Skip to content

Commit

Permalink
Fix delete objects permissions bug (#1260)
Browse files Browse the repository at this point in the history
  • Loading branch information
itaiad200 authored Jan 21, 2021
1 parent 298093d commit 774e935
Show file tree
Hide file tree
Showing 2 changed files with 60 additions and 0 deletions.
9 changes: 9 additions & 0 deletions gateway/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,15 @@ func authorize(w http.ResponseWriter, req *http.Request, authService simulator.G
o := ctx.Value(ContextKeyOperation).(*operations.Operation)
username := ctx.Value(ContextKeyUser).(*model.User).Username
authContext := ctx.Value(ContextKeyAuthContext).(sig.SigContext)

if len(perms) == 0 {
// Either no permissions are required, or they will be checked later.
return &operations.AuthorizedOperation{
Operation: o,
Principal: username,
}
}

authResp, err := authService.Authorize(&auth.AuthorizationRequest{
Username: username,
RequiredPermissions: perms,
Expand Down
51 changes: 51 additions & 0 deletions nessie/delete_objects_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package nessie

import (
"strconv"
"testing"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/s3"
"github.com/stretchr/testify/assert"
)

func TestDeleteObjects(t *testing.T) {
ctx, _, repo := setupTest(t)
const numOfObjects = 10

identifiers := make([]*s3.ObjectIdentifier, 0, numOfObjects)

for i := 1; i <= numOfObjects; i++ {
file := strconv.Itoa(i) + ".txt"
identifiers = append(identifiers, &s3.ObjectIdentifier{
Key: aws.String(masterBranch + "/" + file),
})
_, _ = uploadFileRandomData(ctx, t, repo, masterBranch, file)
}

listOut, err := svc.ListObjects(&s3.ListObjectsInput{
Bucket: aws.String(repo),
Prefix: aws.String(masterBranch + "/"),
})

assert.NoError(t, err)
assert.Len(t, listOut.Contents, numOfObjects)

deleteOut, err := svc.DeleteObjects(&s3.DeleteObjectsInput{
Bucket: aws.String(repo),
Delete: &s3.Delete{
Objects: identifiers,
},
})

assert.NoError(t, err)
assert.Len(t, deleteOut.Deleted, numOfObjects)

listOut, err = svc.ListObjects(&s3.ListObjectsInput{
Bucket: aws.String(repo),
Prefix: aws.String(masterBranch + "/"),
})

assert.NoError(t, err)
assert.Len(t, listOut.Contents, 0)
}

0 comments on commit 774e935

Please sign in to comment.