mirror of
https://github.com/pgsty/minio.git
synced 2026-07-16 00:41:25 +03:00
accessPolicy: Implement Put, Get, Delete access policy.
This patch implements Get,Put,Delete bucket policies Supporting - http://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html Currently supports following actions. "*": true, "s3:*": true, "s3:GetObject": true, "s3:ListBucket": true, "s3:PutObject": true, "s3:CreateBucket": true, "s3:GetBucketLocation": true, "s3:DeleteBucket": true, "s3:DeleteObject": true, "s3:AbortMultipartUpload": true, "s3:ListBucketMultipartUploads": true, "s3:ListMultipartUploadParts": true, following conditions for "StringEquals" and "StringNotEquals" "s3:prefix", "s3:max-keys"
This commit is contained in:
@@ -268,43 +268,6 @@ func generateListBucketsResponse(buckets []fs.BucketMetadata) ListBucketsRespons
|
||||
return data
|
||||
}
|
||||
|
||||
// generates an AccessControlPolicy response for the said ACL.
|
||||
func generateAccessControlPolicyResponse(acl fs.BucketACL) AccessControlPolicyResponse {
|
||||
accessCtrlPolicyResponse := AccessControlPolicyResponse{}
|
||||
accessCtrlPolicyResponse.Owner = Owner{
|
||||
ID: "minio",
|
||||
DisplayName: "minio",
|
||||
}
|
||||
defaultGrant := Grant{}
|
||||
defaultGrant.Grantee.ID = "minio"
|
||||
defaultGrant.Grantee.DisplayName = "minio"
|
||||
defaultGrant.Permission = "FULL_CONTROL"
|
||||
accessCtrlPolicyResponse.AccessControlList.Grants = append(accessCtrlPolicyResponse.AccessControlList.Grants, defaultGrant)
|
||||
switch {
|
||||
case acl.IsPublicRead():
|
||||
publicReadGrant := Grant{}
|
||||
publicReadGrant.Grantee.ID = "minio"
|
||||
publicReadGrant.Grantee.DisplayName = "minio"
|
||||
publicReadGrant.Grantee.URI = "http://acs.amazonaws.com/groups/global/AllUsers"
|
||||
publicReadGrant.Permission = "READ"
|
||||
accessCtrlPolicyResponse.AccessControlList.Grants = append(accessCtrlPolicyResponse.AccessControlList.Grants, publicReadGrant)
|
||||
case acl.IsPublicReadWrite():
|
||||
publicReadGrant := Grant{}
|
||||
publicReadGrant.Grantee.ID = "minio"
|
||||
publicReadGrant.Grantee.DisplayName = "minio"
|
||||
publicReadGrant.Grantee.URI = "http://acs.amazonaws.com/groups/global/AllUsers"
|
||||
publicReadGrant.Permission = "READ"
|
||||
publicReadWriteGrant := Grant{}
|
||||
publicReadWriteGrant.Grantee.ID = "minio"
|
||||
publicReadWriteGrant.Grantee.DisplayName = "minio"
|
||||
publicReadWriteGrant.Grantee.URI = "http://acs.amazonaws.com/groups/global/AllUsers"
|
||||
publicReadWriteGrant.Permission = "WRITE"
|
||||
accessCtrlPolicyResponse.AccessControlList.Grants = append(accessCtrlPolicyResponse.AccessControlList.Grants, publicReadGrant)
|
||||
accessCtrlPolicyResponse.AccessControlList.Grants = append(accessCtrlPolicyResponse.AccessControlList.Grants, publicReadWriteGrant)
|
||||
}
|
||||
return accessCtrlPolicyResponse
|
||||
}
|
||||
|
||||
// generates an ListObjects response for the said bucket with other enumerated options.
|
||||
func generateListObjectsResponse(bucket, prefix, marker, delimiter string, maxKeys int, resp fs.ListObjectsResult) ListObjectsResponse {
|
||||
var contents []Object
|
||||
|
||||
Reference in New Issue
Block a user