self-hosted/minio
self-hosted/minio
1
0
Fork 0
mirror of https://github.com/minio/minio synced 2024-07-21 10:25:00 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Checking for access denied in web browser request. (#9523)

Browse source 
Fixes #9485
This commit is contained in:
P R 2020-05-06 21:31:44 -07:00 committed by GitHub
parent 7290d23b26
commit 7e3ea77fdf
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
cmd/typed-errors.go
View file

@ -92,3 +92,6 @@ var errIAMActionNotAllowed = errors.New("Specified IAM action is not allowed und
// error returned when access is denied.
var errAccessDenied = errors.New("Do not have enough permissions to access this resource")
// error returned when object is locked.
var errLockedObject = errors.New("Object is WORM protected and cannot be overwritten or deleted")

5
cmd/web-handlers.go
View file

@ -719,6 +719,9 @@ next:
}
apiErr := enforceRetentionBypassForDeleteWeb(ctx, r, args.BucketName, objectName, getObjectInfo, govBypassPerms)
if apiErr == ErrObjectLocked {
return toJSONError(ctx, errLockedObject)
}
if apiErr != ErrNone && apiErr != ErrNoSuchKey {
return toJSONError(ctx, errAccessDenied)
}
@ -2140,7 +2143,7 @@ func toWebAPIError(ctx context.Context, err error) APIError {
Description: err.Error(),
}
case errAuthentication, auth.ErrInvalidAccessKeyLength,
auth.ErrInvalidSecretKeyLength, errInvalidAccessKeyID:
auth.ErrInvalidSecretKeyLength, errInvalidAccessKeyID, errAccessDenied, errLockedObject:
return APIError{
Code: "AccessDenied",
HTTPStatusCode: http.StatusForbidden,