From faab2347f98dbe195a7bff34b561fb070ae3162b Mon Sep 17 00:00:00 2001
From: Taylor McKinnon <mail@tmacs.space>
Date: Mon, 12 Apr 2021 13:23:05 -0700
Subject: [PATCH] ft(S3C-3751): Add GetBucketEncryption route

---
 errors/arsenalErrors.json               | 4 ++++
 lib/policyEvaluator/utils/actionMaps.js | 2 ++
 lib/s3routes/routes/routeGET.js         | 7 +++++++
 3 files changed, 13 insertions(+)

diff --git a/errors/arsenalErrors.json b/errors/arsenalErrors.json
index 998c3db22..145621d3c 100644
--- a/errors/arsenalErrors.json
+++ b/errors/arsenalErrors.json
@@ -276,6 +276,10 @@
     "code": 404,
     "description": "The object lock configuration was not found"
   },
+  "ServerSideEncryptionConfigurationNotFoundError" : {
+    "code": 404,
+    "description": "The server side encryption configuration was not found"
+  },
   "NotImplemented": {
     "code": 501,
     "description": "A header you provided implies functionality that is not implemented."
diff --git a/lib/policyEvaluator/utils/actionMaps.js b/lib/policyEvaluator/utils/actionMaps.js
index b16dccb1b..a9061f029 100644
--- a/lib/policyEvaluator/utils/actionMaps.js
+++ b/lib/policyEvaluator/utils/actionMaps.js
@@ -5,6 +5,7 @@ const sharedActionMap = {
     bucketGet: 's3:ListBucket',
     bucketGetACL: 's3:GetBucketAcl',
     bucketGetCors: 's3:GetBucketCORS',
+    bucketGetEncryption: 's3:GetBucketEncryption',
     bucketGetLifecycle: 's3:GetLifecycleConfiguration',
     bucketGetLocation: 's3:GetBucketLocation',
     bucketGetNotification: 's3:GetBucketNotificationConfiguration',
@@ -91,6 +92,7 @@ const actionMonitoringMapS3 = {
     bucketGetPolicy: 'GetBucketPolicy',
     bucketGetReplication: 'GetBucketReplication',
     bucketGetVersioning: 'GetBucketVersioning',
+    bucketGetEncryption: 'GetBucketEncryption',
     bucketGetWebsite: 'GetBucketWebsite',
     bucketHead: 'HeadBucket',
     bucketPut: 'CreateBucket',
diff --git a/lib/s3routes/routes/routeGET.js b/lib/s3routes/routes/routeGET.js
index c2e3f89ca..bbc05cd5c 100644
--- a/lib/s3routes/routes/routeGET.js
+++ b/lib/s3routes/routes/routeGET.js
@@ -92,6 +92,13 @@ function routerGET(request, response, api, log, statsClient, dataRetrievalFn) {
                     return routesUtils.responseXMLBody(err, xml, response,
                         log, corsHeaders);
                 });
+        } else if (request.query.encryption !== undefined) {
+            api.callApiMethod('bucketGetEncryption', request, response, log,
+            (err, xml, corsHeaders) => {
+                routesUtils.statsReport500(err, statsClient);
+                return routesUtils.responseXMLBody(err, xml, response,
+                    log, corsHeaders);
+            });
         } else {
             // GET bucket
             api.callApiMethod('bucketGet', request, response, log,