Returns whether given bucket statements are used by other than given prefix statements.
(statements []Statement, bucketName, prefix string)
| 244 | |
| 245 | // Returns whether given bucket statements are used by other than given prefix statements. |
| 246 | func getInUsePolicy(statements []Statement, bucketName, prefix string) (readOnlyInUse, writeOnlyInUse bool) { |
| 247 | resourcePrefix := awsResourcePrefix + bucketName + "/" |
| 248 | objectResource := awsResourcePrefix + bucketName + "/" + prefix + "*" |
| 249 | |
| 250 | for _, s := range statements { |
| 251 | if !s.Resources.Contains(objectResource) && !s.Resources.FuncMatch(startsWithFunc, resourcePrefix).IsEmpty() { |
| 252 | if s.Actions.Intersection(readOnlyObjectActions).Equals(readOnlyObjectActions) { |
| 253 | readOnlyInUse = true |
| 254 | } |
| 255 | |
| 256 | if s.Actions.Intersection(writeOnlyObjectActions).Equals(writeOnlyObjectActions) { |
| 257 | writeOnlyInUse = true |
| 258 | } |
| 259 | } |
| 260 | if readOnlyInUse && writeOnlyInUse { |
| 261 | break |
| 262 | } |
| 263 | } |
| 264 | |
| 265 | return readOnlyInUse, writeOnlyInUse |
| 266 | } |
| 267 | |
| 268 | // Removes object actions in given statement. |
| 269 | func removeObjectActions(statement Statement, objectResource string) Statement { |