fix doc

weed/s3api/policy_conversion.go

@@ -9,10 +9,11 @@ import (
 )
 
 // ConvertPolicyDocumentToPolicyEngine converts a policy.PolicyDocument to policy_engine.PolicyDocument
-// This function provides efficient type conversion without JSON marshaling overhead.
+// This function provides type-safe conversion with explicit field mapping and error handling.
 // It handles the differences between the two types:
 // - Converts []string fields to StringOrStringSlice
-// - Maps Condition types
+// - Maps Condition types with type validation
+// - Converts Principal fields with support for AWS principals only
 // - Handles optional fields (Id, NotPrincipal, NotAction, NotResource are ignored in policy_engine)
 //
 // Returns an error if the policy contains unsupported types or malformed data.

weed/s3api/s3api_bucket_policy_engine.go

@@ -49,8 +49,8 @@ func (bpe *BucketPolicyEngine) LoadBucketPolicy(bucket string, entry *filer_pb.E
 
 // LoadBucketPolicyFromCache loads a bucket policy from a cached BucketConfig
 //
-// This function uses a direct conversion function to efficiently convert between
-// policy.PolicyDocument and policy_engine.PolicyDocument without JSON marshaling overhead.
+// This function uses a type-safe conversion function to convert between
+// policy.PolicyDocument and policy_engine.PolicyDocument with explicit field mapping and error handling.
 func (bpe *BucketPolicyEngine) LoadBucketPolicyFromCache(bucket string, policyDoc *policy.PolicyDocument) error {
 	if policyDoc == nil {
 		// No policy for this bucket - remove it if it exists