@ -266,23 +266,45 @@ var supportedObjectActions = map[Action]struct{}{
// isObjectAction - returns whether action is object type or not.
func ( action Action ) isObjectAction ( ) bool {
_ , ok := supportedObjectActions [ action ]
return ok
for supAction := range supportedObjectActions {
if action . Match ( supAction ) {
return true
}
}
return false
}
// Match - matches object name with resource pattern.
// Match - matches action name with action patter .
func ( action Action ) Match ( a Action ) bool {
return wildcard . Match ( string ( action ) , string ( a ) )
}
// IsValid - checks if action is valid or not.
func ( action Action ) IsValid ( ) bool {
_ , ok := supportedActions [ action ]
return ok
for supAction := range supportedActions {
if action . Match ( supAction ) {
return true
}
}
return false
}
// actionConditionKeyMap - holds mapping of supported condition key for an action.
var actionConditionKeyMap = map [ Action ] condition . KeySet {
type actionConditionKeyMap map [ Action ] condition . KeySet
func ( a actionConditionKeyMap ) Lookup ( action Action ) ( condition . KeySet , bool ) {
var ckeysMerged = condition . KeySet { }
var found bool
for act , ckey := range a {
if action . Match ( act ) {
ckeysMerged . Merge ( ckey )
found = true
}
}
return ckeysMerged , found
}
// iamActionConditionKeyMap - holds mapping of supported condition key for an action.
var iamActionConditionKeyMap = actionConditionKeyMap {
AllActions : condition . NewKeySet ( condition . AllSupportedKeys ... ) ,
AbortMultipartUploadAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
@ -291,8 +313,6 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
DeleteBucketPolicyAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
DeleteObjectAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
GetBucketLocationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
GetBucketNotificationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
@ -303,6 +323,7 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
append ( [ ] condition . Key {
condition . S3XAmzServerSideEncryption ,
condition . S3XAmzServerSideEncryptionCustomerAlgorithm ,
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
HeadBucketAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
@ -335,6 +356,11 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
PutBucketPolicyAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
DeleteObjectAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
PutObjectAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3XAmzCopySource ,
@ -342,6 +368,7 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
condition . S3XAmzServerSideEncryptionCustomerAlgorithm ,
condition . S3XAmzMetadataDirective ,
condition . S3XAmzStorageClass ,
condition . S3VersionID ,
condition . S3ObjectLockRetainUntilDate ,
condition . S3ObjectLockMode ,
condition . S3ObjectLockLegalHold ,
@ -351,21 +378,32 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
// LockLegalHold is not supported with PutObjectRetentionAction
PutObjectRetentionAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3XAmzServerSideEncryption ,
condition . S3XAmzServerSideEncryptionCustomerAlgorithm ,
condition . S3ObjectLockRemainingRetentionDays ,
condition . S3ObjectLockRetainUntilDate ,
condition . S3ObjectLockMode ,
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectRetentionAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3XAmzServerSideEncryption ,
condition . S3XAmzServerSideEncryptionCustomerAlgorithm ,
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectRetentionAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutObjectLegalHoldAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3XAmzServerSideEncryption ,
condition . S3XAmzServerSideEncryptionCustomerAlgorithm ,
condition . S3ObjectLockLegalHold ,
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectLegalHoldAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
// https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html
BypassGovernanceRetentionAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
condition . S3ObjectLockRemainingRetentionDays ,
condition . S3ObjectLockRetainUntilDate ,
condition . S3ObjectLockMode ,
@ -376,11 +414,24 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
PutBucketObjectLockConfigurationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
GetBucketTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutBucketTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutObjectTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
GetObjectTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
DeleteObjectTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutObjectVersionTaggingAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutObjectTaggingAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectTaggingAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
DeleteObjectTaggingAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
PutObjectVersionTaggingAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectVersionAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
@ -399,8 +450,20 @@ var actionConditionKeyMap = map[Action]condition.KeySet{
} , condition . CommonKeys ... ) ... ) ,
GetReplicationConfigurationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
PutReplicationConfigurationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
ReplicateObjectAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
ReplicateDeleteAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
ReplicateTagsAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
GetObjectVersionForReplicationAction : condition . NewKeySet ( condition . CommonKeys ... ) ,
ReplicateObjectAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
ReplicateDeleteAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
ReplicateTagsAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
GetObjectVersionForReplicationAction : condition . NewKeySet (
append ( [ ] condition . Key {
condition . S3VersionID ,
} , condition . CommonKeys ... ) ... ) ,
}