seaweedfs/weed/s3api/s3api_acp.go

30 lines
763 B
Go
Raw Normal View History

2022-10-02 10:18:00 +08:00
package s3api
import (
"github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
"github.com/seaweedfs/seaweedfs/weed/s3api/s3account"
2022-10-02 10:18:00 +08:00
"github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
"net/http"
)
func getAccountId(r *http.Request) string {
id := r.Header.Get(s3_constants.AmzAccountId)
if len(id) == 0 {
return s3account.AccountAnonymous.Id
2022-10-02 10:18:00 +08:00
} else {
return id
}
}
func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s3err.ErrorCode {
metadata, errCode := s3a.bucketRegistry.GetBucketMetadata(bucket)
if errCode != s3err.ErrNone {
return errCode
}
accountId := getAccountId(r)
if accountId == s3account.AccountAdmin.Id || accountId == *metadata.Owner.ID {
2022-10-02 10:18:00 +08:00
return s3err.ErrNone
}
return s3err.ErrAccessDenied
}