update lock clucknut
All checks were successful
All checks were successful
This commit is contained in:
@@ -500,10 +500,23 @@ private function resolveUploadOptions(array $args)
|
||||
}
|
||||
|
||||
$validate = $this->chooseValidationMethod($args);
|
||||
if ($validate === 'md5') {
|
||||
$args['metadata']['md5Hash'] = base64_encode(Utils::hash($args['data'], 'md5', true));
|
||||
} elseif ($validate === 'crc32') {
|
||||
$args['metadata']['crc32c'] = $this->crcFromStream($args['data']);
|
||||
$xGoogHashHeader = '';
|
||||
if ($validate !== false) {
|
||||
$md5Hash = base64_encode(Utils::hash($args['data'], 'md5', true));
|
||||
$crc32c = $this->crcFromStream($args['data']);
|
||||
|
||||
// Add validation metadata
|
||||
if ($validate === 'md5') {
|
||||
$args['metadata']['md5Hash'] = $md5Hash;
|
||||
} elseif ($validate === 'crc32') {
|
||||
$args['metadata']['crc32c'] = $crc32c;
|
||||
}
|
||||
|
||||
// Prepare the X-Goog-Hash header string
|
||||
$xGoogHashHeader = implode(',', array_filter([
|
||||
$md5Hash ? 'md5=' . $md5Hash : null,
|
||||
$crc32c ? 'crc32c=' . $crc32c : null,
|
||||
]));
|
||||
}
|
||||
|
||||
$args['metadata']['name'] = $args['name'];
|
||||
@@ -532,6 +545,19 @@ private function resolveUploadOptions(array $args)
|
||||
$args['uploaderOptions'] = array_intersect_key($args, array_flip($uploaderOptionKeys));
|
||||
$args = array_diff_key($args, array_flip($uploaderOptionKeys));
|
||||
|
||||
// Add the X-Goog-Hash header only if there are hashes to include
|
||||
if (!empty($xGoogHashHeader)) {
|
||||
$args['uploaderOptions']['restOptions']['headers']['X-Goog-Hash'] = $xGoogHashHeader;
|
||||
}
|
||||
|
||||
if (!empty($args['headers'])) {
|
||||
$args['uploaderOptions']['restOptions']['headers'] = array_merge(
|
||||
$args['uploaderOptions']['restOptions']['headers'] ?? [],
|
||||
$args['headers']
|
||||
);
|
||||
}
|
||||
unset($args['headers']);
|
||||
|
||||
// Passing on custom retry function to $args['uploaderOptions']
|
||||
$retryFunc = $this->getRestRetryFunction(
|
||||
'objects',
|
||||
@@ -714,7 +740,10 @@ private function buildDownloadObjectParams(array $args)
|
||||
private function chooseValidationMethod(array $args)
|
||||
{
|
||||
// If the user provided a hash, skip hashing.
|
||||
if (isset($args['metadata']['md5Hash']) || isset($args['metadata']['crc32c'])) {
|
||||
if (isset($args['metadata']['md5Hash'])
|
||||
|| isset($args['metadata']['crc32c'])
|
||||
|| isset($args['headers']['X-Goog-Hash'])
|
||||
) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
@@ -195,6 +195,78 @@
|
||||
"defaultKmsKeyName": {
|
||||
"type": "string",
|
||||
"description": "A Cloud KMS key that will be used to encrypt objects inserted into this bucket, if no encryption method is specified."
|
||||
},
|
||||
"googleManagedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Google Managed Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Google-Managed Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Google Managed Encryption is not restricted.",
|
||||
"Creation of new objects with Google Managed Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"customerManagedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Customer Managed Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Customer-Managed Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Customer-Managed Encryption is not restricted.",
|
||||
"Creation of new objects with Customer-Managed Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
},
|
||||
"customerSuppliedEncryptionEnforcementConfig": {
|
||||
"type": "object",
|
||||
"description": "If set, the new objects created in this bucket must comply with this enforcement config. Changing this has no effect on existing objects; it applies to new objects only. If omitted, the new objects are allowed to be encrypted with Customer Supplied Encryption type by default.",
|
||||
"properties": {
|
||||
"restrictionMode": {
|
||||
"type": "string",
|
||||
"description": "Restriction mode for Customer-Supplied Encryption Keys. Defaults to NotRestricted.",
|
||||
"enum": [
|
||||
"NotRestricted",
|
||||
"FullyRestricted"
|
||||
],
|
||||
"enumDescriptions": [
|
||||
"Creation of new objects with Customer-Supplied Encryption is not restricted.",
|
||||
"Creation of new objects with Customer-Supplied Encryption is fully restricted."
|
||||
]
|
||||
},
|
||||
"effectiveTime": {
|
||||
"type": "string",
|
||||
"description": "Server-determined value indicating when this configuration became effective. In RFC 3339 format.",
|
||||
"format": "date-time",
|
||||
"readOnly": true
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user