From b25661c6df5ac23110e2ae29315554d3511edacd Mon Sep 17 00:00:00 2001 From: Chris Lu Date: Tue, 2 Nov 2021 13:13:36 -0700 Subject: [PATCH] s3: skip permission checking for creating bucket if the bucket already exists fix https://github.com/chrislusf/seaweedfs/issues/2417 Rclone was trying to create the bucket even though the bucket already exists. --- weed/s3api/s3api_bucket_handlers.go | 5 +++++ weed/s3api/s3api_server.go | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/weed/s3api/s3api_bucket_handlers.go b/weed/s3api/s3api_bucket_handlers.go index e343830ff..1c5d45dfa 100644 --- a/weed/s3api/s3api_bucket_handlers.go +++ b/weed/s3api/s3api_bucket_handlers.go @@ -111,6 +111,11 @@ func (s3a *S3ApiServer) PutBucketHandler(w http.ResponseWriter, r *http.Request) return } + if _, errCode = s3a.iam.authRequest(r, s3_constants.ACTION_ADMIN); errCode != s3err.ErrNone { + s3err.WriteErrorResponse(w, r, errCode) + return + } + fn := func(entry *filer_pb.Entry) { if identityId := r.Header.Get(xhttp.AmzIdentityId); identityId != "" { if entry.Extended == nil { diff --git a/weed/s3api/s3api_server.go b/weed/s3api/s3api_server.go index 1f948a9cb..3b0d555ce 100644 --- a/weed/s3api/s3api_server.go +++ b/weed/s3api/s3api_server.go @@ -137,7 +137,7 @@ func (s3a *S3ApiServer) registerRouter(router *mux.Router) { bucket.Methods("GET").HandlerFunc(track(s3a.iam.Auth(s3a.ListObjectsV1Handler, ACTION_LIST), "LIST")) // PutBucket - bucket.Methods("PUT").HandlerFunc(track(s3a.iam.Auth(s3a.PutBucketHandler, ACTION_ADMIN), "PUT")) + bucket.Methods("PUT").HandlerFunc(track(s3a.PutBucketHandler, "PUT")) // DeleteBucket bucket.Methods("DELETE").HandlerFunc(track(s3a.iam.Auth(s3a.DeleteBucketHandler, ACTION_WRITE), "DELETE"))