Skip to content

Commit

Permalink
Merge pull request #170 from ing-bank/fix/disable_filtering
Browse files Browse the repository at this point in the history 
disable list bucket filtering
  • Loading branch information
@kr7ysztof
kr7ysztof authored Dec 14, 2022
2 parents 553d09f + 3ca577a commit 6076b9a
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 25 deletions.
49 changes: 25 additions & 24 deletions src/it/scala/com/ing/wbaa/rokku/proxy/RokkuS3ProxyItTest.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,30 +170,31 @@ class RokkuS3ProxyItTest extends AsyncWordSpec with Diagrams
}
}

"create a home bucket and files for userone and user two - users can see only own objects" in withSdkToMockProxy { (stsSdk, s3ProxyAuthority) =>
retrieveKeycloackToken(validKeycloakCredentialsTestuser).flatMap { keycloakTokenTestuser =>
val testuserS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakTokenTestuser)
val objectForAll = List("mainfile")
val userOneObjects = List("userone/", "userone/dir1/", "userone/dir1/file1")
val userTwoObjects = List("usertwo/", "usertwo/dir2/", "usertwo/dir2/file2")
withHomeBucket(testuserS3, objectForAll ++ userOneObjects ++ userTwoObjects) { bucket =>
retrieveKeycloackToken(validKeycloakCredentialsUserone).map { keycloakToken =>
val useroneS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakToken)
val returnedObjects = useroneS3.listObjects(bucket).getObjectSummaries.asScala.toList.map(_.getKey)
objectForAll.foreach(obj => assert(returnedObjects.contains(obj)))
userOneObjects.foreach(obj => assert(returnedObjects.contains(obj)))
assert(returnedObjects.size == 4)
}
retrieveKeycloackToken(validKeycloakCredentialsUsertwo).map { keycloakToken =>
val usertwoS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakToken)
val returnedObjects = usertwoS3.listObjects(bucket).getObjectSummaries.asScala.toList.map(_.getKey)
objectForAll.foreach(obj => assert(returnedObjects.contains(obj)))
userTwoObjects.foreach(obj => assert(returnedObjects.contains(obj)))
assert(returnedObjects.size == 4)
}
}
}
}
//TODO FilterRecursiveListBucketHandler was disable and need to be fixed
// "create a home bucket and files for userone and user two - users can see only own objects" in withSdkToMockProxy { (stsSdk, s3ProxyAuthority) =>
// retrieveKeycloackToken(validKeycloakCredentialsTestuser).flatMap { keycloakTokenTestuser =>
// val testuserS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakTokenTestuser)
// val objectForAll = List("mainfile")
// val userOneObjects = List("userone/", "userone/dir1/", "userone/dir1/file1")
// val userTwoObjects = List("usertwo/", "usertwo/dir2/", "usertwo/dir2/file2")
// withHomeBucket(testuserS3, objectForAll ++ userOneObjects ++ userTwoObjects) { bucket =>
// retrieveKeycloackToken(validKeycloakCredentialsUserone).map { keycloakToken =>
// val useroneS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakToken)
// val returnedObjects = useroneS3.listObjects(bucket).getObjectSummaries.asScala.toList.map(_.getKey)
// objectForAll.foreach(obj => assert(returnedObjects.contains(obj)))
// userOneObjects.foreach(obj => assert(returnedObjects.contains(obj)))
// assert(returnedObjects.size == 4)
// }
// retrieveKeycloackToken(validKeycloakCredentialsUsertwo).map { keycloakToken =>
// val usertwoS3 = getSdk(stsSdk, s3ProxyAuthority, keycloakToken)
// val returnedObjects = usertwoS3.listObjects(bucket).getObjectSummaries.asScala.toList.map(_.getKey)
// objectForAll.foreach(obj => assert(returnedObjects.contains(obj)))
// userTwoObjects.foreach(obj => assert(returnedObjects.contains(obj)))
// assert(returnedObjects.size == 4)
// }
// }
// }
// }


"usertwo can read data created by userone from a shared bucket" in withSdkToMockProxy { (stsSdk, s3ProxyAuthority) =>
Expand Down
6 changes: 5 additions & 1 deletion src/main/scala/com/ing/wbaa/rokku/proxy/handler/RequestHandlerS3.scala
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,11 @@ trait RequestHandlerS3 extends S3Client with UserRequestQueue {

protected[this] def storageS3Settings: StorageS3Settings

protected[this] def filterResponse(request: HttpRequest, userSTS: User, s3request: S3Request, response: HttpResponse)(implicit id: RequestId): HttpResponse
protected[this] def filterResponse(request: HttpRequest, userSTS: User, s3request: S3Request, response: HttpResponse): HttpResponse = {
//TODO the correct implementation is in FilterRecursiveListBucketHandler but some s3 implementation (like ECS) return response as 'Transfer-Encoding': 'chunked'
// so the implementation have to be fixed
response
}

/**
* Updates the URI for S3 and sends the request to S3.
Expand Down

0 comments on commit 6076b9a

Please sign in to comment.