grepdemos · lizard-boy · Nov 24, 2023 · Nov 24, 2023 · Nov 28, 2023 · greptile-apps
diff --git a/localstack/aws/api/s3control/__init__.py b/localstack/aws/api/s3control/__init__.py
@@ -92,6 +92,8 @@
 TagValueString = str
 TrafficDialPercentage = int
 VpcId = str
+HostId = str
+URI = str
 
 
 class AsyncOperationName(str):
@@ -430,6 +432,7 @@ class NoSuchPublicAccessBlockConfiguration(ServiceException):
     code: str = "NoSuchPublicAccessBlockConfiguration"
     sender_fault: bool = False
     status_code: int = 404
+    AccountId: Optional[AccountId]
 
 
 class NotFoundException(ServiceException):
@@ -450,6 +453,20 @@ class TooManyTagsException(ServiceException):
     status_code: int = 400
 
 
+class NoSuchAccessPoint(ServiceException):
+    code: str = "NoSuchAccessPoint"
+    sender_fault: bool = False
+    status_code: int = 404
+    AccessPointName: Optional[AccessPointName]
+
+
+class InvalidURI(ServiceException):
+    code: str = "InvalidURI"
+    sender_fault: bool = False
+    status_code: int = 400
+    URI: Optional[URI]
+
+
 class AbortIncompleteMultipartUpload(TypedDict, total=False):
     DaysAfterInitiation: Optional[DaysAfterInitiation]
 

diff --git a/localstack/aws/protocol/serializer.py b/localstack/aws/protocol/serializer.py
@@ -1586,6 +1586,53 @@ def _timestamp_iso8601(value: datetime) -> str:
         return value.strftime("%Y-%m-%dT%H:%M:%S.000Z")
 
 
+class S3ControlResponseSerializer(RestXMLResponseSerializer):
+    """
+    The ``S3ResponseSerializer`` adds some minor logic to handle S3 specific peculiarities with the error response
+    serialization and the root node tag.
+    """
+
+    def _serialize_error(
+        self,
+        error: ServiceException,
+        response: HttpResponse,
+        shape: StructureShape,
+        operation_model: OperationModel,
+        mime_type: str,
+        request_id: str,
+    ) -> None:
+        # Check if we need to add a namespace
+        attr = (
+            {"xmlns": operation_model.metadata.get("xmlNamespace")}
+            if "xmlNamespace" in operation_model.metadata
+            else {}
+        )
+        root = ETree.Element("ErrorResponse", attr)
+
+        error_tag = ETree.SubElement(root, "Error")
+        # the difference for S3Control is here: it adds additional error tags inside the Error tags, unlike other
+        # rest-xml services
+        self._add_error_tags(error, error_tag, mime_type)
+        request_id_element = ETree.SubElement(root, "RequestId")
+        request_id_element.text = request_id
+
+        host_id_element = ETree.SubElement(root, "HostId")
+        host_id_element.text = (
+            "9Gjjt1m+cjU4OPvX9O9/8RuvnG41MRb/18Oux2o5H5MY7ISNTlXN+Dz9IG62/ILVxhAGI0qyPfg="
+        )
+
+        self._add_additional_error_tags(vars(error), error_tag, shape, mime_type)
+        response.set_response(self._encode_payload(self._node_to_string(root, mime_type)))
+
+    @staticmethod
+    def _timestamp_iso8601(value: datetime) -> str:
+        """
+        This is very specific to S3, S3 returns an ISO8601 timestamp but with milliseconds always set to 000
+        Some SDKs are very picky about the length
+        """
+        return value.strftime("%Y-%m-%dT%H:%M:%S.000Z")
+
+
 class SqsQueryResponseSerializer(QueryResponseSerializer):
     """
     Unfortunately, SQS uses a rare interpretation of the XML protocol: It uses HTML entities within XML tag text nodes.
@@ -1761,6 +1808,7 @@ def create_serializer(service: ServiceModel) -> ResponseSerializer:
         "sqs-query": SqsQueryResponseSerializer,
         "sqs": SqsResponseSerializer,
         "s3": S3ResponseSerializer,
+        "s3control": S3ControlResponseSerializer,
     }
     protocol_specific_serializers = {
         "query": QueryResponseSerializer,

