api: Add new bucket policy nesting error (#1883)

* Added ErrPolicyNesting which is returned when nesting of policies has occured
* Replaces ErrMalformedPolicy in the case of nesting
* Changed test case in bucket-policy-parser_test.go (ErrMalformedPolicy -> ErrPolicyNesting)
master
Aakash Muttineni 9 years ago committed by Harshavardhana
parent f2765d98a8
commit 6f3bd76754
  1. 6
      api-errors.go
  2. 2
      bucket-policy-parser.go
  3. 4
      bucket-policy-parser_test.go

@ -109,6 +109,7 @@ const (
ErrWriteQuorum
ErrStorageFull
ErrObjectExistsAsDirectory
ErrPolicyNesting
)
// error code to APIError structure, these fields carry respective
@ -415,6 +416,11 @@ var errorCodeResponse = map[APIErrorCode]APIError{
Description: "Multiple disks failures, unable to write data.",
HTTPStatusCode: http.StatusServiceUnavailable,
},
ErrPolicyNesting: {
Code: "XMinioPolicyNesting",
Description: "Policy nesting conflict has occurred.",
HTTPStatusCode: http.StatusConflict,
},
// Add your error structure here.
}

@ -255,7 +255,7 @@ func checkBucketPolicyResources(bucket string, bucketPolicy BucketPolicy) APIErr
for _, otherResource := range resources {
// Common prefix reject such rules.
if strings.HasPrefix(otherResource, resource) {
return ErrMalformedPolicy
return ErrPolicyNesting
}
}
}

@ -514,8 +514,8 @@ func TestCheckBucketPolicyResources(t *testing.T) {
{bucketAccessPolicies[4], ErrMalformedPolicy, false},
// Test case - 6.
// contructing policy statement with recursive resources.
// should result in ErrMalformedPolicy.
{bucketAccessPolicies[5], ErrMalformedPolicy, false},
// should result in ErrPolicyNesting.
{bucketAccessPolicies[5], ErrPolicyNesting, false},
// Test case - 7.
// constructing policy statement with lexically close
// characters.

Loading…
Cancel
Save