2022-10-02 10:18:00 +08:00
|
|
|
package s3api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
|
|
|
|
"github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
|
|
|
|
"net/http"
|
|
|
|
)
|
|
|
|
|
|
|
|
func getAccountId(r *http.Request) string {
|
|
|
|
id := r.Header.Get(s3_constants.AmzAccountId)
|
|
|
|
if len(id) == 0 {
|
2023-09-25 23:34:12 +08:00
|
|
|
return AccountAnonymous.Id
|
2022-10-02 10:18:00 +08:00
|
|
|
} else {
|
|
|
|
return id
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s3err.ErrorCode {
|
|
|
|
metadata, errCode := s3a.bucketRegistry.GetBucketMetadata(bucket)
|
|
|
|
if errCode != s3err.ErrNone {
|
|
|
|
return errCode
|
|
|
|
}
|
|
|
|
accountId := getAccountId(r)
|
2023-09-25 23:34:12 +08:00
|
|
|
if accountId == AccountAdmin.Id || accountId == *metadata.Owner.ID {
|
2022-10-02 10:18:00 +08:00
|
|
|
return s3err.ErrNone
|
|
|
|
}
|
|
|
|
return s3err.ErrAccessDenied
|
|
|
|
}
|