* multiObjectDelete - Delete multiple objects * @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info * @param {object} request - http.IncomingMessage as modified by * lib/utils and routes/routePOST.js * @param {object} request.headers - request headers * @param {object}
(authInfo, request, log, callback)
| 482 | * @return {undefined} |
| 483 | */ |
| 484 | function multiObjectDelete(authInfo, request, log, callback) { |
| 485 | log.debug('processing request', { method: 'multiObjectDelete' }); |
| 486 | if (!request.post) { |
| 487 | monitoring.promMetrics('DELETE', request.bucketName, 400, |
| 488 | 'multiObjectDelete'); |
| 489 | return callback(errors.MissingRequestBodyError); |
| 490 | } |
| 491 | |
| 492 | const inPlayInternal = []; |
| 493 | const bucketName = request.bucketName; |
| 494 | const canonicalID = authInfo.getCanonicalID(); |
| 495 | const ip = requestUtils.getClientIp(request, config); |
| 496 | const isSecure = requestUtils.getHttpProtocolSecurity(request, config); |
| 497 | |
| 498 | return async.waterfall([ |
| 499 | function parseXML(next) { |
| 500 | return _parseXml(request.post, |
| 501 | (err, quietSetting, objects) => { |
| 502 | if (err || objects.length < 1 || objects.length > constants.maxMultiObjectDeleteLen) { |
| 503 | return next(errors.MalformedXML); |
| 504 | } |
| 505 | return next(null, quietSetting, objects); |
| 506 | }); |
| 507 | }, |
| 508 | function checkBucketMetadata(quietSetting, objects, next) { |
| 509 | const errorResults = []; |
| 510 | return metadata.getBucket(bucketName, log, (err, bucketMD, raftSessionId) => { |
| 511 | if (err) { |
| 512 | log.trace('error retrieving bucket metadata', |
| 513 | { error: err }); |
| 514 | return next(err); |
| 515 | } |
| 516 | // check whether bucket has transient or deleted flag |
| 517 | if (bucketShield(bucketMD, 'objectDelete')) { |
| 518 | return next(errors.NoSuchBucket); |
| 519 | } |
| 520 | metadataUtils.storeServerAccessLogInfo(request, bucketMD, raftSessionId); |
| 521 | // The implicit deny flag is ignored in the DeleteObjects API, as authorization only |
| 522 | // affects the objects. |
| 523 | if (!isBucketAuthorized(bucketMD, 'objectDelete', canonicalID, authInfo, log, request)) { |
| 524 | log.trace("access denied due to bucket acl's"); |
| 525 | // if access denied at the bucket level, no access for |
| 526 | // any of the objects so all results will be error results |
| 527 | objects.forEach(entry => { |
| 528 | errorResults.push({ |
| 529 | entry, |
| 530 | error: errors.AccessDenied, |
| 531 | }); |
| 532 | }); |
| 533 | // by sending an empty array as the objects array |
| 534 | // async.forEachLimit below will not actually |
| 535 | // make any calls to metadata or data but will continue on |
| 536 | // to the next step to build xml |
| 537 | return next(null, quietSetting, errorResults, [], bucketMD); |
| 538 | } |
| 539 | return next(null, quietSetting, errorResults, objects, bucketMD); |
| 540 | }); |
| 541 | }, |
nothing calls this directly
no test coverage detected