Skip to content

Support the new API GetObjectAttributes #6060

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
maeldonn wants to merge 7 commits into
base: development/9.1
Choose a base branch
from
+1,340 −21
Open

Support the new API GetObjectAttributes #6060

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
b5ba3a4
Support the new API GetObjectAttributes
maeldonn Jan 20, 2026
15650ee
fixup! Support the new API GetObjectAttributes
maeldonn Jan 28, 2026
c7a132b
fixup! Support the new API GetObjectAttributes
maeldonn Jan 28, 2026
392ad9b
fixup! Support the new API GetObjectAttributes
maeldonn Jan 30, 2026
6e342f3
fixup! Support the new API GetObjectAttributes
maeldonn Feb 2, 2026
92bd9be
fixup! Support the new API GetObjectAttributes
maeldonn Feb 4, 2026
1f928b7
fixup! Support the new API GetObjectAttributes
maeldonn Feb 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions constants.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,14 @@ const constants = {
'bucketPutLogging',
'bucketGetLogging',
],
// Metadata allowed to be returned by getObjectAttributes API
allowedObjectAttributes: new Set([
'StorageClass',
'ObjectSize',
'ObjectParts',
'Checksum',
'ETag',
]),
};

module.exports = constants;
2 changes: 2 additions & 0 deletions lib/api/api.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,7 @@ const { objectDelete } = require('./objectDelete');
const objectDeleteTagging = require('./objectDeleteTagging');
const objectGet = require('./objectGet');
const objectGetACL = require('./objectGetACL');
const objectGetAttributes = require('./objectGetAttributes.js');
const objectGetLegalHold = require('./objectGetLegalHold');
const objectGetRetention = require('./objectGetRetention');
const objectGetTagging = require('./objectGetTagging');
Expand Down Expand Up @@ -384,6 +385,7 @@ const api = {
objectDeleteTagging,
objectGet,
objectGetACL,
objectGetAttributes,
objectGetLegalHold,
objectGetRetention,
objectGetTagging,
Expand Down
25 changes: 25 additions & 0 deletions lib/api/apiUtils/object/parseAttributesHeader.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
const { errorInstances } = require('arsenal');
const { allowedObjectAttributes } = require('../../../../constants');

/**
* parseAttributesHeaders - Parse and validate the x-amz-object-attributes header
* @param {object} headers - request headers
* @returns {string[]} - array of valid attribute names
* @throws {Error} - InvalidRequest if header is missing/empty, InvalidArgument if attribute is invalid
*/
function parseAttributesHeaders(headers) {
Copy link
Contributor

@francoisferrand francoisferrand Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there is already a very similar function in @DarkIsDude PR, which efficiently handles validation & parsing: should we not "merge" both code (i.e. typically make your code extend his) ?

Copy link
Author

@maeldonn maeldonn Jan 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will be updated in another PR (process user metadata in GetObjectAttributes).

Copy link
Contributor

@francoisferrand francoisferrand Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why? it means we are duplicating the code now instead of just rebasing this PR on top of the other and handling it just once...

Copy link
Author

@maeldonn maeldonn Feb 3, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because user metadata is already handled in the listObjectV2 API. That's not the case here. That would take me to an intermediate step where I should add unnecessary complexity....

Edit: Done here

const attributes = headers['x-amz-object-attributes']?.split(',').map(attr => attr.trim()) ?? [];
if (attributes.length === 0) {
throw errorInstances.InvalidRequest.customizeDescription(
'The x-amz-object-attributes header specifying the attributes to be retrieved is either missing or empty',
);
}

if (attributes.some(attr => !allowedObjectAttributes.has(attr))) {
throw errorInstances.InvalidArgument.customizeDescription('Invalid attribute name specified.');
}

return attributes;
}

module.exports = parseAttributesHeaders;
154 changes: 154 additions & 0 deletions lib/api/objectGetAttributes.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,154 @@
const { promisify } = require('util');
const xml2js = require('xml2js');
const { errors } = require('arsenal');
const { standardMetadataValidateBucketAndObj } = require('../metadata/metadataUtils');
const collectCorsHeaders = require('../utilities/collectCorsHeaders');
const parseAttributesHeaders = require('./apiUtils/object/parseAttributesHeader');
const { decodeVersionId, getVersionIdResHeader } = require('./apiUtils/object/versioning');
const { checkExpectedBucketOwner } = require('./apiUtils/authorization/bucketOwner');
const { pushMetric } = require('../utapi/utilities');
const { getPartCountFromMd5 } = require('./apiUtils/object/partInfo');

const OBJECT_GET_ATTRIBUTES = 'objectGetAttributes';

const checkExpectedBucketOwnerPromise = promisify(checkExpectedBucketOwner);
const validateBucketAndObj = promisify(standardMetadataValidateBucketAndObj);

/**
* buildXmlResponse - Build XML response for GetObjectAttributes
* @param {object} objMD - object metadata
* @param {array} attributes - requested attributes
* @returns {string} XML response
*/
function buildXmlResponse(objMD, attributes) {
const attrResp = {};

if (attributes.includes('ETag')) {
attrResp.ETag = objMD['content-md5'];
}

// NOTE: Checksum is not implemented
if (attributes.includes('Checksum')) {
attrResp.Checksum = {};
}

if (attributes.includes('ObjectParts')) {
const partCount = getPartCountFromMd5(objMD);
if (partCount) {
attrResp.ObjectParts = { PartsCount: partCount };
}
}

if (attributes.includes('StorageClass')) {
attrResp.StorageClass = objMD['x-amz-storage-class'];
}

if (attributes.includes('ObjectSize')) {
attrResp.ObjectSize = objMD['content-length'];
}

const builder = new xml2js.Builder();
return builder.buildObject({ GetObjectAttributesResponse: attrResp });
}

