add basic object ACL (#7004)

* add back tests * get put object acl * check permission to put object acl * rename file * object list versions now contains owners * set object owner * refactoring * Revert "add back tests" This reverts commit 9adc507c45caafc5329433dba76f44c63318b0f1.
author: Chris Lu <chrislusf@users.noreply.github.com> 2025-07-20 14:15:25 -0700
committer: GitHub <noreply@github.com> 2025-07-20 14:15:25 -0700
commit: 377f1f24c7782a647656da20c3e5096cba302b0b (patch)
tree: 9258fbf28b48989c8c9c510863dfd418c98c33f2 /weed/s3api/s3api_object_versioning.go
parent: 85036936d1e1faaaa9d3002372f549fc98a1f740 (diff)
download: seaweedfs-377f1f24c7782a647656da20c3e5096cba302b0b.tar.xz
seaweedfs-377f1f24c7782a647656da20c3e5096cba302b0b.zip
1 files changed, 55 insertions, 3 deletions
diff --git a/weed/s3api/s3api_object_versioning.go b/weed/s3api/s3api_object_versioning.go
index a0d02d566..ff82969b5 100644
--- a/weed/s3api/s3api_object_versioning.go
+++ b/weed/s3api/s3api_object_versioning.go
@@ -278,7 +278,7 @@ func (s3a *S3ApiServer) findVersionsRecursively(currentPath, relativePath string
 							VersionId:    version.VersionId,
 							IsLatest:     version.IsLatest,
 							LastModified: version.LastModified,
-							Owner:        CanonicalUser{ID: "unknown", DisplayName: "unknown"},
+							Owner:        s3a.getObjectOwnerFromVersion(version, bucket, objectKey),
 						}
 						*allVersions = append(*allVersions, deleteMarker)
 					} else {
@@ -289,7 +289,7 @@ func (s3a *S3ApiServer) findVersionsRecursively(currentPath, relativePath string
 							LastModified: version.LastModified,
 							ETag:         version.ETag,
 							Size:         version.Size,
-							Owner:        CanonicalUser{ID: "unknown", DisplayName: "unknown"},
+							Owner:        s3a.getObjectOwnerFromVersion(version, bucket, objectKey),
 							StorageClass: "STANDARD",
 						}
 						*allVersions = append(*allVersions, versionEntry)
@@ -339,7 +339,7 @@ func (s3a *S3ApiServer) findVersionsRecursively(currentPath, relativePath string
 				LastModified: time.Unix(entry.Attributes.Mtime, 0),
 				ETag:         etag,
 				Size:         int64(entry.Attributes.FileSize),
-				Owner:        CanonicalUser{ID: "unknown", DisplayName: "unknown"},
+				Owner:        s3a.getObjectOwnerFromEntry(entry),
 				StorageClass: "STANDARD",
 			}
 			*allVersions = append(*allVersions, versionEntry)
@@ -761,3 +761,55 @@ func (s3a *S3ApiServer) getLatestObjectVersion(bucket, object string) (*filer_pb
 
 	return latestVersionEntry, nil
 }
+
+// getObjectOwnerFromVersion extracts object owner information from version entry metadata
+func (s3a *S3ApiServer) getObjectOwnerFromVersion(version *ObjectVersion, bucket, objectKey string) CanonicalUser {
+	// First try to get owner from the version entry itself
+	if version.Entry != nil && version.Entry.Extended != nil {
+		if ownerBytes, exists := version.Entry.Extended[s3_constants.ExtAmzOwnerKey]; exists {
+			ownerId := string(ownerBytes)
+			ownerDisplayName := s3a.iam.GetAccountNameById(ownerId)
+			return CanonicalUser{ID: ownerId, DisplayName: ownerDisplayName}
+		}
+	}
+
+	// Fallback: try to get owner from the current version of the object
+	// This handles cases where older versions might not have owner metadata
+	if version.VersionId == "null" {
+		// For null version, check the regular object file
+		bucketDir := s3a.option.BucketsPath + "/" + bucket
+		if entry, err := s3a.getEntry(bucketDir, objectKey); err == nil && entry.Extended != nil {
+			if ownerBytes, exists := entry.Extended[s3_constants.ExtAmzOwnerKey]; exists {
+				ownerId := string(ownerBytes)
+				ownerDisplayName := s3a.iam.GetAccountNameById(ownerId)
+				return CanonicalUser{ID: ownerId, DisplayName: ownerDisplayName}
+			}
+		}
+	} else {
+		// For versioned objects, try to get from latest version metadata
+		if latestVersion, err := s3a.getLatestObjectVersion(bucket, objectKey); err == nil && latestVersion.Extended != nil {
+			if ownerBytes, exists := latestVersion.Extended[s3_constants.ExtAmzOwnerKey]; exists {
+				ownerId := string(ownerBytes)
+				ownerDisplayName := s3a.iam.GetAccountNameById(ownerId)
+				return CanonicalUser{ID: ownerId, DisplayName: ownerDisplayName}
+			}
+		}
+	}
+
+	// Ultimate fallback: return anonymous if no owner found
+	return CanonicalUser{ID: s3_constants.AccountAnonymousId, DisplayName: "anonymous"}
+}
+
+// getObjectOwnerFromEntry extracts object owner information from a file entry
+func (s3a *S3ApiServer) getObjectOwnerFromEntry(entry *filer_pb.Entry) CanonicalUser {
+	if entry != nil && entry.Extended != nil {
+		if ownerBytes, exists := entry.Extended[s3_constants.ExtAmzOwnerKey]; exists {
+			ownerId := string(ownerBytes)
+			ownerDisplayName := s3a.iam.GetAccountNameById(ownerId)
+			return CanonicalUser{ID: ownerId, DisplayName: ownerDisplayName}
+		}
+	}
+
+	// Fallback: return anonymous if no owner found
+	return CanonicalUser{ID: s3_constants.AccountAnonymousId, DisplayName: "anonymous"}
+}
author	Chris Lu <chrislusf@users.noreply.github.com>	2025-07-20 14:15:25 -0700
committer	GitHub <noreply@github.com>	2025-07-20 14:15:25 -0700
commit	377f1f24c7782a647656da20c3e5096cba302b0b (patch)
tree	9258fbf28b48989c8c9c510863dfd418c98c33f2 /weed/s3api/s3api_object_versioning.go
parent	85036936d1e1faaaa9d3002372f549fc98a1f740 (diff)
download	seaweedfs-377f1f24c7782a647656da20c3e5096cba302b0b.tar.xz seaweedfs-377f1f24c7782a647656da20c3e5096cba302b0b.zip