|
|
@ -30,11 +30,10 @@ func (s3a *S3ApiServer) checkAccessByOwnership(r *http.Request, bucket string) s |
|
|
|
return s3err.ErrAccessDenied |
|
|
|
} |
|
|
|
|
|
|
|
func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request) (owner string, grants []*s3.Grant, errCode s3err.ErrorCode) { |
|
|
|
func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request, objectOwnership string) (owner string, grants []*s3.Grant, errCode s3err.ErrorCode) { |
|
|
|
accountId := s3acl.GetAccountId(r) |
|
|
|
|
|
|
|
ownership := s3_constants.DefaultOwnershipForCreate |
|
|
|
if ownership == s3_constants.OwnershipBucketOwnerEnforced { |
|
|
|
if objectOwnership == s3_constants.OwnershipBucketOwnerEnforced { |
|
|
|
return accountId, []*s3.Grant{ |
|
|
|
{ |
|
|
|
Permission: &s3_constants.PermissionFullControl, |
|
|
@ -45,6 +44,6 @@ func (s3a *S3ApiServer) ExtractBucketAcp(r *http.Request) (owner string, grants |
|
|
|
}, |
|
|
|
}, s3err.ErrNone |
|
|
|
} else { |
|
|
|
return s3acl.ParseAndValidateAclHeadersOrElseDefault(r, s3a.accountManager, ownership, accountId, accountId, false) |
|
|
|
return s3acl.ParseAndValidateAclHeadersOrElseDefault(r, s3a.accountManager, objectOwnership, accountId, accountId, false) |
|
|
|
} |
|
|
|
} |