Skip to content

Commit

Permalink
core: Implement native GetBucketPolicy, PutBucketPolicy
Browse files Browse the repository at this point in the history 
This is implemented to address the problems of applications
wanting to validate the entire bucket policy in a custom
manner.

Fixes #659

Refer minio/minio#4131
  • Loading branch information
@harshavardhana @minio-trusted
harshavardhana authored and minio-trusted committed Apr 23, 2017
1 parent de5a907 commit ff3862d
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 5 deletions.
6 changes: 3 additions & 3 deletions api-get-policy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ func (c Client) GetBucketPolicy(bucketName, objectPrefix string) (bucketPolicy p
if err := isValidObjectPrefix(objectPrefix); err != nil {
return policy.BucketPolicyNone, err
}
policyInfo, err := c.getBucketPolicy(bucketName, objectPrefix)
policyInfo, err := c.getBucketPolicy(bucketName)
if err != nil {
return policy.BucketPolicyNone, err
}
Expand All @@ -50,15 +50,15 @@ func (c Client) ListBucketPolicies(bucketName, objectPrefix string) (bucketPolic
if err := isValidObjectPrefix(objectPrefix); err != nil {
return map[string]policy.BucketPolicy{}, err
}
policyInfo, err := c.getBucketPolicy(bucketName, objectPrefix)
policyInfo, err := c.getBucketPolicy(bucketName)
if err != nil {
return map[string]policy.BucketPolicy{}, err
}
return policy.GetPolicies(policyInfo.Statements, bucketName), nil
}

// Request server for current bucket policy.
func (c Client) getBucketPolicy(bucketName string, objectPrefix string) (policy.BucketAccessPolicy, error) {
func (c Client) getBucketPolicy(bucketName string) (policy.BucketAccessPolicy, error) {
// Get resources properly escaped and lined up before
// using them in http request.
urlValues := make(url.Values)
Expand Down
4 changes: 3 additions & 1 deletion api-put-bucket.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,10 +157,12 @@ func (c Client) SetBucketPolicy(bucketName string, objectPrefix string, bucketPo
if err := isValidObjectPrefix(objectPrefix); err != nil {
return err
}

if !bucketPolicy.IsValidBucketPolicy() {
return ErrInvalidArgument(fmt.Sprintf("Invalid bucket policy provided. %s", bucketPolicy))
}
policyInfo, err := c.getBucketPolicy(bucketName, objectPrefix)

policyInfo, err := c.getBucketPolicy(bucketName)
if err != nil {
return err
}
Expand Down
16 changes: 15 additions & 1 deletion core.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,11 @@

package minio

import "io"
import (
"io"

"github.com/minio/minio-go/pkg/policy"
)

// Core - Inherits Client and adds new methods to expose the low level S3 APIs.
type Core struct {
Expand Down Expand Up @@ -84,3 +88,13 @@ func (c Core) CompleteMultipartUpload(bucket, object, uploadID string, parts []C
func (c Core) AbortMultipartUpload(bucket, object, uploadID string) error {
return c.abortMultipartUpload(bucket, object, uploadID)
}

// GetBucketPolicy - fetches bucket access policy for a given bucket.
func (c Core) GetBucketPolicy(bucket string) (policy.BucketAccessPolicy, error) {
return c.getBucketPolicy(bucket)
}

// PutBucketPolicy - applies a new bucket access policy for a given bucket.
func (c Core) PutBucketPolicy(bucket string, bucketPolicy policy.BucketAccessPolicy) error {
return c.putBucketPolicy(bucket, bucketPolicy)
}

0 comments on commit ff3862d

Please sign in to comment.