diff --git a/lib/api/bucketGet.js b/lib/api/bucketGet.js index c864a80b50..674303ae54 100644 --- a/lib/api/bucketGet.js +++ b/lib/api/bucketGet.js @@ -345,7 +345,7 @@ function bucketGet(authInfo, request, log, callback) { listParams.marker = params.marker; } - metadataValidateBucket(metadataValParams, log, (err, bucket) => { + metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); if (err) { diff --git a/lib/api/bucketGetACL.js b/lib/api/bucketGetACL.js index 1c5d592753..8faff12551 100644 --- a/lib/api/bucketGetACL.js +++ b/lib/api/bucketGetACL.js @@ -54,7 +54,7 @@ function bucketGetACL(authInfo, request, log, callback) { }, }; - metadataValidateBucket(metadataValParams, log, (err, bucket) => { + metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); if (err) { diff --git a/lib/api/bucketGetCors.js b/lib/api/bucketGetCors.js index 19534fe3ee..11b1ebf3d8 100644 --- a/lib/api/bucketGetCors.js +++ b/lib/api/bucketGetCors.js @@ -34,7 +34,8 @@ function bucketGetCors(authInfo, request, log, callback) { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); - if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, log, request)) { + if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, + request.actionImplicitDenies, log, request)) { log.debug('access denied for user on bucket', { requestType, method: 'bucketGetCors', diff --git a/lib/api/bucketGetEncryption.js b/lib/api/bucketGetEncryption.js index 8720b69b4d..2e6f371ba4 100644 --- a/lib/api/bucketGetEncryption.js +++ b/lib/api/bucketGetEncryption.js @@ -27,7 +27,7 @@ function bucketGetEncryption(authInfo, request, log, callback) { }; return async.waterfall([ - next => metadataValidateBucket(metadataValParams, log, next), + next => metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, next), (bucket, next) => checkExpectedBucketOwner(request.headers, bucket, log, err => next(err, bucket)), (bucket, next) => { // If sseInfo is present but the `mandatory` flag is not set diff --git a/lib/api/bucketGetLifecycle.js b/lib/api/bucketGetLifecycle.js index 6411d5eb5b..a8f8cecb29 100644 --- a/lib/api/bucketGetLifecycle.js +++ b/lib/api/bucketGetLifecycle.js @@ -23,7 +23,7 @@ function bucketGetLifecycle(authInfo, request, log, callback) { requestType: 'bucketGetLifecycle', request, }; - return metadataValidateBucket(metadataValParams, log, (err, bucket) => { + return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(headers.origin, method, bucket); if (err) { log.debug('error processing request', { diff --git a/lib/api/bucketGetLocation.js b/lib/api/bucketGetLocation.js index 4d95ee6b86..0b65879ece 100644 --- a/lib/api/bucketGetLocation.js +++ b/lib/api/bucketGetLocation.js @@ -36,7 +36,8 @@ function bucketGetLocation(authInfo, request, log, callback) { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); - if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, log, request)) { + if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, + request.actionImplicitDenies, log, request)) { log.debug('access denied for account on bucket', { requestType, method: 'bucketGetLocation', diff --git a/lib/api/bucketGetNotification.js b/lib/api/bucketGetNotification.js index a3e41c03ae..cf701cc361 100644 --- a/lib/api/bucketGetNotification.js +++ b/lib/api/bucketGetNotification.js @@ -41,7 +41,7 @@ function bucketGetNotification(authInfo, request, log, callback) { request, }; - return metadataValidateBucket(metadataValParams, log, (err, bucket) => { + return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(headers.origin, method, bucket); if (err) { log.debug('error processing request', { diff --git a/lib/api/bucketGetObjectLock.js b/lib/api/bucketGetObjectLock.js index cbb92d34b2..9303ccffc2 100644 --- a/lib/api/bucketGetObjectLock.js +++ b/lib/api/bucketGetObjectLock.js @@ -36,7 +36,7 @@ function bucketGetObjectLock(authInfo, request, log, callback) { requestType: 'bucketGetObjectLock', request, }; - return