MCPcopy
hub / github.com/minio/minio-go / removeBucketActions

Function removeBucketActions

pkg/policy/bucket-policy.go:283–341  ·  view source on GitHub ↗

Removes bucket actions for given policy in given statement.

(statement Statement, prefix, bucketResource string, readOnlyInUse, writeOnlyInUse bool)

Source from the content-addressed store, hash-verified

281
282// Removes bucket actions for given policy in given statement.
283func removeBucketActions(statement Statement, prefix, bucketResource string, readOnlyInUse, writeOnlyInUse bool) Statement {
284 removeReadOnly := func() {
285 if !statement.Actions.Intersection(readOnlyBucketActions).Equals(readOnlyBucketActions) {
286 return
287 }
288
289 if statement.Conditions == nil {
290 statement.Actions = statement.Actions.Difference(readOnlyBucketActions)
291 return
292 }
293
294 if prefix != "" {
295 stringEqualsValue := statement.Conditions["StringEquals"]
296 values := set.NewStringSet()
297 if stringEqualsValue != nil {
298 values = stringEqualsValue["s3:prefix"]
299 if values == nil {
300 values = set.NewStringSet()
301 }
302 }
303
304 values.Remove(prefix)
305
306 if stringEqualsValue != nil {
307 if values.IsEmpty() {
308 delete(stringEqualsValue, "s3:prefix")
309 }
310 if len(stringEqualsValue) == 0 {
311 delete(statement.Conditions, "StringEquals")
312 }
313 }
314
315 if len(statement.Conditions) == 0 {
316 statement.Conditions = nil
317 statement.Actions = statement.Actions.Difference(readOnlyBucketActions)
318 }
319 }
320 }
321
322 removeWriteOnly := func() {
323 if statement.Conditions == nil {
324 statement.Actions = statement.Actions.Difference(writeOnlyBucketActions)
325 }
326 }
327
328 if len(statement.Resources) > 1 {
329 statement.Resources.Remove(bucketResource)
330 } else {
331 if !readOnlyInUse {
332 removeReadOnly()
333 }
334
335 if !writeOnlyInUse {
336 removeWriteOnly()
337 }
338 }
339
340 return statement

Callers 1

removeStatementsFunction · 0.85

Calls 7

RemoveMethod · 0.95
IsEmptyMethod · 0.95
NewStringSetFunction · 0.92
EqualsMethod · 0.45
IntersectionMethod · 0.45
DifferenceMethod · 0.45
RemoveMethod · 0.45

Tested by

no test coverage detected