diff options
| author | Riccardo Bertossa <33728857+rikigigi@users.noreply.github.com> | 2024-05-17 13:54:09 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-17 04:54:09 -0700 |
| commit | f6e8a9bf9ce3072cfd1d27157cc2a83f91d669df (patch) | |
| tree | d23141dd63cbb611247f78f8db53d3ba695d9b4e /weed/s3api/auth_credentials.go | |
| parent | 54f3913bedf3145a899f2ef872735dd54e468fcc (diff) | |
| download | seaweedfs-f6e8a9bf9ce3072cfd1d27157cc2a83f91d669df.tar.xz seaweedfs-f6e8a9bf9ce3072cfd1d27157cc2a83f91d669df.zip | |
added s3 iam DeleteBucket permission management (#5599)
Diffstat (limited to 'weed/s3api/auth_credentials.go')
| -rw-r--r-- | weed/s3api/auth_credentials.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/weed/s3api/auth_credentials.go b/weed/s3api/auth_credentials.go index a2b1fd90f..6121aecba 100644 --- a/weed/s3api/auth_credentials.go +++ b/weed/s3api/auth_credentials.go @@ -317,6 +317,7 @@ func (iam *IdentityAccessManagement) Auth(f http.HandlerFunc, action Action) htt } identity, errCode := iam.authRequest(r, action) + glog.V(3).Infof("auth error: %v", errCode) if errCode == s3err.ErrNone { if identity != nil && identity.Name != "" { r.Header.Set(s3_constants.AmzIdentityId, identity.Name) @@ -453,6 +454,7 @@ func (identity *Identity) canDo(action Action, bucket string, objectKey string) } } if bucket == "" { + glog.V(3).Infof("identity %s is not allowed to perform action %s on %s -- bucket is empty", identity.Name, action, bucket+objectKey) return false } target := string(action) + ":" + bucket + objectKey @@ -477,6 +479,8 @@ func (identity *Identity) canDo(action Action, bucket string, objectKey string) } } } + //log error + glog.V(3).Infof("identity %s is not allowed to perform action %s on %s", identity.Name, action, bucket+objectKey) return false } |