]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a8ed81f)
rgw: policy: modify s3:ListBucketMultiPartUploads to s3:ListBucketMultipartUploads 21916/head
authorxiangxiang <xiangxiang@xsky.com>
Tue, 20 Mar 2018 12:38:07 +0000 (20:38 +0800)
committerNathan Cutler <ncutler@suse.com>
Wed, 9 May 2018 18:47:26 +0000 (20:47 +0200)
according to AWS S3, the permission keyword should be s3:ListBucketMultipartUploads
rather than s3:ListBucketMultiPartUploads.

all operation permission list in AWS S3 as follows:
  https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html?shortFooter=true

Signed-off-by: xiangxiang <xiangxiang@xsky.com>
(cherry picked from commit 41ef62d9047ca7469023181f203e79c63ec30d64)

src/rgw/rgw_iam_policy.cc patch | blob | history
src/rgw/rgw_iam_policy.h patch | blob | history
src/rgw/rgw_op.cc patch | blob | history
src/test/rgw/test_rgw_iam_policy.cc patch | blob | history

diff --git a/src/rgw/rgw_iam_policy.cc b/src/rgw/rgw_iam_policy.cc
index 828399551cf562dabcfa650c6ff6f963dbae03b7..a585f8b5e9aef3a5eb7888f78c3af7ff4c0426d2 100644 (file)
--- a/src/rgw/rgw_iam_policy.cc
+++ b/src/rgw/rgw_iam_policy.cc
@@ -422,7 +422,7 @@ static const actpair actpairs[] =
  { "s3:GetObjectVersionTagging", s3GetObjectVersionTagging},
  { "s3:GetReplicationConfiguration", s3GetReplicationConfiguration },
  { "s3:ListAllMyBuckets", s3ListAllMyBuckets },
- { "s3:ListBucketMultiPartUploads", s3ListBucketMultiPartUploads },
+ { "s3:ListBucketMultipartUploads", s3ListBucketMultipartUploads },
  { "s3:ListBucket", s3ListBucket },
  { "s3:ListBucketVersions", s3ListBucketVersions },
  { "s3:ListMultipartUploadParts", s3ListMultipartUploadParts },
@@ -1325,8 +1325,8 @@ const char* action_bit_string(uint64_t action) {
   case s3ListAllMyBuckets:
     return "s3:ListAllMyBuckets";
 
-  case s3ListBucketMultiPartUploads:
-    return "s3:ListBucketMultiPartUploads";
+  case s3ListBucketMultipartUploads:
+    return "s3:ListBucketMultipartUploads";
 
   case s3GetAccelerateConfiguration:
     return "s3:GetAccelerateConfiguration";
diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 4bb06b1195f65588c60b9f73b2471661aa1f82ad..f11a98d7f1d4e570dde48cc0f4b8e20fb07607ca 100644 (file)
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -60,7 +60,7 @@ static constexpr std::uint64_t s3DeleteBucket = 1ULL << 15;
 static constexpr std::uint64_t s3ListBucket = 1ULL << 16;
 static constexpr std::uint64_t s3ListBucketVersions = 1ULL << 17;
 static constexpr std::uint64_t s3ListAllMyBuckets = 1ULL << 18;
-static constexpr std::uint64_t s3ListBucketMultiPartUploads = 1ULL << 19;
+static constexpr std::uint64_t s3ListBucketMultipartUploads = 1ULL << 19;
 static constexpr std::uint64_t s3GetAccelerateConfiguration = 1ULL << 20;
 static constexpr std::uint64_t s3PutAccelerateConfiguration = 1ULL << 21;
 static constexpr std::uint64_t s3GetBucketAcl = 1ULL << 22;
@@ -109,7 +109,7 @@ inline int op_to_perm(std::uint64_t op) {
   case s3GetObjectVersionTagging:
   case s3ListAllMyBuckets:
   case s3ListBucket:
-  case s3ListBucketMultiPartUploads:
+  case s3ListBucketMultipartUploads:
   case s3ListBucketVersions:
   case s3ListMultipartUploadParts:
     return RGW_PERM_READ;
diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 3b77eff5265da5987b5163fa909825ee46f8e9ee..d472490a1c3f8745026bcc3193072c9aaea7de08 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -5869,7 +5869,7 @@ void RGWListMultipart::execute()
 int RGWListBucketMultiparts::verify_permission()
 {
   if (!verify_bucket_permission(s,
-                               rgw::IAM::s3ListBucketMultiPartUploads))
+                               rgw::IAM::s3ListBucketMultipartUploads))
     return -EACCES;
 
   return 0;
diff --git a/src/test/rgw/test_rgw_iam_policy.cc b/src/test/rgw/test_rgw_iam_policy.cc
index ecad57adb72e71b236dea07b793f743aaac13df0..da03cff19dd9d87509f6885fb8dd6c1182ed4509 100644 (file)
--- a/src/test/rgw/test_rgw_iam_policy.cc
+++ b/src/test/rgw/test_rgw_iam_policy.cc
@@ -70,7 +70,7 @@ using rgw::IAM::s3GetReplicationConfiguration;
 using rgw::IAM::s3ListAllMyBuckets;
 using rgw::IAM::s3ListBucket;
 using rgw::IAM::s3ListBucket;
-using rgw::IAM::s3ListBucketMultiPartUploads;
+using rgw::IAM::s3ListBucketMultipartUploads;
 using rgw::IAM::s3ListBucketVersions;
 using rgw::IAM::s3ListMultipartUploadParts;
 using rgw::IAM::s3None;
@@ -314,7 +314,7 @@ TEST_F(PolicyTest, Parse3) {
   EXPECT_EQ(p->statements[2].action, (s3ListMultipartUploadParts |
                                      s3ListBucket | s3ListBucketVersions |
                                      s3ListAllMyBuckets |
-                                     s3ListBucketMultiPartUploads |
+                                     s3ListBucketMultipartUploads |
                                      s3GetObject | s3GetObjectVersion |
                                      s3GetObjectAcl | s3GetObjectVersionAcl |
                                      s3GetObjectTorrent |
@@ -369,7 +369,7 @@ TEST_F(PolicyTest, Eval3) {
 
   auto s3allow = (s3ListMultipartUploadParts | s3ListBucket |
                  s3ListBucketVersions | s3ListAllMyBuckets |
-                 s3ListBucketMultiPartUploads | s3GetObject |
+                 s3ListBucketMultipartUploads | s3GetObject |
                  s3GetObjectVersion | s3GetObjectAcl | s3GetObjectVersionAcl |
                  s3GetObjectTorrent | s3GetObjectVersionTorrent |
                  s3GetAccelerateConfiguration | s3GetBucketAcl |
Unnamed repository; edit this file 'description' to name the repository.