Merge pull request 'don't modify postobject request before validating policy' (#850) from trinity-1686a/garage:fix-acl-postobject into main

Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/850

1 files changed, 7 insertions, 15 deletions

diff --git a/src/api/s3/post_object.rs b/src/api/s3/post_object.rs
index 2c106b3b..ff2361f1 100644
--- a/src/api/s3/post_object.rs
+++ b/src/api/s3/post_object.rs
@@ -71,21 +71,11 @@ pub async fn handle_post_object(
 		}
 
 		if let Ok(content) = HeaderValue::from_str(&field.text().await?) {
-			match name.as_str() {
-				"tag" => (/* tag need to be reencoded, but we don't support them yet anyway */),
-				"acl" => {
-					if params.insert("x-amz-acl", content).is_some() {
-						return Err(Error::bad_request("Field 'acl' provided more than once"));
-					}
-				}
-				_ => {
-					if params.insert(&name, content).is_some() {
-						return Err(Error::bad_request(format!(
-							"Field '{}' provided more than once",
-							name
-						)));
-					}
-				}
+			if params.insert(&name, content).is_some() {
+				return Err(Error::bad_request(format!(
+					"Field '{}' provided more than once",
+					name
+				)));
 			}
 		}
 	};
@@ -222,6 +212,8 @@ pub async fn handle_post_object(
 		)));
 	}
 
+	// if we ever start supporting ACLs, we likely want to map "acl" to x-amz-acl" somewhere
+	// arround here to make sure the rest of the machinery takes our acl into account.
 	let headers = get_headers(&params)?;
 
 	let expected_checksums = ExpectedChecksums {