From 9dcacc230eeb01265d186f39a12accab81fa3db6 Mon Sep 17 00:00:00 2001 From: Denis Kirillov Date: Wed, 8 Feb 2023 12:56:42 +0300 Subject: [PATCH] [TrueCloudLab#23] Return error on unknown LocationConstraint Signed-off-by: Denis Kirillov --- CHANGELOG.md | 1 + api/errors/errors.go | 7 +++++++ api/handler/put.go | 25 +++++++++++++++---------- 3 files changed, 23 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index db45a248..6ce60c98 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ This document outlines major changes between releases. - Update viper to v1.15.0 (#14) - Using multiple servers require only one healthy (TrueCloudLab#12) - Update go version to go1.18 (TrueCloudLab#16) +- Return error on invalid LocationConstraint (TrueCloudLab#23) ## [0.26.0] - 2022-12-28 diff --git a/api/errors/errors.go b/api/errors/errors.go index 0ab7bae8..78f0026c 100644 --- a/api/errors/errors.go +++ b/api/errors/errors.go @@ -90,6 +90,7 @@ const ( ErrMissingFields ErrMissingCredTag ErrCredMalformed + ErrInvalidLocationConstraint ErrInvalidRegion ErrInvalidServiceS3 ErrInvalidServiceSTS @@ -680,6 +681,12 @@ var errorCodes = errorCodeMap{ Description: "Error parsing the X-Amz-Credential parameter; the region is wrong;", HTTPStatusCode: http.StatusBadRequest, }, + ErrInvalidLocationConstraint: { + ErrCode: ErrInvalidLocationConstraint, + Code: "InvalidLocationConstraint", + Description: "The specified location (Region) constraint is not valid.", + HTTPStatusCode: http.StatusBadRequest, + }, ErrInvalidRegion: { ErrCode: ErrInvalidRegion, Code: "InvalidRegion", diff --git a/api/handler/put.go b/api/handler/put.go index 1b828007..c7ae3d99 100644 --- a/api/handler/put.go +++ b/api/handler/put.go @@ -720,7 +720,10 @@ func (h *handler) CreateBucketHandler(w http.ResponseWriter, r *http.Request) { return } - h.setPolicy(p, createParams.LocationConstraint, policies) + if err = h.setPolicy(p, createParams.LocationConstraint, policies); err != nil { + h.logAndSendError(w, "couldn't set placement policy", reqInfo, err) + return + } p.ObjectLockEnabled = isLockEnabled(r.Header) @@ -748,25 +751,27 @@ func (h *handler) CreateBucketHandler(w http.ResponseWriter, r *http.Request) { api.WriteSuccessResponseHeadersOnly(w) } -func (h handler) setPolicy(prm *layer.CreateBucketParams, locationConstraint string, userPolicies []*accessbox.ContainerPolicy) { +func (h handler) setPolicy(prm *layer.CreateBucketParams, locationConstraint string, userPolicies []*accessbox.ContainerPolicy) error { prm.Policy = h.cfg.Policy.Default() + prm.LocationConstraint = locationConstraint if locationConstraint == "" { - return - } - - if policy, ok := h.cfg.Policy.Get(locationConstraint); ok { - prm.Policy = policy - prm.LocationConstraint = locationConstraint + return nil } for _, placementPolicy := range userPolicies { if placementPolicy.LocationConstraint == locationConstraint { prm.Policy = placementPolicy.Policy - prm.LocationConstraint = locationConstraint - return + return nil } } + + if policy, ok := h.cfg.Policy.Get(locationConstraint); ok { + prm.Policy = policy + return nil + } + + return errors.GetAPIError(errors.ErrInvalidLocationConstraint) } func isLockEnabled(header http.Header) bool {