satellite/metabase: handle NewEncryptedMetadata while coping object
Copy object functionality should support setting new metadata for copy. This change is adjusting FinishCopyObject method to set new metadata when OverrideMetadata field is set to true. Fixes https://github.com/storj/storj/issues/4483 Change-Id: Ica37cb57e8edae301cdc483fbda4f3ddba5d2702
This commit is contained in:
parent
053a38a46d
commit
ccd16bbef6
4
go.mod
4
go.mod
@ -48,11 +48,11 @@ require (
|
||||
golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e
|
||||
gopkg.in/segmentio/analytics-go.v3 v3.1.0
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc
|
||||
storj.io/drpc v0.0.29
|
||||
storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a
|
||||
storj.io/private v0.0.0-20220131131751-c913260b9ec2
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8
|
||||
)
|
||||
|
||||
require (
|
||||
|
10
go.sum
10
go.sum
@ -846,14 +846,14 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8
|
||||
sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
|
||||
sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
|
||||
storj.io/common v0.0.0-20220131120956-e74f624a3d55/go.mod h1:m0489td5+rKDdoiYOzCkh3CfGW/cLyntZiYfso+QfMs=
|
||||
storj.io/common v0.0.0-20220218100924-daea4bf7cc6c/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd h1:4sUi3QM1xn7uVJNyVvhrLvieynbYd1ePXdZehcRWzH0=
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220223161334-302b968d0f29/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc h1:ecc15H8aEXdGh4WWyfhXM8q9x3ni5hnCXDH2+HC/z9k=
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/drpc v0.0.29 h1:Ihd4ls/JQFr0lctefie3iu+3QM4duccCKr9uMzf4sKY=
|
||||
storj.io/drpc v0.0.29/go.mod h1:6rcOyR/QQkSTX/9L5ZGtlZaE2PtXTTZl8d+ulSeeYEg=
|
||||
storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a h1:qads+aZlFKm5gUxobfF9s2x8/byPaPPLe2Mz+J82R+k=
|
||||
storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a/go.mod h1:DGEycSjvzE0JqcD3+6IjwPEK6x30oOus6AApXzl7t0s=
|
||||
storj.io/private v0.0.0-20220131131751-c913260b9ec2 h1:POHeqNfH0YzO4d2px9NZRPvWPumvA3581YPK2nwP7gw=
|
||||
storj.io/private v0.0.0-20220131131751-c913260b9ec2/go.mod h1:i08plLYNEyxf9eObj0UAYnTyh+6r8jvra4JDnvhFsCI=
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 h1:oBbMBGijaMGFfrHteng2v5GPW/d6J4AB6nfey/99614=
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87/go.mod h1:maW42V/Ze1MJOEJVNpkNa1VdU7nEiNb+TEZ+pNDx2/Q=
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 h1:nW8/fo04hiUXU9RP9zkr+wPY3NVWyOd5wvkxDP9gKKY=
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8/go.mod h1:CVSBjpsXFk6iFIc9jxo/530kIQJK/8iM0xdihoZkhoE=
|
||||
|
@ -107,13 +107,16 @@ func (db *DB) BeginCopyObject(ctx context.Context, opts BeginCopyObject) (result
|
||||
// FinishCopyObject holds all data needed to finish object copy.
|
||||
type FinishCopyObject struct {
|
||||
ObjectStream
|
||||
NewBucket string
|
||||
NewStreamID uuid.UUID
|
||||
NewSegmentKeys []EncryptedKeyAndNonce
|
||||
// TODO: add NewEncryptedMetadata []byte for being able to change object's metadata
|
||||
NewEncryptedObjectKey []byte
|
||||
NewBucket string
|
||||
NewEncryptedObjectKey ObjectKey
|
||||
NewStreamID uuid.UUID
|
||||
|
||||
OverrideMetadata bool
|
||||
NewEncryptedMetadata []byte
|
||||
NewEncryptedMetadataKeyNonce []byte
|
||||
NewEncryptedMetadataKey []byte
|
||||
|
||||
NewSegmentKeys []EncryptedKeyAndNonce
|
||||
}
|
||||
|
||||
// Verify verifies metabase.FinishCopyObject data.
