fmorg-git opened a new pull request, #10688: URL: https://github.com/apache/ozone/pull/10688
Please describe your PR in detail: * [RANGER-5667](https://issues.apache.org/jira/browse/RANGER-5667) makes a fix such that if a role has an action-matches condition with a value (such as PutObject), and in the incoming RequestContext.s3Action is null/empty, then the request is denied. Most of the S3 requests have an action associated, however, there are two edge cases currently where the RequestContext.s3Action is null: 1) in CopyObject with expected-bucket-owner/expected-source-bucket-owner headers 2) in UploadPartCopy with expected-bucket-owner/expected-source-bucket-owner headers. This PR ensures that the bucket owner verification condition checks are have s3 action associated with them so that the Ranger authorization checks will pass. ## What is the link to the Apache JIRA https://issues.apache.org/jira/browse/HDDS-15771 ## How was this patch tested? unit tests and smoke tests -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
