* bucketGetACL - Return ACL's for bucket * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info * @param {object} request - http request object * @param {object} log - Werelogs logger * @param {function} callback - callback to respond to http request * with either erro
(authInfo, request, log, callback)
| 37 | * @return {undefined} |
| 38 | */ |
| 39 | function bucketGetACL(authInfo, request, log, callback) { |
| 40 | log.debug('processing request', { method: 'bucketGetACL' }); |
| 41 | |
| 42 | const bucketName = request.bucketName; |
| 43 | |
| 44 | const metadataValParams = { |
| 45 | authInfo, |
| 46 | bucketName, |
| 47 | requestType: request.apiMethods || 'bucketGetACL', |
| 48 | request, |
| 49 | }; |
| 50 | const grantInfo = { |
| 51 | grants: [], |
| 52 | ownerInfo: { |
| 53 | ID: undefined, |
| 54 | displayName: undefined, |
| 55 | }, |
| 56 | }; |
| 57 | |
| 58 | standardMetadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { |
| 59 | const corsHeaders = collectCorsHeaders(request.headers.origin, |
| 60 | request.method, bucket); |
| 61 | if (err) { |
| 62 | log.debug('error processing request', |
| 63 | { method: 'bucketGetACL', error: err }); |
| 64 | monitoring.promMetrics( |
| 65 | 'GET', bucketName, err.code, 'getBucketAcl'); |
| 66 | return callback(err, null, corsHeaders); |
| 67 | } |
| 68 | const bucketACL = bucket.getAcl(); |
| 69 | grantInfo.ownerInfo.ID = bucket.getOwner(); |
| 70 | grantInfo.ownerInfo.displayName = bucket.getOwnerDisplayName(); |
| 71 | const ownerGrant = { |
| 72 | ID: bucket.getOwner(), |
| 73 | displayName: bucket.getOwnerDisplayName(), |
| 74 | permission: 'FULL_CONTROL', |
| 75 | }; |
| 76 | |
| 77 | if (bucketACL.Canned !== '') { |
| 78 | const cannedGrants = aclUtils.handleCannedGrant( |
| 79 | bucketACL.Canned, ownerGrant); |
| 80 | grantInfo.grants = grantInfo.grants.concat(cannedGrants); |
| 81 | const xml = aclUtils.convertToXml(grantInfo); |
| 82 | pushMetric('getBucketAcl', log, { |
| 83 | authInfo, |
| 84 | bucket: bucketName, |
| 85 | }); |
| 86 | return callback(null, xml, corsHeaders); |
| 87 | } |
| 88 | /** |
| 89 | * Build array of all canonicalIDs used in ACLs so duplicates |
| 90 | * will be retained (e.g. if an account has both read and write |
| 91 | * privileges, want to display both and not lose the duplicate |
| 92 | * when receive one dictionary entry back from Vault) |
| 93 | */ |
| 94 | const canonicalIDs = aclUtils.getCanonicalIDs(bucketACL); |
| 95 | // Build array with grants by URI |
| 96 | const uriGrantInfo = aclUtils.getUriGrantInfo(bucketACL); |
no test coverage detected