Merge pull request versity#958 from versity/test/rest_get_bucket_owne…

…rship_controls

Test/rest get bucket ownership controls

tests/commands/copy_object.sh

@@ -16,7 +16,7 @@
 
 copy_object() {
   if [ $# -ne 4 ]; then
-    echo "copy object command requires command type, source, bucket, key"
+    log 2 "copy object command requires command type, source, bucket, key"
     return 1
   fi
   local exit_code=0
@@ -32,12 +32,12 @@ copy_object() {
   elif [[ $1 == 'mc' ]]; then
     error=$(send_command mc --insecure cp "$MC_ALIAS/$2" "$MC_ALIAS/$3/$4" 2>&1) || exit_code=$?
   else
-    echo "'copy-object' not implemented for '$1'"
+    log 2 "'copy-object' not implemented for '$1'"
     return 1
   fi
   log 5 "copy object exit code: $exit_code"
   if [ $exit_code -ne 0 ]; then
-    echo "error copying object to bucket: $error"
+    log 2 "error copying object to bucket: $error"
     return 1
   fi
   return 0

tests/commands/delete_object_tagging.sh

@@ -17,7 +17,7 @@
 delete_object_tagging() {
   record_command "delete-object-tagging" "client:$1"
   if [[ $# -ne 3 ]]; then
-    echo "delete object tagging command missing command type, bucket, key"
+    log 2 "delete object tagging command missing command type, bucket, key"
     return 1
   fi
   delete_result=0
@@ -28,11 +28,11 @@ delete_object_tagging() {
   elif [ "$1" == 'rest' ]; then
     delete_object_tagging_rest "$2" "$3" || delete_result=$?
   else
-    echo "delete-object-tagging command not implemented for '$1'"
+    log 2 "delete-object-tagging command not implemented for '$1'"
     return 1
   fi
   if [[ $delete_result -ne 0 ]]; then
-    echo "error deleting object tagging: $error"
+    log 2 "error deleting object tagging: $error"
     return 1
   fi
   return 0

tests/commands/get_bucket_location.sh

@@ -17,17 +17,18 @@
 get_bucket_location() {
   record_command "get-bucket-location" "client:$1"
   if [[ $# -ne 2 ]]; then
-    echo "get bucket location command requires command type, bucket name"
+    log 2 "get bucket location command requires command type, bucket name"
     return 1
   fi
+  get_result=0
   if [[ $1 == 'aws' ]]; then
     get_bucket_location_aws "$2" || get_result=$?
   elif [[ $1 == 's3cmd' ]]; then
     get_bucket_location_s3cmd "$2" || get_result=$?
   elif [[ $1 == 'mc' ]]; then
     get_bucket_location_mc "$2" || get_result=$?
   else
-    echo "command type '$1' not implemented for get_bucket_location"
+    log 2 "command type '$1' not implemented for get_bucket_location"
     return 1
   fi
   if [[ $get_result -ne 0 ]]; then
@@ -39,7 +40,7 @@ get_bucket_location() {
 get_bucket_location_aws() {
   record_command "get-bucket-location" "client:s3api"
   if [[ $# -ne 1 ]]; then
-    echo "get bucket location (aws) requires bucket name"
+    log 2 "get bucket location (aws) requires bucket name"
     return 1
   fi
   location_json=$(send_command aws --no-verify-ssl s3api get-bucket-location --bucket "$1") || location_result=$?
@@ -59,7 +60,7 @@ get_bucket_location_s3cmd() {
   fi
   info=$(send_command s3cmd --no-check-certificate info "s3://$1") || results=$?
   if [[ $results -ne 0 ]]; then
-    echo "error getting s3cmd info: $info"
+    log 2 "error getting bucket location: $location"
     return 1
   fi
   bucket_location=$(echo "$info" | grep -o 'Location:.*' | awk '{print $2}')
@@ -69,12 +70,12 @@ get_bucket_location_s3cmd() {
 get_bucket_location_mc() {
   record_command "get-bucket-location" "client:mc"
   if [[ $# -ne 1 ]]; then
-    echo "get bucket location (mc) requires bucket name"
+    log 2 "get bucket location (mc) requires bucket name"
     return 1
   fi
   info=$(send_command mc --insecure stat "$MC_ALIAS/$1") || results=$?
   if [[ $results -ne 0 ]]; then
-    echo "error getting s3cmd info: $info"
+    log 2 "error getting s3cmd info: $info"
     return 1
   fi
   # shellcheck disable=SC2034

tests/commands/get_bucket_policy.sh

@@ -126,12 +126,12 @@ get_bucket_policy_s3cmd() {
 get_bucket_policy_mc() {
   record_command "get-bucket-policy" "client:mc"
   if [[ $# -ne 1 ]]; then
-    echo "aws 'get bucket policy' command requires bucket"
+    log 2 "aws 'get bucket policy' command requires bucket"
     return 1
   fi
   bucket_policy=$(send_command mc --insecure anonymous get-json "$MC_ALIAS/$1") || get_result=$?
   if [[ $get_result -ne 0 ]]; then
-    echo "error getting policy: $bucket_policy"
+    log 2 "error getting policy: $bucket_policy"
     return 1
   fi
   return 0

tests/commands/get_bucket_tagging.sh

@@ -35,7 +35,7 @@ get_bucket_tagging() {
       export tags=
       return 0
     fi
-    echo "error getting bucket tags: $tags"
+    log 2 "error getting bucket tags: $tags"
     return 1
   fi
   export tags

tests/commands/list_buckets.sh

@@ -18,7 +18,7 @@ list_buckets() {
   log 6 "list_buckets"
   record_command "list-buckets" "client:$1"
   if [ $# -ne 1 ]; then
-    echo "list buckets command missing command type"
+    log 2 "list buckets command missing command type"
     return 1
   fi
 
