@ const (
 	DeleteBucketLifecycleOperation     = "DeleteBucketLifecycle"
 	DeleteBucketEncryptionOperation    = "DeleteBucketEncryption"
 	DeleteBucketOperation              = "DeleteBucket"
+	DeletePublicAccessBlockOperation   = "DeletePublicAccessBlock"
+	GetPublicAccessBlockOperation      = "GetPublicAccessBlock"
+	PutPublicAccessBlockOperation      = "PutPublicAccessBlock"

 	// object operations.

@ -78,34 +81,35 @@ const (
 )

 const (
-	UploadsQuery        = "uploads"
-	LocationQuery       = "location"
-	PolicyStatusQuery   = "policyStatus"
-	PolicyQuery         = "policy"
-	LifecycleQuery      = "lifecycle"
-	EncryptionQuery     = "encryption"
-	CorsQuery           = "cors"
-	ACLQuery            = "acl"
-	WebsiteQuery        = "website"
-	AccelerateQuery     = "accelerate"
-	RequestPaymentQuery = "requestPayment"
-	LoggingQuery        = "logging"
-	ReplicationQuery    = "replication"
-	TaggingQuery        = "tagging"
-	ObjectLockQuery     = "object-lock"
-	VersioningQuery     = "versioning"
-	NotificationQuery   = "notification"
-	EventsQuery         = "events"
-	VersionsQuery       = "versions"
-	ListTypeQuery       = "list-type"
-	MetadataQuery       = "metadata"
-	DeleteQuery         = "delete"
-	UploadIDQuery       = "uploadId"
-	RetentionQuery      = "retention"
-	LegalQuery          = "legal"
-	AttributesQuery     = "attributes"
-	PartNumberQuery     = "partNumber"
-	LegalHoldQuery      = "legal-hold"
+	UploadsQuery           = "uploads"
+	LocationQuery          = "location"
+	PolicyStatusQuery      = "policyStatus"
+	PolicyQuery            = "policy"
+	LifecycleQuery         = "lifecycle"
+	EncryptionQuery        = "encryption"
+	CorsQuery              = "cors"
+	ACLQuery               = "acl"
+	WebsiteQuery           = "website"
+	AccelerateQuery        = "accelerate"
+	RequestPaymentQuery    = "requestPayment"
+	LoggingQuery           = "logging"
+	ReplicationQuery       = "replication"
+	TaggingQuery           = "tagging"
+	ObjectLockQuery        = "object-lock"
+	VersioningQuery        = "versioning"
+	NotificationQuery      = "notification"
+	EventsQuery            = "events"
+	VersionsQuery          = "versions"
+	ListTypeQuery          = "list-type"
+	MetadataQuery          = "metadata"
+	DeleteQuery            = "delete"
+	UploadIDQuery          = "uploadId"
+	RetentionQuery         = "retention"
+	LegalQuery             = "legal"
+	AttributesQuery        = "attributes"
+	PartNumberQuery        = "partNumber"
+	LegalHoldQuery         = "legal-hold"
+	PublicAccessBlockQuery = "publicAccessBlock"
 )

