fix(api): enforce import_enabled flag for local storage

[Ankit-Jaipuriar]

Closes #8844

Change Description

Background

The import_enabled flag for local storage is not enforced by the server's API. While the WebUI and lakectl prevent imports when this flag is disabled, a user can bypass the restriction by calling the API directly.

Bug Fix

1. Problem - Users can start a data import from a local path via the API, even when the import.enabled flag is set to false.
2. Root cause - The ImportStart API handler did not check if the underlying storage adapter was configured to support the import operation.
3. Solution - The ImportStart handler in pkg/api/controller.go has been updated. After validating user permissions, it now calls the GetStorageNamespaceInfo method on the block adapter. It then checks the returned ImportSupport flag and, if it's false, immediately returns a 403 Forbidden error. This approach is more robust and future-proof.

New Feature

Not applicable. This is an enhancement to enforce an existing configuration.

Testing Details

The fix was tested with a new automated test.

• Automated Test: A new test case, TestController_ImportStart_Disabled, was added to pkg/api/controller_test.go. It uses viper.Set to override the server configuration to disable local imports, starts a test server, calls the import API, and asserts that the response is 403 Forbidden with the correct error message.

Breaking Change?

No. This change enforces an existing configuration setting as intended and does not break any existing valid functionality.

Additional info

API Response Before:

{"id":"d2doq6vrp4e4ba2rnb50"}

API Response After:

{"message":"import is not supported for this storage"}

Contact Details

Provided via my GitHub account.

[nopcoder]

LGTM! Thank you.

[nopcoder]

By bad, it was approved but not merged.

[nopcoder]

LGTM 2nd time