aboutsummaryrefslogtreecommitdiff
path: root/weed/s3api/auth_credentials.go
diff options
context:
space:
mode:
authorKonstantin Lebedev <lebedev_k@tochka.com>2021-10-11 15:03:56 +0500
committerKonstantin Lebedev <lebedev_k@tochka.com>2021-10-11 15:03:56 +0500
commitbe4b3ed509178b6464452cd91fb06718548f9307 (patch)
treef298ec711c279cbb64b9c438bb84d1238feb1ba9 /weed/s3api/auth_credentials.go
parent84d2e1bdd099550aaba494c88324c8c0dbc08776 (diff)
downloadseaweedfs-be4b3ed509178b6464452cd91fb06718548f9307.tar.xz
seaweedfs-be4b3ed509178b6464452cd91fb06718548f9307.zip
AclHandlers
Diffstat (limited to 'weed/s3api/auth_credentials.go')
-rw-r--r--weed/s3api/auth_credentials.go25
1 files changed, 25 insertions, 0 deletions
diff --git a/weed/s3api/auth_credentials.go b/weed/s3api/auth_credentials.go
index 44c3f7aa7..cd1b3adfb 100644
--- a/weed/s3api/auth_credentials.go
+++ b/weed/s3api/auth_credentials.go
@@ -37,6 +37,31 @@ type Credential struct {
SecretKey string
}
+func (action Action) isAdmin() bool {
+ return strings.HasPrefix(string(action), s3_constants.ACTION_ADMIN)
+}
+
+func (action Action) isOwner(bucket string) bool {
+ return string(action) == s3_constants.ACTION_ADMIN+":"+bucket
+}
+
+func (action Action) overBucket(bucket string) bool {
+ return strings.HasSuffix(string(action), ":"+bucket) || strings.HasSuffix(string(action), ":*")
+}
+
+func (action Action) getPermission() Permission {
+ switch act := strings.Split(string(action), ":")[0]; act {
+ case s3_constants.ACTION_ADMIN:
+ return Permission("FULL_CONTROL")
+ case s3_constants.ACTION_WRITE:
+ return Permission("WRITE")
+ case s3_constants.ACTION_READ:
+ return Permission("READ")
+ default:
+ return Permission("")
+ }
+}
+
func NewIdentityAccessManagement(option *S3ApiServerOption) *IdentityAccessManagement {
iam := &IdentityAccessManagement{
domain: option.DomainName,
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-21 13:27:03 +0000