From 78dc08bdc249940a0c2fe7f50126c4bda7ee22a5 Mon Sep 17 00:00:00 2001
From: Poorna Krishnamoorthy <poornas@users.noreply.github.com>
Date: Thu, 16 Sep 2021 02:02:16 -0400
Subject: [PATCH] remove s3:ReplicateDelete permission check from DeleteObject
 APIs (#13220)

---
 cmd/bucket-handlers.go | 7 -------
 cmd/object-handlers.go | 5 -----
 2 files changed, 12 deletions(-)

diff --git a/cmd/bucket-handlers.go b/cmd/bucket-handlers.go
index 7d16ce4b9..b0ef77c6f 100644
--- a/cmd/bucket-handlers.go
+++ b/cmd/bucket-handlers.go
@@ -520,13 +520,6 @@ func (api objectAPIHandlers) DeleteMultipleObjectsHandler(w http.ResponseWriter,
 			}, goi, gerr)
 			replicateSync = repsync
 			if replicate {
-				if apiErrCode := checkRequestAuthType(ctx, r, policy.ReplicateDeleteAction, bucket, object.ObjectName); apiErrCode != ErrNone {
-					if apiErrCode == ErrSignatureDoesNotMatch || apiErrCode == ErrInvalidAccessKeyID {
-						writeErrorResponse(ctx, w, errorCodes.ToAPIErr(apiErrCode), r.URL)
-						return
-					}
-					continue
-				}
 				if object.VersionID != "" {
 					object.VersionPurgeStatus = Pending
 				} else {
diff --git a/cmd/object-handlers.go b/cmd/object-handlers.go
index 085c72e58..628118632 100644
--- a/cmd/object-handlers.go
+++ b/cmd/object-handlers.go
@@ -3295,11 +3295,6 @@ func (api objectAPIHandlers) DeleteObjectHandler(w http.ResponseWriter, r *http.
 
 	vID := opts.VersionID
 	if r.Header.Get(xhttp.AmzBucketReplicationStatus) == replication.Replica.String() {
-		// check if replica has permission to be deleted.
-		if apiErrCode := checkRequestAuthType(ctx, r, policy.ReplicateDeleteAction, bucket, object); apiErrCode != ErrNone {
-			writeErrorResponse(ctx, w, errorCodes.ToAPIErr(apiErrCode), r.URL)
-			return
-		}
 		opts.DeleteMarkerReplicationStatus = replication.Replica.String()
 		if opts.VersionPurgeStatus.Empty() {
 			// opts.VersionID holds delete marker version ID to replicate and not yet present on disk