[#372] Drop [e]ACL related code

Always consider buckets as APE compatible Signed-off-by: Denis Kirillov <d.kirillov@yadro.com>
2024-05-28 15:50:34 +03:00 · 2024-05-28 15:50:34 +03:00 · 465eaa816a
commit 465eaa816a
parent 9241954496
19 changed files with 43 additions and 3342 deletions
--- a/api/handler/multipart_upload.go
+++ b/api/handler/multipart_upload.go
@ -112,14 +112,7 @@ func (h *handler) CreateMultipartUploadHandler(w http.ResponseWriter, r *http.Re
 		return
 	}

-	settings, err := h.obj.GetBucketSettings(r.Context(), bktInfo)
-	if err != nil {
-		h.logAndSendError(w, "couldn't get bucket settings", reqInfo, err)
-		return
-	}
-
-	apeEnabled := bktInfo.APEEnabled || settings.CannedACL != ""
-	if apeEnabled && cannedACLStatus == aclStatusYes {
+	if cannedACLStatus == aclStatusYes {
 		h.logAndSendError(w, "acl not supported for this bucket", reqInfo, errors.GetAPIError(errors.ErrAccessControlListNotSupported))
 		return
 	}
@ -133,20 +126,6 @@ func (h *handler) CreateMultipartUploadHandler(w http.ResponseWriter, r *http.Re
 		Data: &layer.UploadData{},
 	}

-	needUpdateEACLTable := !(apeEnabled || cannedACLStatus == aclStatusNo)
-	if needUpdateEACLTable {
-		key, err := h.bearerTokenIssuerKey(r.Context())
-		if err != nil {
-			h.logAndSendError(w, "couldn't get gate key", reqInfo, err, additional...)
-			return
-		}
-		if _, err = parseACLHeaders(r.Header, key); err != nil {
-			h.logAndSendError(w, "could not parse acl", reqInfo, err, additional...)
-			return
-		}
-		p.Data.ACLHeaders = formACLHeadersForMultipart(r.Header)
-	}
-
 	if len(r.Header.Get(api.AmzTagging)) > 0 {
 		p.Data.TagSet, err = parseTaggingHeader(r.Header)
 		if err != nil {
@ -196,25 +175,6 @@ func (h *handler) CreateMultipartUploadHandler(w http.ResponseWriter, r *http.Re
 	}
 }

-func formACLHeadersForMultipart(header http.Header) map[string]string {
-	result := make(map[string]string)
-
-	if value := header.Get(api.AmzACL); value != "" {
-		result[api.AmzACL] = value
-	}
-	if value := header.Get(api.AmzGrantRead); value != "" {
-		result[api.AmzGrantRead] = value
-	}
-	if value := header.Get(api.AmzGrantFullControl); value != "" {
-		result[api.AmzGrantFullControl] = value
-	}
-	if value := header.Get(api.AmzGrantWrite); value != "" {
-		result[api.AmzGrantWrite] = value
-	}
-
-	return result
-}
-
 func (h *handler) UploadPartHandler(w http.ResponseWriter, r *http.Request) {
 	reqInfo := middleware.GetReqInfo(r.Context())

@ -500,33 +460,6 @@ func (h *handler) completeMultipartUpload(r *http.Request, c *layer.CompleteMult
 		}
 	}

-	if len(uploadData.ACLHeaders) != 0 {
-		sessionTokenSetEACL, err := getSessionTokenSetEACL(ctx)
-		if err != nil {
-			return nil, fmt.Errorf("couldn't get eacl token: %w", err)
-		}
-		key, err := h.bearerTokenIssuerKey(ctx)
-		if err != nil {
-			return nil, fmt.Errorf("couldn't get gate key: %w", err)
-		}
-		acl, err := parseACLHeaders(r.Header, key)
-		if err != nil {
-			return nil, fmt.Errorf("could not parse acl: %w", err)
-		}
-
-		resInfo := &resourceInfo{
-			Bucket: objInfo.Bucket,
-			Object: objInfo.Name,
-		}
-		astObject, err := aclToAst(acl, resInfo)
-		if err != nil {
-			return nil, fmt.Errorf("could not translate acl of completed multipart upload to ast: %w", err)
-		}
-		if _, err = h.updateBucketACL(r, astObject, bktInfo, sessionTokenSetEACL); err != nil {
-			return nil, fmt.Errorf("could not update bucket acl while completing multipart upload: %w", err)
-		}
-	}
-
 	return objInfo, nil
 }