|
||||
@ -127,14 +130,25 @@ func (finishCopy FinishCopyObject) Verify() error {
|
||||
return ErrInvalidRequest.New("NewBucket is missing")
|
||||
case finishCopy.ObjectStream.StreamID == finishCopy.NewStreamID:
|
||||
return ErrInvalidRequest.New("StreamIDs are identical")
|
||||
case finishCopy.ObjectKey == ObjectKey(finishCopy.NewEncryptedObjectKey):
|
||||
case finishCopy.ObjectKey == finishCopy.NewEncryptedObjectKey:
|
||||
return ErrInvalidRequest.New("source and destination encrypted object key are identical")
|
||||
case len(finishCopy.NewEncryptedObjectKey) == 0:
|
||||
return ErrInvalidRequest.New("NewEncryptedObjectKey is missing")
|
||||
case len(finishCopy.NewEncryptedMetadataKeyNonce) == 0:
|
||||
return ErrInvalidRequest.New("EncryptedMetadataKeyNonce is missing")
|
||||
case len(finishCopy.NewEncryptedMetadataKey) == 0:
|
||||
return ErrInvalidRequest.New("EncryptedMetadataKey is missing")
|
||||
}
|
||||
|
||||
if finishCopy.OverrideMetadata {
|
||||
if finishCopy.NewEncryptedMetadata == nil && (finishCopy.NewEncryptedMetadataKeyNonce != nil || finishCopy.NewEncryptedMetadataKey != nil) {
|
||||
return ErrInvalidRequest.New("EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be not set if EncryptedMetadata is not set")
|
||||
} else if finishCopy.NewEncryptedMetadata != nil && (finishCopy.NewEncryptedMetadataKeyNonce == nil || finishCopy.NewEncryptedMetadataKey == nil) {
|
||||
return ErrInvalidRequest.New("EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be set if EncryptedMetadata is set")
|
||||
}
|
||||
} else {
|
||||
switch {
|
||||
case len(finishCopy.NewEncryptedMetadataKeyNonce) == 0:
|
||||
return ErrInvalidRequest.New("EncryptedMetadataKeyNonce is missing")
|
||||
case len(finishCopy.NewEncryptedMetadataKey) == 0:
|
||||
return ErrInvalidRequest.New("EncryptedMetadataKey is missing")
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
@ -228,6 +242,11 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje
|
||||
}
|
||||
}
|
||||
|
||||
copyMetadata := originalObject.EncryptedMetadata
|
||||
if opts.OverrideMetadata {
|
||||
copyMetadata = opts.NewEncryptedMetadata
|
||||
}
|
||||
|
||||
err = txutil.WithTx(ctx, db.db, nil, func(ctx context.Context, tx tagsql.Tx) (err error) {
|
||||
// TODO we need to handle metadata correctly (copy from original object or replace)
|
||||
_, err = db.db.ExecContext(ctx, `
|
||||
@ -248,7 +267,7 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje
|
||||
opts.ProjectID, opts.NewBucket, opts.NewEncryptedObjectKey, opts.Version, opts.NewStreamID,
|
||||
originalObject.ExpiresAt, originalObject.SegmentCount,
|
||||
encryptionParameters{&originalObject.Encryption},
|
||||
originalObject.EncryptedMetadata, opts.NewEncryptedMetadataKeyNonce, opts.NewEncryptedMetadataKey,
|
||||
copyMetadata, opts.NewEncryptedMetadataKeyNonce, opts.NewEncryptedMetadataKey,
|
||||
originalObject.TotalPlainSize, originalObject.TotalEncryptedSize, originalObject.FixedSegmentSize,
|
||||
)
|
||||
if err != nil {
|
||||
@ -309,7 +328,8 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje
|
||||
copyObject := originalObject
|
||||
copyObject.StreamID = opts.NewStreamID
|
||||
copyObject.BucketName = opts.NewBucket
|
||||
copyObject.ObjectKey = ObjectKey(opts.NewEncryptedObjectKey)
|
||||
copyObject.ObjectKey = opts.NewEncryptedObjectKey
|
||||
copyObject.EncryptedMetadata = copyMetadata
|
||||
copyObject.EncryptedMetadataEncryptedKey = opts.NewEncryptedMetadataKey
|
||||
copyObject.EncryptedMetadataNonce = opts.NewEncryptedMetadataKeyNonce
|
||||
|
||||
|
@ -6,6 +6,8 @@ package metabase_test
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"storj.io/common/storj"
|
||||
"storj.io/common/testcontext"
|
||||
"storj.io/common/testrand"
|
||||
