NC | Return mock on get_bucket_encryption when it is undefined

shirady · romayalon · commit 155b93329ed6 · 2025-05-22T15:34:46.000+03:00
1. By default, we will fail the request with ServerSideEncryptionConfigurationNotFoundError, aligned with PR Changing get bucket encryption defaults #8716 . 2. Edit existing unit tests in test_bucketspace_fs.js. 3. Not related to NC changes: - Add a test (only runs in containerized). - Improve docs related to running core_tests locally. Signed-off-by: shirady <57721533+shirady@users.noreply.github.com> (cherry picked from commit 811c88c)
diff --git a/src/sdk/bucketspace_fs.js b/src/sdk/bucketspace_fs.js
@@ -683,7 +683,7 @@ class BucketSpaceFS extends BucketSpaceSimpleFS {
             const { name } = params;
             dbg.log0('BucketSpaceFS.get_bucket_encryption: Bucket name', name);
             const bucket = await this.config_fs.get_bucket_by_name(name);
-            return bucket.encryption;
+            return { encryption: bucket.encryption };
         } catch (err) {
             throw translate_error_codes(err, entity_enum.BUCKET);
         }
diff --git a/src/test/unit_tests/test_bucketspace_fs.js b/src/test/unit_tests/test_bucketspace_fs.js
@@ -717,6 +717,11 @@ mocha.describe('bucketspace_fs', function() {
     });
 
     mocha.describe('bucket encryption operations', function() {
+        mocha.it('get_bucket_encryption (return empty encryption)', async function() {
+            const param = { name: test_bucket };
+            const empty_encryption = await bucketspace_fs.get_bucket_encryption(param);
+            assert.ok(empty_encryption.encryption === undefined);
+        });
         mocha.it('put_bucket_encryption ', async function() {
             const encryption = {
                 algorithm: 'AES256',
@@ -726,19 +731,19 @@ mocha.describe('bucketspace_fs', function() {
             await bucketspace_fs.put_bucket_encryption(param);
 
             const output_encryption = await bucketspace_fs.get_bucket_encryption(param);
-            assert.deepEqual(output_encryption, encryption);
+            assert.deepEqual(output_encryption.encryption, encryption);
         });
-        mocha.it('delete_bucket_encryption ', async function() {
+        mocha.it('delete_bucket_encryption', async function() {
             const encryption = {
                 algorithm: 'AES256',
                 kms_key_id: 'kms-123'
             };
             const param = { name: test_bucket };
             const output_encryption = await bucketspace_fs.get_bucket_encryption(param);
-            assert.deepEqual(output_encryption, encryption);
+            assert.deepEqual(output_encryption.encryption, encryption);
             await bucketspace_fs.delete_bucket_encryption(param);
             const empty_encryption = await bucketspace_fs.get_bucket_encryption(param);
-            assert.ok(empty_encryption === undefined);
+            assert.ok(empty_encryption.encryption === undefined);
         });
     });
 
diff --git a/src/test/unit_tests/test_nsfs_integration.js b/src/test/unit_tests/test_nsfs_integration.js
@@ -795,6 +795,14 @@ mocha.describe('bucket operations - namespace_fs', function() {
         const expected_payer = 'BucketOwner'; // this is the mock that we use
         assert.equal(res.Payer, expected_payer);
     });
+    mocha.it('get bucket encryption (before put bucket encryption) - throws an error', async function() {
+        try {
+            await s3_correct_uid_default_nsr.getBucketEncryption({ Bucket: bucket_name});
+            assert.fail('get bucket encryption when encryption not set should fail');
+        } catch (err) {
+            assert.strictEqual(err.Code, 'ServerSideEncryptionConfigurationNotFoundError');
+        }
+    });
 
     mocha.it('delete multiple non existing objects without failing', async function() {
         const keys_to_delete = [
diff --git a/src/test/unit_tests/test_s3_ops.js b/src/test/unit_tests/test_s3_ops.js
@@ -116,6 +116,22 @@ mocha.describe('s3_ops', function() {
             const expected_payer = 'BucketOwner'; // this is the mock that we use
             assert.equal(res.Payer, expected_payer);
         });
+        mocha.it('should allow get_bucket_encryption (no put before the get)', async function() {
+            const res = await s3.getBucketEncryption({ Bucket: BKT1 });
+            const expected_response = {
+                ServerSideEncryptionConfiguration: {
+                    Rules: [{
+                        ApplyServerSideEncryptionByDefault: {
+                            SSEAlgorithm: 'AES256'
+                        },
+                        BucketKeyEnabled: false
+                    }]
+                }
+            };
+            assert.equal(res.$metadata.httpStatusCode, 200);
+            const res_without_metadata = _.omit(res, '$metadata');
+            assert.deepEqual(res_without_metadata, expected_response);
+        });
         mocha.it('should enable bucket logging', async function() {
             await s3.createBucket({ Bucket: BKT2 });
             await s3.putBucketLogging({

Original file line number	Diff line number	Diff line change
`@@ -683,7 +683,7 @@ class BucketSpaceFS extends BucketSpaceSimpleFS {`
`683`	`683`	`const { name } = params;`
`684`	`684`	`dbg.log0('BucketSpaceFS.get_bucket_encryption: Bucket name', name);`
`685`	`685`	`const bucket = await this.config_fs.get_bucket_by_name(name);`
`686`		`- return bucket.encryption;`
	`686`	`+ return { encryption: bucket.encryption };`
`687`	`687`	`} catch (err) {`
`688`	`688`	`throw translate_error_codes(err, entity_enum.BUCKET);`
`689`	`689`	`}`