Cyberduck Mountain Duck CLI

#7422 closed defect (fixed)

s3: permissions and metadata change

Reported by: blacktrash Owned by: dkocher
Priority: normal Milestone: 4.4
Component: s3 Version: Nightly Build
Severity: normal Keywords:
Cc: Architecture: Intel
Platform:

Description (last modified by dkocher)

Since some time permissions and metada have changed.

  • permissions now:
Everyone                  READ
http://acs.amozonaws.com/groups/global/Auth...  READ
  • before:
MYUSERNAME                FULL_CONTROL
Everyone                  READ

Does not seem to affect functionality, but is it intentional?

metadata now has additional __complete__, __service__, __user__ fields - again: intentional?

Change History (9)

comment:1 Changed on Sep 1, 2013 at 11:50:36 AM by dkocher

  • Description modified (diff)
  • Milestone set to 4.4

comment:2 in reply to: ↑ description ; follow-up: Changed on Sep 1, 2013 at 9:19:37 PM by dkocher

Replying to blacktrash:

metadata now has additional __complete__, __service__, __user__ fields - again: intentional?

This is a bug.

comment:3 in reply to: ↑ 2 ; follow-up: Changed on Sep 1, 2013 at 9:29:34 PM by dkocher

Replying to dkocher:

Replying to blacktrash:

metadata now has additional __complete__, __service__, __user__ fields - again: intentional?

This is a bug.

Fixed in 97841e5.

comment:4 in reply to: ↑ 3 Changed on Sep 1, 2013 at 9:30:19 PM by dkocher

Replying to dkocher:

Replying to dkocher:

Replying to blacktrash:

metadata now has additional __complete__, __service__, __user__ fields - again: intentional?

This is a bug.

Fixed in 97841e5.

In r12625.

comment:5 Changed on Sep 2, 2013 at 11:32:48 AM by dkocher

  • Status changed from new to assigned

comment:6 follow-up: Changed on Sep 2, 2013 at 4:47:28 PM by dkocher

Do you know if FULL_CONTROL for the owner of the bucket or file is implicitly given?

comment:7 Changed on Sep 2, 2013 at 4:48:11 PM by dkocher

Changes in r12646.

comment:8 in reply to: ↑ 6 Changed on Sep 2, 2013 at 6:59:57 PM by blacktrash

Replying to dkocher:

Do you know if FULL_CONTROL for the owner of the bucket or file is implicitly given?

It seems so. At least I can still control the files, even though the permissions in the console now also say:

Grantee: Authenticated Users - x Open/Download
Grantee: Everyone -            x Open/Download

which seems like a useless duplication.

Previously:

Grantee: USERNAME - x Open/Download - x View Permissions - x Edit Permissions
Grantee: Everyone - x Open/Download
Last edited on Sep 2, 2013 at 7:00:51 PM by blacktrash (previous) (diff)

comment:9 Changed on Sep 10, 2013 at 3:44:35 PM by dkocher

  • Resolution set to fixed
  • Status changed from assigned to closed

In 4.4 when uploading without Preferences → Uploads → Permissions → Uploads → Change Permissions selected, the uploaded objects have only set

Username Grantee - FULL_CONTROL

See also #7356.

When Preferences → Uploads → Permissions → Uploads → Change Permissions is selected, the ACL set (assuming the file is world readable on the local filesystem or Others → Read is selected for custom upload permissions) is

Everyone - READ
http://acs.amazonaws.com/groups/global/AuthenticatedUsers - READ
Username Grantee - FULL_CONTROL

The http://acs.amazonaws.com/groups/global/AuthenticatedUsers grantee is added when theGoup → Read|Write is selected.

Fix with added canonical grantee with FULL_CONTROL for owner in r12810.

Note: See TracTickets for help on using tickets.
swiss made software