@ -131,7 +133,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
metabasetest.FinishCopyObject{
|
||||
Opts: metabase.FinishCopyObject{
|
||||
ObjectStream: obj,
|
||||
NewEncryptedObjectKey: []byte{1, 2, 3},
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
NewEncryptedMetadataKey: []byte{1, 2, 3},
|
||||
NewEncryptedMetadataKeyNonce: []byte{1, 2, 3},
|
||||
},
|
||||
@ -179,7 +181,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
metabasetest.FinishCopyObject{
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
NewEncryptedObjectKey: []byte(obj.ObjectKey),
|
||||
NewEncryptedObjectKey: obj.ObjectKey,
|
||||
ObjectStream: obj,
|
||||
},
|
||||
ErrClass: &metabase.ErrInvalidRequest,
|
||||
@ -196,7 +198,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewEncryptedObjectKey: []byte{0},
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
},
|
||||
ErrClass: &metabase.ErrInvalidRequest,
|
||||
ErrText: "EncryptedMetadataKeyNonce is missing",
|
||||
@ -212,7 +214,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewEncryptedObjectKey: []byte{0},
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
NewEncryptedMetadataKeyNonce: []byte{0},
|
||||
},
|
||||
ErrClass: &metabase.ErrInvalidRequest,
|
||||
@ -222,6 +224,45 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
metabasetest.Verify{}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("empty EncryptedMetadata with OverrideMetadata=true", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.FinishCopyObject{
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
|
||||
OverrideMetadata: true,
|
||||
NewEncryptedMetadataKey: []byte{1},
|
||||
NewEncryptedMetadataKeyNonce: []byte{1},
|
||||
},
|
||||
ErrClass: &metabase.ErrInvalidRequest,
|
||||
ErrText: "EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be not set if EncryptedMetadata is not set",
|
||||
}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.Verify{}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("empty NewEncryptedMetadataKey and NewEncryptedMetadataKeyNonce with OverrideMetadata=true", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.FinishCopyObject{
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
|
||||
OverrideMetadata: true,
|
||||
NewEncryptedMetadata: testrand.BytesInt(256),
|
||||
},
|
||||
ErrClass: &metabase.ErrInvalidRequest,
|
||||
ErrText: "EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be set if EncryptedMetadata is set",
|
||||
}.Check(ctx, t, db)
|
||||
|
||||
metabasetest.Verify{}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("object does not exist", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
@ -230,14 +271,13 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
newEncryptedMetadataKeyNonce := testrand.Nonce()
|
||||
newEncryptedMetadataKey := testrand.Bytes(32)
|
||||
newEncryptedKeysNonces := make([]metabase.EncryptedKeyAndNonce, 10)
|
||||
newObjectKey := testrand.Bytes(32)
|
||||
|
||||
metabasetest.FinishCopyObject{
|
||||
Opts: metabase.FinishCopyObject{
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: newObj,
|
||||
NewSegmentKeys: newEncryptedKeysNonces,
|
||||
NewEncryptedObjectKey: newObjectKey,
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
},
|
||||
@ -252,7 +292,6 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
numberOfSegments := 10
|
||||
newObjectKey := testrand.Bytes(32)
|
||||
|
||||
newObj, _ := metabasetest.CreateTestObject{
|
||||
CommitObject: &metabase.CommitObject{
|
||||
@ -287,7 +326,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewSegmentKeys: newEncryptedKeysNonces,
|
||||
NewEncryptedObjectKey: newObjectKey,
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
},
|
||||
@ -300,7 +339,6 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