/**
* objectGetAttributes - Retrieves all metadata from an object without returning the object itself
* @param {AuthInfo} authInfo - Instance of AuthInfo class with requester's info
* @param {object} request - http request object
* @param {object} log - Werelogs logger
* @param {function} callback - callback optional to keep backward compatibility
* @returns {Promise<object>} - { xml, responseHeaders }
* @throws {ArsenalError} NoSuchVersion - if versionId specified but not found
* @throws {ArsenalError} NoSuchKey - if object not found
* @throws {ArsenalError} MethodNotAllowed - if object is a delete marker
*/
async function objectGetAttributes(authInfo, request, log, callback) {
if (callback) {
return objectGetAttributes(authInfo, request, log)
.then(result => callback(null, result.xml, result.responseHeaders))
.catch(err => callback(err, null, err.responseHeaders ?? {}));
}

log.trace('processing request', { method: OBJECT_GET_ATTRIBUTES });
const { bucketName, objectKey, headers, actionImplicitDenies } = request;

const versionId = decodeVersionId(request.query);
if (versionId instanceof Error) {
log.debug('invalid versionId query', {
method: OBJECT_GET_ATTRIBUTES,
versionId: request.query.versionId,
error: versionId,
});
throw versionId;
}

const metadataValParams = {
authInfo,
bucketName,
objectKey,
versionId,
getDeleteMarker: true,
requestType: request.apiMethods || OBJECT_GET_ATTRIBUTES,
request,
};

let bucket, objMD;
try {
({ bucket, objMD } = await validateBucketAndObj(metadataValParams, actionImplicitDenies, log));
await checkExpectedBucketOwnerPromise(headers, bucket, log);
} catch (err) {
log.debug('error validating bucket and object', {
method: OBJECT_GET_ATTRIBUTES,
bucket: bucketName,
key: objectKey,
versionId,
error: err,
});
throw err;
}

const responseHeaders = collectCorsHeaders(headers.origin, request.method, bucket);

if (!objMD) {
log.debug('object not found', {
method: OBJECT_GET_ATTRIBUTES,
bucket: bucketName,
key: objectKey,
versionId,
});
const err = versionId ? errors.NoSuchVersion : errors.NoSuchKey;
err.responseHeaders = responseHeaders;
throw err;
}

responseHeaders['x-amz-version-id'] = getVersionIdResHeader(bucket.getVersioningConfiguration(), objMD);
responseHeaders['Last-Modified'] = objMD['last-modified'] && new Date(objMD['last-modified']).toUTCString();

if (objMD.isDeleteMarker) {
log.debug('attempt to get attributes of a delete marker', {
method: OBJECT_GET_ATTRIBUTES,
bucket: bucketName,
key: objectKey,
versionId,
});
responseHeaders['x-amz-delete-marker'] = true;
const err = errors.MethodNotAllowed;
err.responseHeaders = responseHeaders;
throw err;
}

const attributes = parseAttributesHeaders(headers);

pushMetric(OBJECT_GET_ATTRIBUTES, log, {
authInfo,
bucket: bucketName,
keys: [objectKey],
versionId: objMD?.versionId,
location: objMD?.dataStoreName,
});

const xml = buildXmlResponse(objMD, attributes);
return { xml, responseHeaders };
}

module.exports = objectGetAttributes;
11 changes: 11 additions & 0 deletions lib/metadata/metadataUtils.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
const async = require('async');
const { promisify } = require('util');
const { errors } = require('arsenal');

const metadata = require('./wrapper');
Expand Down Expand Up @@ -281,6 +282,16 @@ function standardMetadataValidateBucketAndObj(params, actionImplicitDenies, log,
return callback(null, bucket, objMD);
});
}

standardMetadataValidateBucketAndObj[promisify.custom] = (params, action, log) => new Promise((resolve, reject) => {
standardMetadataValidateBucketAndObj(params, action, log, (err, bucket, objMD) => {
if (err) {
return reject(err);
}
return resolve({ bucket, objMD });
});
});

/** standardMetadataValidateBucket - retrieve bucket from metadata and check if user
* is authorized to access it
* @param {object} params - function parameters
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
"dependencies": {
"@azure/storage-blob": "^12.28.0",
"@hapi/joi": "^17.1.1",
"arsenal": "git+https://github.com/scality/arsenal#8.2.44",
"arsenal": "git+https://github.com/scality/Arsenal#feature/ARSN-549/get-object-attributes",
Copy link

Copilot AI Jan 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Arsenal dependency points to a feature branch instead of a released version. The package.json and yarn.lock reference 'git+https://github.com/scality/Arsenal#feature/ARSN-549/get-object-attributes' rather than a stable release tag. Before merging this PR, the Arsenal dependency should be updated to point to a proper release version to avoid dependency management issues and ensure stability in production environments.

Suggested change
"arsenal": "git+https://github.com/scality/Arsenal#feature/ARSN-549/get-object-attributes",
"arsenal": "git+https://github.com/scality/Arsenal#8.2.0",

Copilot uses AI. Check for mistakes.
"async": "2.6.4",
"aws-sdk": "^2.1692.0",
"bucketclient": "scality/bucketclient#8.2.7",
Expand Down
Loading
Loading