metadataValidateBucket(metadataValParams, log, (err, bucket) => { + return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(headers.origin, method, bucket); if (err) { log.debug('error processing request', { diff --git a/lib/api/bucketGetPolicy.js b/lib/api/bucketGetPolicy.js index c87bb12cce..7cdd0c9a99 100644 --- a/lib/api/bucketGetPolicy.js +++ b/lib/api/bucketGetPolicy.js @@ -21,7 +21,7 @@ function bucketGetPolicy(authInfo, request, log, callback) { request, }; - return metadataValidateBucket(metadataValParams, log, (err, bucket) => { + return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(headers.origin, method, bucket); if (err) { log.debug('error processing request', { diff --git a/lib/api/bucketGetReplication.js b/lib/api/bucketGetReplication.js index 03cbcac37f..48a9cadf40 100644 --- a/lib/api/bucketGetReplication.js +++ b/lib/api/bucketGetReplication.js @@ -23,7 +23,7 @@ function bucketGetReplication(authInfo, request, log, callback) { requestType: 'bucketGetReplication', request, }; - return metadataValidateBucket(metadataValParams, log, (err, bucket) => { + return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(headers.origin, method, bucket); if (err) { log.debug('error processing request', { diff --git a/lib/api/bucketGetVersioning.js b/lib/api/bucketGetVersioning.js index f25edbac6f..9ec1c9a1b4 100644 --- a/lib/api/bucketGetVersioning.js +++ b/lib/api/bucketGetVersioning.js @@ -57,7 +57,7 @@ function bucketGetVersioning(authInfo, request, log, callback) { request, }; - metadataValidateBucket(metadataValParams, log, (err, bucket) => { + metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); if (err) { diff --git a/lib/api/bucketGetWebsite.js b/lib/api/bucketGetWebsite.js index 315d825e39..e47e98fe48 100644 --- a/lib/api/bucketGetWebsite.js +++ b/lib/api/bucketGetWebsite.js @@ -34,7 +34,8 @@ function bucketGetWebsite(authInfo, request, log, callback) { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); - if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, log, request)) { + if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo, + request.actionImplicitDenies, log, request)) { log.debug('access denied for user on bucket', { requestType, method: 'bucketGetWebsite', diff --git a/lib/api/objectGet.js b/lib/api/objectGet.js index d8b6b366a7..75c7bd13b6 100644 --- a/lib/api/objectGet.js +++ b/lib/api/objectGet.js @@ -48,7 +48,7 @@ function objectGet(authInfo, request, returnTagCount, log, callback) { request, }; - return metadataValidateBucketAndObj(mdValParams, log, + return metadataValidateBucketAndObj(mdValParams, request.actionImplicitDenies, log, (err, bucket, objMD) => { const corsHeaders = collectCorsHeaders(request.headers.origin, request.method, bucket); diff --git a/lib/api/objectGetACL.js b/lib/api/objectGetACL.js index ea2c88968f..d96f0a62d3 100644 --- a/lib/api/objectGetACL.js +++ b/lib/api/objectGetACL.js @@ -71,7 +71,7 @@ function objectGetACL(authInfo, request, log, callback) { return async.waterfall([ function validateBucketAndObj(next) { - return metadataValidateBucketAndObj(metadataValParams, log, + return metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log, (err, bucket, objectMD) => { if (err) { log.trace('request authorization failed', diff --git a/lib/api/objectGetLegalHold.js b/lib/api/objectGetLegalHold.js index 40cb4fcbc9..a450314a2b 100644 --- a/lib/api/objectGetLegalHold.js +++ b/lib/api/objectGetLegalHold.js @@ -43,7 +43,7 @@ function objectGetLegalHold(authInfo, request, log, callback) { }; return async.waterfall([ - next => metadataValidateBucketAndObj(metadataValParams, log, + next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log, (err, bucket, objectMD) => { if (err) { log.trace('request authorization failed', diff --git a/lib/api/objectGetRetention.js b/lib/api/objectGetRetention.js index e5e49bb0ec..825843ac4b 100644 --- a/lib/api/objectGetRetention.js +++ b/lib/api/objectGetRetention.js @@ -43,7 +43,7 @@ function objectGetRetention(authInfo, request, log, callback) { }; return async.waterfall([ - next => metadataValidateBucketAndObj(metadataValParams, log, + next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log, (err, bucket, objectMD) => { if (err) { log.trace('request authorization failed', diff --git a/lib/api/objectGetTagging.js b/lib/api/objectGetTagging.js index 48233c3acc..98657156a0 100644 --- a/lib/api/objectGetTagging.js +++ b/lib/api/objectGetTagging.js @@ -43,7 +43,7 @@ function objectGetTagging(authInfo, request, log, callback) { }; return async.waterfall([ - next => metadataValidateBucketAndObj(metadataValParams, log, + next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log, (err, bucket, objectMD) => { if (err) { log.trace('request authorization failed', diff --git a/lib/api/websiteGet.js b/lib/api/websiteGet.js index bf328a8f6e..0bbfbbedba 100644 --- a/lib/api/websiteGet.js +++ b/lib/api/websiteGet.js @@ -21,12 +21,13 @@ const { pushMetric } = require('../utapi/utilities'); * @param {string} objectKey - object key from request (or as translated in * websiteGet) * @param {object} corsHeaders - CORS-related response headers + * @param {object} request - normalized request object * @param {object} log - Werelogs instance * @param {function} callback - callback to function in route * @return {undefined} */ function _errorActions(err, errorDocument, routingRules, - bucket, objectKey, corsHeaders, log, callback) { + bucket, objectKey, corsHeaders, request, log, callback) { const bucketName = bucket.getName(); const errRoutingRule = findRoutingRule(routingRules, objectKey, err.code); @@ -47,7 +48,7 @@ function _errorActions(err, errorDocument, routingRules, // return the default error message if the object is private // rather than sending a stored error file if (!isObjAuthorized(bucket, errObjMD, 'objectGet', - constants.publicId, null, log)) { + constants.publicId, null, request.actionImplicitDenies, log)) { log.trace('errorObj not authorized', { error: err }); return callback(err, true, null, corsHeaders); } @@ -144,7 +145,7 @@ function websiteGet(request, log, callback) { { error: err }); let returnErr = err; const bucketAuthorized = isBucketAuthorized(bucket, - 'bucketGet', constants.publicId, null, log, request); + 'bucketGet', constants.publicId, null, request.actionImplicitDenies, log, request); // if index object does not exist and bucket is private AWS // returns 403 - AccessDenied error. if (err.is.NoSuchKey && !bucketAuthorized) { @@ -152,16 +153,16 @@ function websiteGet(request, log, callback) { } return _errorActions(returnErr, websiteConfig.getErrorDocument(), routingRules, - bucket, reqObjectKey, corsHeaders, log, + bucket, reqObjectKey, corsHeaders, request, log, callback); } if (!isObjAuthorized(bucket, objMD, 'objectGet', - constants.publicId, null, log, request)) { + constants.publicId, null, request.actionImplicitDenies, log, request)) { const err = errors.AccessDenied; log.trace('request not authorized', { error: err }); return _errorActions(err, websiteConfig.getErrorDocument(), routingRules, bucket, - reqObjectKey, corsHeaders, log, callback); + reqObjectKey, corsHeaders, request, log, callback); } const headerValResult = validateHeaders(request.headers, @@ -171,7 +172,7 @@ function websiteGet(request, log, callback) { log.trace('header validation error', { error: err }); return _errorActions(err, websiteConfig.getErrorDocument(), routingRules, bucket, reqObjectKey, - corsHeaders, log, callback); + corsHeaders, request, log, callback); } // check if object to serve has website redirect header // Note: AWS prioritizes website configuration rules over diff --git a/tests/functional/aws-node-sdk/test/bucket/get.js b/tests/functional/aws-node-sdk/test/bucket/get.js index 7eca17cee2..f4763dfc7c 100644 --- a/tests/functional/aws-node-sdk/test/bucket/get.js +++ b/tests/functional/aws-node-sdk/test/bucket/get.js @@ -286,8 +286,7 @@ const tests = [ }, ]; -// TODO CLDSRV-928 remove skip -describe.skip('GET Bucket - AWS.S3.listObjects', () => { +describe('GET Bucket - AWS.S3.listObjects', () => { describe('When user is unauthorized', () => { let bucketUtil; let bucketName; diff --git a/tests/unit/api/bucketGet.js b/tests/unit/api/bucketGet.js index c178de5435..e43fcc7fd8 100644 --- a/tests/unit/api/bucketGet.js +++ b/tests/unit/api/bucketGet.js @@ -63,6 +63,7 @@ const baseGetRequest = { bucketName, namespace, headers: { host: '/' }, + actionImplicitDenies: false, }; const baseUrl = `/${bucketName}`; @@ -173,8 +174,7 @@ const tests = [ }, }, ]; -// TODO CLDSRV-429 remove skip -describe.skip('bucketGet API', () => { +describe('bucketGet API', () => { beforeEach(() => { cleanup(); }); @@ -290,8 +290,7 @@ const testsForV2 = [...tests, }, ]; -// TODO CLDSRV-429 remove skip -describe.skip('bucketGet API V2', () => { +describe('bucketGet API V2', () => { beforeEach(() => { cleanup(); }); diff --git a/tests/unit/api/bucketGetACL.js b/tests/unit/api/bucketGetACL.js index b9bb3ef4b3..703b686bfb 100644 --- a/tests/unit/api/bucketGetACL.js +++ b/tests/unit/api/bucketGetACL.js @@ -14,8 +14,7 @@ const authInfo = makeAuthInfo(accessKey); const canonicalID = authInfo.getCanonicalID(); const namespace = 'default'; const bucketName = 'bucketname'; -// TODO CLDSRV-429 remove skip -describe.skip('bucketGetACL API', () => { +describe('bucketGetACL API', () => { beforeEach(() => { cleanup(); }); @@ -25,6 +24,7 @@ describe.skip('bucketGetACL API', () => { namespace, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const testGetACLRequest = { bucketName, @@ -32,6 +32,7 @@ describe.skip('bucketGetACL API', () => { headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; it('should get a canned private ACL', done => { @@ -44,6 +45,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -76,6 +78,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -119,6 +122,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -156,6 +160,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -194,6 +199,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -248,6 +254,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; const canonicalIDforSample1 = '79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be'; @@ -338,6 +345,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ @@ -377,6 +385,7 @@ describe.skip('bucketGetACL API', () => { }, url: '/?acl', query: { acl: '' }, + actionImplicitDenies: false, }; async.waterfall([ diff --git a/tests/unit/api/bucketGetCors.js b/tests/unit/api/bucketGetCors.js index 4ae4976d6f..47f413086f 100644 --- a/tests/unit/api/bucketGetCors.js +++ b/tests/unit/api/bucketGetCors.js @@ -16,6 +16,7 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; function _makeCorsRequest(xml) { @@ -26,6 +27,7 @@ function _makeCorsRequest(xml) { }, url: '/?cors', query: { cors: '' }, + actionImplicitDenies: false, }; if (xml) { @@ -55,8 +57,7 @@ function _comparePutGetXml(sampleXml, done) { }); }); } -// TODO CLDSRV-429 remove skip -describe.skip('getBucketCors API', () => { +describe('getBucketCors API', () => { beforeEach(done => { cleanup(); bucketPut(authInfo, testBucketPutRequest, log, done); diff --git a/tests/unit/api/bucketGetLifecycle.js b/tests/unit/api/bucketGetLifecycle.js index 91af065321..6c1760ad34 100644 --- a/tests/unit/api/bucketGetLifecycle.js +++ b/tests/unit/api/bucketGetLifecycle.js @@ -17,9 +17,9 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; -// TODO CLDSRV-429 remove skip -describe.skip('getBucketLifecycle API', () => { +describe('getBucketLifecycle API', () => { before(() => cleanup()); beforeEach(done => bucketPut(authInfo, testBucketPutRequest, log, done)); afterEach(() => cleanup()); diff --git a/tests/unit/api/bucketGetLocation.js b/tests/unit/api/bucketGetLocation.js index c0bb9eec45..cc0aaa4d79 100644 --- a/tests/unit/api/bucketGetLocation.js +++ b/tests/unit/api/bucketGetLocation.js @@ -16,6 +16,7 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const testGetLocationRequest = { @@ -25,6 +26,7 @@ const testGetLocationRequest = { }, url: '/?location', query: { location: '' }, + actionImplicitDenies: false, }; const locationConstraints = config.locationConstraints; @@ -37,8 +39,7 @@ function getBucketRequestObject(location) { '' : undefined; return Object.assign({ post }, testBucketPutRequest); } -// TODO CLDSRV-429 remove skip -describe.skip('getBucketLocation API', () => { +describe('getBucketLocation API', () => { Object.keys(locationConstraints).forEach(location => { if (location === 'us-east-1') { // if region us-east-1 should return empty string diff --git a/tests/unit/api/bucketGetNotification.js b/tests/unit/api/bucketGetNotification.js index e74a4e0bba..b72d68b5e5 100644 --- a/tests/unit/api/bucketGetNotification.js +++ b/tests/unit/api/bucketGetNotification.js @@ -15,6 +15,7 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; function getNotificationRequest(bucketName, xml) { @@ -23,6 +24,7 @@ function getNotificationRequest(bucketName, xml) { headers: { host: `${bucketName}.s3.amazonaws.com`, }, + actionImplicitDenies: false, }; if (xml) { request.post = xml; @@ -52,8 +54,7 @@ function getNotificationXml() { ''; } -// TODO CLDSRV-429 remove skip -describe.skip('getBucketNotification API', () => { +describe('getBucketNotification API', () => { before(cleanup); beforeEach(done => bucketPut(authInfo, testBucketPutRequest, log, done)); afterEach(cleanup); diff --git a/tests/unit/api/bucketGetObjectLock.js b/tests/unit/api/bucketGetObjectLock.js index edee9f7734..5d6820efb5 100644 --- a/tests/unit/api/bucketGetObjectLock.js +++ b/tests/unit/api/bucketGetObjectLock.js @@ -14,6 +14,7 @@ const bucketPutReq = { host: `${bucketName}.s3.amazonaws.com`, }, url: '/', + actionImplicitDenies: false, }; const testBucketPutReqWithObjLock = { @@ -23,6 +24,7 @@ const testBucketPutReqWithObjLock = { 'x-amz-bucket-object-lock-enabled': 'True', }, url: '/', + actionImplicitDenies: false, }; function getObjectLockConfigRequest(bucketName, xml) { @@ -33,6 +35,7 @@ function getObjectLockConfigRequest(bucketName, xml) { 'x-amz-bucket-object-lock-enabled': 'true', }, url: '/?object-lock', + actionImplicitDenies: false, }; if (xml) { request.post = xml; @@ -65,8 +68,7 @@ function getObjectLockXml(mode, type, time) { xmlStr += xml.objLockConfigClose; return xmlStr; } -// TODO CLDSRV-429 remove skip -describe.skip('bucketGetObjectLock API', () => { +describe('bucketGetObjectLock API', () => { before(done => bucketPut(authInfo, bucketPutReq, log, done)); after(cleanup); @@ -79,8 +81,7 @@ describe.skip('bucketGetObjectLock API', () => { }); }); }); -// TODO CLDSRV-429 remove skip -describe.skip('bucketGetObjectLock API', () => { +describe('bucketGetObjectLock API', () => { before(cleanup); beforeEach(done => bucketPut(authInfo, testBucketPutReqWithObjLock, log, done)); afterEach(cleanup); diff --git a/tests/unit/api/bucketGetPolicy.js b/tests/unit/api/bucketGetPolicy.js index d1c02f6eba..d5244a5a56 100644 --- a/tests/unit/api/bucketGetPolicy.js +++ b/tests/unit/api/bucketGetPolicy.js @@ -16,6 +16,7 @@ const testBasicRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const expectedBucketPolicy = { @@ -34,9 +35,9 @@ const testPutPolicyRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, post: JSON.stringify(expectedBucketPolicy), + actionImplicitDenies: false, }; -// TODO CLDSRV-429 remove skip -describe.skip('getBucketPolicy API', () => { +describe('getBucketPolicy API', () => { before(() => cleanup()); beforeEach(done => bucketPut(authInfo, testBasicRequest, log, done)); afterEach(() => cleanup()); diff --git a/tests/unit/api/bucketGetReplication.js b/tests/unit/api/bucketGetReplication.js index c59564cfa4..1dc3e4df50 100644 --- a/tests/unit/api/bucketGetReplication.js +++ b/tests/unit/api/bucketGetReplication.js @@ -53,8 +53,7 @@ function getReplicationConfig() { ], }; } -// TODO CLDSRV-429 remove skip -describe.skip("'getReplicationConfigurationXML' function", () => { +describe("'getReplicationConfigurationXML' function", () => { it('should return XML from the bucket replication configuration', done => getAndCheckXML(getReplicationConfig(), done)); diff --git a/tests/unit/api/bucketGetWebsite.js b/tests/unit/api/bucketGetWebsite.js index cb2398f7b1..007ba3f7d9 100644 --- a/tests/unit/api/bucketGetWebsite.js +++ b/tests/unit/api/bucketGetWebsite.js @@ -15,6 +15,7 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; function _makeWebsiteRequest(xml) { @@ -25,6 +26,7 @@ function _makeWebsiteRequest(xml) { }, url: '/?website', query: { website: '' }, + actionImplicitDenies: false, }; if (xml) { @@ -53,8 +55,7 @@ function _comparePutGetXml(sampleXml, done) { }); }); } -// TODO CLDSRV-429 remove skip -describe.skip('getBucketWebsite API', () => { +describe('getBucketWebsite API', () => { beforeEach(done => { cleanup(); bucketPut(authInfo, testBucketPutRequest, log, done); diff --git a/tests/unit/api/objectDelete.js b/tests/unit/api/objectDelete.js index fa5514ebf7..576793b3f4 100644 --- a/tests/unit/api/objectDelete.js +++ b/tests/unit/api/objectDelete.js @@ -84,8 +84,7 @@ describe('objectDelete API', () => { url: `/${bucketName}/${objectKey}`, }); - // TODO CLDSRV-429 remove skip - skipped due to get at the end - it.skip('should delete an object', done => { + it('should delete an object', done => { bucketPut(authInfo, testBucketPutRequest, log, () => { objectPut(authInfo, testPutObjectRequest, undefined, log, () => { @@ -102,8 +101,7 @@ describe('objectDelete API', () => { }); }); - // TODO CLDSRV-429 remove skip - skipped due to get at the end - it.skip('should delete a 0 bytes object', done => { + it('should delete a 0 bytes object', done => { const testPutObjectRequest = new DummyRequest({ bucketName, namespace, diff --git a/tests/unit/api/objectGet.js b/tests/unit/api/objectGet.js index fa015282af..b8c6e108a6 100644 --- a/tests/unit/api/objectGet.js +++ b/tests/unit/api/objectGet.js @@ -22,8 +22,7 @@ const namespace = 'default'; const bucketName = 'bucketname'; const objectName = 'objectName'; const postBody = Buffer.from('I am a body', 'utf8'); -// TODO CLDSRV-429 remove skip -describe.skip('objectGet API', () => { +describe('objectGet API', () => { let testPutObjectRequest; beforeEach(() => { @@ -47,6 +46,7 @@ describe.skip('objectGet API', () => { namespace, headers: {}, url: `/${bucketName}`, + actionImplicitDenies: false, }; const userMetadataKey = 'x-amz-meta-test'; const userMetadataValue = 'some metadata'; @@ -56,6 +56,7 @@ describe.skip('objectGet API', () => { objectKey: objectName, headers: {}, url: `/${bucketName}/${objectName}`, + actionImplicitDenies: false, }; it('should get the object metadata', done => { @@ -84,6 +85,7 @@ describe.skip('objectGet API', () => { 'x-amz-bucket-object-lock-enabled': 'true', }, url: `/${bucketName}`, + actionImplicitDenies: false, }; const createPutDummyRetention = (date, mode) => new DummyRequest({ @@ -236,7 +238,8 @@ describe.skip('objectGet API', () => { }); }); - it('should get the object data retrieval info for an object put by MPU', + // TODO CLDSRV-431 remove skip - skipped due to MPU call + it.skip('should get the object data retrieval info for an object put by MPU', done => { const partBody = Buffer.from('I am a part\n', 'utf8'); const initiateRequest = { @@ -245,6 +248,7 @@ describe.skip('objectGet API', () => { objectKey: objectName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: `/${objectName}?uploads`, + actionImplicitDenies: false, }; async.waterfall([ next => bucketPut(authInfo, testPutBucketRequest, log, next), @@ -321,6 +325,7 @@ describe.skip('objectGet API', () => { headers: { host: `${bucketName}.s3.amazonaws.com` }, query: { uploadId: testUploadId }, post: completeBody, + actionImplicitDenies: