Bug #52716
closedincorrect multipart upload owner, access denied when listing parts of multipart upload by bucket owner
100%
Description
Hello!
When receiving information about the owner of a multipart upload, an incorrect owner is displayed. The user under whom the information was requested as the owner is displayed. Here are some examples:
I created multipart upload by user 10021_r1, but when I get information about this multipart upload by another user - 10021 (bucket owner) I get this user as the owner:
$ aws s3api list-multipart-uploads --bucket test-r1
{
"Uploads": [
{
"UploadId": "2~O2mADkKD31FWs_DYa95z4f2Aa-aAtEk",
"Key": "ubuntu-20.04.1-desktop-amd64.iso",
"Initiated": "2021-09-22T05:25:54.039000+00:00",
"StorageClass": "STANDARD",
"Owner": {
"DisplayName": "10021",
"ID": "1aee1bc35a500632a0ae8a828a70be72"
},
"Initiator": {
"ID": "1aee1bc35a500632a0ae8a828a70be72",
"DisplayName": "10021"
}
},
When I get same information with user 10021_r1 I get this info:
$ aws s3api list-multipart-uploads --bucket test-r1
{
"Uploads": [
{
"UploadId": "2~O2mADkKD31FWs_DYa95z4f2Aa-aAtEk",
"Key": "ubuntu-20.04.1-desktop-amd64.iso",
"Initiated": "2021-09-22T05:25:54.039000+00:00",
"StorageClass": "STANDARD",
"Owner": {
"DisplayName": "10021_r1",
"ID": "ec97fbcff9b95c0fe33749970e470f15"
},
"Initiator": {
"ID": "ec97fbcff9b95c0fe33749970e470f15",
"DisplayName": "10021_r1"
}
},
There is no such problem with non-multipart objects, owner always displays correctly.
Second issue. Parts of multipart upload cannot be listed with bucket owner (user 10021 in my case), but multipart uploads lists fine. Some examples:
I can list multipart uploads (but with incorrect owner):
$ aws s3api list-multipart-uploads --bucket test-r1
{
"Uploads": [
{
"UploadId": "2~O2mADkKD31FWs_DYa95z4f2Aa-aAtEk",
"Key": "ubuntu-20.04.1-desktop-amd64.iso",
"Initiated": "2021-09-22T05:25:54.039000+00:00",
"StorageClass": "STANDARD",
"Owner": {
"DisplayName": "10021",
"ID": "1aee1bc35a500632a0ae8a828a70be72"
},
"Initiator": {
"ID": "1aee1bc35a500632a0ae8a828a70be72",
"DisplayName": "10021"
}
},
And I can't list it's parts:
$ aws s3api list-parts --bucket test-r1 --key ubuntu-20.04.1-desktop-amd64.iso --upload-id 2~O2mADkKD31FWs_DYa95z4f2Aa-aAtEk An error occurred (AccessDenied) when calling the ListParts operation: Unknown