Add support for getObjectACL and deleteObjectACL

fsouza · Nov 28, 2024 · 557ed65 · 557ed65
1 parent 9e26890
commit 557ed65
Show file tree

Hide file tree

Showing 3 changed files with 72 additions and 0 deletions.
diff --git a/fakestorage/object.go b/fakestorage/object.go
@@ -710,6 +710,59 @@ func (s *Server) listObjectACL(r *http.Request) jsonResponse {
 	return jsonResponse{data: newACLListResponse(obj.ObjectAttrs)}
 }
 
+func (s *Server) deleteObjectACL(r *http.Request) jsonResponse {
+	vars := unescapeMuxVars(mux.Vars(r))
+
+	obj, err := s.GetObjectStreaming(vars["bucketName"], vars["objectName"])
+	if err != nil {
+		return jsonResponse{status: http.StatusNotFound}
+	}
+	defer obj.Close()
+	entity := vars["entity"]
+
+	var newAcls []storage.ACLRule
+	for _, aclRule := range obj.ObjectAttrs.ACL {
+		if entity != string(aclRule.Entity) {
+			newAcls = append(newAcls, aclRule)
+		}
+	}
+
+	obj.ACL = newAcls
+	obj, err = s.createObject(obj, backend.NoConditions{})
+	if err != nil {
+		return errToJsonResponse(err)
+	}
+	defer obj.Close()
+
+	return jsonResponse{status: http.StatusOK}
+}
+
+func (s *Server) getObjectACL(r *http.Request) jsonResponse {
+	vars := unescapeMuxVars(mux.Vars(r))
+
+	obj, err := s.backend.GetObject(vars["bucketName"], vars["objectName"])
+	if err != nil {
+		return jsonResponse{status: http.StatusNotFound}
+	}
+	defer obj.Close()
+	entity := vars["entity"]
+
+	for _, aclRule := range obj.ObjectAttrs.ACL {
+		if entity == string(aclRule.Entity) {
+			oac := &objectAccessControl{
+				Bucket: obj.BucketName,
+				Entity: string(aclRule.Entity),
+				Object: obj.Name,
+				Role:   string(aclRule.Role),
+				Etag:   "RVRhZw==",
+				Kind:   "storage#objectAccessControl",
+			}
+			return jsonResponse{data: oac}
+		}
+	}
+	return jsonResponse{status: http.StatusNotFound}
+}
+
 func (s *Server) setObjectACL(r *http.Request) jsonResponse {
 	vars := unescapeMuxVars(mux.Vars(r))
 

diff --git a/fakestorage/object_test.go b/fakestorage/object_test.go
@@ -1676,6 +1676,23 @@ func TestServerClientObjectSetAclPrivate(t *testing.T) {
 				t.Fatal("acl role not set to RoleReader")
 				return
 			}
+
+			err = objHandle.ACL().Delete(ctx, storage.AllAuthenticatedUsers)
+			if err != nil {
+				t.Fatalf("unexpected error while deleting acl %+v", err)
+				return
+			}
+
+			rules, err = objHandle.ACL().List(ctx)
+			if err != nil {
+				t.Fatalf("unexpected error while getting acl %+v", err)
+				return
+			}
+
+			if len(rules) != 0 {
+				t.Fatalf("acl has unexpected rules: %+v", rules)
+				return
+			}
 		})
 	})
 }

diff --git a/fakestorage/server.go b/fakestorage/server.go
@@ -273,6 +273,8 @@ func (s *Server) buildMuxer() {
 		r.Path("/b/{bucketName}/o/{objectName:.+}").Methods(http.MethodPatch).HandlerFunc(jsonToHTTPHandler(s.patchObject))
 		r.Path("/b/{bucketName}/o/{objectName:.+}/acl").Methods(http.MethodGet).HandlerFunc(jsonToHTTPHandler(s.listObjectACL))
 		r.Path("/b/{bucketName}/o/{objectName:.+}/acl").Methods(http.MethodPost).HandlerFunc(jsonToHTTPHandler(s.setObjectACL))
+		r.Path("/b/{bucketName}/o/{objectName:.+}/acl/{entity}").Methods(http.MethodDelete).HandlerFunc(jsonToHTTPHandler(s.deleteObjectACL))
+		r.Path("/b/{bucketName}/o/{objectName:.+}/acl/{entity}").Methods(http.MethodGet).HandlerFunc(jsonToHTTPHandler(s.getObjectACL))
 		r.Path("/b/{bucketName}/o/{objectName:.+}/acl/{entity}").Methods(http.MethodPut).HandlerFunc(jsonToHTTPHandler(s.setObjectACL))
 		r.Path("/b/{bucketName}/o/{objectName:.+}").Methods(http.MethodGet, http.MethodHead).HandlerFunc(s.getObject)
 		r.Path("/b/{bucketName}/o/{objectName:.+}").Methods(http.MethodDelete).HandlerFunc(jsonToHTTPHandler(s.deleteObject))