Implement bucket policy handler and with galore of cleanup

2025-11-24 03:27:44 -05:00 · 2015-02-15 17:03:27 -08:00
parent 7d8c34e055
commit eeae64935e
18 changed files with 827 additions and 407 deletions
--- a/pkg/utils/policy/policy.go
+++ b/pkg/utils/policy/policy.go
@@ -0,0 +1,67 @@
+package policy
+
+import (
+	"encoding/json"
+	"io"
+)
+
+type UserCred struct {
+	AWS string
+}
+
+type Stmt struct {
+	Sid       string
+	Effect    string
+	Principal UserCred
+	Action    []string
+	Resource  []string
+}
+
+type BucketPolicy struct {
+	Version   string // date in 0000-00-00 format
+	Statement []Stmt
+}
+
+// TODO: Add more checks
+
+// validate request body is proper JSON
+func Parsepolicy(data io.Reader) (BucketPolicy, bool) {
+	var policy BucketPolicy
+	decoder := json.NewDecoder(data)
+	err := decoder.Decode(&policy)
+	if err != nil {
+		goto error
+	}
+	if len(policy.Version) == 0 {
+		goto error
+	}
+	_, err = ParseDate(policy.Version)
+	if err != nil {
+		goto error
+	}
+	if len(policy.Statement) == 0 {
+		goto error
+	}
+
+	for _, statement := range policy.Statement {
+		if len(statement.Sid) == 0 {
+			goto error
+		}
+		if len(statement.Effect) == 0 {
+			goto error
+		}
+		if len(statement.Principal.AWS) == 0 {
+			goto error
+		}
+		if len(statement.Action) == 0 {
+			goto error
+		}
+		if len(statement.Resource) == 0 {
+			goto error
+		}
+	}
+	return policy, true
+
+error:
+	return BucketPolicy{}, false
+}