bucketwarden-server 0.1.0

BucketWarden storage server runtime.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390

use super::*;
use bucketwarden_errors::{
    error_response_is_retryable, s3_service_specific_error_by_family_code,
    s3_service_specific_error_catalog,
};
#[path = "error_encoding_codecs.rs"]
mod codecs;
pub(crate) use codecs::*;

pub(crate) fn general_error_response(code: &str, status: u16, message: &str) -> S3HttpResponse {
    if let Some(service_error) = s3_service_specific_error_by_family_code("general", code) {
        error_response_code(service_error.status, service_error.code, message)
            .with_header("x-bucketwarden-error-family", service_error.family)
    } else {
        error_response_code(status, code, message)
    }
}

pub(crate) fn error_response(error: &RuntimeError) -> S3HttpResponse {
    match error {
        RuntimeError::Auth(_) => {
            error_response_code(403, "SignatureDoesNotMatch", &error.to_string())
        }
        RuntimeError::AuthorizationQueryParametersError(_) => {
            general_error_response("AuthorizationQueryParametersError", 400, &error.to_string())
        }
        RuntimeError::AuthorizationHeaderMalformed(_) => {
            general_error_response("AuthorizationHeaderMalformed", 400, &error.to_string())
        }
        RuntimeError::InvalidAccessKeyId(_) => {
            general_error_response("InvalidAccessKeyId", 403, &error.to_string())
        }
        RuntimeError::ExpiredToken(_) => {
            general_error_response("ExpiredToken", 400, &error.to_string())
        }
        RuntimeError::InvalidToken(_) => {
            general_error_response("InvalidToken", 400, &error.to_string())
        }
        RuntimeError::RequestTimeTooSkewed(_) => {
            general_error_response("RequestTimeTooSkewed", 403, &error.to_string())
        }
        RuntimeError::AccessDenied { .. } => {
            general_error_response("AccessDenied", 403, &error.to_string())
        }
        RuntimeError::OperatorActionDenied { .. } => {
            general_error_response("AccessDenied", 403, &error.to_string())
        }
        RuntimeError::SigV4Authentication(_) => {
            error_response_code(403, "SignatureDoesNotMatch", &error.to_string())
        }
        RuntimeError::QuotaExceeded { .. } => {
            error_response_code(429, "SlowDown", &error.to_string())
        }
        RuntimeError::ServiceSpecificErrorFeature(feature_id) => {
            if let Some(service_error) = s3_service_specific_error_catalog()
                .iter()
                .find(|service_error| service_error.feature_id == *feature_id)
            {
                error_response_code(
                    service_error.status,
                    service_error.code,
                    service_error.message,
                )
                .with_header("x-bucketwarden-error-family", service_error.family)
            } else {
                error_response_code(400, "InvalidRequest", &error.to_string())
            }
        }
        RuntimeError::InvalidBucketName(_) => {
            general_error_response("InvalidBucketName", 400, &error.to_string())
        }
        RuntimeError::InvalidObjectKey(_) => {
            general_error_response("InvalidObjectKey", 400, &error.to_string())
        }
        RuntimeError::InvalidMultiObjectDelete(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::BucketAlreadyExists(_) => {
            general_error_response("BucketAlreadyExists", 409, &error.to_string())
        }
        RuntimeError::BucketNotEmpty(_) => {
            general_error_response("BucketNotEmpty", 409, &error.to_string())
        }
        RuntimeError::NoSuchBucket(_) => {
            general_error_response("NoSuchBucket", 404, &error.to_string())
        }
        RuntimeError::NoSuchKey(_) => general_error_response("NoSuchKey", 404, &error.to_string()),
        RuntimeError::NoSuchVersion { .. } => {
            general_error_response("NoSuchVersion", 404, &error.to_string())
        }
        RuntimeError::ObjectLocked(_) => {
            general_error_response("AccessDenied", 403, &error.to_string())
        }
        RuntimeError::Kms(_) => {
            general_error_response("InternalError", 500, "KMS operation failed.")
        }
        RuntimeError::SnapshotSerialize(_)
        | RuntimeError::SnapshotDeserialize(_)
        | RuntimeError::SnapshotIo(_)
        | RuntimeError::UnsupportedSnapshotSchema(_)
        | RuntimeError::InvalidSnapshotVersionCounter { .. }
        | RuntimeError::InvalidSnapshotUploadCounter { .. }
        | RuntimeError::InvalidSnapshotEventCounter { .. }
        | RuntimeError::InvalidStorageCommitLog(_) => {
            general_error_response("InternalError", 500, "Snapshot operation failed.")
