variable name change

Will Toozs · Will Toozs · commit 482e6576b171 · 2023-09-18T18:34:16.000+02:00
diff --git a/lib/api/bucketGet.js b/lib/api/bucketGet.js
@@ -345,7 +345,7 @@ function bucketGet(authInfo, request, log, callback) {
         listParams.marker = params.marker;
     }
 
-    metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(request.headers.origin,
             request.method, bucket);
         if (err) {
diff --git a/lib/api/bucketGetACL.js b/lib/api/bucketGetACL.js
@@ -54,7 +54,7 @@ function bucketGetACL(authInfo, request, log, callback) {
         },
     };
 
-    metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(request.headers.origin,
             request.method, bucket);
         if (err) {
diff --git a/lib/api/bucketGetCors.js b/lib/api/bucketGetCors.js
@@ -35,7 +35,7 @@ function bucketGetCors(authInfo, request, log, callback) {
             request.method, bucket);
 
         if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo,
-            request.iamAuthzResults, log, request)) {
+            request.actionImplicitDenies, log, request)) {
             log.debug('access denied for user on bucket', {
                 requestType,
                 method: 'bucketGetCors',
diff --git a/lib/api/bucketGetEncryption.js b/lib/api/bucketGetEncryption.js
@@ -27,7 +27,7 @@ function bucketGetEncryption(authInfo, request, log, callback) {
     };
 
     return async.waterfall([
-        next => metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, next),
+        next => metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, next),
         (bucket, next) => checkExpectedBucketOwner(request.headers, bucket, log, err => next(err, bucket)),
         (bucket, next) => {
             // If sseInfo is present but the `mandatory` flag is not set
diff --git a/lib/api/bucketGetLifecycle.js b/lib/api/bucketGetLifecycle.js
@@ -23,7 +23,7 @@ function bucketGetLifecycle(authInfo, request, log, callback) {
         requestType: 'bucketGetLifecycle',
         request,
     };
-    return metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
         if (err) {
             log.debug('error processing request', {
diff --git a/lib/api/bucketGetLocation.js b/lib/api/bucketGetLocation.js
@@ -37,7 +37,7 @@ function bucketGetLocation(authInfo, request, log, callback) {
             request.method, bucket);
 
         if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo,
-            request.iamAuthzResults, log, request)) {
+            request.actionImplicitDenies, log, request)) {
             log.debug('access denied for account on bucket', {
                 requestType,
                 method: 'bucketGetLocation',
diff --git a/lib/api/bucketGetNotification.js b/lib/api/bucketGetNotification.js
@@ -41,7 +41,7 @@ function bucketGetNotification(authInfo, request, log, callback) {
         request,
     };
 
-    return metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
         if (err) {
             log.debug('error processing request', {
diff --git a/lib/api/bucketGetObjectLock.js b/lib/api/bucketGetObjectLock.js
@@ -36,7 +36,7 @@ function bucketGetObjectLock(authInfo, request, log, callback) {
         requestType: 'bucketGetObjectLock',
         request,
     };
-    return metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
         if (err) {
             log.debug('error processing request', {
diff --git a/lib/api/bucketGetPolicy.js b/lib/api/bucketGetPolicy.js
@@ -21,7 +21,7 @@ function bucketGetPolicy(authInfo, request, log, callback) {
         request,
     };
 
-    return metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
         if (err) {
             log.debug('error processing request', {
diff --git a/lib/api/bucketGetReplication.js b/lib/api/bucketGetReplication.js
@@ -23,7 +23,7 @@ function bucketGetReplication(authInfo, request, log, callback) {
         requestType: 'bucketGetReplication',
         request,
     };
-    return metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    return metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(headers.origin, method, bucket);
         if (err) {
             log.debug('error processing request', {
diff --git a/lib/api/bucketGetVersioning.js b/lib/api/bucketGetVersioning.js
@@ -57,7 +57,7 @@ function bucketGetVersioning(authInfo, request, log, callback) {
         request,
     };
 
-    metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {
+    metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {
         const corsHeaders = collectCorsHeaders(request.headers.origin,
             request.method, bucket);
         if (err) {
diff --git a/lib/api/bucketGetWebsite.js b/lib/api/bucketGetWebsite.js
@@ -35,7 +35,7 @@ function bucketGetWebsite(authInfo, request, log, callback) {
         const corsHeaders = collectCorsHeaders(request.headers.origin,
             request.method, bucket);
         if (!isBucketAuthorized(bucket, requestType, canonicalID, authInfo,
-            request.iamAuthzResults, log, request)) {
+            request.actionImplicitDenies, log, request)) {
             log.debug('access denied for user on bucket', {
                 requestType,
                 method: 'bucketGetWebsite',
diff --git a/lib/api/objectGet.js b/lib/api/objectGet.js
@@ -48,7 +48,7 @@ function objectGet(authInfo, request, returnTagCount, log, callback) {
         request,
     };
 
