aboutsummaryrefslogtreecommitdiff
path: root/weed/s3api/s3api_bucket_handlers.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/s3api/s3api_bucket_handlers.go')
-rw-r--r--weed/s3api/s3api_bucket_handlers.go45
1 files changed, 26 insertions, 19 deletions
diff --git a/weed/s3api/s3api_bucket_handlers.go b/weed/s3api/s3api_bucket_handlers.go
index bd3d7fd58..6b2ed8ef2 100644
--- a/weed/s3api/s3api_bucket_handlers.go
+++ b/weed/s3api/s3api_bucket_handlers.go
@@ -120,7 +120,22 @@ func (s3a *S3ApiServer) DeleteBucketHandler(w http.ResponseWriter, r *http.Reque
bucket, _ := getBucketAndObject(r)
- err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
+ entry, err := s3a.get(s3a.option.BucketsPath, bucket)
+ if entry == nil || err == filer_pb.ErrNotFound {
+ writeErrorResponse(w, s3err.ErrNoSuchBucket, r.URL)
+ return
+ }
+
+ if entry.Extended != nil {
+ if id, ok := entry.Extended[xhttp.AmzIdentityId]; ok {
+ if string(id) != r.Header.Get(xhttp.AmzIdentityId) {
+ writeErrorResponse(w, s3err.ErrAccessDenied, r.URL)
+ return
+ }
+ }
+ }
+
+ err = s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
// delete collection
deleteCollectionRequest := &filer_pb.DeleteCollectionRequest{
@@ -149,27 +164,19 @@ func (s3a *S3ApiServer) HeadBucketHandler(w http.ResponseWriter, r *http.Request
bucket, _ := getBucketAndObject(r)
- err := s3a.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
-
- request := &filer_pb.LookupDirectoryEntryRequest{
- Directory: s3a.option.BucketsPath,
- Name: bucket,
- }
+ entry, err := s3a.get(s3a.option.BucketsPath, bucket)
+ if entry == nil || err != nil {
+ writeErrorResponse(w, s3err.ErrNoSuchBucket, r.URL)
+ return
+ }
- glog.V(1).Infof("lookup bucket: %v", request)
- if _, err := filer_pb.LookupEntry(client, request); err != nil {
- if err == filer_pb.ErrNotFound {
- return filer_pb.ErrNotFound
+ if entry.Extended != nil {
+ if id, ok := entry.Extended[xhttp.AmzIdentityId]; ok {
+ if string(id) != r.Header.Get(xhttp.AmzIdentityId) {
+ writeErrorResponse(w, s3err.ErrAccessDenied, r.URL)
+ return
}
- return fmt.Errorf("lookup bucket %s/%s: %v", s3a.option.BucketsPath, bucket, err)
}
-
- return nil
- })
-
- if err != nil {
- writeErrorResponse(w, s3err.ErrNoSuchBucket, r.URL)
- return
}
writeSuccessResponseEmpty(w)
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-21 12:01:07 +0000