Compare commits

...

3 Commits

Author SHA1 Message Date
williamlardier 04586edfe6
temp 2021-12-28 15:40:06 +01:00
Xin LI 3f46aebcbc bugfix: CLDSRV-86-bump version 2021-12-27 22:17:25 +01:00
Xin LI 17bee715cf bugfix: CLDSRV-86-revert permissionChecks.js 2021-12-27 22:13:08 +01:00
2 changed files with 28 additions and 2 deletions

View File

@ -20,8 +20,8 @@ const { metadataGetObject } = require('../metadata/metadataUtils');
const monitoring = require('../utilities/monitoringHandler');
const { config } = require('../Config');
const { isObjectLocked } = require('./apiUtils/object/objectLockHelpers');
const { isRequesterNonAccountUser } = require('./apiUtils/authorization/permissionChecks');
const requestUtils = policies.requestUtils;
const { isRequesterNonAccountUser } = require('./apiUtils/authorization/permissionChecks');
const versionIdUtils = versioning.VersionID;
@ -345,6 +345,11 @@ function multiObjectDelete(authInfo, request, log, callback) {
function parseXML(next) {
return _parseXml(request.post,
(err, quietSetting, objects) => {
log.error('ErrorDebug', {
err,
quietSetting,
objects,
});
if (err || objects.length < 1 || objects.length > 1000) {
return next(errors.MalformedXML);
}
@ -355,10 +360,15 @@ function multiObjectDelete(authInfo, request, log, callback) {
// track keys that are still on track to be deleted
const inPlay = [];
const errorResults = [];
log.error('ErrorDebug 2', {
quietSetting,
objects,
});
// if request from account, no need to check policies
// all objects are inPlay so send array of object keys
// as inPlay argument
if (!isRequesterNonAccountUser(authInfo)) {
log.error('ErrorDebug3');
return next(null, quietSetting, errorResults, objects);
}
@ -393,8 +403,17 @@ function multiObjectDelete(authInfo, request, log, callback) {
}),
},
};
log.error('ErrorDebug 4', {
requestContextParams,
});
return vault.checkPolicies(requestContextParams, authInfo.getArn(),
log, (err, authorizationResults) => {
log.error('ErrorDebug 5', {
err,
authorizationResults,
});
// there were no policies so received a blanket AccessDenied
if (err && err.AccessDenied) {
objects.forEach(entry => {
@ -445,6 +464,11 @@ function multiObjectDelete(authInfo, request, log, callback) {
});
}
}
log.error('ErrorDebug 6', {
quietSetting,
errorResults,
inPlay,
});
return next(null, quietSetting, errorResults, inPlay);
});
},
@ -497,6 +521,8 @@ function multiObjectDelete(authInfo, request, log, callback) {
},
], (err, quietSetting, errorResults, numOfObjectsRemoved,
successfullyDeleted, totalContentLengthDeleted, bucket) => {
log.error('ErrorDebug 7', {err, quietSetting, errorResults, numOfObjectsRemoved,
successfullyDeleted, totalContentLengthDeleted, bucket });
const corsHeaders = collectCorsHeaders(request.headers.origin,
request.method, bucket);
if (err) {

View File

@ -1,6 +1,6 @@
{
"name": "@zenko/cloudserver",
"version": "8.3.5",
"version": "8.3.6",
"description": "Zenko CloudServer, an open-source Node.js implementation of a server handling the Amazon S3 protocol",
"main": "index.js",
"engines": {