28 lines
688 B

  1. package s3api
  2. import (
  3. "github.com/seaweedfs/seaweedfs/weed/s3api/s3_constants"
  4. "github.com/seaweedfs/seaweedfs/weed/s3api/s3err"
  5. "net/http"
  6. )
  7. func getAccountId(r *http.Request) string {
  8. id := r.Header.Get(s3_constants.AmzAccountId)
  9. if len(id) == 0 {
  10. return AccountAnonymous.Id
  11. } else {
  12. return id
  13. }
  14. }
  15. func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s3err.ErrorCode {
  16. metadata, errCode := s3a.bucketRegistry.GetBucketMetadata(bucket)
  17. if errCode != s3err.ErrNone {
  18. return errCode
  19. }
  20. accountId := getAccountId(r)
  21. if accountId == AccountAdmin.Id || accountId == *metadata.Owner.ID {
  22. return s3err.ErrNone
  23. }
  24. return s3err.ErrAccessDenied
  25. }