mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
bucket: SetBucketPolicy should save a valid Version and validate. (#2762)
This commit is contained in:
parent
4bc2eb9a4d
commit
e375d822da
@ -539,7 +539,7 @@ func readBucketAccessPolicy(objAPI ObjectLayer, bucketName string) (policy.Bucke
|
|||||||
bucketPolicyReader, err := readBucketPolicyJSON(bucketName, objAPI)
|
bucketPolicyReader, err := readBucketPolicyJSON(bucketName, objAPI)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if _, ok := err.(BucketPolicyNotFound); ok {
|
if _, ok := err.(BucketPolicyNotFound); ok {
|
||||||
return policy.BucketAccessPolicy{}, nil
|
return policy.BucketAccessPolicy{Version: "2012-10-17"}, nil
|
||||||
}
|
}
|
||||||
return policy.BucketAccessPolicy{}, err
|
return policy.BucketAccessPolicy{}, err
|
||||||
}
|
}
|
||||||
@ -599,8 +599,8 @@ func (web *webAPIHandlers) SetBucketPolicy(r *http.Request, args *SetBucketPolic
|
|||||||
return &json2.Error{Message: "Server not initialized"}
|
return &json2.Error{Message: "Server not initialized"}
|
||||||
}
|
}
|
||||||
|
|
||||||
bucketPolicy := policy.BucketPolicy(args.Policy)
|
bucketP := policy.BucketPolicy(args.Policy)
|
||||||
if !bucketPolicy.IsValidBucketPolicy() {
|
if !bucketP.IsValidBucketPolicy() {
|
||||||
return &json2.Error{Message: "Invalid policy " + args.Policy}
|
return &json2.Error{Message: "Invalid policy " + args.Policy}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -608,20 +608,30 @@ func (web *webAPIHandlers) SetBucketPolicy(r *http.Request, args *SetBucketPolic
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return &json2.Error{Message: err.Error()}
|
return &json2.Error{Message: err.Error()}
|
||||||
}
|
}
|
||||||
|
policyInfo.Statements = policy.SetPolicy(policyInfo.Statements, bucketP, args.BucketName, args.Prefix)
|
||||||
policyInfo.Statements = policy.SetPolicy(policyInfo.Statements, bucketPolicy, args.BucketName, args.Prefix)
|
|
||||||
|
|
||||||
data, err := json.Marshal(policyInfo)
|
data, err := json.Marshal(policyInfo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return &json2.Error{Message: err.Error()}
|
return &json2.Error{Message: err.Error()}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Parse bucket policy.
|
||||||
|
var policy = &bucketPolicy{}
|
||||||
|
err = parseBucketPolicy(bytes.NewReader(data), policy)
|
||||||
|
if err != nil {
|
||||||
|
errorIf(err, "Unable to parse bucket policy.")
|
||||||
|
return &json2.Error{Message: err.Error()}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse check bucket policy.
|
||||||
|
if s3Error := checkBucketPolicyResources(args.BucketName, policy); s3Error != ErrNone {
|
||||||
|
return &json2.Error{Message: getAPIError(s3Error).Description}
|
||||||
|
}
|
||||||
|
|
||||||
// TODO: update policy statements according to bucket name, prefix and policy arguments.
|
// TODO: update policy statements according to bucket name, prefix and policy arguments.
|
||||||
if err := writeBucketPolicy(args.BucketName, objectAPI, bytes.NewReader(data), int64(len(data))); err != nil {
|
if err := writeBucketPolicy(args.BucketName, objectAPI, bytes.NewReader(data), int64(len(data))); err != nil {
|
||||||
return &json2.Error{Message: err.Error()}
|
return &json2.Error{Message: err.Error()}
|
||||||
}
|
}
|
||||||
|
|
||||||
reply.UIVersion = miniobrowser.UIVersion
|
reply.UIVersion = miniobrowser.UIVersion
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user