        }
        RuntimeError::InvalidPartNumber(_) => {
            general_error_response("InvalidPart", 400, &error.to_string())
        }
        RuntimeError::NoSuchUpload(_) => {
            general_error_response("NoSuchUpload", 404, &error.to_string())
        }
        RuntimeError::NoMultipartParts(_)
        | RuntimeError::MissingMultipartPart { .. }
        | RuntimeError::MultipartEtagMismatch { .. } => {
            general_error_response("InvalidPart", 400, &error.to_string())
        }
        RuntimeError::InvalidRange(_) => {
            general_error_response("InvalidRange", 416, &error.to_string())
        }
        RuntimeError::InvalidConditionalHeader { .. } => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::InvalidListParameter { .. } => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::InvalidBucketVersioningStatus(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidDigest { .. } => {
            general_error_response("InvalidDigest", 400, &error.to_string())
        }
        RuntimeError::InvalidMetadataDirective(_) => {
            general_error_response("InvalidRequest", 400, &error.to_string())
        }
        RuntimeError::InvalidObjectAttributesRequest(_) => {
            general_error_response("InvalidRequest", 400, &error.to_string())
        }
        RuntimeError::BadDigest { .. } => {
            general_error_response("BadDigest", 400, &error.to_string())
        }
        RuntimeError::CorsNotAllowed(_) => {
            general_error_response("CORSForbidden", 403, &error.to_string())
        }
        RuntimeError::InvalidCorsRule(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchWebsiteConfiguration(_) => {
            general_error_response("NoSuchWebsiteConfiguration", 404, &error.to_string())
        }
        RuntimeError::InvalidWebsiteConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidBucketLogging(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchBucketPolicy(_) => {
            general_error_response("NoSuchBucketPolicy", 404, &error.to_string())
        }
        RuntimeError::InvalidBucketPolicy(_) => {
            general_error_response("MalformedPolicy", 400, &error.to_string())
        }
        RuntimeError::InvalidBucketAbac(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidRequestPaymentConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidAccelerateConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidCreateSession(_) => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::InvalidPublicAccessBlockConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchPublicAccessBlockConfiguration(_) => general_error_response(
            "NoSuchPublicAccessBlockConfiguration",
            404,
            &error.to_string(),
        ),
        RuntimeError::InvalidBucketMetadataConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchBucketMetadataConfiguration(_) => {
            general_error_response("NoSuchBucketMetadataConfiguration", 404, &error.to_string())
        }
        RuntimeError::InvalidBucketMetadataTableConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchBucketMetadataTableConfiguration(_) => general_error_response(
            "NoSuchBucketMetadataTableConfiguration",
            404,
            &error.to_string(),
        ),
        RuntimeError::BucketMetadataTableApiNotAvailable(_) => {
            general_error_response("MethodNotAllowed", 405, &error.to_string())
        }
        RuntimeError::InvalidMetricsConfiguration(_) => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::NoSuchMetricsConfiguration { .. } => {
            general_error_response("NoSuchConfiguration", 404, &error.to_string())
        }
        RuntimeError::TooManyConfigurations(_) => {
            general_error_response("TooManyConfigurations", 400, &error.to_string())
        }
        RuntimeError::InvalidAnalyticsConfiguration(_) => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::NoSuchAnalyticsConfiguration { .. } => {
            general_error_response("NoSuchConfiguration", 404, &error.to_string())
        }
        RuntimeError::InvalidInventoryConfiguration(_) => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::NoSuchInventoryConfiguration { .. } => {
            general_error_response("NoSuchConfiguration", 404, &error.to_string())
        }
        RuntimeError::InvalidIntelligentTieringConfiguration(_) => {
            general_error_response("InvalidArgument", 400, &error.to_string())
        }
        RuntimeError::NoSuchIntelligentTieringConfiguration { .. } => {
            general_error_response("NoSuchConfiguration", 404, &error.to_string())
        }
        RuntimeError::NoSuchTagSet(_) => {
            general_error_response("NoSuchTagSet", 404, &error.to_string())
        }
        RuntimeError::InvalidTagging(_) => {
            general_error_response("InvalidTag", 400, &error.to_string())
        }
        RuntimeError::ObjectLockConfigurationNotFound(_) => general_error_response(
            "ObjectLockConfigurationNotFoundError",
            404,
            &error.to_string(),
        ),
        RuntimeError::InvalidObjectLockConfiguration(_) => {
            general_error_response("InvalidObjectLockConfiguration", 400, &error.to_string())
        }
        RuntimeError::InvalidLegalHold(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidRetention(_) => {
            general_error_response("InvalidRetention", 400, &error.to_string())
        }
        RuntimeError::NoSuchBucketEncryption(_) => general_error_response(
            "ServerSideEncryptionConfigurationNotFoundError",
            404,
            &error.to_string(),
        ),
