From a8bff1380198e64d06818ff81055b399cdef7cbf Mon Sep 17 00:00:00 2001 From: Angira Kekteeva Date: Fri, 3 Jun 2022 17:37:38 +0400 Subject: [PATCH] [#495] Add acl to copy-object Signed-off-by: Angira Kekteeva --- api/handler/copy.go | 40 +++++++++++++++++++++++++++++++++++----- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/api/handler/copy.go b/api/handler/copy.go index 652abf271..0ed4d6a37 100644 --- a/api/handler/copy.go +++ b/api/handler/copy.go @@ -10,6 +10,7 @@ import ( "github.com/nspcc-dev/neofs-s3-gw/api/data" "github.com/nspcc-dev/neofs-s3-gw/api/errors" "github.com/nspcc-dev/neofs-s3-gw/api/layer" + "github.com/nspcc-dev/neofs-sdk-go/session" "go.uber.org/zap" ) @@ -32,12 +33,15 @@ func path2BucketObject(path string) (bucket, prefix string) { func (h *handler) CopyObjectHandler(w http.ResponseWriter, r *http.Request) { var ( - err error - info *data.ObjectInfo - metadata map[string]string + versionID string + err error + info *data.ObjectInfo + metadata map[string]string + sessionTokenEACL *session.Container - reqInfo = api.GetReqInfo(r.Context()) - versionID string + reqInfo = api.GetReqInfo(r.Context()) + + containsACL = containsACLHeaders(r) ) src := r.Header.Get("X-Amz-Copy-Source") @@ -81,6 +85,13 @@ func (h *handler) CopyObjectHandler(w http.ResponseWriter, r *http.Request) { return } + if containsACL { + if sessionTokenEACL, err = getSessionTokenSetEACL(r.Context()); err != nil { + h.logAndSendError(w, "could not get eacl session token from a box", reqInfo, err) + return + } + } + if info, err = h.obj.GetObjectInfo(r.Context(), p); err != nil { h.logAndSendError(w, "could not find object", reqInfo, err) return @@ -130,6 +141,25 @@ func (h *handler) CopyObjectHandler(w http.ResponseWriter, r *http.Request) { return } + if containsACL { + newEaclTable, err := h.getNewEAclTable(r, dstBktInfo, info) + if err != nil { + h.logAndSendError(w, "could not get new eacl table", reqInfo, err) + return + } + newEaclTable.SetSessionToken(sessionTokenEACL) + + p := &layer.PutBucketACLParams{ + BktInfo: dstBktInfo, + EACL: newEaclTable, + } + + if err = h.obj.PutBucketACL(r.Context(), p); err != nil { + h.logAndSendError(w, "could not put bucket acl", reqInfo, err) + return + } + } + h.log.Info("object is copied", zap.String("bucket", info.Bucket), zap.String("object", info.Name),