diff --git a/localstack/aws/spec-patches.json b/localstack/aws/spec-patches.json
@@ -1153,5 +1153,69 @@
         "exception": true
       }
     }
+  ],
+  "s3control/2018-08-20/service-2": [
+    {
+      "op": "add",
+      "path": "/operations/DeletePublicAccessBlock/http/responseCode",
+      "value": 204
+    },
+    {
+      "op": "add",
+      "path": "/shapes/HostId",
+      "value": {
+        "type": "string"
+      }
+    },
+    {
+      "op": "add",
+      "path": "/shapes/NoSuchPublicAccessBlockConfiguration/members/AccountId",
+      "value": {
+        "shape": "AccountId"
+      }
+    },
+    {
+      "op": "add",
+      "path": "/shapes/NoSuchAccessPoint",
+      "value": {
+        "type": "structure",
+        "members": {
+          "AccessPointName": {
+            "shape": "AccessPointName"
+          }
+        },
+        "error": {
+          "httpStatusCode": 404
+        },
+        "documentation": "<p>The specified accesspoint does not exist</p>",
+        "exception": true
+      }
+    },
+    {
+      "op": "add",
+      "path": "/operations/DeleteAccessPoint/http/responseCode",
+      "value": 204
+    },
+    {
+      "op": "add",
+      "path": "/shapes/URI",
+      "value": {
+        "type": "string"
+      }
+    },
+    {
+      "op": "add",
+      "path": "/shapes/InvalidURI",
+      "value": {
+        "type": "structure",
+        "members": {
+          "URI": {
+            "shape": "URI"
+          }
+        },
+        "documentation": "<p>Couldn't parse the specified URI.</p>",
+        "exception": true
+      }
+    }
   ]
 }
diff --git a/localstack/config.py b/localstack/config.py
@@ -423,6 +423,13 @@ def in_docker():
 # whether the S3 legacy V2/ASF provider is enabled
 LEGACY_V2_S3_PROVIDER = os.environ.get("PROVIDER_OVERRIDE_S3", "") in ("v2", "legacy_v2", "asf")
 
+# force the native provider for tests
+if not os.environ.get("PROVIDER_OVERRIDE_S3CONTROL"):
+    os.environ["PROVIDER_OVERRIDE_S3CONTROL"] = "v2"
+
+# whether the S3 Control native provider is enabled
+NATIVE_S3_CONTROL_PROVIDER = os.environ.get("PROVIDER_OVERRIDE_S3CONTROL", "") == "v2"
+
 # Whether to report internal failures as 500 or 501 errors.
 FAIL_FAST = is_env_true("FAIL_FAST")
 

diff --git a/localstack/services/providers.py b/localstack/services/providers.py
@@ -262,6 +262,14 @@ def s3control():
     return Service.for_provider(provider, dispatch_table_factory=MotoFallbackDispatcher)
 
 
+@aws_provider(api="s3control", name="v2")
+def s3control_v2():
+    from localstack.services.s3control.v2.provider import S3ControlProvider
+
+    provider = S3ControlProvider()
+    return Service.for_provider(provider)
+
+
 @aws_provider()
 def scheduler():
     from localstack.services.moto import MotoFallbackDispatcher

diff --git a/localstack/services/s3control/v2/__init__.py b/localstack/services/s3control/v2/__init__.py
diff --git a/localstack/services/s3control/v2/models.py b/localstack/services/s3control/v2/models.py
@@ -0,0 +1,28 @@
+from localstack.aws.api.s3control import (
+    AccessPointName,
+    Alias,
+    BucketName,
+    GetAccessPointResult,
+    PublicAccessBlockConfiguration,
+)
+from localstack.services.stores import (
+    AccountRegionBundle,
+    BaseStore,
+    CrossAccountAttribute,
+    CrossRegionAttribute,
+    LocalAttribute,
+)
+
+
+class S3ControlStore(BaseStore):
+    # buckets: dict[BucketName, S3Bucket] = CrossRegionAttribute(default=dict)
+    public_access_block: PublicAccessBlockConfiguration = CrossRegionAttribute(default=dict)
+    access_points: dict[AccessPointName, GetAccessPointResult] = LocalAttribute(
+        default=dict
+    )  # TODO: check locality
+    # TODO: check for accross-region accesses
+    access_point_alias: dict[Alias, BucketName] = CrossAccountAttribute(default=dict)
+    # global_bucket_map: dict[BucketName, AccountId] = CrossAccountAttribute(default=dict)
+
+
+s3control_stores = AccountRegionBundle[S3ControlStore]("s3control", S3ControlStore)