rgw: policy: modify s3:ListBucketMultiPartUploads to s3:ListBucketMul…

…tipartUploads according to AWS S3, the permission keyword should be s3ListBucketMultipartUploads rather than s3:ListBucketMultiPartUploads. all operation permission list in AWS S3 as follows: https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html?shortFooter=true Signed-off-by: xiangxiang <xiangxiang@xsky.com>
ceph · Mar 20, 2018 · 6276cf7 · 6276cf7
1 parent f22a901
commit 6276cf7
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/src/rgw/rgw_iam_policy.cc b/src/rgw/rgw_iam_policy.cc
@@ -422,7 +422,7 @@ static const actpair actpairs[] =
  { "s3:GetObjectVersionTagging", s3GetObjectVersionTagging},
  { "s3:GetReplicationConfiguration", s3GetReplicationConfiguration },
  { "s3:ListAllMyBuckets", s3ListAllMyBuckets },
- { "s3:ListBucketMultiPartUploads", s3ListBucketMultiPartUploads },
+ { "s3:ListBucketMultipartUploads", s3ListBucketMultipartUploads },
  { "s3:ListBucket", s3ListBucket },
  { "s3:ListBucketVersions", s3ListBucketVersions },
  { "s3:ListMultipartUploadParts", s3ListMultipartUploadParts },
@@ -1325,8 +1325,8 @@ const char* action_bit_string(uint64_t action) {
   case s3ListAllMyBuckets:
     return "s3:ListAllMyBuckets";
 
-  case s3ListBucketMultiPartUploads:
-    return "s3:ListBucketMultiPartUploads";
+  case s3ListBucketMultipartUploads:
+    return "s3:ListBucketMultipartUploads";
 
   case s3GetAccelerateConfiguration:
     return "s3:GetAccelerateConfiguration";

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
@@ -5808,7 +5808,7 @@ void RGWListMultipart::execute()
 int RGWListBucketMultiparts::verify_permission()
 {
   if (!verify_bucket_permission(s,
-				rgw::IAM::s3ListBucketMultiPartUploads))
+				rgw::IAM::s3ListBucketMultipartUploads))
     return -EACCES;
 
   return 0;

diff --git a/src/test/rgw/test_rgw_iam_policy.cc b/src/test/rgw/test_rgw_iam_policy.cc
@@ -70,7 +70,7 @@ using rgw::IAM::s3GetReplicationConfiguration;
 using rgw::IAM::s3ListAllMyBuckets;
 using rgw::IAM::s3ListBucket;
 using rgw::IAM::s3ListBucket;
-using rgw::IAM::s3ListBucketMultiPartUploads;
+using rgw::IAM::s3ListBucketMultipartUploads;
 using rgw::IAM::s3ListBucketVersions;
 using rgw::IAM::s3ListMultipartUploadParts;
 using rgw::IAM::s3None;
@@ -314,7 +314,7 @@ TEST_F(PolicyTest, Parse3) {
   EXPECT_EQ(p->statements[2].action, (s3ListMultipartUploadParts |
 				      s3ListBucket | s3ListBucketVersions |
 				      s3ListAllMyBuckets |
-				      s3ListBucketMultiPartUploads |
+				      s3ListBucketMultipartUploads |
 				      s3GetObject | s3GetObjectVersion |
 				      s3GetObjectAcl | s3GetObjectVersionAcl |
 				      s3GetObjectTorrent |
@@ -369,7 +369,7 @@ TEST_F(PolicyTest, Eval3) {
 
   auto s3allow = (s3ListMultipartUploadParts | s3ListBucket |
 		  s3ListBucketVersions | s3ListAllMyBuckets |
-		  s3ListBucketMultiPartUploads | s3GetObject |
+		  s3ListBucketMultipartUploads | s3GetObject |
 		  s3GetObjectVersion | s3GetObjectAcl | s3GetObjectVersionAcl |
 		  s3GetObjectTorrent | s3GetObjectVersionTorrent |
 		  s3GetAccelerateConfiguration | s3GetBucketAcl |