aboutsummaryrefslogtreecommitdiff
path: root/weed/s3api/s3api_bucket_policy_handlers.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/s3api/s3api_bucket_policy_handlers.go')
-rw-r--r--weed/s3api/s3api_bucket_policy_handlers.go9
1 files changed, 1 insertions, 8 deletions
diff --git a/weed/s3api/s3api_bucket_policy_handlers.go b/weed/s3api/s3api_bucket_policy_handlers.go
index 4a83f0da4..355fe0957 100644
--- a/weed/s3api/s3api_bucket_policy_handlers.go
+++ b/weed/s3api/s3api_bucket_policy_handlers.go
@@ -275,14 +275,10 @@ func (s3a *S3ApiServer) validateBucketPolicy(policyDoc *policy.PolicyDocument, b
// validateResourceForBucket checks if a resource ARN is valid for the given bucket
func (s3a *S3ApiServer) validateResourceForBucket(resource, bucket string) bool {
// Accepted formats for S3 bucket policies:
- // AWS-style ARNs:
+ // AWS-style ARNs (standard):
// arn:aws:s3:::bucket-name
// arn:aws:s3:::bucket-name/*
// arn:aws:s3:::bucket-name/path/to/object
- // SeaweedFS ARNs:
- // arn:seaweed:s3:::bucket-name
- // arn:seaweed:s3:::bucket-name/*
- // arn:seaweed:s3:::bucket-name/path/to/object
// Simplified formats (for convenience):
// bucket-name
// bucket-name/*
@@ -290,13 +286,10 @@ func (s3a *S3ApiServer) validateResourceForBucket(resource, bucket string) bool
var resourcePath string
const awsPrefix = "arn:aws:s3:::"
- const seaweedPrefix = "arn:seaweed:s3:::"
// Strip the optional ARN prefix to get the resource path
if path, ok := strings.CutPrefix(resource, awsPrefix); ok {
resourcePath = path
- } else if path, ok := strings.CutPrefix(resource, seaweedPrefix); ok {
- resourcePath = path
} else {
resourcePath = resource
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-20 23:27:01 +0000