Compare commits
1 Commits
developmen
...
improvemen
Author | SHA1 | Date |
---|---|---|
Cristian Tovar | cc21581faa |
|
@ -99,7 +99,12 @@ describe('DELETE object', () => {
|
|||
const bucketName = 'testdeleteobjectlockbucket';
|
||||
let versionIdOne;
|
||||
let versionIdTwo;
|
||||
const retainDate = moment().add(10, 'days').toISOString();
|
||||
[
|
||||
{ bucketMode: 'GOVERNANCE', ratainDate: moment().add(5, 'days').toISOString(), putObjectLock: false },
|
||||
{ bucketMode: 'COMPLIANCE', ratainDate: moment().add(5, 'days').toISOString(), putObjectLock: false },
|
||||
{ bucketMode: 'GOVERNANCE', ratainDate: moment().add(90, 'days').toISOString(), putObjectLock: true },
|
||||
{ bucketMode: 'COMPLIANCE', ratainDate: moment().add(90, 'days').toISOString(), putObjectLock: true },
|
||||
].forEach((response) => {
|
||||
before(() => {
|
||||
process.stdout.write('creating bucket\n');
|
||||
return s3.createBucket({
|
||||
|
@ -110,6 +115,26 @@ describe('DELETE object', () => {
|
|||
process.stdout.write(`Error creating bucket ${err}\n`);
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
process.stdout.write('putting object lock configuration\n');
|
||||
return response.putObjectLock ?
|
||||
s3.putObjectLockConfiguration({
|
||||
Bucket: bucketName,
|
||||
ObjectLockConfiguration: {
|
||||
ObjectLockEnabled: 'Enabled',
|
||||
Rule: {
|
||||
DefaultRetention: {
|
||||
Mode: response.bucketMode,
|
||||
Days: parseInt(response.ratainDate, 0),
|
||||
},
|
||||
},
|
||||
},
|
||||
}).promise() : true;
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Error putting object lock configuration\n');
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
process.stdout.write('putting object\n');
|
||||
return s3.putObject({
|
||||
|
@ -124,14 +149,16 @@ describe('DELETE object', () => {
|
|||
.then(res => {
|
||||
versionIdOne = res.VersionId;
|
||||
process.stdout.write('putting object retention\n');
|
||||
return s3.putObjectRetention({
|
||||
return !response.putObjectLock ?
|
||||
s3.putObjectRetention({
|
||||
Bucket: bucketName,
|
||||
Key: objectName,
|
||||
Retention: {
|
||||
Mode: 'GOVERNANCE',
|
||||
RetainUntilDate: retainDate,
|
||||
Mode: response.bucketMode,
|
||||
RetainUntilDate: response.ratainDate,
|
||||
},
|
||||
}).promise();
|
||||
}).promise()
|
||||
: true;
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Err putting object retention\n');
|
||||
|
@ -200,7 +227,7 @@ describe('DELETE object', () => {
|
|||
});
|
||||
});
|
||||
|
||||
it('should delete locked object version with GOVERNANCE ' +
|
||||
it(`should delete locked object version with ${response.bucketMode} ` +
|
||||
'retention mode and correct header', done => {
|
||||
s3.deleteObject({
|
||||
Bucket: bucketName,
|
||||
|
@ -228,88 +255,13 @@ describe('DELETE object', () => {
|
|||
}], '', done);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('with object lock and legal hold', () => {
|
||||
const bucketName = 'testdeletelocklegalholdbucket';
|
||||
const objectName = 'key';
|
||||
let versionId;
|
||||
before(() => {
|
||||
process.stdout.write('creating bucket\n');
|
||||
return s3.createBucket({
|
||||
Bucket: bucketName,
|
||||
ObjectLockEnabledForBucket: true,
|
||||
}).promise()
|
||||
.catch(err => {
|
||||
process.stdout.write(`Error creating bucket ${err}\n`);
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
process.stdout.write('putting object lock configuration\n');
|
||||
return s3.putObjectLockConfiguration({
|
||||
Bucket: bucketName,
|
||||
ObjectLockConfiguration: {
|
||||
ObjectLockEnabled: 'Enabled',
|
||||
Rule: {
|
||||
DefaultRetention: {
|
||||
Mode: 'GOVERNANCE',
|
||||
Days: 1,
|
||||
},
|
||||
},
|
||||
},
|
||||
}).promise();
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Error putting object lock configuration\n');
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
process.stdout.write('putting object\n');
|
||||
return s3.putObject({