numberOfSegments := 10
|
||||
newObjectKey := testrand.Bytes(32)
|
||||
|
||||
newObj, _ := metabasetest.CreateTestObject{
|
||||
CommitObject: &metabase.CommitObject{
|
||||
@ -337,7 +375,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
NewBucket: newBucketName,
|
||||
ObjectStream: obj,
|
||||
NewSegmentKeys: newEncryptedKeysNonces,
|
||||
NewEncryptedObjectKey: newObjectKey,
|
||||
NewEncryptedObjectKey: metabasetest.RandObjectKey(),
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
},
|
||||
@ -374,7 +412,7 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
ObjectStream: objStream,
|
||||
NewBucket: copyStream.BucketName,
|
||||
NewStreamID: copyStream.StreamID,
|
||||
NewEncryptedObjectKey: []byte(copyStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyStream.ObjectKey,
|
||||
NewEncryptedMetadataKey: expectedCopyObject.EncryptedMetadataEncryptedKey,
|
||||
NewEncryptedMetadataKeyNonce: expectedCopyObject.EncryptedMetadataNonce,
|
||||
},
|
||||
@ -425,6 +463,96 @@ func TestFinishCopyObject(t *testing.T) {
|
||||
}},
|
||||
}.Check(ctx, t, db)
|
||||
})
|
||||
|
||||
t.Run("finish copy object with new metadata", func(t *testing.T) {
|
||||
defer metabasetest.DeleteAll{}.Check(ctx, t, db)
|
||||
|
||||
copyStream := metabasetest.RandObjectStream()
|
||||
copyStreamNoOverride := metabasetest.RandObjectStream()
|
||||
|
||||
originalMetadata := testrand.Bytes(64)
|
||||
originalMetadataNonce := testrand.Nonce().Bytes()
|
||||
originalMetadataEncryptedKey := testrand.Bytes(265)
|
||||
|
||||
originalObj, _ := metabasetest.CreateTestObject{
|
||||
CommitObject: &metabase.CommitObject{
|
||||
ObjectStream: obj,
|
||||
EncryptedMetadata: originalMetadata,
|
||||
EncryptedMetadataNonce: originalMetadataNonce,
|
||||
EncryptedMetadataEncryptedKey: originalMetadataEncryptedKey,
|
||||
},
|
||||
}.Run(ctx, t, db, obj, 0)
|
||||
|
||||
newMetadata := testrand.Bytes(256)
|
||||
newMetadataKey := testrand.Bytes(32)
|
||||
newMetadataKeyNonce := testrand.Nonce().Bytes()
|
||||
|
||||
// do a copy without OverrideMetadata field set to true,
|
||||
// metadata shouldn't be updated even if NewEncryptedMetadata
|
||||
// field is set
|
||||
copyObjNoOverride, _ := metabasetest.CreateObjectCopy{
|
||||
OriginalObject: originalObj,
|
||||
CopyObjectStream: ©StreamNoOverride,
|
||||
FinishObject: &metabase.FinishCopyObject{
|
||||
ObjectStream: originalObj.ObjectStream,
|
||||
|
||||
NewBucket: copyStreamNoOverride.BucketName,
|
||||
NewStreamID: copyStreamNoOverride.StreamID,
|
||||
|
||||
NewEncryptedObjectKey: copyStreamNoOverride.ObjectKey,
|
||||
|
||||
OverrideMetadata: false,
|
||||
NewEncryptedMetadata: newMetadata,
|
||||
NewEncryptedMetadataKeyNonce: newMetadataKeyNonce,
|
||||
NewEncryptedMetadataKey: newMetadataKey,
|
||||
},
|
||||
}.Run(ctx, t, db)
|
||||
|
||||
require.Equal(t, originalMetadata, copyObjNoOverride.EncryptedMetadata)
|
||||
require.Equal(t, newMetadataKey, copyObjNoOverride.EncryptedMetadataEncryptedKey)
|
||||
require.Equal(t, newMetadataKeyNonce, copyObjNoOverride.EncryptedMetadataNonce)
|
||||
|
||||
// do a copy WITH OverrideMetadata field set to true,
|
||||
// metadata should be updated to NewEncryptedMetadata
|
||||
copyObj, _ := metabasetest.CreateObjectCopy{
|
||||
OriginalObject: originalObj,
|
||||
CopyObjectStream: ©Stream,
|
||||
FinishObject: &metabase.FinishCopyObject{
|
||||
ObjectStream: originalObj.ObjectStream,
|
||||
|
||||
NewBucket: copyStream.BucketName,
|
||||
NewStreamID: copyStream.StreamID,
|
||||
|
||||
NewEncryptedObjectKey: copyStream.ObjectKey,
|
||||
|
||||
OverrideMetadata: true,
|
||||
NewEncryptedMetadata: newMetadata,
|
||||
NewEncryptedMetadataKeyNonce: newMetadataKeyNonce,
|
||||
NewEncryptedMetadataKey: newMetadataKey,
|
||||
},
|
