feat: bucket severside encryption (#707)

* feat: bucket severside encryption

* chore: ReadMe

* fix: remove test sleep

Author: Pedestrian93

README.md

@@ -91,6 +91,10 @@ All operation use es7 async/await to implement. All api is async function.
   - RequestPayment
     - [.getBucketRequestPayment(bucketName[, options])](#getbucketrequestpaymentbucketname-options)
     - [.putBucketRequestPayment(bucketName, payer[, options])](#putBucketRequestpaymentbucketname-payer-options)
+  - BucketEncryption
+    - [.putBucketEncryption(name[, options])](#putbucketencryptionbucketname-options)
+    - [.getBucketEncryption(name)](#getbucketencryptionbucketname-options)
+    - [.deleteBucketEncryption(name)](#deletebucketencryptionbucketname-options)
 - [Object Operations](#object-operations)
   - [.list(query[, options])](#listquery-options)
   - [.put(name, file[, options])](#putname-file-options)
@@ -954,6 +958,57 @@ Success will return:
 
 ---
 
+### .putBucketEncryption(name, rules)
+
+put BucketEncryption value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+- [rules] {Object} parameters
+  - SSEAlgorithm {String} encryption type, expect AES256 or KMS
+  - {KMSMasterKeyID} {String} needed when encryption type is KMS
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+
+---
+
+### .getBucketEncryption(name)
+
+get BucketEncryption rule value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+- encryption {Object} rules
+  - SSEAlgorithm {String} encryption type, AES256 or KMS
+  - {KMSMasterKeyID} {String} will be return when encryption type is KMS
+
+---
+
+### .deleteBucketEncryption(name)
+
+delete BucketEncryption rule value of the bucket object.
+
+parameters:
+
+- name {String} bucket name
+
+Success will return:
+
+- status {Number} response status
+- res {Object} response info
+
+---
+
 ## Object Operations
 
 All operations function return Promise, except `signatureUrl`.

lib/common/bucket/deleteBucketEncryption.js

@@ -0,0 +1,18 @@
+const proto = exports;
+// const jstoxml = require('jstoxml');
+/**
+ * deleteBucketEncryption
+ * @param {String} bucketName - bucket name
+ */
+
+proto.deleteBucketEncryption = async function deleteBucketEncryption(bucketName) {
+  this._checkBucketName(bucketName);
+  const params = this._bucketRequestParams('DELETE', bucketName, 'encryption');
+  params.successStatuses = [204];
+  params.xmlResponse = true;
+  const result = await this.request(params);
+  return {
+    status: result.status,
+    res: result.res
+  };
+};

lib/common/bucket/getBucketEncryption.js

@@ -0,0 +1,19 @@
+const proto = exports;
+/**
+ * getBucketEncryption
+ * @param {String} bucketName - bucket name
+ */
+
+proto.getBucketEncryption = async function getBucketEncryption(bucketName) {
+  this._checkBucketName(bucketName);
+  const params = this._bucketRequestParams('GET', bucketName, 'encryption');
+  params.successStatuses = [200];
+  params.xmlResponse = true;
+  const result = await this.request(params);
+  const encryption = result.data.ApplyServerSideEncryptionByDefault;
+  return {
+    encryption,
+    status: result.status,
+    res: result.res
+  };
+};

lib/common/bucket/index.js

@@ -4,4 +4,6 @@ const proto = exports;
 
 merge(proto, require('./getBucketRequestPayment.js'));
 merge(proto, require('./putBucketRequestPayment.js'));
-
+merge(proto, require('./putBucketEncryption.js'));
+merge(proto, require('./getBucketEncryption.js'));
+merge(proto, require('./deleteBucketEncryption.js'));

lib/common/bucket/putBucketEncryption.js

@@ -0,0 +1,35 @@
+const proto = exports;
+// const jstoxml = require('jstoxml');
+const obj2xml = require('../utils/obj2xml');
+/**
+ * putBucketEncryption
+ * @param {String} bucketName - bucket name
+ * @param {Object} options
+ */
+
+proto.putBucketEncryption = async function putBucketEncryption(bucketName, options) {
+  options = options || {};
+  this._checkBucketName(bucketName);
+  const params = this._bucketRequestParams('PUT', bucketName, 'encryption', options);
+  params.successStatuses = [200];
+  const paramXMLObj = {
+    ServerSideEncryptionRule: {
+      ApplyServerSideEncryptionByDefault: {
+        SSEAlgorithm: options.SSEAlgorithm
+      }
+    }
+  };
+  if (options.KMSMasterKeyID !== undefined) {
+    paramXMLObj.ServerSideEncryptionRule.ApplyServerSideEncryptionByDefault.KMSMasterKeyID = options.KMSMasterKeyID;
+  }
+  const paramXML = obj2xml(paramXMLObj, {
+    headers: true
+  });
+  params.mime = 'xml';
+  params.content = paramXML;
+  const result = await this.request(params);
+  return {
+    status: result.status,
+    res: result.res
+  };
+};

test/node/bucket.test.js

@@ -475,4 +475,30 @@ describe('test/bucket.test.js', () => {
       }
     });
   });
+  describe('putBucketEncryption(), getBucketEncryption(), deleteBucketEncryption()', () => {
+    it('should create, get and delete the bucket encryption', async () => {
+      // put with AES256
+      const putresult1 = await store.putBucketEncryption(bucket, {
+        SSEAlgorithm: 'AES256'
+      });
+      assert.equal(putresult1.res.status, 200);
+      // put again with KMS will be fine
+      // const putresult2 = await store.putBucketEncryption(bucket, {
+      //   SSEAlgorithm: 'KMS',
+      //   KMSMasterKeyID: '1b2c3132-b2ce-4ba3-a4dd-9885904099ad'
+      // });
+      // assert.equal(putresult2.res.status, 200);
+      // await utils.sleep(ms(metaSyncTime));
+      // get
+      const getBucketEncryption = await store.getBucketEncryption(bucket);
+      assert.equal(getBucketEncryption.res.status, 200);
+      assert.deepEqual(getBucketEncryption.encryptions, {
+        SSEAlgorithm: 'AES256'
+        // KMSMasterKeyID: '1b2c3132-b2ce-4ba3-a4dd-9885904099ad'
+      });
+      // delete
+      const deleteResult = await store.deleteBucketEncryption(bucket);
+      assert.equal(deleteResult.res.status, 204);
+    });
+  });
 });