#include "rapidjson/reader.h"
#include "rgw_auth.h"
+#include <arpa/inet.h>
#include "rgw_iam_policy.h"
namespace {
{ "s3:DeleteBucketWebsite", s3DeleteBucketWebsite },
{ "s3:DeleteObject", s3DeleteObject },
{ "s3:DeleteObjectVersion", s3DeleteObjectVersion },
+ { "s3:DeleteObjectTagging", s3DeleteObjectTagging },
+ { "s3:DeleteObjectVersionTagging", s3DeleteObjectVersionTagging },
{ "s3:DeleteReplicationConfiguration", s3DeleteReplicationConfiguration },
{ "s3:GetAccelerateConfiguration", s3GetAccelerateConfiguration },
{ "s3:GetBucketAcl", s3GetBucketAcl },
{ "s3:GetObjectVersionAcl", s3GetObjectVersionAcl },
{ "s3:GetObjectVersion", s3GetObjectVersion },
{ "s3:GetObjectVersionTorrent", s3GetObjectVersionTorrent },
+ { "s3:GetObjectTagging", s3GetObjectTagging },
+ { "s3:GetObjectVersionTagging", s3GetObjectVersionTagging},
{ "s3:GetReplicationConfiguration", s3GetReplicationConfiguration },
{ "s3:ListAllMyBuckets", s3ListAllMyBuckets },
{ "s3:ListBucketMultiPartUploads", s3ListBucketMultiPartUploads },
{ "s3:PutObjectAcl", s3PutObjectAcl },
{ "s3:PutObject", s3PutObject },
{ "s3:PutObjectVersionAcl", s3PutObjectVersionAcl },
+ { "s3:PutObjectTagging", s3PutObjectTagging },
+ { "s3:PutObjectVersionTagging", s3PutObjectVersionTagging },
{ "s3:PutReplicationConfiguration", s3PutReplicationConfiguration },
{ "s3:RestoreObject", s3RestoreObject }};
ECMAScript | optimize);
smatch match;
if (regex_match(a->resource, match, rx)) {
- ceph_assert(match.size() == 2);
+ ceph_assert(match.size() == 3);
if (match[1] == "user") {
return Principal::user(std::move(a->account),
case s3DeleteReplicationConfiguration:
return "s3:DeleteReplicationConfiguration";
+
+ case s3PutObjectTagging:
+ return "s3:PutObjectTagging";
+
+ case s3PutObjectVersionTagging:
+ return "s3:PutObjectVersionTagging";
+
+ case s3GetObjectTagging:
+ return "s3:GetObjectTagging";
+
+ case s3GetObjectVersionTagging:
+ return "s3:GetObjectVersionTagging";
+
+ case s3DeleteObjectTagging:
+ return "s3:DeleteObjectTagging";
+
+ case s3DeleteObjectVersionTagging:
+ return "s3:DeleteObjectVersionTagging";
}
return "s3Invalid";
}