Bug #9918
closedRGW-Swift: SubUser access permissions, does not seems to work
0%
Description
Create users and sub-users in generic development env:-
This is relevant json DS:-
{ "user_id": "user1",
"display_name": "user1",
"email": "user1@example.com",
"suspended": 0,
"max_buckets": 1000,
"auid": 0,
"subusers": [
{ "id": "user1:swift1",
"permissions": "full-control"},
{ "id": "user1:swift2",
"permissions": "read"},
{ "id": "user1:swift3",
"permissions": "write"},
{ "id": "user1:swift4",
"permissions": "read-write"},
{ "id": "user1:swift5",
"permissions": "<none>"}],
"keys": [
{ "user": "user1:swift4",
"access_key": "4J7FO4IZW63YQEH42FKQ",
"secret_key": ""},
{ "user": "user1",
"access_key": "6RIZLYSYHWZTCJ81D3GO",
"secret_key": "yFTRybtfAzkvE78Qj5jsOvEXMh9UpkfcW7+CbHAE"},
{ "user": "user1:swift1",
"access_key": "LDOBACLH59CCO9MGACQN",
"secret_key": ""},
{ "user": "user1:swift3",
"access_key": "P4SS99U47QPH6XHJNISW",
"secret_key": ""},
{ "user": "user1:swift5",
"access_key": "WFL4BUHOSF5D3JJLL72X",
"secret_key": ""},
{ "user": "user1:swift2",
"access_key": "X4SIHZ92FNY824EAOO49",
"secret_key": ""}],
"swift_keys": [
{ "user": "user1:swift1",
"secret_key": "asdf"},
{ "user": "user1:swift2",
"secret_key": "asdf"},
{ "user": "user1:swift3",
"secret_key": "asdf"},
{ "user": "user1:swift4",
"secret_key": "asdf"},
{ "user": "user1:swift5",
"secret_key": "asdf"}],
"caps": [],
"op_mask": "read, write, delete",
"default_placement": "",
"placement_tags": [],
"bucket_quota": { "enabled": false,
"max_size_kb": -1,
"max_objects": -1},
"user_quota": { "enabled": false,
"max_size_kb": -1,
"max_objects": -1},
"temp_url_keys": []}
There is no affect of any access permission, all of the following operations were successful:-
- swift -A http://localhost:8000/auth -U user1:swift1 -K asdf upload fullctrl region.txt
- swift -A http://localhost:8000/auth -U user1:swift2 -K asdf upload readonly region.txt
- swift -A http://localhost:8000/auth -U user1:swift3 -K asdf upload writeonly region.txt
- swift -A http://localhost:8000/auth -U user1:swift4 -K asdf upload readwrite region.txt
- swift -A http://localhost:8000/auth -U user1:swift3 -K asdf download writeonly region.txt
- swift -A http://localhost:8000/auth -U user1:swift5 -K asdf upload noaccess region.txt