Bug #20252
closedRGW:RGWPutBucketPolicy error when set BucketPolicy again without delete pre set Policy
0%
Description
hi,when i create a bucket and set policy to the bucket,use
s3cmd setpolicy 2-referpolicy s3://test1
it set policy success. but when i rerun
s3cmd setpolicy 2-referpolicy s3://test1
and
then
s3cmd ls s3://test1
and it return 403 access deny,
and i found it is rapidjson::KParseErrorDocumentRootNotSigngular error,
and i found the policy turn to be
"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [{\n \"Effect\": \"Allow\",\n \"Principal\": \"*\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": [\n \"arn:aws:s3:::test3/*\"\n ],\n \"Condition\": {\n \"StringLike\": {\n \"aws:Referer\": \"http://www.baidu.com\"\n }\n }\n }]\n}\n{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":[\"arn:aws:s3:::test3/*\"],\"Condition\":{\"StringLike\":{\"aws:Referer\":\"http://www.baidu.com\"}}}]}\n"
yes, it append to the pre set policy, rather to take place of it.
so, we need to clear() before append
https://github.com/ceph/ceph/pull/15617 this pr fix the problem