Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added sse support for s3 (#3592)

Browse Source 
* added sse support for s3

* lint fixed for py37
This commit is contained in:
Macwan Nevil 2021-01-18 23:47:13 +05:30 committed by GitHub
parent 9784e1b487
commit 02ac5ca111
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 71 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
moto/s3/models.py
View File

@ -99,6 +99,9 @@ class FakeKey(BaseModel):
max_buffer_size=DEFAULT_KEY_BUFFER_SIZE, max_buffer_size=DEFAULT_KEY_BUFFER_SIZE,
multipart=None, multipart=None,
bucket_name=None, bucket_name=None,
encryption=None,
kms_key_id=None,
bucket_key_enabled=None,
): ):
self.name = name self.name = name
self.last_modified = datetime.datetime.utcnow() self.last_modified = datetime.datetime.utcnow()
@ -118,6 +121,10 @@ class FakeKey(BaseModel):
self.value = value self.value = value
self.lock = threading.Lock() self.lock = threading.Lock()
self.encryption = encryption
self.kms_key_id = kms_key_id
self.bucket_key_enabled = bucket_key_enabled
@property @property
def version_id(self): def version_id(self):
return self._version_id return self._version_id
@ -229,6 +236,14 @@ class FakeKey(BaseModel):
"last-modified": self.last_modified_RFC1123, "last-modified": self.last_modified_RFC1123,
"content-length": str(self.size), "content-length": str(self.size),
} }
if self.encryption is not None:
res["x-amz-server-side-encryption"] = self.encryption
if self.encryption == "aws:kms" and self.kms_key_id is not None:
res["x-amz-server-side-encryption-aws-kms-key-id"] = self.kms_key_id
if self.bucket_key_enabled is not None:
res[
"x-amz-server-side-encryption-bucket-key-enabled"
] = self.bucket_key_enabled
if self._storage_class != "STANDARD": if self._storage_class != "STANDARD":
res["x-amz-storage-class"] = self._storage_class res["x-amz-storage-class"] = self._storage_class
if self._expiry is not None: if self._expiry is not None:
@ -1404,7 +1419,16 @@ class S3Backend(BaseBackend):
return self.account_public_access_block return self.account_public_access_block
def set_object( def set_object(
self, bucket_name, key_name, value, storage=None, etag=None, multipart=None self,
bucket_name,
key_name,
value,
storage=None,
etag=None,
multipart=None,
encryption=None,
kms_key_id=None,
bucket_key_enabled=None,
): ):
key_name = clean_key_name(key_name) key_name = clean_key_name(key_name)
if storage is not None and storage not in STORAGE_CLASS: if storage is not None and storage not in STORAGE_CLASS:
@ -1420,6 +1444,9 @@ class S3Backend(BaseBackend):
is_versioned=bucket.is_versioned, is_versioned=bucket.is_versioned,
version_id=str(uuid.uuid4()) if bucket.is_versioned else None, version_id=str(uuid.uuid4()) if bucket.is_versioned else None,
multipart=multipart, multipart=multipart,
encryption=encryption,
kms_key_id=kms_key_id,
bucket_key_enabled=bucket_key_enabled,
) )
keys = [ keys = [

18
moto/s3/responses.py
View File

@ -1261,6 +1261,16 @@ class ResponseObject(_TemplateEnvironmentMixin, ActionAuthenticatorMixin):
return 200, response_headers, response return 200, response_headers, response
storage_class = request.headers.get("x-amz-storage-class", "STANDARD") storage_class = request.headers.get("x-amz-storage-class", "STANDARD")
encryption = request.headers.get("x-amz-server-side-encryption", None)
kms_key_id = request.headers.get(
"x-amz-server-side-encryption-aws-kms-key-id", None
)
bucket_key_enabled = request.headers.get(
"x-amz-server-side-encryption-bucket-key-enabled", None
)
if bucket_key_enabled is not None:
bucket_key_enabled = str(bucket_key_enabled).lower()
acl = self._acl_from_headers(request.headers) acl = self._acl_from_headers(request.headers)
if acl is None: if acl is None:
acl = self.backend.get_bucket(bucket_name).acl acl = self.backend.get_bucket(bucket_name).acl
@ -1343,7 +1353,13 @@ class ResponseObject(_TemplateEnvironmentMixin, ActionAuthenticatorMixin):
else: else:
# Initial data # Initial data
new_key = self.backend.set_object( new_key = self.backend.set_object(
bucket_name, key_name, body, storage=storage_class bucket_name,
key_name,
body,
storage=storage_class,
encryption=encryption,
kms_key_id=kms_key_id,
bucket_key_enabled=bucket_key_enabled,
) )
request.streaming = True request.streaming = True
metadata = metadata_from_headers(request.headers) metadata = metadata_from_headers(request.headers)

26
tests/test_s3/test_s3.py
View File

@ -4973,3 +4973,29 @@ def test_request_partial_content_without_specifying_range_should_return_full_obj
file = s3.Object(bucket, object_key) file = s3.Object(bucket, object_key)
response = file.get(Range="") response = file.get(Range="")
response["ContentLength"].should.equal(30) response["ContentLength"].should.equal(30)
@mock_s3
def test_object_headers():
bucket = "my-bucket"
s3 = boto3.client("s3")
s3.create_bucket(Bucket=bucket)
res = s3.put_object(
Bucket=bucket,
Body=b"test",
Key="file.txt",
ServerSideEncryption="aws:kms",
SSEKMSKeyId="test",
BucketKeyEnabled=True,
)
res.should.have.key("ETag")
res.should.have.key("ServerSideEncryption")
res.should.have.key("SSEKMSKeyId")
res.should.have.key("BucketKeyEnabled")
res = s3.get_object(Bucket=bucket, Key="file.txt")
res.should.have.key("ETag")
res.should.have.key("ServerSideEncryption")
res.should.have.key("SSEKMSKeyId")
res.should.have.key("BucketKeyEnabled")