standardMetadataValidateBucket - retrieve bucket from metadata and check if user * is authorized to access it * @param {object} params - function parameters * @param {AuthInfo} params.authInfo - AuthInfo class instance, requester's info * @param {string} params.bucketName - name of bucket * @pa
(params, actionImplicitDenies, log, callback)
| 497 | * @return {undefined} - and call callback with params err, bucket md |
| 498 | */ |
| 499 | function standardMetadataValidateBucket(params, actionImplicitDenies, log, callback) { |
| 500 | const { bucketName, request } = params; |
| 501 | return metadata.getBucket(bucketName, log, (err, bucket, raftSessionId) => { |
| 502 | storeServerAccessLogInfo(params.request, bucket, raftSessionId); |
| 503 | if (err) { |
| 504 | // if some implicit actionImplicitDenies, return AccessDenied before |
| 505 | // leaking any state information |
| 506 | if (actionImplicitDenies && Object.values(actionImplicitDenies).some(v => v === true)) { |
| 507 | return callback(errors.AccessDenied); |
| 508 | } |
| 509 | log.debug('metadata getbucket failed', { error: err }); |
| 510 | return callback(err); |
| 511 | } |
| 512 | |
| 513 | // Rate limiting check if not already done in api.js |
| 514 | return checkRateLimitIfNeeded(request, params.authInfo, bucket, log, err => { |
| 515 | if (err) { |
| 516 | return callback(err); |
| 517 | } |
| 518 | |
| 519 | // Continue with validation |
| 520 | const validationError = validateBucket(bucket, params, log, actionImplicitDenies); |
| 521 | return callback(validationError, bucket); |
| 522 | }); |
| 523 | }); |
| 524 | } |
| 525 | |
| 526 | module.exports = { |
| 527 | validateBucket, |
no test coverage detected