||||
}.Run(ctx, t, db)
|
||||
|
||||
require.Equal(t, newMetadata, copyObj.EncryptedMetadata)
|
||||
require.Equal(t, newMetadataKey, copyObj.EncryptedMetadataEncryptedKey)
|
||||
require.Equal(t, newMetadataKeyNonce, copyObj.EncryptedMetadataNonce)
|
||||
|
||||
metabasetest.Verify{
|
||||
Objects: []metabase.RawObject{
|
||||
metabase.RawObject(originalObj),
|
||||
metabase.RawObject(copyObj),
|
||||
metabase.RawObject(copyObjNoOverride),
|
||||
},
|
||||
Copies: []metabase.RawCopy{
|
||||
{
|
||||
StreamID: copyStream.StreamID,
|
||||
AncestorStreamID: originalObj.StreamID,
|
||||
},
|
||||
{
|
||||
StreamID: copyObjNoOverride.StreamID,
|
||||
AncestorStreamID: originalObj.StreamID,
|
||||
},
|
||||
},
|
||||
}.Check(ctx, t, db)
|
||||
})
|
||||
})
|
||||
// TODO: test with new metadata
|
||||
}
|
||||
|
@ -332,7 +332,7 @@ func TestGetSegmentByPosition(t *testing.T) {
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
ObjectStream: obj.ObjectStream,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
@ -516,7 +516,7 @@ func TestGetSegmentByPosition(t *testing.T) {
|
||||
NewStreamID: copyObjStream.StreamID,
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
@ -685,7 +685,7 @@ func TestGetSegmentByPosition(t *testing.T) {
|
||||
NewStreamID: copyObjStream.StreamID,
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
@ -932,7 +932,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) {
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
ObjectStream: obj.ObjectStream,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
@ -1112,7 +1112,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) {
|
||||
NewStreamID: copyObjStream.StreamID,
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
@ -1277,7 +1277,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) {
|
||||
NewStreamID: copyObjStream.StreamID,
|
||||
NewBucket: copyObjStream.BucketName,
|
||||
NewSegmentKeys: newEncryptedKeyNonces,
|
||||
NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyObjStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(),
|
||||
NewEncryptedMetadataKey: newEncryptedMetadataKey,
|
||||
})
|
||||
|
@ -21,12 +21,17 @@ func RandObjectStream() metabase.ObjectStream {
|
||||
return metabase.ObjectStream{
|
||||
ProjectID: testrand.UUID(),
|
||||
BucketName: testrand.BucketName(),
|
||||
ObjectKey: metabase.ObjectKey(testrand.Bytes(16)),
|
||||
ObjectKey: RandObjectKey(),
|
||||
Version: 1,
|
||||
StreamID: testrand.UUID(),
|
||||
}
|
||||
}
|
||||
|
||||
// RandObjectKey returns a random object key.
|
||||
func RandObjectKey() metabase.ObjectKey {
|
||||
return metabase.ObjectKey(testrand.Bytes(16))
|
||||
}
|
||||
|
||||
// CreatePendingObject creates a new pending object with the specified number of segments.
|
||||
func CreatePendingObject(ctx *testcontext.Context, t *testing.T, db *metabase.DB, obj metabase.ObjectStream, numberOfSegments byte) {
|
||||
BeginObjectExactVersion{
|
||||
@ -359,7 +364,7 @@ func (cc CreateObjectCopy) Run(ctx *testcontext.Context, t testing.TB, db *metab
|
||||
NewBucket: copyStream.BucketName,
|
||||
ObjectStream: cc.OriginalObject.ObjectStream,
|
||||
NewSegmentKeys: newEncryptedKeysNonces,
|
||||
NewEncryptedObjectKey: []byte(copyStream.ObjectKey),
|
||||
NewEncryptedObjectKey: copyStream.ObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: testrand.Nonce().Bytes(),
|
||||
NewEncryptedMetadataKey: testrand.Bytes(32),
|
||||
}
|
||||
|
@ -1878,6 +1878,11 @@ func (endpoint *Endpoint) FinishCopyObject(ctx context.Context, req *pb.ObjectFi
|
||||
return nil, rpcstatus.Error(rpcstatus.InvalidArgument, err.Error())
|
||||
}
|
||||
|
||||
var newNonce []byte
|
||||
if !req.NewEncryptedMetadataKeyNonce.IsZero() {
|
||||
newNonce = req.NewEncryptedMetadataKeyNonce[:]
|
