Skip to content

Commit

Permalink
Add get, put, delete encryption
Browse files Browse the repository at this point in the history 
Signed-off-by: Gavin Reynolds <gavin@gavinreynolds.scot>
  • Loading branch information
@gsreynolds
gsreynolds committed Jul 9, 2020
1 parent be8d2f3 commit 74f7e2d
Show file tree
Hide file tree
Showing 2 changed files with 67 additions and 1 deletion.
62 changes: 62 additions & 0 deletions lib/aliyun/oss/protocol.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,6 +264,68 @@ def delete_bucket_versioning(name)
logger.info("Done delete bucket versioning")
end

# Put bucket encryption settings
# @param name [String] the bucket name
# @param encryption [BucketEncryption] encryption options
def put_bucket_encryption(name, encryption)
logger.info("Begin put bucket encryption, "\
"name: #{name}, encryption: #{encryption}")

if encryption.sse_algorithm == 'KMS' && !encryption.kms_master_key_id
fail ClientError,
"Must specify KMS Master Key ID when enabling KMS encryption."
end

sub_res = {'encryption' => nil}
body = Nokogiri::XML::Builder.new do |xml|
xml.ServerSideEncryptionRule {
xml.ApplyServerSideEncryptionByDefault {
xml.SSEAlgorithm encryption.sse_algorithm
xml.KMSMasterKeyID encryption.kms_master_key_id if encryption.kms_master_key_id
}
}
end.to_xml

@http.put(
{:bucket => name, :sub_res => sub_res},
{:body => body})

logger.info("Done put bucket encryption")
end

# Get bucket encryption settings
# @param name [String] the bucket name
# @return [BucketEncryption] encryption options of this bucket
def get_bucket_encryption(name)
logger.info("Begin get bucket encryption, name: #{name}")

sub_res = {'encryption' => nil}
r = @http.get({:bucket => name, :sub_res => sub_res})

doc = parse_xml(r.body)

encryption_node = doc.at_css("ApplyServerSideEncryptionByDefault")
opts = {
:sse_algorithm => get_node_text(encryption_node, 'SSEAlgorithm'),
:kms_master_key_id => get_node_text(encryption_node, 'KMSMasterKeyID')
}

logger.info("Done get bucket encryption")

BucketEncryption.new(opts)
end

# Delete bucket encryption settings, a.k.a. disable bucket encryption
# @param name [String] the bucket name
def delete_bucket_encryption(name)
logger.info("Begin delete bucket encryption, name: #{name}")

sub_res = {'encryption' => nil}
@http.delete({:bucket => name, :sub_res => sub_res})

logger.info("Done delete bucket encryption")
end

# Put bucket website settings
# @param name [String] the bucket name
# @param website [BucketWebsite] the bucket website options
Expand Down
6 changes: 5 additions & 1 deletion lib/aliyun/oss/struct.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,11 @@ def enabled?
# * sse_algorithm [string] Indicates the default server-side encryption method
# * kms_master_key_id [string] Indicates the ID of CMK that is currently used.
class BucketEncryption < Common::Struct::Base
attrs :sse_algorithm, :kms_master_key_id
attrs :enable, :sse_algorithm, :kms_master_key_id

def enabled?
enable == true
end
end

##
Expand Down

0 comments on commit 74f7e2d

Please sign in to comment.