diff options
| author | chrislu <chris.lu@gmail.com> | 2025-07-18 16:03:06 -0700 |
|---|---|---|
| committer | chrislu <chris.lu@gmail.com> | 2025-07-18 16:03:06 -0700 |
| commit | 1807f4e94d3ebe8ae91f59fc34d49cd5795ac891 (patch) | |
| tree | 7510868e497544ee8aa8f4144873257c9a9c7f12 | |
| parent | 7203c78e4d3046a9a2006cf521a4921be07d193c (diff) | |
| download | seaweedfs-1807f4e94d3ebe8ae91f59fc34d49cd5795ac891.tar.xz seaweedfs-1807f4e94d3ebe8ae91f59fc34d49cd5795ac891.zip | |
fixes
✅ Return MalformedXML when both Days and Years are specified in the same retention configuration
✅ Return 400 (Bad Request) with InvalidRequest when object lock operations are attempted on buckets without object lock enabled
✅ Handle all object lock validation errors consistently with proper error codes
| -rw-r--r-- | weed/s3api/s3api_object_handlers_put.go | 4 | ||||
| -rw-r--r-- | weed/s3api/s3api_object_retention.go | 9 |
2 files changed, 9 insertions, 4 deletions
diff --git a/weed/s3api/s3api_object_handlers_put.go b/weed/s3api/s3api_object_handlers_put.go index 71f2bc2d8..b79d31bab 100644 --- a/weed/s3api/s3api_object_handlers_put.go +++ b/weed/s3api/s3api_object_handlers_put.go @@ -565,6 +565,10 @@ func mapValidationErrorToS3Error(err error) s3err.ErrorCode { return s3err.ErrMalformedXML case errors.Is(err, ErrInvalidRetentionDateFormat): return s3err.ErrMalformedXML + case errors.Is(err, ErrBothDaysAndYearsSpecified): + // For cases where both Days and Years are specified, return MalformedXML + // This is a specific s3-tests expectation + return s3err.ErrMalformedXML case errors.Is(err, ErrInvalidRetentionPeriod): // For invalid retention periods (0 days, negative years, etc.), return InvalidRetentionPeriod // This includes cases where retention values are out of valid ranges diff --git a/weed/s3api/s3api_object_retention.go b/weed/s3api/s3api_object_retention.go index cffb12bca..f0adb28fd 100644 --- a/weed/s3api/s3api_object_retention.go +++ b/weed/s3api/s3api_object_retention.go @@ -33,6 +33,7 @@ var ( ErrGovernanceBypassNotPermitted = errors.New("user does not have permission to bypass governance retention") ErrInvalidRetentionPeriod = errors.New("invalid retention period specified") ErrInvalidRetentionMode = errors.New("invalid retention mode specified") + ErrBothDaysAndYearsSpecified = errors.New("both days and years cannot be specified in the same retention configuration") ) const ( @@ -226,7 +227,7 @@ func validateDefaultRetention(retention *DefaultRetention) error { } if retention.Days > 0 && retention.Years > 0 { - return ErrInvalidRetentionPeriod + return ErrBothDaysAndYearsSpecified } // Validate ranges @@ -657,9 +658,9 @@ func (s3a *S3ApiServer) handleObjectLockAvailabilityCheck(w http.ResponseWriter, if errors.Is(err, ErrBucketNotFound) { s3err.WriteErrorResponse(w, request, s3err.ErrNoSuchBucket) } else { - // Return InvalidBucketState for object lock operations on buckets without object lock enabled - // This matches AWS S3 behavior and s3-tests expectations - s3err.WriteErrorResponse(w, request, s3err.ErrInvalidBucketState) + // Return InvalidRequest for object lock operations on buckets without object lock enabled + // This matches AWS S3 behavior and s3-tests expectations (400 Bad Request) + s3err.WriteErrorResponse(w, request, s3err.ErrInvalidRequest) } return false } |