From c48a03711688dbda13c164aeba11ceb7bcc827a9 Mon Sep 17 00:00:00 2001 From: Maha Benzekri Date: Mon, 2 Oct 2023 16:53:19 +0200 Subject: [PATCH 1/2] CLDSRV-452: Bump ARSN version --- package.json | 2 +- yarn.lock | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 9a95251b62..7049d3d67d 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "homepage": "https://github.com/scality/S3#readme", "dependencies": { "@hapi/joi": "^17.1.0", - "arsenal": "git+https://github.com/scality/arsenal#7.10.43", + "arsenal": "git+https://github.com/scality/arsenal#7.10.43-1", "async": "~2.5.0", "aws-sdk": "2.905.0", "azure-storage": "^2.1.0", diff --git a/yarn.lock b/yarn.lock index 754867feff..ed697009bb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -466,9 +466,9 @@ arraybuffer.slice@~0.0.7: optionalDependencies: ioctl "^2.0.2" -"arsenal@git+https://github.com/scality/arsenal#7.10.43": - version "7.10.43" - resolved "git+https://github.com/scality/arsenal#054f61d6c1b3c9bdef0ad7a98bb4703b5acacad4" +"arsenal@git+https://github.com/scality/arsenal#7.10.43-1": + version "7.10.43-1" + resolved "git+https://github.com/scality/arsenal#b30d1a23a13c54351eea9efb72f83a69d51020ac" dependencies: "@types/async" "^3.2.12" "@types/utf8" "^3.0.1" From c1e10cd6625278ae18cf4362239407e2916a7aaa Mon Sep 17 00:00:00 2001 From: Maha Benzekri Date: Mon, 2 Oct 2023 17:05:27 +0200 Subject: [PATCH 2/2] CLDSRV-452: Bump CLDSRV version --- package.json | 2 +- .../test/bucket/putBucketPolicy.js | 54 +++++++++++++++++++ yarn.lock | 10 +++- 3 files changed, 64 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index 7049d3d67d..5723f8d92c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "s3", - "version": "7.10.27-1", + "version": "7.10.27-2", "description": "S3 connector", "main": "index.js", "engines": { diff --git a/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js b/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js index 4cc009a6f3..3f36ae2b07 100644 --- a/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js +++ b/tests/functional/aws-node-sdk/test/bucket/putBucketPolicy.js @@ -30,6 +30,33 @@ function getPolicyParams(paramToChange) { }; } +function getPolicyParamsWithId(paramToChange, policyId) { + const newParam = {}; + const bucketPolicy = { + Version: '2012-10-17', + Id: policyId, + Statement: [basicStatement], + }; + if (paramToChange) { + newParam[paramToChange.key] = paramToChange.value; + bucketPolicy.Statement[0] = Object.assign({}, basicStatement, newParam); + } + return { + Bucket: bucket, + Policy: JSON.stringify(bucketPolicy), + }; +} + +function generateRandomString(length) { + // All allowed characters matching the regex in arsenal + const allowedCharacters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+=,.@ -/'; + const allowedCharactersLength = allowedCharacters.length; + + return [...Array(length)] + .map(() => allowedCharacters[~~(Math.random() * allowedCharactersLength)]) + .join(''); +} + // Check for the expected error response code and status code. function assertError(err, expectedErr, cb) { if (expectedErr === null) { @@ -44,6 +71,7 @@ function assertError(err, expectedErr, cb) { cb(); } + describe('aws-sdk test put bucket policy', () => { let s3; let otherAccountS3; @@ -102,5 +130,31 @@ describe('aws-sdk test put bucket policy', () => { s3.putBucketPolicy(params, err => assertError(err, 'MalformedPolicy', done)); }); + + it('should return MalformedPolicy because Id is not a string', + done => { + const params = getPolicyParamsWithId(null, 59); + s3.putBucketPolicy(params, err => + assertError(err, 'MalformedPolicy', done)); + }); + + it('should put a bucket policy on bucket since Id is a string', + done => { + const params = getPolicyParamsWithId(null, 'cd3ad3d9-2776-4ef1-a904-4c229d1642e'); + s3.putBucketPolicy(params, err => + assertError(err, null, done)); + }); + + it('should allow bucket policy with pincipal arn less than 2048 characters', done => { + const params = getPolicyParams({ key: 'Principal', value: { AWS: `arn:aws:iam::767707094035:user/${generateRandomString(150)}` } }); // eslint-disable-line max-len + s3.putBucketPolicy(params, err => + assertError(err, null, done)); + }); + + it('should not allow bucket policy with pincipal arn more than 2048 characters', done => { + const params = getPolicyParams({ key: 'Principal', value: { AWS: `arn:aws:iam::767707094035:user/${generateRandomString(2020)}` } }); // eslint-disable-line max-len + s3.putBucketPolicy(params, err => + assertError(err, 'MalformedPolicy', done)); + }); }); }); diff --git a/yarn.lock b/yarn.lock index ed697009bb..dc757471fc 100644 --- a/yarn.lock +++ b/yarn.lock @@ -484,7 +484,7 @@ arraybuffer.slice@~0.0.7: bson "4.0.0" debug "~2.6.9" diskusage "^1.1.1" - fcntl "github:scality/node-fcntl#0.2.0" + fcntl "github:scality/node-fcntl#0.2.2" hdclient scality/hdclient#1.1.0 https-proxy-agent "^2.2.0" ioredis "^4.28.5" @@ -1851,6 +1851,14 @@ fast-levenshtein@~2.0.6: nan "^2.3.2" node-gyp "^8.0.0" +"fcntl@github:scality/node-fcntl#0.2.2": + version "0.2.1" + resolved "https://codeload.github.com/scality/node-fcntl/tar.gz/b1335ca204c6265cedc50c26020c4d63aabe920e" + dependencies: + bindings "^1.1.1" + nan "^2.3.2" + node-gyp "^8.0.0" + fecha@^4.2.0: version "4.2.3" resolved "https://registry.yarnpkg.com/fecha/-/fecha-4.2.3.tgz#4d9ccdbc61e8629b259fdca67e65891448d569fd"