From d6f6bf4ce7aebe517a736bc5868e324257b53b17 Mon Sep 17 00:00:00 2001
From: Chris Lu <chris.lu@gmail.com>
Date: Wed, 28 Jan 2026 13:31:53 -0800
Subject: [PATCH] s3tables: remove unused ExtractPrincipalFromContext function

Removed the unused ExtractPrincipalFromContext utility and its
accompanying iam/utils import to keep the new s3tables codebase clean.
---
 weed/s3api/s3tables/permissions.go | 27 ---------------------------
 1 file changed, 27 deletions(-)

diff --git a/weed/s3api/s3tables/permissions.go b/weed/s3api/s3tables/permissions.go
index d32cbd269..52ade3978 100644
--- a/weed/s3api/s3tables/permissions.go
+++ b/weed/s3api/s3tables/permissions.go
@@ -2,9 +2,6 @@ package s3tables
 
 import (
 	"fmt"
-	"strings"
-
-	"github.com/seaweedfs/seaweedfs/weed/iam/utils"
 )
 
 // Permission represents a specific action permission
@@ -193,30 +190,6 @@ func CanManageTags(principal, owner string) bool {
 	return CheckPermission("TagResource", principal, owner)
 }
 
-// ExtractPrincipalFromContext extracts the principal (account ID) from request context
-// For now, this returns the owner/creator, but can be extended to parse from request headers/certs
-func ExtractPrincipalFromContext(contextID string) string {
-	// Try to parse as ARN first
-	if strings.HasPrefix(contextID, "arn:") {
-		info := utils.ParsePrincipalARN(contextID)
-		if info.AccountID != "" {
-			return info.AccountID
-		}
-		if info.RoleName != "" {
-			return info.RoleName
-		}
-	}
-
-	// Extract from context, e.g., "user123" or "account-id"
-	// This is a simplified version - in production, this would parse AWS auth headers
-	// TODO: Parse AWS Signature V4 identity or mTLS identity
-	if strings.Contains(contextID, ":") {
-		parts := strings.Split(contextID, ":")
-		return parts[0]
-	}
-	return contextID
-}
-
 // AuthError represents an authorization error
 type AuthError struct {
 	Operation string