ChenSammi commented on code in PR #9306:
URL: https://github.com/apache/ozone/pull/9306#discussion_r2564495516
##########
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/iam/IamSessionPolicyResolver.java:
##########
@@ -352,21 +369,255 @@ static Set<S3Action>
mapPolicyActionsToS3Actions(Set<String> actions) {
* <p>
* It also validates that the Resource Arn(s) are valid and supported.
*/
- private static Set<ResourceSpec>
validateAndCategorizeResources(AuthorizerType authorizerType,
+ @VisibleForTesting
+ static Set<ResourceSpec> validateAndCategorizeResources(AuthorizerType
authorizerType,
Set<String> resources) throws OMException {
- // TODO implement in future PR
- return Collections.emptySet();
+ final Set<ResourceSpec> resourceSpecs = new HashSet<>();
+ if (resources.isEmpty()) {
+ throw new OMException("No Resource(s) found in policy", INVALID_REQUEST);
+ }
+ for (String resource : resources) {
+ if ("*".equals(resource)) {
Review Comment:
Resource is pure "*" without AWS_S3_ARN_PREFIX header?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