|
||||
Bucket: bucketName,
|
||||
Key: objectName,
|
||||
}).promise();
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Error putting object');
|
||||
throw err;
|
||||
})
|
||||
.then(res => {
|
||||
versionId = res.VersionId;
|
||||
process.stdout.write('putting object legal hold\n');
|
||||
return s3.putObjectLegalHold({
|
||||
Bucket: bucketName,
|
||||
Key: objectName,
|
||||
LegalHold: {
|
||||
Status: 'ON',
|
||||
},
|
||||
}).promise();
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Err putting object legal hold\n');
|
||||
throw err;
|
||||
});
|
||||
});
|
||||
|
||||
after(() => {
|
||||
process.stdout.write('Emptying bucket\n');
|
||||
return bucketUtil.empty(bucketName)
|
||||
.then(() => {
|
||||
process.stdout.write('Deleting bucket\n');
|
||||
return bucketUtil.deleteOne(bucketName);
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write('Error in after\n');
|
||||
throw err;
|
||||
});
|
||||
});
|
||||
|
||||
it('should not delete locked object version with GOVERNANCE ' +
|
||||
it(`should not delete locked object version with ${response.bucketMode} ` +
|
||||
'retention mode and bypass header when object is legal-hold enabled', done =>
|
||||
s3.deleteObject({
|
||||
Bucket: bucketName,
|
||||
Key: objectName,
|
||||
VersionId: versionId,
|
||||
VersionId: versionIdOne,
|
||||
BypassGovernanceRetention: true,
|
||||
}, err => {
|
||||
assert.strictEqual(err.code, 'AccessDenied');
|
||||
|
@ -317,10 +269,21 @@ describe('DELETE object', () => {
|
|||
[{
|
||||
bucket: bucketName,
|
||||
key: objectName,
|
||||
versionId,
|
||||
versionIdOne,
|
||||
}], '', done);
|
||||
}
|
||||
));
|
||||
|
||||
it(`should delete object in ${response.bucketMode} mode`, () => {
|
||||
s3.deleteObject({
|
||||
Bucket: bucketName,
|
||||
Key: objectName,
|
||||
VersionId: versionIdOne,
|
||||
}, err => {
|
||||
assert.ifError(err);
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
@ -210,24 +210,49 @@ describe('Multi-Object Delete Error Responses', () => {
|
|||
});
|
||||
});
|
||||
|
||||
describe('Multi-Object Delete Access', function access() {
|
||||
describe('Delete Multi Object', function access() {
|
||||
this.timeout(360000);
|
||||
let bucketUtil;
|
||||
let s3;
|
||||
|
||||
const versionIds = [];
|
||||
const parameters = [
|
||||
{ bucketMode: 'GOVERNANCE', ObjectLock: true, ratainDate: moment().add(5, 'days').toISOString() },
|
||||
{ bucketMode: 'COMPLIANCE', ObjectLock: true, ratainDate: moment().add(5, 'days').toISOString() },
|
||||
{ bucketMode: 'GOVERNANCE', ObjectLock: false, ratainDate: moment().add(5, 'days').toISOString() },
|
||||
{ bucketMode: 'COMPLIANCE', ObjectLock: false, ratainDate: moment().add(5, 'days').toISOString() },
|
||||
];
|
||||
parameters.forEach(response => {
|
||||
before(() => {
|
||||
const createObjects = [];
|
||||
bucketUtil = new BucketUtility('default', {
|
||||
signatureVersion: 'v4',
|
||||
});
|
||||
s3 = bucketUtil.s3;
|
||||
return s3.createBucket({ Bucket: bucketName }).promise()
|
||||
return s3.createBucket({
|
||||
Bucket: bucketName,
|
||||
ObjectLockEnabledForBucket: response.ObjectLock,
|
||||
}).promise()
|
||||
.then(() => {
|
||||
process.stdout.write('putting object lock configuration\n');
|
||||
return response.ObjectLock ? s3.putObjectLockConfiguration({
|
||||
Bucket: bucketName,
|
||||
ObjectLockConfiguration: {
|
||||
ObjectLockEnabled: 'Enabled',
|
||||
Rule: {
|
||||
DefaultRetention: {
|
||||
Days: parseInt(response.ratainDate, 0),
|
||||
Mode: response.bucketMode,
|
||||
},
|
||||
},
|
||||
},
|
||||
}).promise() : true;
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write(`Error creating bucket: ${err}\n`);
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
for (let i = 1; i < 501; i++) {
|
||||
for (let i = 1; i < 6; i++) {
|
||||
createObjects.push(s3.putObject({
|
||||
Bucket: bucketName,
|
||||
Key: `${key}${i}`,
|
||||
|
