moved upgrade script of upgrade_bucket_policy to 5.15.6 dir

dannyzaken · dannyzaken · commit 3a96a2797492 · 2024-08-06T12:27:57.000+03:00
* The script was misplaced in 5.14.0 dir
* Also fixed the script to be idempotent, to avoid failures if a manual fix was applied

Signed-off-by: Danny Zaken &lt;dannyzaken@gmail.com&gt;
diff --git a/src/upgrade/upgrade_scripts/5.15.6/upgrade_bucket_policy.js b/src/upgrade/upgrade_scripts/5.15.6/upgrade_bucket_policy.js
@@ -3,6 +3,8 @@
 
 const util = require('util');
 const { OP_NAME_TO_ACTION } = require('../../../endpoint/s3/s3_bucket_policy_utils');
+const _ = require('lodash');
+
 
 function _create_actions_map() {
     const actions_map = new Map();
@@ -19,27 +21,29 @@ function _create_actions_map() {
 async function run({ dbg, system_store, system_server }) {
 
     try {
-        dbg.log0('Starting bucket policy upgrade...');
+        console.log('Starting bucket policy upgrade...');
         const buckets = [];
         const actions_map = _create_actions_map();
         for (const bucket of system_store.data.buckets) {
             //Do not update if there are no bucket policy.
             if (!bucket.s3_policy) continue;
 
-            const new_policy = {};
-            if (bucket.s3_policy.version) new_policy.Version = bucket.s3_policy.version;
-
-            new_policy.Statement = bucket.s3_policy.statement.map(statement => ({
-                Effect: statement.effect === 'allow' ? 'Allow' : 'Deny',
-                Action: statement.action.map(action => actions_map.get(action)),
-                Principal: { AWS: statement.principal },
-                Resource: statement.resource,
-                Sid: statement.sid
-            }));
-            buckets.push({
-                _id: bucket._id,
-                s3_policy: new_policy,
-            });
+
+            if (_.isUndefined(bucket.s3_policy.Statement)) {
+                const new_policy = {};
+                if (bucket.s3_policy.version) new_policy.Version = bucket.s3_policy.version;
+                new_policy.Statement = bucket.s3_policy.statement.map(statement => ({
+                    Effect: statement.effect === 'allow' ? 'Allow' : 'Deny',
+                    Action: statement.action.map(action => actions_map.get(action)),
+                    Principal: { AWS: statement.principal },
+                    Resource: statement.resource,
+                    Sid: statement.sid
+                }));
+                buckets.push({
+                    _id: bucket._id,
+                    s3_policy: new_policy,
+                });
+            }
         }
 
         if (buckets.length > 0) {