-    return metadataValidateBucketAndObj(mdValParams, request.iamAuthzResults, log,
+    return metadataValidateBucketAndObj(mdValParams, request.actionImplicitDenies, log,
     (err, bucket, objMD) => {
         const corsHeaders = collectCorsHeaders(request.headers.origin,
             request.method, bucket);
diff --git a/lib/api/objectGetACL.js b/lib/api/objectGetACL.js
@@ -71,7 +71,7 @@ function objectGetACL(authInfo, request, log, callback) {
 
     return async.waterfall([
         function validateBucketAndObj(next) {
-            return metadataValidateBucketAndObj(metadataValParams, request.iamAuthzResults, log,
+            return metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log,
                 (err, bucket, objectMD) => {
                     if (err) {
                         log.trace('request authorization failed',
diff --git a/lib/api/objectGetLegalHold.js b/lib/api/objectGetLegalHold.js
@@ -43,7 +43,7 @@ function objectGetLegalHold(authInfo, request, log, callback) {
     };
 
     return async.waterfall([
-        next => metadataValidateBucketAndObj(metadataValParams, request.iamAuthzResults, log,
+        next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log,
             (err, bucket, objectMD) => {
                 if (err) {
                     log.trace('request authorization failed',
diff --git a/lib/api/objectGetRetention.js b/lib/api/objectGetRetention.js
@@ -43,7 +43,7 @@ function objectGetRetention(authInfo, request, log, callback) {
     };
 
     return async.waterfall([
-        next => metadataValidateBucketAndObj(metadataValParams, request.iamAuthzResults, log,
+        next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log,
             (err, bucket, objectMD) => {
                 if (err) {
                     log.trace('request authorization failed',
diff --git a/lib/api/objectGetTagging.js b/lib/api/objectGetTagging.js
@@ -43,7 +43,7 @@ function objectGetTagging(authInfo, request, log, callback) {
     };
 
     return async.waterfall([
-        next => metadataValidateBucketAndObj(metadataValParams, request.iamAuthzResults, log,
+        next => metadataValidateBucketAndObj(metadataValParams, request.actionImplicitDenies, log,
           (err, bucket, objectMD) => {
               if (err) {
                   log.trace('request authorization failed',
diff --git a/lib/api/websiteGet.js b/lib/api/websiteGet.js
@@ -48,7 +48,7 @@ function _errorActions(err, errorDocument, routingRules,
                 // return the default error message if the object is private
                 // rather than sending a stored error file
                 if (!isObjAuthorized(bucket, errObjMD, 'objectGet',
-                    constants.publicId, null, request.iamAuthzResults, log)) {
+                    constants.publicId, null, request.actionImplicitDenies, log)) {
                     log.trace('errorObj not authorized', { error: err });
                     return callback(err, true, null, corsHeaders);
                 }
@@ -145,7 +145,7 @@ function websiteGet(request, log, callback) {
                     { error: err });
                     let returnErr = err;
                     const bucketAuthorized = isBucketAuthorized(bucket,
-                      'bucketGet', constants.publicId, null, request.iamAuthzResults, log, request);
+                      'bucketGet', constants.publicId, null, request.actionImplicitDenies, log, request);
                     // if index object does not exist and bucket is private AWS
                     // returns 403 - AccessDenied error.
                     if (err.is.NoSuchKey && !bucketAuthorized) {
@@ -157,7 +157,7 @@ function websiteGet(request, log, callback) {
                       callback);
                 }
                 if (!isObjAuthorized(bucket, objMD, 'objectGet',
-                    constants.publicId, null, request.iamAuthzResults, log, request)) {
+                    constants.publicId, null, request.actionImplicitDenies, log, request)) {
                     const err = errors.AccessDenied;
                     log.trace('request not authorized', { error: err });
                     return _errorActions(err, websiteConfig.getErrorDocument(),
diff --git a/tests/unit/api/bucketGet.js b/tests/unit/api/bucketGet.js
@@ -63,7 +63,7 @@ const baseGetRequest = {
     bucketName,
     namespace,
     headers: { host: '/' },
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 const baseUrl = `/${bucketName}`;
 
diff --git a/tests/unit/api/bucketGetACL.js b/tests/unit/api/bucketGetACL.js
@@ -24,15 +24,15 @@ describe('bucketGetACL API', () => {
         namespace,
         headers: { host: `${bucketName}.s3.amazonaws.com` },
         url: '/',
-        iamAuthzResults: false,
+        actionImplicitDenies: false,
     };
     const testGetACLRequest = {
         bucketName,
         namespace,
         headers: { host: `${bucketName}.s3.amazonaws.com` },
         url: '/?acl',
         query: { acl: '' },
-        iamAuthzResults: false,
+        actionImplicitDenies: false,
     };
 
     it('should get a canned private ACL', done => {
@@ -45,7 +45,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
@@ -78,7 +78,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
@@ -122,7 +122,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
@@ -160,7 +160,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
@@ -199,7 +199,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
@@ -254,7 +254,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
         const canonicalIDforSample1 =
             '79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be';
@@ -345,7 +345,7 @@ describe('bucketGetACL API', () => {
                 },
                 url: '/?acl',
                 query: { acl: '' },
-                iamAuthzResults: false,
+                actionImplicitDenies: false,
             };
 