 const (
--- a/api/middleware/policy.go
+++ b/api/middleware/policy.go
@ -269,6 +269,8 @@ func determineBucketOperation(r *http.Request) string {
 			return ListObjectsV2MOperation
 		case query.Get(ListTypeQuery) == "2":
 			return ListObjectsV2Operation
+		case query.Has(PublicAccessBlockQuery):
+			return GetPublicAccessBlockOperation
 		default:
 			return ListObjectsV1Operation
 		}
@ -292,6 +294,8 @@ func determineBucketOperation(r *http.Request) string {
 			return PutBucketVersioningOperation
 		case query.Has(NotificationQuery):
 			return PutBucketNotificationOperation
+		case query.Has(PublicAccessBlockQuery):
+			return PutPublicAccessBlockOperation
 		default:
 			return CreateBucketOperation
 		}
@ -316,6 +320,8 @@ func determineBucketOperation(r *http.Request) string {
 			return DeleteBucketLifecycleOperation
 		case query.Has(EncryptionQuery):
 			return DeleteBucketEncryptionOperation
+		case query.Has(PublicAccessBlockQuery):
+			return DeletePublicAccessBlockOperation
 		default:
 			return DeleteBucketOperation
 		}
--- a/api/middleware/policy_test.go
+++ b/api/middleware/policy_test.go
@ -263,6 +263,24 @@ func TestDetermineBucketOperation(t *testing.T) {
 			method:   http.MethodDelete,
 			expected: DeleteBucketOperation,
 		},
+		{
+			name:       "GetPublicAccessBlockOperation",
+			method:     http.MethodGet,
+			queryParam: map[string]string{PublicAccessBlockQuery: defaultValue},
+			expected:   GetPublicAccessBlockOperation,
+		},
+		{
+			name:       "PutPublicAccessBlockOperation",
+			method:     http.MethodPut,
+			queryParam: map[string]string{PublicAccessBlockQuery: defaultValue},
+			expected:   PutPublicAccessBlockOperation,
+		},
+		{
+			name:       "DeletePublicAccessBlockOperation",
+			method:     http.MethodDelete,
+			queryParam: map[string]string{PublicAccessBlockQuery: defaultValue},
+			expected:   DeletePublicAccessBlockOperation,
+		},
 		{
 			name:     "UnmatchedBucketOperation",
 			method:   "invalid-method",
--- a/api/router.go
+++ b/api/router.go
@ -88,6 +88,9 @@ type (
 		ListPartsHandler(w http.ResponseWriter, r *http.Request)
 		ListMultipartUploadsHandler(http.ResponseWriter, *http.Request)
 		PatchObjectHandler(http.ResponseWriter, *http.Request)
+		DeletePublicAccessBlockHandler(http.ResponseWriter, *http.Request)
+		GetPublicAccessBlockHandler(http.ResponseWriter, *http.Request)
+		PutPublicAccessBlockHandler(http.ResponseWriter, *http.Request)

 		ResolveBucket(ctx context.Context, bucket string) (*data.BucketInfo, error)
 		ResolveCID(ctx context.Context, bucket string) (cid.ID, error)
@ -313,6 +316,9 @@ func bucketRouter(h Handler) chi.Router {
 			Add(NewFilter().
 				Queries(s3middleware.VersionsQuery).
 				Handler(named(s3middleware.ListBucketObjectVersionsOperation, h.ListBucketObjectVersionsHandler))).
+			Add(NewFilter().
+				Queries(s3middleware.PublicAccessBlockQuery).
+				Handler(named(s3middleware.GetPublicAccessBlockOperation, h.GetPublicAccessBlockHandler))).
 			DefaultHandler(listWrapper(h)))
 	})

@ -346,6 +352,9 @@ func bucketRouter(h Handler) chi.Router {
 			Add(NewFilter().
 				Queries(s3middleware.NotificationQuery).
 				Handler(named(s3middleware.PutBucketNotificationOperation, h.PutBucketNotificationHandler))).
+			Add(NewFilter().
+				Queries(s3middleware.PublicAccessBlockQuery).
+				Handler(named(s3middleware.PutPublicAccessBlockOperation, h.PutPublicAccessBlockHandler))).
 			DefaultHandler(named(s3middleware.CreateBucketOperation, h.CreateBucketHandler)))
 	})

@ -380,6 +389,9 @@ func bucketRouter(h Handler) chi.Router {
 			Add(NewFilter().
 				Queries(s3middleware.EncryptionQuery).
 				Handler(named(s3middleware.DeleteBucketEncryptionOperation, h.DeleteBucketEncryptionHandler))).
+			Add(NewFilter().
+				Queries(s3middleware.PublicAccessBlockQuery).
+				Handler(named(s3middleware.DeletePublicAccessBlockOperation, h.DeletePublicAccessBlockHandler))).
 			DefaultHandler(named(s3middleware.DeleteBucketOperation, h.DeleteBucketHandler)))
 	})

--- a/api/router_mock_test.go
+++ b/api/router_mock_test.go
@ -569,6 +569,18 @@ func (h *handlerMock) PatchObjectHandler(http.ResponseWriter, *http.Request) {
 	panic("implement me")
 }

+func (h *handlerMock) DeletePublicAccessBlockHandler(http.ResponseWriter, *http.Request) {
+	panic("implement me")
+}
+
+func (h *handlerMock) GetPublicAccessBlockHandler(http.ResponseWriter, *http.Request) {
+	panic("implement me")
+}
+
+func (h *handlerMock) PutPublicAccessBlockHandler(http.ResponseWriter, *http.Request) {
+	panic("implement me")
+}
+
 func (h *handlerMock) ResolveBucket(ctx context.Context, name string) (*data.BucketInfo, error) {
 	reqInfo := middleware.GetReqInfo(ctx)
 	bktInfo, ok := h.buckets[reqInfo.Namespace+name]