@ -235,6 +260,11 @@ describe('Multi-Object Delete Access', function access() {
|
|||
}).promise());
|
||||
}
|
||||
return Promise.all(createObjects)
|
||||
.then(res => {
|
||||
res.forEach(r => {
|
||||
versionIds.push(r.VersionId);
|
||||
});
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write(`Error creating objects: ${err}\n`);
|
||||
throw err;
|
||||
|
@ -244,6 +274,108 @@ describe('Multi-Object Delete Access', function access() {
|
|||
|
||||
after(() => s3.deleteBucket({ Bucket: bucketName }).promise());
|
||||
|
||||
it(`delete objects in ${response.bucketMode}`, () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
return s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
}).promise().then(res => {
|
||||
assert.strictEqual(res.Errors.length, 5);
|
||||
res.Errors.forEach(err => assert.strictEqual(err.Code, 'AccessDenied'));
|
||||
});
|
||||
});
|
||||
|
||||
it('should not delete locked objects', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
return s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
}).promise().then(res => {
|
||||
assert.strictEqual(res.Errors.length, 5);
|
||||
res.Errors.forEach(err => assert.strictEqual(err.Code, 'AccessDenied'));
|
||||
});
|
||||
});
|
||||
|
||||
it(`should not delete locked objects with ${response.bucketMode} ` +
|
||||
'retention mode and bypass header when object is legal hold enabled', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
const putObjectLegalHolds = [];
|
||||
for (let i = 1; i < 6; i++) {
|
||||
putObjectLegalHolds.push(s3.putObjectLegalHold({
|
||||
Bucket: bucketName,
|
||||
Key: `${key}${i}`,
|
||||
LegalHold: {
|
||||
Status: 'ON',
|
||||
},
|
||||
}).promise());
|
||||
}
|
||||
return Promise.all(putObjectLegalHolds)
|
||||
.then(() => s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
BypassGovernanceRetention: true,
|
||||
}).promise()).then(res => {
|
||||
assert.strictEqual(res.Errors.length, 5);
|
||||
res.Errors.forEach(err => assert.strictEqual(err.Code, 'AccessDenied'));
|
||||
});
|
||||
});
|
||||
|
||||
it('should delete locked objects after retention period has expired', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
const objectsCopy = JSON.parse(JSON.stringify(objects));
|
||||
for (let i = 0; i < objectsCopy.length; i++) {
|
||||
objectsCopy[i].key = objectsCopy[i].Key;
|
||||
objectsCopy[i].versionId = objectsCopy[i].VersionId;
|
||||
objectsCopy[i].bucket = bucketName;
|
||||
delete objectsCopy[i].Key;
|
||||
delete objectsCopy[i].VersionId;
|
||||
}
|
||||
const newRetention = {
|
||||
mode: response.bucketMode,
|
||||
date: moment().subtract(10, 'days').toISOString(),
|
||||
};
|
||||
return changeLockPromise(objectsCopy, newRetention)
|
||||
.then(() => s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
}).promise()).then(res => {
|
||||
assert.strictEqual(res.Deleted.length, 5);
|
||||
assert.strictEqual(res.Errors.length, 0);
|
||||
}).catch(err => {
|
||||
checkNoError(err);
|
||||
});
|
||||
});
|
||||
|
||||
it(`should delete locked objects with ${response.bucketMode} ` +
|
||||
'retention mode and bypass header', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
return s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
BypassGovernanceRetention: true,
|
||||
}).promise().then(res => {
|
||||
assert.strictEqual(res.Deleted.length, 5);
|
||||
assert.strictEqual(res.Errors.length, 0);
|
||||
}).catch(err => {
|
||||
checkNoError(err);
|
||||
});
|
||||
});
|
||||
|
||||
it('should return access denied error for each object where no acl ' +
|
||||
'permission', () => {
|
||||
const objects = createObjectsList(500);
|
||||
|
@ -285,146 +417,5 @@ describe('Multi-Object Delete Access', function access() {
|
|||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('Multi-Object Delete with Object Lock', () => {
|
||||
let bucketUtil;
|
||||
let s3;
|
||||
const versionIds = [];
|
||||
|
||||
before(() => {
|
||||
const createObjects = [];