@@ -34,11 +34,11 @@ list_buckets() {
   elif [[ $1 == 'rest' ]]; then
     list_buckets_rest || exit_code=$?
   else
-    echo "list buckets command not implemented for '$1'"
+    log 2 "list buckets command not implemented for '$1'"
     return 1
   fi
   if [ $exit_code -ne 0 ]; then
-    echo "error listing buckets: $buckets"
+    log 2 "error listing buckets: $buckets"
     return 1
   fi
 
@@ -57,7 +57,7 @@ list_buckets() {
 list_buckets_with_user() {
   record_command "list-buckets" "client:$1"
   if [ $# -ne 3 ]; then
-    echo "'list buckets as user' command missing command type, username, password"
+    log 2 "'list buckets as user' command missing command type, username, password"
     return 1
   fi
 
@@ -71,11 +71,11 @@ list_buckets_with_user() {
   elif [[ $1 == 'mc' ]]; then
     buckets=$(send_command mc --insecure ls "$MC_ALIAS" 2>&1) || exit_code=$?
   else
-    echo "list buckets command not implemented for '$1'"
+    log 2 "list buckets command not implemented for '$1'"
     return 1
   fi
   if [ $exit_code -ne 0 ]; then
-    echo "error listing buckets: $buckets"
+    log 2 "error listing buckets: $buckets"
     return 1
   fi
 
@@ -97,7 +97,7 @@ list_buckets_s3api() {
     return 1
   fi
   if ! output=$(AWS_ACCESS_KEY_ID="$1" AWS_SECRET_ACCESS_KEY="$2" send_command aws --no-verify-ssl s3api list-buckets 2>&1); then
-    echo "error listing buckets: $output"
+    log 2 "error listing buckets: $output"
     return 1
   fi
   log 5 "bucket data: $output"

tests/commands/list_objects.sh

@@ -91,7 +91,7 @@ list_objects_s3api() {
 # export objects on success, return 1 for failure
 list_objects_s3api_v1() {
   if [ $# -lt 1 ] || [ $# -gt 2 ]; then
-    echo "list objects command requires bucket, (optional) delimiter"
+    log 2 "list objects command requires bucket, (optional) delimiter"
     return 1
   fi
   if [ "$2" == "" ]; then
@@ -100,7 +100,7 @@ list_objects_s3api_v1() {
     objects=$(send_command aws --no-verify-ssl s3api list-objects --bucket "$1" --delimiter "$2") || local result=$?
   fi
   if [[ $result -ne 0 ]]; then
-    echo "error listing objects: $objects"
+    log 2 "error listing objects: $objects"
     return 1
   fi
   export objects

tests/commands/list_objects_v2.sh

@@ -19,13 +19,13 @@
 # export objects on success, return 1 for failure
 list_objects_v2() {
   if [ $# -ne 1 ]; then
-    echo "list objects command missing bucket and/or path"
+    log 2 "list objects command missing bucket and/or path"
     return 1
   fi
   record_command "list-objects-v2 client:s3api"
   objects=$(send_command aws --no-verify-ssl s3api list-objects-v2 --bucket "$1") || local result=$?
   if [[ $result -ne 0 ]]; then
-    echo "error listing objects: $objects"
+    log 2 "error listing objects: $objects"
     return 1
   fi
 }

tests/commands/upload_part_copy.sh

@@ -17,14 +17,14 @@
 upload_part_copy() {
   record_command "upload-part-copy" "client:s3api"
   if [ $# -ne 5 ]; then
-    echo "upload multipart part copy function must have bucket, key, upload ID, file name, part number"
+    log 2 "upload multipart part copy function must have bucket, key, upload ID, file name, part number"
     return 1
   fi
   local etag_json
-  echo "$1 $2 $3 $4 $5"
+  log 5 "parameters:  $1 $2 $3 $4 $5"
   etag_json=$(send_command aws --no-verify-ssl s3api upload-part-copy --bucket "$1" --key "$2" --upload-id "$3" --part-number "$5" --copy-source "$1/$4-$(($5-1))") || local uploaded=$?
   if [[ $uploaded -ne 0 ]]; then
-    echo "Error uploading part $5: $etag_json"
+    log 2 "Error uploading part $5: $etag_json"
     return 1
   fi
   etag=$(echo "$etag_json" | jq '.CopyPartResult.ETag')

