diff options
| author | Alex <alex@adnab.me> | 2024-08-24 10:49:14 +0000 |
|---|---|---|
| committer | Alex <alex@adnab.me> | 2024-08-24 10:49:14 +0000 |
| commit | 3e711bc110aaf2d7f84ac08062df27ee94caf0b9 (patch) | |
| tree | 998c26ed6b20d880f438f797361f21169c68e4f6 | |
| parent | 679ae8bcbb234623eed83dd10bb9d051eefead4a (diff) | |
| parent | f19003258964a591f6d1114d2bfad7ee1ce17dfb (diff) | |
| download | garage-3e711bc110aaf2d7f84ac08062df27ee94caf0b9.tar.gz garage-3e711bc110aaf2d7f84ac08062df27ee94caf0b9.zip | |
Merge pull request 'don't modify postobject request before validating policy' (#850) from trinity-1686a/garage:fix-acl-postobject into main
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/850
| -rw-r--r-- | src/api/s3/post_object.rs | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/src/api/s3/post_object.rs b/src/api/s3/post_object.rs index 2c106b3b..ff2361f1 100644 --- a/src/api/s3/post_object.rs +++ b/src/api/s3/post_object.rs @@ -71,21 +71,11 @@ pub async fn handle_post_object( } if let Ok(content) = HeaderValue::from_str(&field.text().await?) { - match name.as_str() { - "tag" => (/* tag need to be reencoded, but we don't support them yet anyway */), - "acl" => { - if params.insert("x-amz-acl", content).is_some() { - return Err(Error::bad_request("Field 'acl' provided more than once")); - } - } - _ => { - if params.insert(&name, content).is_some() { - return Err(Error::bad_request(format!( - "Field '{}' provided more than once", - name - ))); - } - } + if params.insert(&name, content).is_some() { + return Err(Error::bad_request(format!( + "Field '{}' provided more than once", + name + ))); } } }; @@ -222,6 +212,8 @@ pub async fn handle_post_object( ))); } + // if we ever start supporting ACLs, we likely want to map "acl" to x-amz-acl" somewhere + // arround here to make sure the rest of the machinery takes our acl into account. let headers = get_headers(¶ms)?; let expected_checksums = ExpectedChecksums { |