garage_api_s3 2.3.0

S3 API server crate for the Garage object store
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236

use std::convert::TryInto;

use hyper::header::HeaderValue;
use hyper::{HeaderMap, StatusCode};
use thiserror::Error;

use garage_model::helper::error::Error as HelperError;

pub(crate) use garage_api_common::common_error::pass_helper_error;

use garage_api_common::common_error::{
	commonErrorDerivative, helper_error_as_internal, CommonError,
};

pub use garage_api_common::common_error::{
	CommonErrorDerivative, OkOrBadRequest, OkOrInternalError,
};

use garage_api_common::generic_server::ApiError;
use garage_api_common::helpers::*;
use garage_api_common::signature::error::Error as SignatureError;

use crate::xml as s3_xml;

/// Errors of this crate
#[derive(Debug, Error)]
pub enum Error {
	#[error("{0}")]
	/// Error from common error
	Common(#[from] CommonError),

	// Category: cannot process
	/// Authorization Header Malformed
	#[error(
		"Authorization header malformed, unexpected scope: '{unexpected}', expected: '{expected}'"
	)]
	AuthorizationHeaderMalformed {
		unexpected: String,
		expected: String,
	},

	/// The object requested don't exists
	#[error("Key not found")]
	NoSuchKey,

	/// The multipart upload requested don't exists
	#[error("Upload not found")]
	NoSuchUpload,

	/// CORS configuration doesn't exist for this bucket
	#[error("The CORS configuration does not exist")]
	NoSuchCORSConfiguration,

	/// CORS configuration doesn't exist for this bucket
	#[error("The lifecycle configuration does not exist")]
	NoSuchLifecycleConfiguration,

	/// Precondition failed (e.g. x-amz-copy-source-if-match)
	#[error("At least one of the preconditions you specified did not hold")]
	PreconditionFailed,

	/// Parts specified in CMU request do not match parts actually uploaded
	#[error("Parts given to CompleteMultipartUpload do not match uploaded parts")]
	InvalidPart,

	/// Parts given to `CompleteMultipartUpload` were not in ascending order
	#[error("Parts given to CompleteMultipartUpload were not in ascending order")]
	InvalidPartOrder,

	/// In `CompleteMultipartUpload`: not enough data
	/// (here we are more lenient than AWS S3)
	#[error("Proposed upload is smaller than the minimum allowed object size")]
	EntityTooSmall,

	// Category: bad request
	/// The request contained an invalid UTF-8 sequence in its path or in other parameters
	#[error("Invalid UTF-8: {0}")]
	InvalidUtf8Str(#[from] std::str::Utf8Error),

	/// The request used an invalid path
	#[error("Invalid UTF-8: {0}")]
	InvalidUtf8String(#[from] std::string::FromUtf8Error),

	/// The client sent invalid XML data
	#[error("failed to deserialize XML")]
	InvalidXml(#[from] roxmltree::Error),

	/// The client sent invalid XML data
	#[error("XML deserialization failed")]
	InvalidXmlDe(#[from] quick_xml::de::DeError),

	/// The server failed to serialize data into XML
	#[error("failed to serialize XML")]
	InvalidXmlSe(#[from] quick_xml::se::SeError),

	/// The client sent a range header with invalid value
	#[error("Invalid HTTP range: {0:?}")]
	InvalidRange((http_range::HttpRangeParseError, u64)),

	/// The client sent a range header with invalid value
	#[error("Invalid encryption algorithm: {0:?}, should be AES256")]
	InvalidEncryptionAlgorithm(String),

	/// The provided digest (checksum) value was invalid
	#[error("Invalid digest: {0}")]
	InvalidDigest(String),
}

commonErrorDerivative!(Error);

