MCPcopy
hub / github.com/scality/cloudserver / bucketDeleteEncryption

Function bucketDeleteEncryption

lib/api/bucketDeleteEncryption.js:18–75  ·  view source on GitHub ↗

* Bucket Delete Encryption - Delete bucket SSE configuration * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info * @param {object} request - http request object * @param {object} log - Werelogs logger * @param {function} callback - callback to server * @return {undef

(authInfo, request, log, callback)

Source from the content-addressed store, hash-verified

16 */
17
18function bucketDeleteEncryption(authInfo, request, log, callback) {
19 const bucketName = request.bucketName;
20
21 const metadataValParams = {
22 authInfo,
23 bucketName,
24 requestType: request.apiMethods || 'bucketDeleteEncryption',
25 request,
26 };
27
28 return async.waterfall([
29 next => standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, next),
30 (bucket, next) => checkExpectedBucketOwner(request.headers, bucket, log, err => next(err, bucket)),
31 (bucket, next) => {
32 const sseConfig = bucket.getServerSideEncryption();
33
34 if (sseConfig === null) {
35 return next(null, bucket);
36 }
37
38 const { isAccountEncryptionEnabled, masterKeyId, algorithm, cryptoScheme } = sseConfig;
39
40 let updatedSseConfig = null;
41
42 if (!isAccountEncryptionEnabled && masterKeyId) {
43 // Keep the encryption configuration as a "cache" to avoid generating a new master key:
44 // - if the default encryption master key is defined at the bucket level (!isAccountEncryptionEnabled),
45 // - and if a bucket-level default encryption key is already set.
46 // This "cache" is implemented by storing the configuration in the bucket metadata
47 // with mandatory set to false, making sure it remains hidden for `getBucketEncryption` operations.
48 // There is no need to cache the configuration if the default encryption master key is
49 // managed at the account level, as the master key id in that case is stored directly in
50 // the account metadata.
51 updatedSseConfig = {
52 mandatory: false,
53 algorithm,
54 cryptoScheme,
55 masterKeyId,
56 };
57 }
58
59 bucket.setServerSideEncryption(updatedSseConfig);
60 return metadata.updateBucket(bucketName, bucket, log, err => next(err, bucket));
61 },
62 ],
63 (err, bucket) => {
64 const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket);
65 if (err) {
66 log.trace('error processing request', { error: err, method: 'bucketDeleteEncryption' });
67 return callback(err, corsHeaders);
68 }
69 pushMetric('deleteBucketEncryption', log, {
70 authInfo,
71 bucket: bucketName,
72 });
73 return callback(null, corsHeaders);
74 });
75}

Callers 1

Calls 5

checkExpectedBucketOwnerFunction · 0.85
collectCorsHeadersFunction · 0.85
pushMetricFunction · 0.85
traceMethod · 0.80

Tested by

no test coverage detected