move const to top

leif-scality · leif-scality · commit 82a826444140 · 2025-07-09T11:01:53.000+02:00
diff --git a/lib/api/apiUtils/authorization/permissionChecks.js b/lib/api/apiUtils/authorization/permissionChecks.js
@@ -14,6 +14,19 @@ const {
 const publicReadBuckets = process.env.ALLOW_PUBLIC_READ_BUCKETS
     ? process.env.ALLOW_PUBLIC_READ_BUCKETS.split(',') : [];
 
+const checkPrincipalResult = Object.freeze({
+    KO: 0,
+    CROSS_ACCOUNT_OK: 1,
+    OK: 2,
+});
+
+const checkBucketPolicyResult = Object.freeze({
+    DEFAULT_DENY: 0,
+    EXPLICIT_DENY: 1,
+    ALLOW: 2,
+    CROSS_ACCOUNT_ALLOW: 3,
+});
+
 /**
  * Checks the access control for a given bucket based on the request type and user's canonical ID.
  *
@@ -283,12 +296,6 @@ function _isRootUser(arn) {
     return false;
 }
 
-const checkPrincipalResult = Object.freeze({
-    KO: 0,
-    CROSS_ACCOUNT_OK: 1,
-    OK: 2,
-});
-
 /** _evaluateCrossAccount - checks if it is a cross-account request.
  * @param {string} requesterARN - requester ARN
  * @param {string} requesterCanonicalID - requester canonical ID
@@ -391,13 +398,6 @@ function _checkPrincipals(canonicalID, arn, principal, bucketOwnerCanonicalID) {
     return checkPrincipalResult.KO;
 }
 
-const checkBucketPolicyResult = Object.freeze({
-    DEFAULT_DENY: 0,
-    EXPLICIT_DENY: 1,
-    ALLOW: 2,
-    CROSS_ACCOUNT_ALLOW: 3,
-});
-
 // checkBucketPolicy FSM.
 // ┌───────────────────────────┐
 // │                           ▼
