MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-20 18:06:10 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add numeric/date policy conditions (#9233)

Browse Source 
add new policy conditions

- NumericEquals
- NumericNotEquals
- NumericLessThan
- NumericLessThanEquals
- NumericGreaterThan
- NumericGreaterThanEquals
- DateEquals
- DateNotEquals
- DateLessThan
- DateLessThanEquals
- DateGreaterThan
- DateGreaterThanEquals
This commit is contained in:
Harshavardhana
2020-04-01 00:04:25 -07:00
committed by GitHub
parent c8243706b4
commit d8af244708
21 changed files with 1162 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
pkg/bucket/policy/condition/key.go
View File

@@ -43,6 +43,9 @@ const (
// PutObject API only.
S3XAmzMetadataDirective Key = "s3:x-amz-metadata-directive"
// S3XAmzContentSha256 - set a static content-sha256 for all calls for a given action.
S3XAmzContentSha256 = "s3:x-amz-content-sha256"
// S3XAmzStorageClass - key representing x-amz-storage-class HTTP header applicable to PutObject API
// only.
S3XAmzStorageClass Key = "s3:x-amz-storage-class"
@@ -59,6 +62,24 @@ const (
// S3MaxKeys - key representing max-keys query parameter of ListBucket API only.
S3MaxKeys Key = "s3:max-keys"
// S3ObjectLockRemainingRetentionDays - key representing object-lock-remaining-retention-days
// Enables enforcement of an object relative to the remaining retention days, you can set
// minimum and maximum allowable retention periods for a bucket using a bucket policy.
// This key are specific for s3:PutObjectRetention API.
S3ObjectLockRemainingRetentionDays Key = "s3:object-lock-remaining-retention-days"
// S3ObjectLockMode - key representing object-lock-mode
// Enables enforcement of the specified object retention mode
S3ObjectLockMode Key = "s3:object-lock-mode"
// S3ObjectLockRetainUntilDate - key representing object-lock-retain-util-date
// Enables enforcement of a specific retain-until-date
S3ObjectLockRetainUntilDate Key = "s3:object-lock-retain-until-date"
// S3ObjectLockLegalHold - key representing object-local-legal-hold
// Enables enforcement of the specified object legal hold status
S3ObjectLockLegalHold Key = "s3:object-lock-legal-hold"
// AWSReferer - key representing Referer header of any API.
AWSReferer Key = "aws:Referer"
@@ -94,10 +115,15 @@ var AllSupportedKeys = append([]Key{
S3XAmzServerSideEncryptionCustomerAlgorithm,
S3XAmzMetadataDirective,
S3XAmzStorageClass,
S3XAmzContentSha256,
S3LocationConstraint,
S3Prefix,
S3Delimiter,
S3MaxKeys,
S3ObjectLockRemainingRetentionDays,
S3ObjectLockMode,
S3ObjectLockLegalHold,
S3ObjectLockRetainUntilDate,
AWSReferer,
AWSSourceIP,
AWSUserAgent,
@@ -121,6 +147,7 @@ var CommonKeys = append([]Key{
AWSPrincipalType,
AWSUserID,
AWSUsername,
S3XAmzContentSha256,
}, JWTKeys...)
func substFuncFromValues(values map[string][]string) func(string) string {