MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make sure to pass the right username for correct ConditionValues (#7169) 

Without passing proper username value would result in AccessDenied
errors when policies with `{aws:username}` substitutions are used.

Fixes #7165
This commit is contained in:
Harshavardhana 2019-01-30 00:51:09 -08:00 committed by Nitish Tiwari
parent 34e7259f95
commit e1ae90c12b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/web-handlers.go
View File

@ -471,7 +471,7 @@ func (web *webAPIHandlers) ListObjects(r *http.Request, args *ListObjectsArgs, r
AccountName: claims.Subject, AccountName: claims.Subject,
Action: iampolicy.ListBucketAction, Action: iampolicy.ListBucketAction,
BucketName: args.BucketName, BucketName: args.BucketName,
ConditionValues: getConditionValues(r, "", ""), ConditionValues: getConditionValues(r, "", claims.Subject),
IsOwner: owner, IsOwner: owner,
}) })
@ -479,7 +479,7 @@ func (web *webAPIHandlers) ListObjects(r *http.Request, args *ListObjectsArgs, r
AccountName: claims.Subject, AccountName: claims.Subject,
Action: iampolicy.PutObjectAction, Action: iampolicy.PutObjectAction,
BucketName: args.BucketName, BucketName: args.BucketName,
ConditionValues: getConditionValues(r, "", ""), ConditionValues: getConditionValues(r, "", claims.Subject),
IsOwner: owner, IsOwner: owner,
ObjectName: args.Prefix + "/", ObjectName: args.Prefix + "/",
}) })