aboutsummaryrefslogtreecommitdiff
path: root/weed/s3api/auth_signature_v2.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/s3api/auth_signature_v2.go')
-rw-r--r--weed/s3api/auth_signature_v2.go10
1 files changed, 0 insertions, 10 deletions
diff --git a/weed/s3api/auth_signature_v2.go b/weed/s3api/auth_signature_v2.go
index 4cdc07df0..b31c37a27 100644
--- a/weed/s3api/auth_signature_v2.go
+++ b/weed/s3api/auth_signature_v2.go
@@ -116,11 +116,6 @@ func (iam *IdentityAccessManagement) doesSignV2Match(r *http.Request) (*Identity
return nil, s3err.ErrInvalidAccessKeyID
}
- bucket, object := s3_constants.GetBucketAndObject(r)
- if !identity.canDo(s3_constants.ACTION_WRITE, bucket, object) {
- return nil, s3err.ErrAccessDenied
- }
-
expectedAuth := signatureV2(cred, r.Method, r.URL.Path, r.URL.Query().Encode(), r.Header)
if !compareSignatureV2(v2Auth, expectedAuth) {
return nil, s3err.ErrSignatureDoesNotMatch
@@ -163,11 +158,6 @@ func (iam *IdentityAccessManagement) doesPresignV2SignatureMatch(r *http.Request
return nil, s3err.ErrInvalidAccessKeyID
}
- bucket, object := s3_constants.GetBucketAndObject(r)
- if !identity.canDo(s3_constants.ACTION_READ, bucket, object) {
- return nil, s3err.ErrAccessDenied
- }
-
expectedSignature := preSignatureV2(cred, r.Method, r.URL.Path, r.URL.Query().Encode(), r.Header, expires)
if !compareSignatureV2(signature, expectedSignature) {
return nil, s3err.ErrSignatureDoesNotMatch
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-21 07:51:08 +0000