MCPcopy
hub / github.com/scality/cloudserver / updateEncryption

Function updateEncryption

lib/api/apiUtils/bucket/updateEncryption.js:108–137  ·  view source on GitHub ↗

* Update encryption of bucket and object if kms provider changed * * @param {Error} err - error coming from metadata validate before the action handling * @param {BucketInfo} bucket - bucket * @param {Object} [objMD] - object metadata * @param {string} objectKey - objectKey from request. * @p

(err, bucket, objMD, objectKey, log, opts, cb)

Source from the content-addressed store, hash-verified

106 * @returns {undefined}
107 */
108function updateEncryption(err, bucket, objMD, objectKey, log, opts, cb) {
109 // Error passed here to call the function inbetween the metadataValidate and its callback
110 if (err) {
111 return cb(err);
112 }
113 // if objMD missing, still try updateBucketEncryption
114 if (!config.sseMigration) {
115 return cb(null, bucket, objMD);
116 }
117
118 const { previousKeyType, previousKeyProtocol, previousKeyProvider } = config.sseMigration;
119 // previousKeyType is required and validated in Config.js
120 // for now it is the only implementation we need.
121 // See TAD Seamless decryption with internal and external KMS: https://scality.atlassian.net/wiki/x/EgADu
122 // for other method of migration without a previousKeyType
123
124 const keyArnPrefix = makeScalityArnPrefix(previousKeyType, previousKeyProtocol, previousKeyProvider);
125
126 return updateBucketEncryption(bucket, log, (err, bucket) => {
127 // Any error in updating encryption at bucket or object level is returned to client.
128 // Other possibilities: ignore error, include sse migration notice in error message.
129 if (err) {
130 return cb(err, bucket, objMD);
131 }
132 if (opts.skipObject) {
133 return cb(err, bucket, objMD);
134 }
135 return updateObjectEncryption(bucket, objMD, objectKey, log, keyArnPrefix, opts, cb);
136 });
137}
138
139module.exports = {
140 updateEncryption,

Callers 5

objectPutFunction · 0.85
initiateMultipartUploadFunction · 0.85
objectHeadFunction · 0.85
objectGetFunction · 0.85
objectCopyFunction · 0.85

Calls 2

updateBucketEncryptionFunction · 0.85
updateObjectEncryptionFunction · 0.85

Tested by

no test coverage detected