// Helper errors are always passed as internal errors by default.
// To pass the specific error code back to the client, use `pass_helper_error`.
impl From<HelperError> for Error {
	fn from(err: HelperError) -> Error {
		Error::Common(helper_error_as_internal(err))
	}
}

impl From<(http_range::HttpRangeParseError, u64)> for Error {
	fn from(err: (http_range::HttpRangeParseError, u64)) -> Error {
		Error::InvalidRange(err)
	}
}

impl From<SignatureError> for Error {
	fn from(err: SignatureError) -> Self {
		match err {
			SignatureError::Common(c) => Self::Common(c),
			SignatureError::AuthorizationHeaderMalformed {
				unexpected,
				expected,
			} => Self::AuthorizationHeaderMalformed {
				unexpected,
				expected,
			},
			SignatureError::InvalidUtf8Str(i) => Self::InvalidUtf8Str(i),
			SignatureError::InvalidDigest(d) => Self::InvalidDigest(d),
		}
	}
}

impl From<multer::Error> for Error {
	fn from(err: multer::Error) -> Self {
		Self::bad_request(err)
	}
}

impl Error {
	pub fn aws_code(&self) -> &'static str {
		match self {
			Error::Common(c) => c.aws_code(),
			Error::NoSuchKey => "NoSuchKey",
			Error::NoSuchUpload => "NoSuchUpload",
			Error::PreconditionFailed => "PreconditionFailed",
			Error::InvalidPart => "InvalidPart",
			Error::InvalidPartOrder => "InvalidPartOrder",
			Error::EntityTooSmall => "EntityTooSmall",
			Error::AuthorizationHeaderMalformed { .. } => "AuthorizationHeaderMalformed",
			Error::InvalidXml(_) => "MalformedXML",
			Error::InvalidXmlDe(_) => "MalformedXML",
			Error::InvalidXmlSe(_) => "InternalError",
			Error::InvalidRange(_) => "InvalidRange",
			Error::InvalidDigest(_) => "InvalidDigest",
			Error::InvalidUtf8Str(_) | Error::InvalidUtf8String(_) => "InvalidRequest",
			Error::InvalidEncryptionAlgorithm(_) => "InvalidEncryptionAlgorithmError",
			Error::NoSuchCORSConfiguration => "NoSuchCORSConfiguration",
			Error::NoSuchLifecycleConfiguration => "NoSuchLifecycleConfiguration",
		}
	}
}

impl ApiError for Error {
	/// Get the HTTP status code that best represents the meaning of the error for the client
	fn http_status_code(&self) -> StatusCode {
		match self {
			Error::Common(c) => c.http_status_code(),
			Error::NoSuchKey
			| Error::NoSuchUpload
			| Error::NoSuchCORSConfiguration
			| Error::NoSuchLifecycleConfiguration => StatusCode::NOT_FOUND,
			Error::PreconditionFailed => StatusCode::PRECONDITION_FAILED,
			Error::InvalidRange(_) => StatusCode::RANGE_NOT_SATISFIABLE,
			Error::InvalidXmlSe(_) => StatusCode::INTERNAL_SERVER_ERROR,
			Error::AuthorizationHeaderMalformed { .. }
			| Error::InvalidPart
			| Error::InvalidPartOrder
			| Error::EntityTooSmall
			| Error::InvalidDigest(_)
			| Error::InvalidEncryptionAlgorithm(_)
			| Error::InvalidXml(_)
			| Error::InvalidXmlDe(_)
			| Error::InvalidUtf8Str(_)
			| Error::InvalidUtf8String(_) => StatusCode::BAD_REQUEST,
		}
	}

	fn add_http_headers(&self, header_map: &mut HeaderMap<HeaderValue>) {
		use hyper::header;

		header_map.append(header::CONTENT_TYPE, "application/xml".parse().unwrap());
		header_map.append(header::ACCESS_CONTROL_ALLOW_ORIGIN, "*".parse().unwrap());

		#[allow(clippy::single_match)]
		match self {
			Error::InvalidRange((_, len)) => {
				header_map.append(
					header::CONTENT_RANGE,
					format!("bytes */{}", len)
						.try_into()
						.expect("header value only contain ascii"),
				);
			}
			_ => (),
		}
	}

	fn http_body(&self, garage_region: &str, path: &str) -> ErrorBody {
		let error = s3_xml::Error {
			code: s3_xml::Value(self.aws_code().to_string()),
			message: s3_xml::Value(format!("{}", self)),
			resource: Some(s3_xml::Value(path.to_string())),
			region: Some(s3_xml::Value(garage_region.to_string())),
		};
		let error_str = s3_xml::to_xml_with_header(&error).unwrap_or_else(|_| {
			r#"
<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>InternalError</Code>
    <Message>XML encoding of error failed</Message>
</Error>
            "#
			.into()
		});
		error_body(error_str)
	}
}