Return 405 for Get/Head Specific Delete-Marker #8733
Conversation
| @@ -1568,7 +1568,13 @@ function get_obj_id(req, rpc_code) { | |||
| * @param {string} rpc_code | |||
| */ | |||
| function check_object_mode(req, obj, rpc_code) { | |||
| if (!obj || obj.deleted || obj.delete_marker) { | |||
| if (obj && obj.delete_marker) { | |||
There was a problem hiding this comment.
How can we be sure that in this case the object is a delete_marker and also the version ID was specified in the request? From reading this condition I only know that it is a delete marker.
There was a problem hiding this comment.
The bucket with version enabled and the object is deleted, we can see the delete marker object as true. In other case the delete marker is false or obj it self is null.
Cases:
- If we delete the object (with version enabled), head the object with/out version_id, we get Method not allowed
- If we try to fetch any other version that is deleted, we get Not Found as Obj is NULL
- If version not enabled, we return Not Found, since obj is NULL
Correct me if wrong
There was a problem hiding this comment.
What about the request?
The difference here that it was on delete marker with version id.
According to the AWS docs GetObject and HeadObject:(https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html#API_GetObject_ResponseElements):
If the specified version in the request is a delete marker, the response returns a 405 Method Not Allowed error and the Last-Modified: timestamp response header.
There was a problem hiding this comment.
This is the behavior what I saw on aws s3
head object
# aws s3api head-object --bucket vh-22 --key Makefile --version-id aqGt6sJfDntex6GPXfpl2RZwa5fUQYgV
An error occurred (405) when calling the HeadObject operation: Method Not Allowed
get-object
# aws s3api get-object --bucket vh-22 --key Makefile --version-id aqGt6sJfDntex6GPXfpl2RZwa5fUQYgV a
An error occurred (MethodNotAllowed) when calling the GetObject operation: The specified method is not allowed against this resource.
There was a problem hiding this comment.
I think now I got what you are saying,
If we dont specify version id on delete marker, we should return ENOENT and version id is given we should return Method Not allowed. Am I right ?
There was a problem hiding this comment.
We need to be compliant with the S3 protocol.
So in the previous check that you did on AWS you can also do it without "--version-id" flag and look at the errors.
Then you need to test the same cases on noobaa (on the a data bucket) and ensure the behavior is the same.
ENOENT is the term in filesystem, we need to return the right RPC error (that would be translated to the S3 error we need to return).
I hope it is clear.
Yes, will add test |
If the specified version in the request is a delete marker the returned is 405 Method Not Allowed. Fixes: noobaa#8369 Signed-off-by: Vinayakswami Hariharmath <[email protected]>
If the specified version in the request is a delete marker the returned is 405 Method Not Allowed.
delete the object
nb-s3api delete-object --bucket test-16 --key MakefileNow head/get object with version id of the delete marker (list-object-versions will give the delete version marker id)
Output:
Fixes: #8369