oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gateway: Restore bucket policy functionality for Azure (#4209)

Browse Source
master
Krishna Srinivas 8 years ago committed by Harshavardhana
parent 8b272a3163
commit 4aa65910e5
1 changed files with 44 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 47
      cmd/gateway-azure.go

47
cmd/gateway-azure.go
Unescape View File

@ -599,15 +599,56 @@ func azureListBlobsGetParameters(p storage.ListBlobsParameters) url.Values {
// As the common denominator for minio and azure is readonly and none, we support // As the common denominator for minio and azure is readonly and none, we support
// these two policies at the bucket level. // these two policies at the bucket level.
func (a AzureObjects) SetBucketPolicies(bucket string, policyInfo policy.BucketAccessPolicy) error { func (a AzureObjects) SetBucketPolicies(bucket string, policyInfo policy.BucketAccessPolicy) error {
return traceError(NotSupported{}) var policies []BucketAccessPolicy
for prefix, policy := range policy.GetPolicies(policyInfo.Statements, bucket) {
policies = append(policies, BucketAccessPolicy{
Prefix: prefix,
Policy: policy,
})
}
prefix := bucket + "/*" // For all objects inside the bucket.
if len(policies) != 1 {
return traceError(NotImplemented{})
}
if policies[0].Prefix != prefix {
return traceError(NotImplemented{})
}
if policies[0].Policy != policy.BucketPolicyReadOnly {
return traceError(NotImplemented{})
}
perm := storage.ContainerPermissions{
AccessType: storage.ContainerAccessTypeContainer,
AccessPolicies: nil,
}
err := a.client.SetContainerPermissions(bucket, perm, 0, "")
return azureToObjectError(traceError(err), bucket)
} }
// GetBucketPolicies - Get the container ACL and convert it to canonical []bucketAccessPolicy // GetBucketPolicies - Get the container ACL and convert it to canonical []bucketAccessPolicy
func (a AzureObjects) GetBucketPolicies(bucket string) (policy.BucketAccessPolicy, error) { func (a AzureObjects) GetBucketPolicies(bucket string) (policy.BucketAccessPolicy, error) {
return policy.BucketAccessPolicy{}, traceError(NotSupported{}) policyInfo := policy.BucketAccessPolicy{Version: "2012-10-17"}
perm, err := a.client.GetContainerPermissions(bucket, 0, "")
if err != nil {
return policy.BucketAccessPolicy{}, azureToObjectError(traceError(err), bucket)
}
switch perm.AccessType {
case storage.ContainerAccessTypePrivate:
// Do nothing
case storage.ContainerAccessTypeContainer:
policyInfo.Statements = policy.SetPolicy(policyInfo.Statements, policy.BucketPolicyReadOnly, bucket, "")
default:
return policy.BucketAccessPolicy{}, azureToObjectError(traceError(NotImplemented{}))
}
return policyInfo, nil
} }
// DeleteBucketPolicies - Set the container ACL to "private" // DeleteBucketPolicies - Set the container ACL to "private"
func (a AzureObjects) DeleteBucketPolicies(bucket string) error { func (a AzureObjects) DeleteBucketPolicies(bucket string) error {
return traceError(NotSupported{}) perm := storage.ContainerPermissions{
AccessType: storage.ContainerAccessTypePrivate,
AccessPolicies: nil,
}
err := a.client.SetContainerPermissions(bucket, perm, 0, "")
return azureToObjectError(traceError(err))
} }

Write Preview
Loading…
Cancel
Save