MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-09 21:49:46 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add boolean function condition support (#7027)

Browse Source
This commit is contained in:
Harshavardhana
2018-12-28 12:18:58 -08:00
committed by GitHub
parent 1898961ce3
commit 2a0e4b6f58
16 changed files with 364 additions and 295 deletions
Download Patch File Download Diff File Expand all files Collapse all files

141
pkg/iam/policy/action.go
View File

@@ -176,133 +176,54 @@ func parseAction(s string) (Action, error) {
var actionConditionKeyMap = map[Action]condition.KeySet{
AllActions: condition.NewKeySet(condition.AllSupportedKeys...),
AbortMultipartUploadAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
AbortMultipartUploadAction: condition.NewKeySet(condition.CommonKeys...),
CreateBucketAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
CreateBucketAction: condition.NewKeySet(condition.CommonKeys...),
DeleteBucketPolicyAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
DeleteBucketPolicyAction: condition.NewKeySet(condition.CommonKeys...),
DeleteObjectAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
DeleteObjectAction: condition.NewKeySet(condition.CommonKeys...),
GetBucketLocationAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
GetBucketLocationAction: condition.NewKeySet(condition.CommonKeys...),
GetBucketNotificationAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
GetBucketNotificationAction: condition.NewKeySet(condition.CommonKeys...),
GetBucketPolicyAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
GetBucketPolicyAction: condition.NewKeySet(condition.CommonKeys...),
GetObjectAction: condition.NewKeySet(
condition.S3XAmzServerSideEncryption,
condition.S3XAmzServerSideEncryptionAwsKMSKeyID,
condition.S3XAmzStorageClass,
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
append([]condition.Key{
condition.S3XAmzServerSideEncryption,
condition.S3XAmzServerSideEncryptionCustomerAlgorithm,
condition.S3XAmzStorageClass,
}, condition.CommonKeys...)...),
HeadBucketAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
HeadBucketAction: condition.NewKeySet(condition.CommonKeys...),
ListAllMyBucketsAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
ListAllMyBucketsAction: condition.NewKeySet(condition.CommonKeys...),
ListBucketAction: condition.NewKeySet(
condition.S3Prefix,
condition.S3Delimiter,
condition.S3MaxKeys,
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
append([]condition.Key{
condition.S3Prefix,
condition.S3Delimiter,
condition.S3MaxKeys,
}, condition.CommonKeys...)...),
ListBucketMultipartUploadsAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
ListBucketMultipartUploadsAction: condition.NewKeySet(condition.CommonKeys...),
ListenBucketNotificationAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
ListenBucketNotificationAction: condition.NewKeySet(condition.CommonKeys...),
ListMultipartUploadPartsAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
ListMultipartUploadPartsAction: condition.NewKeySet(condition.CommonKeys...),
PutBucketNotificationAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
PutBucketNotificationAction: condition.NewKeySet(condition.CommonKeys...),
PutBucketPolicyAction: condition.NewKeySet(
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
PutBucketPolicyAction: condition.NewKeySet(condition.CommonKeys...),
PutObjectAction: condition.NewKeySet(
condition.S3XAmzCopySource,
condition.S3XAmzServerSideEncryption,
condition.S3XAmzServerSideEncryptionAwsKMSKeyID,
condition.S3XAmzMetadataDirective,
condition.S3XAmzStorageClass,
condition.AWSReferer,
condition.AWSSourceIP,
condition.AWSUserAgent,
condition.AWSSecureTransport,
),
append([]condition.Key{
condition.S3XAmzCopySource,
condition.S3XAmzServerSideEncryption,
condition.S3XAmzServerSideEncryptionCustomerAlgorithm,
condition.S3XAmzMetadataDirective,
condition.S3XAmzStorageClass,
}, condition.CommonKeys...)...),
}