||||
}
|
||||
|
||||
object, err := endpoint.metabase.FinishCopyObject(ctx, metabase.FinishCopyObject{
|
||||
ObjectStream: metabase.ObjectStream{
|
||||
ProjectID: keyInfo.ProjectID,
|
||||
@ -1889,8 +1894,10 @@ func (endpoint *Endpoint) FinishCopyObject(ctx context.Context, req *pb.ObjectFi
|
||||
NewStreamID: newStreamID,
|
||||
NewSegmentKeys: protobufkeysToMetabase(req.NewSegmentKeys),
|
||||
NewBucket: string(req.NewBucket),
|
||||
NewEncryptedObjectKey: req.NewEncryptedObjectKey,
|
||||
NewEncryptedMetadataKeyNonce: req.NewEncryptedMetadataKeyNonce[:],
|
||||
NewEncryptedObjectKey: metabase.ObjectKey(req.NewEncryptedObjectKey),
|
||||
OverrideMetadata: req.OverrideMetadata,
|
||||
NewEncryptedMetadata: req.NewEncryptedMetadata,
|
||||
NewEncryptedMetadataKeyNonce: newNonce,
|
||||
NewEncryptedMetadataKey: req.NewEncryptedMetadataKey,
|
||||
})
|
||||
if err != nil {
|
||||
|
@ -10,7 +10,7 @@ require (
|
||||
github.com/spf13/pflag v1.0.5
|
||||
github.com/stretchr/testify v1.7.0
|
||||
go.uber.org/zap v1.17.0
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc
|
||||
storj.io/gateway-mt v1.18.1-0.20211210081136-cada9a567d31
|
||||
storj.io/private v0.0.0-20220131131751-c913260b9ec2
|
||||
storj.io/storj v0.12.1-0.20220216152726-b24379aa917a
|
||||
@ -218,5 +218,5 @@ require (
|
||||
storj.io/gateway v1.4.1 // indirect
|
||||
storj.io/minio v0.0.0-20211007171754-df6c27823c8a // indirect
|
||||
storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a // indirect
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 // indirect
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 // indirect
|
||||
)
|
||||
|
@ -1395,9 +1395,9 @@ storj.io/common v0.0.0-20210805073808-8e0feb09e92a/go.mod h1:mhZYWpTojKsACxWE66R
|
||||
storj.io/common v0.0.0-20210916151047-6aaeb34bb916/go.mod h1:objobGrIWQwhmTSpSm6Y7ykd40wZjB7CezNfic5YLKg=
|
||||
storj.io/common v0.0.0-20211102144601-401a79f0706a/go.mod h1:a2Kw7Uipu929OFANfWKLHRoD0JfhgssikEvimd6hbSQ=
|
||||
storj.io/common v0.0.0-20220131120956-e74f624a3d55/go.mod h1:m0489td5+rKDdoiYOzCkh3CfGW/cLyntZiYfso+QfMs=
|
||||
storj.io/common v0.0.0-20220218100924-daea4bf7cc6c/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd h1:4sUi3QM1xn7uVJNyVvhrLvieynbYd1ePXdZehcRWzH0=
|
||||
storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220223161334-302b968d0f29/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc h1:ecc15H8aEXdGh4WWyfhXM8q9x3ni5hnCXDH2+HC/z9k=
|
||||
storj.io/common v0.0.0-20220303150900-2150c0203dcc/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog=
|
||||
storj.io/dotworld v0.0.0-20210324183515-0d11aeccd840/go.mod h1:KU9YvEgRrMMiWLvH8pzn1UkoCoxggKIPvQxmNdx7aXQ=
|
||||
storj.io/drpc v0.0.11/go.mod h1:TiFc2obNjL9/3isMW1Rpxjy8V9uE0B2HMeMFGiiI7Iw=
|
||||
storj.io/drpc v0.0.24/go.mod h1:ofQUDPQbbIymRDKE0tms48k8bLP5Y+dsI9CbXGv3gko=
|
||||
@ -1418,5 +1418,5 @@ storj.io/private v0.0.0-20220131131751-c913260b9ec2 h1:POHeqNfH0YzO4d2px9NZRPvWP
|
||||
storj.io/private v0.0.0-20220131131751-c913260b9ec2/go.mod h1:i08plLYNEyxf9eObj0UAYnTyh+6r8jvra4JDnvhFsCI=
|
||||
storj.io/uplink v1.7.0/go.mod h1:zqj/LFDxa6RMaSRSHOmukg3mMgesOry0iHSjNldDMGo=
|
||||
storj.io/uplink v1.7.1-0.20211103104100-a785482780d8/go.mod h1:pKqsMpNMIAz//2TXzUGOR6tpu3iyabvXV4VWINj4jaY=
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 h1:oBbMBGijaMGFfrHteng2v5GPW/d6J4AB6nfey/99614=
|
||||
storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87/go.mod h1:maW42V/Ze1MJOEJVNpkNa1VdU7nEiNb+TEZ+pNDx2/Q=
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 h1:nW8/fo04hiUXU9RP9zkr+wPY3NVWyOd5wvkxDP9gKKY=
|
||||
storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8/go.mod h1:CVSBjpsXFk6iFIc9jxo/530kIQJK/8iM0xdihoZkhoE=
|
||||
|
Loading…
Reference in New Issue
Block a user