added 20kb limit for put bucket policy

Issue : CLDSRV-700

Author: SylvainSenechal

constants.js

@@ -89,6 +89,11 @@ const constants = {
     // Maximum HTTP headers size allowed
     maxHttpHeadersSize: 14122,
 
+    // AWS sets the maximum size for bucket policies to 20 KB
+    // https://docs.aws.amazon.com/AmazonS3/latest/userguide/add-bucket-policy.html
+    bucketPolicyMaxBytesSize: 20480,
+
+
     // hex digest of sha256 hash of empty string:
     emptyStringHash: crypto.createHash('sha256')
         .update('', 'binary').digest('hex'),

lib/api/bucketPutPolicy.js

@@ -5,6 +5,7 @@ const metadata = require('../metadata/wrapper');
 const { standardMetadataValidateBucket } = require('../metadata/metadataUtils');
 const { validatePolicyResource, validatePolicyConditions } =
     require('./apiUtils/authorization/permissionChecks');
+const constants = require('../../constants');
 const { BucketPolicy } = models;
 
 /**
@@ -31,6 +32,14 @@ function _checkNotImplementedPolicy(policyString) {
 function bucketPutPolicy(authInfo, request, log, callback) {
     log.debug('processing request', { method: 'bucketPutPolicy' });
 
+    if (request.post && request.post.length > constants.bucketPolicyMaxBytesSize) {
+        return callback(errorInstances.MalformedPolicy.customizeDescription(
+            `The provided Bucket Policy is too large : ${request.post.length} bytes. ` +
+            `The AWS standard allows 20KB maximum. ` +
+            `Our current limit is set at ${constants.bucketPolicyMaxBytesSize} bytes. `
+        ));
+    }
+
     const { bucketName } = request;
     const metadataValParams = {
         authInfo,