Merge branch 'bugfix/ARSN-457' into q/8.1

scality · Jan 28, 2025 · 4431bbe · 4431bbe
2 parents 05dbb67 + 14b341d
commit 4431bbe
Show file tree

Hide file tree

Showing 21 changed files with 1,601 additions and 632 deletions.
diff --git a/.eslintrc b/.eslintrc
@@ -1,5 +1,8 @@
 {
     "extends": "scality",
+    "env": {
+        "es2020": true
+    },
     "parserOptions": {
         "ecmaVersion": 2020
     }

diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
@@ -8,7 +8,7 @@ on:
 
 jobs:
   test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     services:
       # Label used to access the service container
       redis:
@@ -56,7 +56,7 @@ jobs:
   compile:
     name: Compile and upload build artifacts
     needs: test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - name: Checkout
       uses: actions/checkout@v4

diff --git a/lib/algos/list/skip.js b/lib/algos/list/skip.js
@@ -10,10 +10,10 @@ const MAX_STREAK_LENGTH = 100;
  */
 class Skip {
     /**
-     * @param {Object} params           - skip parameters
-     * @param {Object} params.extension - delimiter extension used (required)
-     * @param {String} params.gte       - current range gte (greater than or
-     *                                    equal) used by the client code
+     * @param {Object} params                - skip parameters
+     * @param {Object} params.extension      - delimiter extension used (required)
+     * @param {String | string[]} params.gte - current range gte (greater than or
+     *                                         equal) used by the client code
      */
     constructor(params) {
         assert(params.extension);

diff --git a/lib/auth/AuthInfo.ts b/lib/auth/AuthInfo.ts
@@ -9,6 +9,29 @@ export type AuthInfoType = {
     IAMdisplayName: string;
 };
 
+export type AuthorizationResults = {
+    isAllowed: boolean,
+    isImplicit: boolean,
+    arn: string,
+    action: string,
+    versionId?: string,
+}[];
+
+export type AccountQuota = {
+    account: string,
+    quota: bigint,
+};
+
+export type AccountInfos = {
+    accountQuota?: AccountQuota,
+};
+
+export type AuthV4Results = {
+    userInfo: AuthInfoType,
+    authorizationResults?: AuthorizationResults,
+    accountQuota: AccountQuota,
+};
+
 /**
  * Class containing requester's information received from Vault
  * @param {object} info from Vault including arn, canonicalID,

diff --git a/lib/auth/Vault.ts b/lib/auth/Vault.ts
@@ -1,6 +1,6 @@
 import { Logger } from 'werelogs';
 import errors from '../errors';
-import AuthInfo, { AuthInfoType } from './AuthInfo';
+import AuthInfo, { AccountInfos, AuthInfoType, AuthorizationResults, AuthV4Results } from './AuthInfo';
 
 /** vaultSignatureCb parses message from Vault and instantiates
  * @param err - error from vault
@@ -15,15 +15,17 @@ function vaultSignatureCb(
     authInfo: {
         message: {
             message: string,
-            body: {
-                userInfo: AuthInfoType,
-                authorizationResults: { [key: string]: any },
-                accountQuota: number,
-            },
+            body: AuthV4Results,
         },
     },
     log: Logger,
-    callback: (err: Error | null, data?: any, results?: any, params?: any, infos?: any) => void,
+    callback: (
+        err: Error | null,
+        data?: AuthInfoType,
+        results?: AuthorizationResults,
+        params?: any,
+        infos?: AccountInfos,
+    ) => void,
     streamingV4Params?: any
 ) {
     // vaultclient API guarantees that it returns:
@@ -49,7 +51,7 @@ function vaultSignatureCb(
         },
     });
 
-    const info = authInfo.message.body;
+    const info = authInfo.message.body as AuthV4Results;
     const userInfo = new AuthInfo(info.userInfo);
     const authorizationResults = info.authorizationResults;
     const auditLog: { accountDisplayName: string, IAMdisplayName?: string } =

diff --git a/lib/auth/backends/in_memory/Backend.ts b/lib/auth/backends/in_memory/Backend.ts
@@ -5,14 +5,21 @@ import { calculateSigningKey, hashSignature } from './vaultUtilities';
 import Indexer from './Indexer';
 import BaseBackend from '../base';
 import { Accounts } from './types';
+import { AuthInfoType, AuthV4Results } from '../../AuthInfo';
 
-function _formatResponse(userInfoToSend: any) {
+function _formatResponse(userInfo: AuthInfoType): { message: { body: AuthV4Results } } {
     return {
         message: {
-            body: { userInfo: userInfoToSend },
+          body: {
+            userInfo,
+            accountQuota: {
+              account: userInfo.canonicalID,
+              quota: 0n,
+            },
+          },
         },
+      };
     };
-}
 
 /**
  * Class that provides a memory backend for verifying signatures and getting