diff --git a/api/handler/not_support.go b/api/handler/not_support.go index 85c8317..c399e08 100644 --- a/api/handler/not_support.go +++ b/api/handler/not_support.go @@ -10,3 +10,15 @@ import ( func (h *handler) DeleteBucketEncryptionHandler(w http.ResponseWriter, r *http.Request) { h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported)) } + +func (h *handler) DeletePublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) { + h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported)) +} + +func (h *handler) GetPublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) { + h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported)) +} + +func (h *handler) PutPublicAccessBlockHandler(w http.ResponseWriter, r *http.Request) { + h.logAndSendError(w, "not supported", middleware.GetReqInfo(r.Context()), errors.GetAPIError(errors.ErrNotSupported)) +} diff --git a/api/middleware/constants.go b/api/middleware/constants.go index 2c8cdfc..18a31bb 100644 --- a/api/middleware/constants.go +++ b/api/middleware/constants.go @@ -48,6 +48,9 @@ const ( DeleteBucketLifecycleOperation = "DeleteBucketLifecycle" DeleteBucketEncryptionOperation = "DeleteBucketEncryption" DeleteBucketOperation = "DeleteBucket" + DeletePublicAccessBlockOperation = "DeletePublicAccessBlock" + GetPublicAccessBlockOperation = "GetPublicAccessBlock" + PutPublicAccessBlockOperation = "PutPublicAccessBlock" // object operations. @@ -78,34 +81,35 @@ const ( ) const ( - UploadsQuery = "uploads" - LocationQuery = "location" - PolicyStatusQuery = "policyStatus" - PolicyQuery = "policy" - LifecycleQuery = "lifecycle" - EncryptionQuery = "encryption" - CorsQuery = "cors" - ACLQuery = "acl" - WebsiteQuery = "website" - AccelerateQuery = "accelerate" - RequestPaymentQuery = "requestPayment" - LoggingQuery = "logging" - ReplicationQuery = "replication" - TaggingQuery = "tagging" - ObjectLockQuery = "object-lock" - VersioningQuery = "versioning" - NotificationQuery = "notification" - EventsQuery = "events" - VersionsQuery = "versions" - ListTypeQuery = "list-type" - MetadataQuery = "metadata" - DeleteQuery = "delete" - UploadIDQuery = "uploadId" - RetentionQuery = "retention" - LegalQuery = "legal" - AttributesQuery = "attributes" - PartNumberQuery = "partNumber" - LegalHoldQuery = "legal-hold" + UploadsQuery = "uploads" + LocationQuery = "location" + PolicyStatusQuery = "policyStatus" + PolicyQuery = "policy" + LifecycleQuery = "lifecycle" + EncryptionQuery = "encryption" + CorsQuery = "cors" + ACLQuery = "acl" + WebsiteQuery = "website" + AccelerateQuery = "accelerate" + RequestPaymentQuery = "requestPayment" + LoggingQuery = "logging" + ReplicationQuery = "replication" + TaggingQuery = "tagging" + ObjectLockQuery = "object-lock" + VersioningQuery = "versioning" + NotificationQuery = "notification" + EventsQuery = "events" + VersionsQuery = "versions" + ListTypeQuery = "list-type" + MetadataQuery = "metadata" + DeleteQuery = "delete" + UploadIDQuery = "uploadId" + RetentionQuery = "retention" + LegalQuery = "legal" + AttributesQuery = "attributes" + PartNumberQuery = "partNumber" + LegalHoldQuery = "legal-hold" + PublicAccessBlockQuery = "publicAccessBlock" ) const ( diff --git a/api/middleware/policy.go b/api/middleware/policy.go index f3bcd63..c6eb3d0 100644 --- a/api/middleware/policy.go +++ b/api/middleware/policy.go @@ -269,6 +269,8 @@ func determineBucketOperation(r *http.Request) string { return ListObjectsV2MOperation case query.Get(ListTypeQuery) == "2": return ListObjectsV2Operation + case query.Has(PublicAccessBlockQuery): + return GetPublicAccessBlockOperation default: return ListObjectsV1Operation } @@ -292,6 +294,8 @@ func determineBucketOperation(r *http.Request) string { return PutBucketVersioningOperation case query.Has(NotificationQuery): return PutBucketNotificationOperation + case query.Has(PublicAccessBlockQuery): + return PutPublicAccessBlockOperation default: return CreateBucketOperation } @@ -316,6 +320,8 @@ func determineBucketOperation(r *http.Request) string { return DeleteBucketLifecycleOperation case query.Has(EncryptionQuery): return DeleteBucketEncryptionOperation + case query.Has(PublicAccessBlockQuery): + return DeletePublicAccessBlockOperation default: return DeleteBucketOperation } diff --git a/api/middleware/policy_test.go b/api/middleware/policy_test.go index 7147ae4..71710fd 100644 --- a/api/middleware/policy_test.go +++ b/api/middleware/policy_test.go @@ -263,6 +263,24 @@ func TestDetermineBucketOperation(t *testing.T) { method: http.MethodDelete, expected: DeleteBucketOperation, }, + { + name: "GetPublicAccessBlockOperation", + method: http.MethodGet, + queryParam: map[string]string{PublicAccessBlockQuery: defaultValue}, + expected: GetPublicAccessBlockOperation, + }, + { + name: "PutPublicAccessBlockOperation", + method: http.MethodPut, + queryParam: map[string]string{PublicAccessBlockQuery: defaultValue}, + expected: PutPublicAccessBlockOperation, + }, + { + name: "DeletePublicAccessBlockOperation", + method: http.MethodDelete, + queryParam: map[string]string{PublicAccessBlockQuery: defaultValue}, + expected: DeletePublicAccessBlockOperation, + }, { name: "UnmatchedBucketOperation", method: "invalid-method", diff --git a/api/router.go b/api/router.go index 11c16fe..cbfc2c2 100644 --- a/api/router.go +++ b/api/router.go @@ -88,6 +88,9 @@ type ( ListPartsHandler(w http.ResponseWriter, r *http.Request) ListMultipartUploadsHandler(http.ResponseWriter, *http.Request) PatchObjectHandler(http.ResponseWriter, *http.Request) + DeletePublicAccessBlockHandler(http.ResponseWriter, *http.Request) + GetPublicAccessBlockHandler(http.ResponseWriter, *http.Request) + PutPublicAccessBlockHandler(http.ResponseWriter, *http.Request) ResolveBucket(ctx context.Context, bucket string) (*data.BucketInfo, error) ResolveCID(ctx context.Context, bucket string) (cid.ID, error) @@ -313,6 +316,9 @@ func bucketRouter(h Handler) chi.Router { Add(NewFilter(). Queries(s3middleware.VersionsQuery). Handler(named(s3middleware.ListBucketObjectVersionsOperation, h.ListBucketObjectVersionsHandler))). + Add(NewFilter(). + Queries(s3middleware.PublicAccessBlockQuery). + Handler(named(s3middleware.GetPublicAccessBlockOperation, h.GetPublicAccessBlockHandler))). DefaultHandler(listWrapper(h))) }) @@ -346,6 +352,9 @@ func bucketRouter(h Handler) chi.Router { Add(NewFilter(). Queries(s3middleware.NotificationQuery). Handler(named(s3middleware.PutBucketNotificationOperation, h.PutBucketNotificationHandler))). + Add(NewFilter(). + Queries(s3middleware.PublicAccessBlockQuery). + Handler(named(s3middleware.PutPublicAccessBlockOperation, h.PutPublicAccessBlockHandler))). DefaultHandler(named(s3middleware.CreateBucketOperation, h.CreateBucketHandler))) }) @@ -380,6 +389,9 @@ func bucketRouter(h Handler) chi.Router { Add(NewFilter(). Queries(s3middleware.EncryptionQuery). Handler(named(s3middleware.DeleteBucketEncryptionOperation, h.DeleteBucketEncryptionHandler))). + Add(NewFilter(). + Queries(s3middleware.PublicAccessBlockQuery). + Handler(named(s3middleware.DeletePublicAccessBlockOperation, h.DeletePublicAccessBlockHandler))). DefaultHandler(named(s3middleware.DeleteBucketOperation, h.DeleteBucketHandler))) }) diff --git a/api/router_mock_test.go b/api/router_mock_test.go index f2fd68e..9f10cc9 100644 --- a/api/router_mock_test.go +++ b/api/router_mock_test.go @@ -569,6 +569,18 @@ func (h *handlerMock) PatchObjectHandler(http.ResponseWriter, *http.Request) { panic("implement me") } +func (h *handlerMock) DeletePublicAccessBlockHandler(http.ResponseWriter, *http.Request) { + panic("implement me") +} + +func (h *handlerMock) GetPublicAccessBlockHandler(http.ResponseWriter, *http.Request) { + panic("implement me") +} + +func (h *handlerMock) PutPublicAccessBlockHandler(http.ResponseWriter, *http.Request) { + panic("implement me") +} + func (h *handlerMock) ResolveBucket(ctx context.Context, name string) (*data.BucketInfo, error) { reqInfo := middleware.GetReqInfo(ctx) bktInfo, ok := h.buckets[reqInfo.Namespace+name]