[TrueCloudLab#25] Process allow and deny lists of zones in bucket head requests

Signed-off-by: Alex Vanin <a.vanin@yadro.com>
2023-02-10 15:19:29 +03:00 · 2023-02-10 15:19:29 +03:00 · aadefd98b6
commit aadefd98b6
parent 8ac630ee71
6 changed files with 61 additions and 1 deletions
--- a/api/handler/head.go
+++ b/api/handler/head.go
@ -123,8 +123,13 @@ func (h *handler) HeadBucketHandler(w http.ResponseWriter, r *http.Request) {
 	}

 	w.Header().Set(api.ContainerID, bktInfo.CID.EncodeToString())
-	w.Header().Set(api.ContainerName, bktInfo.Name)
 	w.Header().Set(api.AmzBucketRegion, bktInfo.LocationConstraint)
+
+	if isAvailableToResolve(bktInfo.Zone, h.cfg.ResolveZoneList, h.cfg.IsResolveListAllow) {
+		w.Header().Set(api.ContainerName, bktInfo.Name)
+		w.Header().Set(api.ContainerZone, bktInfo.Zone)
+	}
+
 	api.WriteResponse(w, http.StatusOK, nil, api.MimeNone)
 }

@ -158,3 +163,25 @@ func writeLockHeaders(h http.Header, legalHold *data.LegalHold, retention *data.
 		h.Set(api.AmzObjectLockMode, retention.Mode)
 	}
 }
+
+func isAvailableToResolve(zone string, list []string, isAllowList bool) bool {
+	// empty zone means container doesn't have proper system name,
+	// so we don't have to resolve it
+	if len(zone) == 0 {
+		return false
+	}
+
+	var zoneInList bool
+	for _, t := range list {
+		if t == zone {
+			zoneInList = true
+			break
+		}
+	}
+	// InList | IsAllowList | Result
+	//    0         0          1
+	//    0         1          0
+	//    1         0          0
+	//    1         1          1
+	return zoneInList == isAllowList
+}