aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex <alex@adnab.me>2024-08-24 10:49:14 +0000
committerAlex <alex@adnab.me>2024-08-24 10:49:14 +0000
commit3e711bc110aaf2d7f84ac08062df27ee94caf0b9 (patch)
tree998c26ed6b20d880f438f797361f21169c68e4f6
parent679ae8bcbb234623eed83dd10bb9d051eefead4a (diff)
parentf19003258964a591f6d1114d2bfad7ee1ce17dfb (diff)
downloadgarage-3e711bc110aaf2d7f84ac08062df27ee94caf0b9.tar.gz
garage-3e711bc110aaf2d7f84ac08062df27ee94caf0b9.zip
Merge pull request 'don't modify postobject request before validating policy' (#850) from trinity-1686a/garage:fix-acl-postobject into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/850
-rw-r--r--src/api/s3/post_object.rs22
1 files changed, 7 insertions, 15 deletions
diff --git a/src/api/s3/post_object.rs b/src/api/s3/post_object.rs
index 2c106b3b..ff2361f1 100644
--- a/src/api/s3/post_object.rs
+++ b/src/api/s3/post_object.rs
@@ -71,21 +71,11 @@ pub async fn handle_post_object(
}
if let Ok(content) = HeaderValue::from_str(&field.text().await?) {
- match name.as_str() {
- "tag" => (/* tag need to be reencoded, but we don't support them yet anyway */),
- "acl" => {
- if params.insert("x-amz-acl", content).is_some() {
- return Err(Error::bad_request("Field 'acl' provided more than once"));
- }
- }
- _ => {
- if params.insert(&name, content).is_some() {
- return Err(Error::bad_request(format!(
- "Field '{}' provided more than once",
- name
- )));
- }
- }
+ if params.insert(&name, content).is_some() {
+ return Err(Error::bad_request(format!(
+ "Field '{}' provided more than once",
+ name
+ )));
}
}
};
@@ -222,6 +212,8 @@ pub async fn handle_post_object(
)));
}
+ // if we ever start supporting ACLs, we likely want to map "acl" to x-amz-acl" somewhere
+ // arround here to make sure the rest of the machinery takes our acl into account.
let headers = get_headers(&params)?;
let expected_checksums = ExpectedChecksums {