|
||||
bucketUtil = new BucketUtility('default', {
|
||||
signatureVersion: 'v4',
|
||||
});
|
||||
s3 = bucketUtil.s3;
|
||||
return s3.createBucket({
|
||||
Bucket: bucketName,
|
||||
ObjectLockEnabledForBucket: true,
|
||||
}).promise()
|
||||
.then(() => s3.putObjectLockConfiguration({
|
||||
Bucket: bucketName,
|
||||
ObjectLockConfiguration: {
|
||||
ObjectLockEnabled: 'Enabled',
|
||||
Rule: {
|
||||
DefaultRetention: {
|
||||
Days: 1,
|
||||
Mode: 'GOVERNANCE',
|
||||
},
|
||||
},
|
||||
},
|
||||
}).promise())
|
||||
.catch(err => {
|
||||
process.stdout.write(`Error creating bucket: ${err}\n`);
|
||||
throw err;
|
||||
})
|
||||
.then(() => {
|
||||
for (let i = 1; i < 6; i++) {
|
||||
createObjects.push(s3.putObject({
|
||||
Bucket: bucketName,
|
||||
Key: `${key}${i}`,
|
||||
Body: 'somebody',
|
||||
}).promise());
|
||||
}
|
||||
return Promise.all(createObjects)
|
||||
.then(res => {
|
||||
res.forEach(r => {
|
||||
versionIds.push(r.VersionId);
|
||||
});
|
||||
})
|
||||
.catch(err => {
|
||||
process.stdout.write(`Error creating objects: ${err}\n`);
|
||||
throw err;
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
after(() => s3.deleteBucket({ Bucket: bucketName }).promise());
|
||||
|
||||
it('should not delete locked objects', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
return s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
}).promise().then(res => {
|
||||
assert.strictEqual(res.Errors.length, 5);
|
||||
res.Errors.forEach(err => assert.strictEqual(err.Code, 'AccessDenied'));
|
||||
});
|
||||
});
|
||||
|
||||
it('should not delete locked objects with GOVERNANCE ' +
|
||||
'retention mode and bypass header when object is legal hold enabled', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
const putObjectLegalHolds = [];
|
||||
for (let i = 1; i < 6; i++) {
|
||||
putObjectLegalHolds.push(s3.putObjectLegalHold({
|
||||
Bucket: bucketName,
|
||||
Key: `${key}${i}`,
|
||||
LegalHold: {
|
||||
Status: 'ON',
|
||||
},
|
||||
}).promise());
|
||||
}
|
||||
return Promise.all(putObjectLegalHolds)
|
||||
.then(() => s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
BypassGovernanceRetention: true,
|
||||
}).promise()).then(res => {
|
||||
assert.strictEqual(res.Errors.length, 5);
|
||||
res.Errors.forEach(err => assert.strictEqual(err.Code, 'AccessDenied'));
|
||||
});
|
||||
});
|
||||
|
||||
it('should delete locked objects after retention period has expired', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
const objectsCopy = JSON.parse(JSON.stringify(objects));
|
||||
for (let i = 0; i < objectsCopy.length; i++) {
|
||||
objectsCopy[i].key = objectsCopy[i].Key;
|
||||
objectsCopy[i].versionId = objectsCopy[i].VersionId;
|
||||
objectsCopy[i].bucket = bucketName;
|
||||
delete objectsCopy[i].Key;
|
||||
delete objectsCopy[i].VersionId;
|
||||
}
|
||||
const newRetention = {
|
||||
mode: 'GOVERNANCE',
|
||||
date: moment().subtract(10, 'days').toISOString(),
|
||||
};
|
||||
return changeLockPromise(objectsCopy, newRetention)
|
||||
.then(() => s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
}).promise()).then(res => {
|
||||
assert.strictEqual(res.Deleted.length, 5);
|
||||
assert.strictEqual(res.Errors.length, 0);
|
||||
}).catch(err => {
|
||||
checkNoError(err);
|
||||
});
|
||||
});
|
||||
|
||||
it('should delete locked objects with GOVERNANCE ' +
|
||||
'retention mode and bypass header', () => {
|
||||
const objects = createObjectsList(5, versionIds);
|
||||
return s3.deleteObjects({
|
||||
Bucket: bucketName,
|
||||
Delete: {
|
||||
Objects: objects,
|
||||
Quiet: false,
|
||||
},
|
||||
BypassGovernanceRetention: true,
|
||||
}).promise().then(res => {
|
||||
assert.strictEqual(res.Deleted.length, 5);
|
||||
assert.strictEqual(res.Errors.length, 0);
|
||||
}).catch(err => {
|
||||
checkNoError(err);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
Loading…
Reference in New Issue