Skip to content

Commit 7d37099

Browse files
dvasilasdvasilas
committed
CLDSRV-774: Move copy-source aclRequired logic into storeServerAccessLogInfo
1 parent be0870b commit 7d37099

1 file changed

Lines changed: 9 additions & 8 deletions

File tree

lib/metadata/metadataUtils.js

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,11 @@ function storeServerAccessLogInfo(request, bucket, raftSessionId, options = {})
5050
target.enabled = true;
5151
target.loggingEnabled = bucket.getBucketLoggingStatus().getLoggingEnabled();
5252
}
53+
// Source auth runs on the same request object and overwrites the
54+
// destination's aclRequired. Move the source value to its log entry
55+
// and restore the destination value that was saved before source auth.
56+
target.aclRequired = request.serverAccessLog.aclRequired;
57+
request.serverAccessLog.aclRequired = options.savedAclRequired;
5358
} else {
5459
// Default behavior: store in main serverAccessLog
5560
request.serverAccessLog.raftSessionID = raftSessionId;
@@ -326,8 +331,10 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
326331
if (!Array.isArray(requestType)) {
327332
requestType = [requestType];
328333
}
329-
const isCopySource = params.serverAccessLogOptions?.copySource;
330-
const savedAclRequired = isCopySource ? request?.serverAccessLog?.aclRequired : undefined;
334+
if (params.serverAccessLogOptions?.copySource) {
335+
// eslint-disable-next-line no-param-reassign
336+
params.serverAccessLogOptions.savedAclRequired = request?.serverAccessLog?.aclRequired;
337+
}
331338
async.waterfall([
332339
next => {
333340
// versionId may be 'null', which asks metadata to fetch the null key specifically
@@ -424,12 +431,6 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
424431
},
425432
], (err, bucket, objMD, raftSessionId) => {
426433
storeServerAccessLogInfo(request, bucket, raftSessionId, params.serverAccessLogOptions);
427-
if (isCopySource && request?.sourceServerAccessLog) {
428-
request.sourceServerAccessLog.aclRequired = request.serverAccessLog?.aclRequired;
429-
if (request.serverAccessLog) {
430-
request.serverAccessLog.aclRequired = savedAclRequired;
431-
}
432-
}
433434
if (err) {
434435
// still return bucket for cors headers
435436
return callback(err, bucket);

0 commit comments

Comments
 (0)