false, }; completeMultipartUpload(authInfo, completeRequest, log, err => { diff --git a/tests/unit/api/objectGetACL.js b/tests/unit/api/objectGetACL.js index 52275fef98..ab78d136d1 100644 --- a/tests/unit/api/objectGetACL.js +++ b/tests/unit/api/objectGetACL.js @@ -20,8 +20,7 @@ const otherAccountCanonicalID = otherAccountAuthInfo.getCanonicalID(); const namespace = 'default'; const bucketName = 'bucketname'; const postBody = Buffer.from('I am a body', 'utf8'); -// TODO CLDSRV-429 remove skip -describe.skip('objectGetACL API', () => { +describe('objectGetACL API', () => { beforeEach(() => { cleanup(); }); @@ -36,6 +35,7 @@ describe.skip('objectGetACL API', () => { 'x-amz-acl': 'public-read-write', }, url: '/', + actionImplicitDenies: false, }; const testGetACLRequest = { bucketName, @@ -44,6 +44,7 @@ describe.skip('objectGetACL API', () => { objectKey: objectName, url: `/${bucketName}/${objectName}?acl`, query: { acl: '' }, + actionImplicitDenies: false, }; it('should get a canned private ACL', done => { diff --git a/tests/unit/api/objectGetLegalHold.js b/tests/unit/api/objectGetLegalHold.js index 7094e76850..a80fc8cee5 100644 --- a/tests/unit/api/objectGetLegalHold.js +++ b/tests/unit/api/objectGetLegalHold.js @@ -18,6 +18,7 @@ const bucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const putObjectRequest = new DummyRequest({ @@ -37,15 +38,16 @@ const putObjectLegalHoldRequest = status => ({ objectKey: objectName, headers: { host: `${bucketName}.s3.amazonaws.com` }, post: objectLegalHoldXml(status), + actionImplicitDenies: false, }); const getObjectLegalHoldRequest = { bucketName, objectKey: objectName, headers: { host: `${bucketName}.s3.amazonaws.com` }, + actionImplicitDenies: false, }; -// TODO CLDSRV-429 remove skip -describe.skip('getObjectLegalHold API', () => { +describe('getObjectLegalHold API', () => { before(cleanup); describe('without Object Lock enabled on bucket', () => { diff --git a/tests/unit/api/objectGetRetention.js b/tests/unit/api/objectGetRetention.js index a3d0d279e6..f3129291a2 100644 --- a/tests/unit/api/objectGetRetention.js +++ b/tests/unit/api/objectGetRetention.js @@ -21,6 +21,7 @@ const bucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const putObjectRequest = new DummyRequest({ @@ -42,15 +43,16 @@ const putObjRetRequest = { objectKey: objectName, headers: { host: `${bucketName}.s3.amazonaws.com` }, post: objectRetentionXml, + actionImplicitDenies: false, }; const getObjRetRequest = { bucketName, objectKey: objectName, headers: { host: `${bucketName}.s3.amazonaws.com` }, + actionImplicitDenies: false, }; -// TODO CLDSRV-429 remove skip -describe.skip('getObjectRetention API', () => { +describe('getObjectRetention API', () => { before(cleanup); describe('without Object Lock enabled on bucket', () => { diff --git a/tests/unit/api/objectGetTagging.js b/tests/unit/api/objectGetTagging.js index 92f7163efd..b099120fb2 100644 --- a/tests/unit/api/objectGetTagging.js +++ b/tests/unit/api/objectGetTagging.js @@ -21,6 +21,7 @@ const testBucketPutRequest = { bucketName, headers: { host: `${bucketName}.s3.amazonaws.com` }, url: '/', + actionImplicitDenies: false, }; const testPutObjectRequest = new DummyRequest({ @@ -30,8 +31,8 @@ const testPutObjectRequest = new DummyRequest({ headers: {}, url: `/${bucketName}/${objectName}`, }, postBody); -// TODO CLDSRV-429 remove skip -describe.skip('getObjectTagging API', () => { + +describe('getObjectTagging API', () => { beforeEach(done => { cleanup(); bucketPut(authInfo, testBucketPutRequest, log, err => { diff --git a/tests/unit/api/serviceGet.js b/tests/unit/api/serviceGet.js index 91849b3ae4..2eb3ab1eda 100644 --- a/tests/unit/api/serviceGet.js +++ b/tests/unit/api/serviceGet.js @@ -24,6 +24,7 @@ describe.skip('serviceGet API', () => { parsedHost: 's3.amazonaws.com', headers: { host: 's3.amazonaws.com' }, url: '/', + actionImplicitDenies: false, }; it('should return the list of buckets owned by the user', done => {