MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-21 10:16:03 -05:00
Code Issues Packages Projects Releases Wiki Activity

Support policy variable replacement (#7085)

Browse Source 
This PR supports iam and bucket policies to have
policy variable replacements in resource and
condition key values.

For example
- ${aws:username}
- ${aws:userid}
This commit is contained in:
Harshavardhana
2019-01-21 10:27:14 +05:30
committed by GitHub
parent 3265112d04
commit 5353edcc38
19 changed files with 125 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/object-handlers.go
View File

@@ -131,7 +131,7 @@ func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r
if globalPolicySys.IsAllowed(policy.Args{
Action: policy.ListBucketAction,
BucketName: bucket,
ConditionValues: getConditionValues(r, ""),
ConditionValues: getConditionValues(r, "", ""),
IsOwner: false,
}) {
_, err = getObjectInfo(ctx, bucket, object, opts)
@@ -281,7 +281,7 @@ func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Req
if globalPolicySys.IsAllowed(policy.Args{
Action: policy.ListBucketAction,
BucketName: bucket,
ConditionValues: getConditionValues(r, ""),
ConditionValues: getConditionValues(r, "", ""),
IsOwner: false,
}) {
getObjectInfo := objectAPI.GetObjectInfo
@@ -463,7 +463,7 @@ func (api objectAPIHandlers) HeadObjectHandler(w http.ResponseWriter, r *http.Re
if globalPolicySys.IsAllowed(policy.Args{
Action: policy.ListBucketAction,
BucketName: bucket,
ConditionValues: getConditionValues(r, ""),
ConditionValues: getConditionValues(r, "", ""),
IsOwner: false,
}) {
_, err = getObjectInfo(ctx, bucket, object, opts)