             async.waterfall([
@@ -385,7 +385,7 @@ describe('bucketGetACL API', () => {
             },
             url: '/?acl',
             query: { acl: '' },
-            iamAuthzResults: false,
+            actionImplicitDenies: false,
         };
 
         async.waterfall([
diff --git a/tests/unit/api/bucketGetCors.js b/tests/unit/api/bucketGetCors.js
@@ -16,7 +16,7 @@ const testBucketPutRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 function _makeCorsRequest(xml) {
@@ -27,7 +27,7 @@ function _makeCorsRequest(xml) {
         },
         url: '/?cors',
         query: { cors: '' },
-        iamAuthzResults: false,
+        actionImplicitDenies: false,
     };
 
     if (xml) {
diff --git a/tests/unit/api/bucketGetLifecycle.js b/tests/unit/api/bucketGetLifecycle.js
@@ -17,7 +17,7 @@ const testBucketPutRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 describe('getBucketLifecycle API', () => {
     before(() => cleanup());
diff --git a/tests/unit/api/bucketGetLocation.js b/tests/unit/api/bucketGetLocation.js
@@ -16,7 +16,7 @@ const testBucketPutRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 const testGetLocationRequest = {
@@ -26,7 +26,7 @@ const testGetLocationRequest = {
     },
     url: '/?location',
     query: { location: '' },
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 const locationConstraints = config.locationConstraints;
diff --git a/tests/unit/api/bucketGetNotification.js b/tests/unit/api/bucketGetNotification.js
@@ -15,7 +15,7 @@ const testBucketPutRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 function getNotificationRequest(bucketName, xml) {
@@ -24,7 +24,7 @@ function getNotificationRequest(bucketName, xml) {
         headers: {
             host: `${bucketName}.s3.amazonaws.com`,
         },
-        iamAuthzResults: false,
+        actionImplicitDenies: false,
     };
     if (xml) {
         request.post = xml;
diff --git a/tests/unit/api/bucketGetObjectLock.js b/tests/unit/api/bucketGetObjectLock.js
@@ -14,7 +14,7 @@ const bucketPutReq = {
         host: `${bucketName}.s3.amazonaws.com`,
     },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 const testBucketPutReqWithObjLock = {
@@ -24,7 +24,7 @@ const testBucketPutReqWithObjLock = {
         'x-amz-bucket-object-lock-enabled': 'True',
     },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 function getObjectLockConfigRequest(bucketName, xml) {
@@ -35,7 +35,7 @@ function getObjectLockConfigRequest(bucketName, xml) {
             'x-amz-bucket-object-lock-enabled': 'true',
         },
         url: '/?object-lock',
-        iamAuthzResults: false,
+        actionImplicitDenies: false,
     };
     if (xml) {
         request.post = xml;
diff --git a/tests/unit/api/bucketGetPolicy.js b/tests/unit/api/bucketGetPolicy.js
@@ -16,7 +16,7 @@ const testBasicRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     url: '/',
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 
 const expectedBucketPolicy = {
@@ -35,7 +35,7 @@ const testPutPolicyRequest = {
     bucketName,
     headers: { host: `${bucketName}.s3.amazonaws.com` },
     post: JSON.stringify(expectedBucketPolicy),
-    iamAuthzResults: false,
+    actionImplicitDenies: false,
 };
 describe('getBucketPolicy API', () => {
     before(() => cleanup());
diff --git a/tests/unit/api/bucketGetWebsite.js b/tests/unit/api/bucketGetWebsite.js
diff --git a/tests/unit/api/objectGet.js b/tests/unit/api/objectGet.js
diff --git a/tests/unit/api/objectGetACL.js b/tests/unit/api/objectGetACL.js
diff --git a/tests/unit/api/objectGetLegalHold.js b/tests/unit/api/objectGetLegalHold.js
diff --git a/tests/unit/api/objectGetRetention.js b/tests/unit/api/objectGetRetention.js
diff --git a/tests/unit/api/objectGetTagging.js b/tests/unit/api/objectGetTagging.js
diff --git a/tests/unit/api/serviceGet.js b/tests/unit/api/serviceGet.js

Original file line number	Diff line number	Diff line change
`@@ -345,7 +345,7 @@ function bucketGet(authInfo, request, log, callback) {`
`345`	`345`	`listParams.marker = params.marker;`
`346`	`346`	`}`
`347`	`347`
`348`		`- metadataValidateBucket(metadataValParams, request.iamAuthzResults, log, (err, bucket) => {`
	`348`	`+ metadataValidateBucket(metadataValParams, request.actionImplicitDenies, log, (err, bucket) => {`
`349`	`349`	`const corsHeaders = collectCorsHeaders(request.headers.origin,`
`350`	`350`	`request.method, bucket);`
`351`	`351`	`if (err) {`