tests/rest_scripts/get_bucket_ownership_controls.sh

@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+
+# Copyright 2024 Versity Software
+# This file is licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http:#www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+source ./tests/rest_scripts/rest.sh
+
+# Fields
+# shellcheck disable=SC2153
+bucket_name="$BUCKET_NAME"
+
+current_date_time=$(date -u +"%Y%m%dT%H%M%SZ")
+
+canonical_request="GET
+/$bucket_name
+ownershipControls=
+host:$host
+x-amz-content-sha256:UNSIGNED-PAYLOAD
+x-amz-date:$current_date_time
+
+host;x-amz-content-sha256;x-amz-date
+UNSIGNED-PAYLOAD"
+
+create_canonical_hash_sts_and_signature
+
+curl_command+=(curl -ks -w "\"%{http_code}\"" "$AWS_ENDPOINT_URL/$bucket_name?ownershipControls="
+-H "\"Authorization: AWS4-HMAC-SHA256 Credential=$aws_access_key_id/$year_month_day/$aws_region/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=$signature\""
+-H "\"x-amz-content-sha256: UNSIGNED-PAYLOAD\""
+-H "\"x-amz-date: $current_date_time\""
+-o "$OUTPUT_FILE")
+# shellcheck disable=SC2154
+eval "${curl_command[*]}" 2>&1

tests/rest_scripts/put_bucket_ownership_controls.sh

@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+# Copyright 2024 Versity Software
+# This file is licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http:#www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+source ./tests/rest_scripts/rest.sh
+
+# Fields
+
+# shellcheck disable=SC2153
+bucket_name="$BUCKET_NAME"
+# shellcheck disable=SC2153
+ownership="$OWNERSHIP"
+
+payload="<?xml version=\"1.0\" encoding=\"UTF-8\"?>
+<OwnershipControls xmlns=\"http://s3.amazonaws.com/doc/2006-03-01/\">
+   <Rule>
+      <ObjectOwnership>$ownership</ObjectOwnership>
+   </Rule>
+</OwnershipControls>"
+
+content_md5=$(echo -n "$payload" | openssl dgst -binary -md5 | openssl base64)
+payload_hash="$(echo -n "$payload" | sha256sum | awk '{print $1}')"
+current_date_time=$(date -u +"%Y%m%dT%H%M%SZ")
+
+canonical_request="PUT
+/$bucket_name
+ownershipControls=
+content-md5:$content_md5
+host:$host
+x-amz-content-sha256:$payload_hash
+x-amz-date:$current_date_time
+
+content-md5;host;x-amz-content-sha256;x-amz-date
+$payload_hash"
+
+create_canonical_hash_sts_and_signature
+
+curl_command+=(curl -ks -w "\"%{http_code}\"" -X PUT "$AWS_ENDPOINT_URL/$bucket_name?ownershipControls="
+-H "\"Authorization: AWS4-HMAC-SHA256 Credential=$aws_access_key_id/$year_month_day/$aws_region/s3/aws4_request,SignedHeaders=content-md5;host;x-amz-content-sha256;x-amz-date,Signature=$signature\""
+-H "\"Content-MD5: $content_md5\""
+-H "\"x-amz-content-sha256: $payload_hash\""
+-H "\"x-amz-date: $current_date_time\""
+-d "\"${payload//\"/\\\"}\""
+-o "$OUTPUT_FILE")
+
+# shellcheck disable=SC2154
+eval "${curl_command[*]}" 2>&1

tests/setup_mc.sh

@@ -18,7 +18,7 @@ check_for_alias() {
   local alias_result
   aliases=$(mc alias list)
   if [[ $alias_result -ne 0 ]]; then
-    echo "error checking for aliases: $aliases"
+    log 2 "error checking for aliases: $aliases"
     return 2
   fi
   while IFS= read -r line; do
@@ -32,7 +32,7 @@ check_for_alias() {
 check_add_mc_alias() {
   check_for_alias || alias_result=$?
   if [[ $alias_result -eq 2 ]]; then
-    echo "error checking for aliases"
+    log 2 "error checking for aliases"
     return 1
   fi
   if [[ $alias_result -eq 0 ]]; then
@@ -41,7 +41,7 @@ check_add_mc_alias() {
   local set_result
   error=$(mc alias set --insecure "$MC_ALIAS" "$AWS_ENDPOINT_URL" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY") || set_result=$?
   if [[ $set_result -ne 0 ]]; then
-    echo "error setting alias: $error"
+    log 2 "error setting alias: $error"
     return 1
   fi
   return 0

tests/test_common.sh

@@ -218,7 +218,7 @@ test_common_list_buckets() {
 
 test_common_list_objects() {
   if [[ $# -ne 1 ]]; then
-    echo "common test function for listing objects requires command type"
+    log 2 "common test function for listing objects requires command type"
     return 1
   fi
 
@@ -294,7 +294,7 @@ test_common_set_get_object_tags() {
 
 test_common_presigned_url_utf8_chars() {
   if [[ $# -ne 1 ]]; then
-    echo "presigned url command missing command type"
+    log 2 "presigned url command missing command type"
     return 1
   fi