Documentation
¶
Overview ¶
Package objectstore defines supported-adapter object storage contracts.
Ref, Store, PutOptions, GetResult, and SignedURLOptions describe the reusable boundary implemented by adapters such as objectstores3 and memory stores in generated services. ValidateRef and policy helpers keep bucket/key and content constraints explicit before adapter I/O.
Object keys, signed URLs, and metadata can contain sensitive application context. Keep them out of logs, metrics labels, and release evidence unless an access-controlled incident review explicitly requires them.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidRef reports that an object bucket or key is empty or unsafe. ErrInvalidRef = errors.New("invalid object reference") // ErrInvalidObject reports that an object body or metadata is invalid. ErrInvalidObject = errors.New("invalid object") // ErrObjectTooLarge reports that an object exceeds the configured size limit. ErrObjectTooLarge = errors.New("object too large") // ErrContentTypeNotAllowed reports that an object content type is outside policy. ErrContentTypeNotAllowed = errors.New("object content type not allowed") // ErrUnsafeMetadata reports that object metadata appears to contain a secret. ErrUnsafeMetadata = errors.New("unsafe object metadata") // ErrObjectNotFound reports that an object does not exist. ErrObjectNotFound = errors.New("object not found") // ErrInvalidSignedURL reports invalid signed URL options. ErrInvalidSignedURL = errors.New("invalid signed url options") )
Functions ¶
func ReadAtMost ¶
ReadAtMost reads a body into memory while enforcing a maximum size when maxBytes is positive.
func SafeMetadata ¶
SafeMetadata validates metadata and returns a defensive copy.
func ValidateRef ¶
ValidateRef rejects empty buckets, unsafe bucket names, and traversal-shaped keys.
Types ¶
type GetResult ¶
type GetResult struct {
Body io.ReadCloser
ContentType string
Size int64
Metadata map[string]string
ETag string
}
GetResult describes an object read result. Callers must close Body.
type Policy ¶
Policy enforces object size and content-type constraints.
func (Policy) ValidatePut ¶
func (p Policy) ValidatePut(opts PutOptions) error
ValidatePut enforces size and content type limits.
type PutOptions ¶
PutOptions describes object write policy inputs.
type SignedURLOptions ¶
SignedURLOptions configures a time-limited object URL.
func NormalizeSignedURLOptions ¶
func NormalizeSignedURLOptions(opts SignedURLOptions) (SignedURLOptions, error)
NormalizeSignedURLOptions applies defaults and validates a signed URL request.
type SignedURLer ¶
type SignedURLer interface {
SignedURL(ctx context.Context, ref Ref, opts SignedURLOptions) (string, error)
}
SignedURLer is implemented by stores that can issue time-limited object URLs.
type Store ¶
type Store interface {
Put(ctx context.Context, ref Ref, body io.Reader, opts PutOptions) error
Get(ctx context.Context, ref Ref) (GetResult, error)
Delete(ctx context.Context, ref Ref) error
}
Store is the minimal object storage contract used by contrib adapters and generated services.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
Package objectstoretest contains reusable object store contract tests.
|
Package objectstoretest contains reusable object store contract tests. |