* Query the authorization service for the request, and extract the bucket * and, if applicable, object metadata according to the request method. * * @param {object} request - incoming request * @param {object} response - response object * @param {string} api - HTTP verb * @param {object} log -
(request, response, api, log, callback)
| 124 | * @returns {undefined} |
| 125 | */ |
| 126 | function authorizationMiddleware(request, response, api, log, callback) { |
| 127 | if (!api) { |
| 128 | return responseXMLBody(errors.AccessDenied, null, response, log); |
| 129 | } |
| 130 | const requestContexts = prepareRequestContexts(api, request); |
| 131 | return async.waterfall([ |
| 132 | next => auth.server.doAuth(request, log, (err, userInfo, authorizationResults, streamingV4Params) => { |
| 133 | if (err) { |
| 134 | log.debug('authentication error', { |
| 135 | error: err, |
| 136 | method: request.method, |
| 137 | bucketName: request.bucketName, |
| 138 | objectKey: request.objectKey, |
| 139 | }); |
| 140 | } |
| 141 | /* eslint-disable no-param-reassign */ |
| 142 | request.authorizationResults = authorizationResults; |
| 143 | request.streamingV4Params = streamingV4Params; |
| 144 | /* eslint-enable no-param-reassign */ |
| 145 | return next(err, userInfo); |
| 146 | }, 's3', requestContexts), |
| 147 | (userInfo, next) => { |
| 148 | // Ensure only supported HTTP verbs and actions are called, |
| 149 | // otherwise deny access |
| 150 | const requestType = apiToAction[api]; |
| 151 | if (!requestType) { |
| 152 | return next(errors.AccessDenied); |
| 153 | } |
| 154 | const mdValParams = { |
| 155 | bucketName: request.bucketName, |
| 156 | authInfo: userInfo, |
| 157 | requestType, |
| 158 | request, |
| 159 | }; |
| 160 | return next(null, mdValParams); |
| 161 | }, |
| 162 | (mdValParams, next) => standardMetadataValidateBucket(mdValParams, request.actionImplicitDenies, log, next), |
| 163 | ], (err, bucketMd) => { |
| 164 | if (err || !bucketMd) { |
| 165 | return responseXMLBody(err, null, response, log); |
| 166 | } |
| 167 | return callback(request, response, bucketMd, log); |
| 168 | }); |
| 169 | } |
| 170 | |
| 171 | function _normalizeVeeamRequest(req) { |
| 172 | /* eslint-disable no-param-reassign */ |
no test coverage detected