aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKonstantin Lebedev <lebedev_k@tochka.com>2021-04-27 21:45:40 +0500
committerKonstantin Lebedev <lebedev_k@tochka.com>2021-04-27 21:45:40 +0500
commita48785c7df2914f432a75f2e27b33d0701edec49 (patch)
treee99fc1b8148e80878eb2d6234fc734a70f8ed730
parent5861ba46087bc65433c50acaf9b7dc07862868be (diff)
downloadseaweedfs-a48785c7df2914f432a75f2e27b33d0701edec49.tar.xz
seaweedfs-a48785c7df2914f432a75f2e27b33d0701edec49.zip
auth use bucket wild cards
Diffstat
-rw-r--r--weed/s3api/auth_credentials.go28
1 files changed, 19 insertions, 9 deletions
diff --git a/weed/s3api/auth_credentials.go b/weed/s3api/auth_credentials.go
index b8af6381a..d9d26756f 100644
--- a/weed/s3api/auth_credentials.go
+++ b/weed/s3api/auth_credentials.go
@@ -3,14 +3,14 @@ package s3api
import (
"fmt"
"github.com/chrislusf/seaweedfs/weed/filer"
- "github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
- "io/ioutil"
- "net/http"
-
"github.com/chrislusf/seaweedfs/weed/glog"
"github.com/chrislusf/seaweedfs/weed/pb/iam_pb"
xhttp "github.com/chrislusf/seaweedfs/weed/s3api/http"
+ "github.com/chrislusf/seaweedfs/weed/s3api/s3_constants"
"github.com/chrislusf/seaweedfs/weed/s3api/s3err"
+ "io/ioutil"
+ "net/http"
+ "strings"
)
type Action string
@@ -255,11 +255,21 @@ func (identity *Identity) canDo(action Action, bucket string) bool {
limitedByBucket := string(action) + ":" + bucket
adminLimitedByBucket := s3_constants.ACTION_ADMIN + ":" + bucket
for _, a := range identity.Actions {
- if string(a) == limitedByBucket {
- return true
- }
- if string(a) == adminLimitedByBucket {
- return true
+ act := string(a)
+ if strings.HasSuffix(act, "*") {
+ if strings.HasPrefix(limitedByBucket, act[:len(act)-1]) {
+ return true
+ }
+ if strings.HasPrefix(adminLimitedByBucket, act[:len(act)-1]) {
+ return true
+ }
+ } else {
+ if act == limitedByBucket {
+ return true
+ }
+ if act == adminLimitedByBucket {
+ return true
+ }
}
}
return false
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-22 00:42:56 +0000