s3api_acp.go 763 B

1234567891011121314151617181920212223242526272829
  1. package s3api
  2. import (
  3. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  4. "github.com/seaweedfs/seaweedfs/weed/s3api/s3account"
  5. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  6. "net/http"
  7. )
  8. func getAccountId(r *http.Request) string {
  9. id := r.Header.Get(s3_constants.AmzAccountId)
  10. if len(id) == 0 {
  11. return s3account.AccountAnonymous.Id
  12. } else {
  13. return id
  14. }
  15. }
  16. func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s3err.ErrorCode {
  17. metadata, errCode := s3a.bucketRegistry.GetBucketMetadata(bucket)
  18. if errCode != s3err.ErrNone {
  19. return errCode
  20. }
  21. accountId := getAccountId(r)
  22. if accountId == s3account.AccountAdmin.Id || accountId == *metadata.Owner.ID {
  23. return s3err.ErrNone
  24. }
  25. return s3err.ErrAccessDenied
  26. }