Public/minio
1
0
Fork 0
forked from Mirrors/minio
Code Pull Requests Actions 2 Activity

fix: multiObjectDelete by passing versionId for authorization (#16562)

Browse Source
This commit is contained in:
Harshavardhana
2023-02-07 18:31:00 -08:00
committed by GitHub
parent 747d475e76
commit 84fe4fd156
4 changed files with 138 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/auth-handler.go
View File

@@ -300,6 +300,17 @@ func checkRequestAuthType(ctx context.Context, r *http.Request, action policy.Ac
return s3Err
}
// checkRequestAuthTypeWithVID is similar to checkRequestAuthType
// passes versionID additionally.
func checkRequestAuthTypeWithVID(ctx context.Context, r *http.Request, action policy.Action, bucketName, objectName, versionID string) (s3Err APIErrorCode) {
logger.GetReqInfo(ctx).BucketName = bucketName
logger.GetReqInfo(ctx).ObjectName = objectName
logger.GetReqInfo(ctx).VersionID = versionID
_, _, s3Err = checkRequestAuthTypeCredential(ctx, r, action)
return s3Err
}
func authenticateRequest(ctx context.Context, r *http.Request, action policy.Action) (s3Err APIErrorCode) {
if logger.GetReqInfo(ctx) == nil {
logger.LogIf(ctx, errors.New("unexpected context.Context does not have a logger.ReqInfo"), logger.Minio)