Adjust DeleteObject satellite endpoint (object retention)

[amwolff]

Goal

This issue is to make meaningful progress on Object Lock implementation within core and edge services. Specifically, to support immutable backups in backup software products like Veeam.

What needs to be done? • Acceptance Criteria

Modify the corresponding to DeleteObject endpoint on the satellite (the endpoint might be named differently) to respect the lock information (if it exists) of the object version that is being deleted:

• This can only work when the object isn't locked using Compliance mode
• Otherwise, return an appropriate, easy to translate to S3 compatible error on the gateway
• Legal Hold and governance mode (retention mode) is out of scope at this moment

Summary

Implementation reference.

Depends on…

• Decide where and make it possible to store per-object metadata for Object Lock #400

Links

• https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html
• an easy-to-read and insightful introduction to Object Lock: Using S3 Object Lock

[kaloyan-raev]

Do we need to support Governance mode for the MVP? Compliance mode would be enough, which means that DeleteObject should only respect the object's retention period.

[kaloyan-raev]

Actually, I don't think we need to do anything in DeleteObject. The retention period is set on a specific object version. Calling DeleteObject on an object with locked versions would just add a new delete marker and won't affect any of the existing object versions.

However, we need to modify DeleteObjectVersion to respect any retention period set on the object version to be deleted.

[storj-gerrit]

Change satellite/{metabase,metainfo}: prevent deleting locked objects mentions this issue.