Fix get object lock configuration handler (#6996)

* fix GetObjectLockConfigurationHandler * cache and use bucket object lock config * subscribe to bucket configuration changes * increase bucket config cache TTL * refactor * Update weed/s3api/s3api_server.go Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * avoid duplidated work * rename variable * Update s3api_object_handlers_put.go * fix routing * admin ui and api handler are consistent now * use fields instead of xml * fix test * address comments * Update weed/s3api/s3api_object_handlers_put.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update test/s3/retention/s3_retention_test.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update weed/s3api/object_lock_utils.go Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * change error style * errorf --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-09-20 15:27:57 +08:00 · 2025-07-18 02:19:50 -07:00
parent 69553e5ba6
commit c6a22ce43a
14 changed files with 842 additions and 312 deletions
--- a/weed/s3api/s3api_object_lock_fix_test.go
+++ b/weed/s3api/s3api_object_lock_fix_test.go
@@ -0,0 +1,90 @@
+package s3api
+
+import (
+	"testing"
+
+	"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
+	"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
+	"github.com/stretchr/testify/assert"
+)
+
+// TestVeeamObjectLockBugFix tests the fix for the bug where GetObjectLockConfigurationHandler
+// would return NoSuchObjectLockConfiguration for buckets with no extended attributes,
+// even when Object Lock was enabled. This caused Veeam to think Object Lock wasn't supported.
+func TestVeeamObjectLockBugFix(t *testing.T) {
+
+	t.Run("Bug case: bucket with no extended attributes", func(t *testing.T) {
+		// This simulates the bug case where a bucket has no extended attributes at all
+		// The old code would immediately return NoSuchObjectLockConfiguration
+		// The new code correctly checks if Object Lock is enabled before returning an error
+
+		bucketConfig := &BucketConfig{
+			Name: "test-bucket",
+			Entry: &filer_pb.Entry{
+				Name:     "test-bucket",
+				Extended: nil, // This is the key - no extended attributes
+			},
+		}
+
+		// Simulate the isObjectLockEnabledForBucket logic
+		enabled := false
+		if bucketConfig.Entry.Extended != nil {
+			if enabledBytes, exists := bucketConfig.Entry.Extended[s3_constants.ExtObjectLockEnabledKey]; exists {
+				enabled = string(enabledBytes) == s3_constants.ObjectLockEnabled || string(enabledBytes) == "true"
+			}
+		}
+
+		// Should correctly return false (not enabled) - this would trigger 404 correctly
+		assert.False(t, enabled, "Object Lock should not be enabled when no extended attributes exist")
+	})
+
+	t.Run("Fix verification: bucket with Object Lock enabled via boolean flag", func(t *testing.T) {
+		// This verifies the fix works when Object Lock is enabled via boolean flag
+
+		bucketConfig := &BucketConfig{
+			Name: "test-bucket",
+			Entry: &filer_pb.Entry{
+				Name: "test-bucket",
+				Extended: map[string][]byte{
+					s3_constants.ExtObjectLockEnabledKey: []byte("true"),
+				},
+			},
+		}
+
+		// Simulate the isObjectLockEnabledForBucket logic
+		enabled := false
+		if bucketConfig.Entry.Extended != nil {
+			if enabledBytes, exists := bucketConfig.Entry.Extended[s3_constants.ExtObjectLockEnabledKey]; exists {
+				enabled = string(enabledBytes) == s3_constants.ObjectLockEnabled || string(enabledBytes) == "true"
+			}
+		}
+
+		// Should correctly return true (enabled) - this would generate minimal XML response
+		assert.True(t, enabled, "Object Lock should be enabled when boolean flag is set")
+	})
+
+	t.Run("Fix verification: bucket with Object Lock enabled via Enabled constant", func(t *testing.T) {
+		// Test using the s3_constants.ObjectLockEnabled constant
+
+		bucketConfig := &BucketConfig{
+			Name: "test-bucket",
+			Entry: &filer_pb.Entry{
+				Name: "test-bucket",
+				Extended: map[string][]byte{
+					s3_constants.ExtObjectLockEnabledKey: []byte(s3_constants.ObjectLockEnabled),
+				},
+			},
+		}
+
+		// Simulate the isObjectLockEnabledForBucket logic
+		enabled := false
+		if bucketConfig.Entry.Extended != nil {
+			if enabledBytes, exists := bucketConfig.Entry.Extended[s3_constants.ExtObjectLockEnabledKey]; exists {
+				enabled = string(enabledBytes) == s3_constants.ObjectLockEnabled || string(enabledBytes) == "true"
+			}
+		}
+
+		// Should correctly return true (enabled)
+		assert.True(t, enabled, "Object Lock should be enabled when constant is used")
+	})
+}