Compare commits

...

3 Commits

Author SHA1 Message Date
williamlardier 04586edfe6
temp 2021-12-28 15:40:06 +01:00
Xin LI 3f46aebcbc bugfix: CLDSRV-86-bump version 2021-12-27 22:17:25 +01:00
Xin LI 17bee715cf bugfix: CLDSRV-86-revert permissionChecks.js 2021-12-27 22:13:08 +01:00
2 changed files with 28 additions and 2 deletions

View File

@ -20,8 +20,8 @@ const { metadataGetObject } = require('../metadata/metadataUtils');
const monitoring = require('../utilities/monitoringHandler'); const monitoring = require('../utilities/monitoringHandler');
const { config } = require('../Config'); const { config } = require('../Config');
const { isObjectLocked } = require('./apiUtils/object/objectLockHelpers'); const { isObjectLocked } = require('./apiUtils/object/objectLockHelpers');
const { isRequesterNonAccountUser } = require('./apiUtils/authorization/permissionChecks');
const requestUtils = policies.requestUtils; const requestUtils = policies.requestUtils;
const { isRequesterNonAccountUser } = require('./apiUtils/authorization/permissionChecks');
const versionIdUtils = versioning.VersionID; const versionIdUtils = versioning.VersionID;
@ -345,6 +345,11 @@ function multiObjectDelete(authInfo, request, log, callback) {
function parseXML(next) { function parseXML(next) {
return _parseXml(request.post, return _parseXml(request.post,
(err, quietSetting, objects) => { (err, quietSetting, objects) => {
log.error('ErrorDebug', {
err,
quietSetting,
objects,
});
if (err || objects.length < 1 || objects.length > 1000) { if (err || objects.length < 1 || objects.length > 1000) {
return next(errors.MalformedXML); return next(errors.MalformedXML);
} }
@ -355,10 +360,15 @@ function multiObjectDelete(authInfo, request, log, callback) {
// track keys that are still on track to be deleted // track keys that are still on track to be deleted
const inPlay = []; const inPlay = [];
const errorResults = []; const errorResults = [];
log.error('ErrorDebug 2', {
quietSetting,
objects,
});
// if request from account, no need to check policies // if request from account, no need to check policies
// all objects are inPlay so send array of object keys // all objects are inPlay so send array of object keys
// as inPlay argument // as inPlay argument
if (!isRequesterNonAccountUser(authInfo)) { if (!isRequesterNonAccountUser(authInfo)) {
log.error('ErrorDebug3');
return next(null, quietSetting, errorResults, objects); return next(null, quietSetting, errorResults, objects);
} }
@ -393,8 +403,17 @@ function multiObjectDelete(authInfo, request, log, callback) {
}), }),
}, },
}; };
log.error('ErrorDebug 4', {
requestContextParams,
});
return vault.checkPolicies(requestContextParams, authInfo.getArn(), return vault.checkPolicies(requestContextParams, authInfo.getArn(),
log, (err, authorizationResults) => { log, (err, authorizationResults) => {
log.error('ErrorDebug 5', {
err,
authorizationResults,
});
// there were no policies so received a blanket AccessDenied // there were no policies so received a blanket AccessDenied
if (err && err.AccessDenied) { if (err && err.AccessDenied) {
objects.forEach(entry => { objects.forEach(entry => {
@ -445,6 +464,11 @@ function multiObjectDelete(authInfo, request, log, callback) {
}); });
} }
} }
log.error('ErrorDebug 6', {
quietSetting,
errorResults,
inPlay,
});
return next(null, quietSetting, errorResults, inPlay); return next(null, quietSetting, errorResults, inPlay);
}); });
}, },
@ -497,6 +521,8 @@ function multiObjectDelete(authInfo, request, log, callback) {
}, },
], (err, quietSetting, errorResults, numOfObjectsRemoved, ], (err, quietSetting, errorResults, numOfObjectsRemoved,
successfullyDeleted, totalContentLengthDeleted, bucket) => { successfullyDeleted, totalContentLengthDeleted, bucket) => {
log.error('ErrorDebug 7', {err, quietSetting, errorResults, numOfObjectsRemoved,
successfullyDeleted, totalContentLengthDeleted, bucket });
const corsHeaders = collectCorsHeaders(request.headers.origin, const corsHeaders = collectCorsHeaders(request.headers.origin,
request.method, bucket); request.method, bucket);
if (err) { if (err) {

View File

@ -1,6 +1,6 @@
{ {
"name": "@zenko/cloudserver", "name": "@zenko/cloudserver",
"version": "8.3.5", "version": "8.3.6",
"description": "Zenko CloudServer, an open-source Node.js implementation of a server handling the Amazon S3 protocol", "description": "Zenko CloudServer, an open-source Node.js implementation of a server handling the Amazon S3 protocol",
"main": "index.js", "main": "index.js",
"engines": { "engines": {