        RuntimeError::InvalidEncryption(_) => {
            general_error_response("InvalidEncryption", 400, &error.to_string())
        }
        RuntimeError::UnsupportedEncryption(_) => {
            general_error_response("InvalidEncryptionAlgorithmError", 400, &error.to_string())
        }
        RuntimeError::UnsupportedStorageBackend(_) => {
            general_error_response("InvalidStorageBackend", 400, &error.to_string())
        }
        RuntimeError::UnsupportedReplicationStrategy(_) => {
            general_error_response("InvalidReplicationStrategy", 400, &error.to_string())
        }
        RuntimeError::UnsupportedErasureCodingProfile(_) => {
            general_error_response("InvalidErasureCodingProfile", 400, &error.to_string())
        }
        RuntimeError::InvalidErasureCodingLayout(_) => {
            general_error_response("InvalidErasureCodingLayout", 400, &error.to_string())
        }
        RuntimeError::UnsupportedPlacementDomain(_) => {
            general_error_response("InvalidPlacementDomain", 400, &error.to_string())
        }
        RuntimeError::InvalidPlacementPolicy(_) => {
            general_error_response("InvalidPlacementPolicy", 400, &error.to_string())
        }
        RuntimeError::UnsupportedConsistencyModel(_) => {
            general_error_response("InvalidConsistencyModel", 400, &error.to_string())
        }
        RuntimeError::InvalidConsistencyPolicy(_) => {
            general_error_response("InvalidConsistencyPolicy", 400, &error.to_string())
        }
        RuntimeError::UnsupportedMetadataArchitecture(_) => {
            general_error_response("InvalidMetadataArchitecture", 400, &error.to_string())
        }
        RuntimeError::InvalidMetadataArchitecturePolicy(_) => {
            general_error_response("InvalidMetadataArchitecturePolicy", 400, &error.to_string())
        }
        RuntimeError::UnsupportedObjectLayout(_) => {
            general_error_response("InvalidObjectLayout", 400, &error.to_string())
        }
        RuntimeError::InvalidObjectLayoutPolicy(_) => {
            general_error_response("InvalidObjectLayoutPolicy", 400, &error.to_string())
        }
        RuntimeError::UnsupportedSmallObjectOptimization(_) => {
            general_error_response("InvalidSmallObjectOptimization", 400, &error.to_string())
        }
        RuntimeError::InvalidSmallObjectOptimizationPolicy(_) => error_response_code(
            400,
            "InvalidSmallObjectOptimizationPolicy",
            &error.to_string(),
        ),
        RuntimeError::UnsupportedLargeObjectOptimization(_) => {
            general_error_response("InvalidLargeObjectOptimization", 400, &error.to_string())
        }
        RuntimeError::InvalidLargeObjectOptimizationPolicy(_) => error_response_code(
            400,
            "InvalidLargeObjectOptimizationPolicy",
            &error.to_string(),
        ),
        RuntimeError::NoSuchLifecycleConfiguration(_) => {
            general_error_response("NoSuchLifecycleConfiguration", 404, &error.to_string())
        }
        RuntimeError::InvalidLifecycleConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidNotificationConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::NoSuchBucketReplication(_) => error_response_code(
            404,
            "ReplicationConfigurationNotFoundError",
            &error.to_string(),
        ),
        RuntimeError::InvalidReplicationConfiguration(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::AccessControlListNotSupported(_) => {
            general_error_response("AccessControlListNotSupported", 400, &error.to_string())
        }
        RuntimeError::InvalidOwnershipControls(_) => {
            general_error_response("MalformedXML", 400, &error.to_string())
        }
        RuntimeError::InvalidBucketLocation(_) => {
            general_error_response("InvalidLocationConstraint", 400, &error.to_string())
        }
    }
}
pub(crate) fn error_response_code(status: u16, code: &str, message: &str) -> S3HttpResponse {
    xml_response(
        status,
        format!(
            "<Error><Code>{}</Code><Message>{}</Message></Error>",
            xml_escape(code),
            xml_escape(message)
        ),
    )
}
pub(crate) fn finalize_s3_response(
    mut response: S3HttpResponse,
    request_id: &str,
    extended_request_id: &str,
) -> S3HttpResponse {
    if response.status >= 400 {
        let retryable = error_response_is_retryable(response.status).to_string();
        response = enrich_error_response_body(response, request_id, extended_request_id)
            .with_header("x-bucketwarden-error-retryable", retryable);
        response.headers.insert(
            "content-length".to_string(),
            response.body.len().to_string(),
        );
    }
    response
        .with_header("x-amz-request-id", request_id)
        .with_header("x-amz-id-2", extended_request_id)
}
pub(crate) fn enrich_error_response_body(
    mut response: S3HttpResponse,
    request_id: &str,
    extended_request_id: &str,
) -> S3HttpResponse {
    let Ok(body) = String::from_utf8(response.body.clone()) else {
        return response;
    };
    if !(body.starts_with("<Error>") && body.ends_with("</Error>")) || body.contains("<RequestId>")
    {
        return response;
    }
    let suffix = format!(
        "<RequestId>{}</RequestId><HostId>{}</HostId></Error>",
        xml_escape(request_id),
        xml_escape(extended_request_id)
    );
    response.body = body
        .trim_end_matches("</Error>")
        .to_string()
        .replace('\n', "")
        .into_bytes();
    response.body.extend_from_slice(suffix.as_bytes());
    response
}