rgw: read_obj_policy() consults s3:prefix when deciding between 403/404
when read_obj_policy() gets ENOENT, it only returns 404 NoSuchKey if the
requester has s3:ListBucket permission. however, policy that allows
s3:ListBucket may be conditional on the s3:prefix to restrict listings
to certain paths/object names. add the requested object name to the iam
environment as s3:prefix to match aws behavior here
Fixes: https://tracker.ceph.com/issues/74398
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit
363a81ca8d0bf2f1e84b2d48aa02be40d5398147)
projects / ceph.git / commit