feat: bucket severside encryption (#707)

* feat: bucket severside encryption

* chore: ReadMe

* fix: remove test sleep

README.md

@@ -91,6 +91,10 @@ All operation use es7 async/await to implement. All api is async function.
  - RequestPayment
  - [.getBucketRequestPayment(bucketName[, options])](#getbucketrequestpaymentbucketname-options)
  - [.putBucketRequestPayment(bucketName, payer[, options])](#putBucketRequestpaymentbucketname-payer-options)
+ - BucketEncryption
+ - [.putBucketEncryption(name[, options])](#putbucketencryptionbucketname-options)
+ - [.getBucketEncryption(name)](#getbucketencryptionbucketname-options)
+ - [.deleteBucketEncryption(name)](#deletebucketencryptionbucketname-options)
 - [Object Operations](#object-operations)
  - [.list(query[, options])](#listquery-options)
  - [.put(name, file[, options])](#putname-file-options)
@@ -954,6 +958,57 @@ Success will return:
 
 ---
 
+### .putBucketEncryption(name, rules)
+
+put BucketEncryption value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+- [rules] {Object} parameters
+ - SSEAlgorithm {String} encryption type, expect AES256 or KMS
+ - {KMSMasterKeyID} {String} needed when encryption type is KMS
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+
+---
+
+### .getBucketEncryption(name)
+
+get BucketEncryption rule value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+- encryption {Object} rules
+ - SSEAlgorithm {String} encryption type, AES256 or KMS
+ - {KMSMasterKeyID} {String} will be return when encryption type is KMS
+
+---
+
+### .deleteBucketEncryption(name)
+
+delete BucketEncryption rule value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+
+---
+
 ## Object Operations
 
 All operations function return Promise, except `signatureUrl`.

lib/common/bucket/deleteBucketEncryption.js

@@ -0,0 +1,18 @@
+const proto = exports;
+// const jstoxml = require('jstoxml');
+/**
+ * deleteBucketEncryption
+ * @param {String} bucketName - bucket name
+ */
+
+proto.deleteBucketEncryption = async function deleteBucketEncryption(bucketName) {
+ this._checkBucketName(bucketName);
+ const params = this._bucketRequestParams('DELETE', bucketName, 'encryption');
+ params.successStatuses = [204];
+ params.xmlResponse = true;
+ const result = await this.request(params);
+ return {
+ status: result.status,
+ res: result.res
+ };
+};

lib/common/bucket/getBucketEncryption.js

@@ -0,0 +1,19 @@
+const proto = exports;
+/**
+ * getBucketEncryption
+ * @param {String} bucketName - bucket name
+ */
+
+proto.getBucketEncryption = async function getBucketEncryption(bucketName) {
+ this._checkBucketName(bucketName);
+ const params = this._bucketRequestParams('GET', bucketName, 'encryption');
+ params.successStatuses = [200];
+ params.xmlResponse = true;
+ const result = await this.request(params);
+ const encryption = result.data.ApplyServerSideEncryptionByDefault;
+ return {
+ encryption,
+ status: result.status,
+ res: result.res
+ };
+};

lib/common/bucket/index.js

@@ -4,4 +4,6 @@ const proto = exports;
 
 merge(proto, require('./getBucketRequestPayment.js'));
 merge(proto, require('./putBucketRequestPayment.js'));
-
+merge(proto, require('./putBucketEncryption.js'));
+merge(proto, require('./getBucketEncryption.js'));
+merge(proto, require('./deleteBucketEncryption.js'));

lib/common/bucket/putBucketEncryption.js

@@ -0,0 +1,35 @@
+const proto = exports;
+// const jstoxml = require('jstoxml');
+const obj2xml = require('../utils/obj2xml');
+/**
+ * putBucketEncryption
+ * @param {String} bucketName - bucket name
+ * @param {Object} options
+ */
+
+proto.putBucketEncryption = async function putBucketEncryption(bucketName, options) {
+ options = options || {};
+ this._checkBucketName(bucketName);
+ const params = this._bucketRequestParams('PUT', bucketName, 'encryption', options);
+ params.successStatuses = [200];
+ const paramXMLObj = {
+ ServerSideEncryptionRule: {
+ ApplyServerSideEncryptionByDefault: {
+ SSEAlgorithm: options.SSEAlgorithm
+ }
+ }
+ };
+ if (options.KMSMasterKeyID !== undefined) {
+ paramXMLObj.ServerSideEncryptionRule.ApplyServerSideEncryptionByDefault.KMSMasterKeyID = options.KMSMasterKeyID;
+ }
+ const paramXML = obj2xml(paramXMLObj, {
+ headers: true
+ });
+ params.mime = 'xml';
+ params.content = paramXML;
+ const result = await this.request(params);
+ return {
+ status: result.status,
+ res: result.res
+ };
+};

test/node/bucket.test.js

@@ -475,4 +475,30 @@ describe('test/bucket.test.js', () => {
  }
  });
  });
+ describe('putBucketEncryption(), getBucketEncryption(), deleteBucketEncryption()', () => {
+ it('should create, get and delete the bucket encryption', async () => {
+ // put with AES256
+ const putresult1 = await store.putBucketEncryption(bucket, {
+ SSEAlgorithm: 'AES256'
+ });
+ assert.equal(putresult1.res.status, 200);
+ // put again with KMS will be fine
+ // const putresult2 = await store.putBucketEncryption(bucket, {
+ // SSEAlgorithm: 'KMS',
+ // KMSMasterKeyID: '1b2c3132-b2ce-4ba3-a4dd-9885904099ad'
+ // });
+ // assert.equal(putresult2.res.status, 200);
+ // await utils.sleep(ms(metaSyncTime));
+ // get
+ const getBucketEncryption = await store.getBucketEncryption(bucket);
+ assert.equal(getBucketEncryption.res.status, 200);
+ assert.deepEqual(getBucketEncryption.encryptions, {
+ SSEAlgorithm: 'AES256'
+ // KMSMasterKeyID: '1b2c3132-b2ce-4ba3-a4dd-9885904099ad'
+ });
+ // delete
+ const deleteResult = await store.deleteBucketEncryption(bucket);
+ assert.equal(deleteResult.res.status, 204);
+ });
+ });
 });