NC | implement object lock functionality

Signed-off-by: nadav mizrahi <nadav.mizrahi16@gmail.com>

Author: nadavMiz

src/api/common_api.js

@@ -1592,6 +1592,7 @@ module.exports = {
         },
         object_lock_configuration: {
             type: 'object',
+            required: ['object_lock_enabled'],
             properties: {
                 object_lock_enabled: {
                     type: 'string',
@@ -1606,7 +1607,10 @@ module.exports = {
                                     required: ['years', 'mode'],
                                     additionalProperties: false,
                                     properties: {
-                                        years: { type: 'integer' },
+                                        years: {
+                                            type: 'integer',
+                                            "minimum": 1
+                                        },
                                         mode: {
                                             type: 'string',
                                             enum: ['GOVERNANCE', 'COMPLIANCE']
@@ -1618,7 +1622,10 @@ module.exports = {
                                     required: ['days', 'mode'],
                                     additionalProperties: false,
                                     properties: {
-                                        days: { type: 'integer' },
+                                        days: {
+                                            type: 'integer',
+                                            "minimum": 1
+                                        },
                                         mode: {
                                             type: 'string',
                                             enum: ['GOVERNANCE', 'COMPLIANCE']

src/endpoint/s3/ops/s3_post_object_uploads.js

@@ -14,6 +14,7 @@ async function post_object_uploads(req, res) {
     const tagging = s3_utils.parse_tagging_header(req);
     const encryption = s3_utils.parse_encryption(req);
     const storage_class = s3_utils.parse_storage_class_header(req);
+    const lock_settings = config.WORM_ENABLED ? s3_utils.parse_lock_header(req) : undefined;
     if (config.DENY_UPLOAD_TO_STORAGE_CLASS_STANDARD && storage_class === s3_utils.STORAGE_CLASS_STANDARD) {
         throw new S3Error(S3Error.InvalidStorageClass);
     }
@@ -26,7 +27,8 @@ async function post_object_uploads(req, res) {
         xattr: s3_utils.get_request_xattr(req),
         storage_class,
         tagging,
-        encryption
+        encryption,
+        lock_settings
     });
 
     s3_utils.set_encryption_response_headers(req, res, reply.encryption);

src/endpoint/s3/ops/s3_put_bucket_object_lock.js

@@ -17,10 +17,19 @@ async function put_bucket_object_lock(req, res) {
     }
     const lock_configuration = s3_utils.parse_body_object_lock_conf_xml(req);
 
-    await req.object_sdk.put_object_lock_configuration({
-        name: req.params.bucket,
-        object_lock_configuration: lock_configuration,
-    });
+    try {
+        await req.object_sdk.put_object_lock_configuration({
+            name: req.params.bucket,
+            object_lock_configuration: lock_configuration,
+        });
+    } catch (err) {
+        let error = err;
+        if (err.rpc_code === 'INVALID_SCHEMA' || err.rpc_code === 'INVALID_SCHEMA_PARAMS') {
+            console.error('put_bucket_object_lock: Invalid schema provided', err);
+            error = new S3Error(S3Error.MalformedXML);
+        }
+        throw error;
+    }
 }
 
 module.exports = {

src/endpoint/s3/s3_utils.js

@@ -538,35 +538,48 @@ function parse_body_encryption_xml(req) {
 
 function parse_body_object_lock_conf_xml(req) {
     const configuration = req.body.ObjectLockConfiguration;
-    const retention = configuration.Rule[0].DefaultRetention[0];
-
-    if ((retention.Days && retention.Years) || (!retention.Days && !retention.Years) ||
-        (retention.Mode[0] !== 'GOVERNANCE' && retention.Mode[0] !== 'COMPLIANCE')) throw new S3Error(S3Error.MalformedXML);
-
-    const conf = {
-        object_lock_enabled: configuration.ObjectLockEnabled[0],
-        rule: { default_retention: { mode: retention.Mode[0], } }
-    };
+    try {
+        const retention = configuration?.Rule?.[0]?.DefaultRetention?.[0];
+        const object_lock_enabled = configuration?.ObjectLockEnabled?.[0];
+        if (object_lock_enabled !== 'Enabled') {
+            throw new S3Error(S3Error.MalformedXML);
+        }
+        const conf = {
+            object_lock_enabled,
+        };
 
-    if (retention.Days) {
-        const days = parseInt(retention.Days[0], 10);
-        if (days <= 0) {
-            const err = new S3Error(S3Error.InvalidArgument);
-            err.message = 'Default retention period must be a positive integer value';
-            throw err;
+        if (retention) {
+            conf.rule = { default_retention: { mode: retention.Mode[0] } };
+            if ((!retention.Days && !retention.Years) || (retention.Mode[0] !== 'GOVERNANCE' && retention.Mode[0] !== 'COMPLIANCE')) {
+                throw new S3Error(S3Error.MalformedXML);
+            }
+            if (retention.Days) {
+                const days = parseInt(retention.Days[0], 10);
+                if (!Number.isInteger(days) || days <= 0) {
+                    const err = new S3Error(S3Error.InvalidArgument);
+                    err.message = 'Default retention period must be a positive integer value';
+                    throw err;
+                }
+                conf.rule.default_retention.days = days;
+            }
+            if (retention.Years) {
+                const years = parseInt(retention.Years[0], 10);
+                if (!Number.isInteger(years) || years <= 0) {
+                    const err = new S3Error(S3Error.InvalidArgument);
+                    err.message = 'Default retention period must be a positive integer value';
+                    throw err;
+                }
+                conf.rule.default_retention.years = years;
+            }
         }
-        conf.rule.default_retention.days = days;
-    }
-    if (retention.Years) {
-        const years = parseInt(retention.Years[0], 10);
-        if (years <= 0) {
-            const err = new S3Error(S3Error.InvalidArgument);
-            err.message = 'Default retention period must be a positive integer value';
+        return conf;
+    } catch (err) {
+        dbg.error('parse_body_object_lock_conf_xml failed', err);
+        if (err instanceof S3Error) {
             throw err;
         }
-        conf.rule.default_retention.years = years;
+        throw new S3Error(S3Error.MalformedXML);
     }
-    return conf;
 }
 
 function parse_body_website_xml(req) {