#7422 closed defect (fixed)
s3: permissions and metadata change
Reported by: | blacktrash | Owned by: | dkocher |
---|---|---|---|
Priority: | normal | Milestone: | 4.4 |
Component: | s3 | Version: | Nightly Build |
Severity: | normal | Keywords: | |
Cc: | Architecture: | Intel | |
Platform: |
Description (last modified by dkocher)
Since some time permissions and metada have changed.
- permissions now:
Everyone READ http://acs.amozonaws.com/groups/global/Auth... READ
- before:
MYUSERNAME FULL_CONTROL Everyone READ
Does not seem to affect functionality, but is it intentional?
metadata now has additional __complete__, __service__, __user__ fields - again: intentional?
Change History (9)
comment:1 Changed on Sep 1, 2013 at 11:50:36 AM by dkocher
- Description modified (diff)
- Milestone set to 4.4
comment:2 in reply to: ↑ description ; follow-up: ↓ 3 Changed on Sep 1, 2013 at 9:19:37 PM by dkocher
comment:3 in reply to: ↑ 2 ; follow-up: ↓ 4 Changed on Sep 1, 2013 at 9:29:34 PM by dkocher
Replying to dkocher:
Replying to blacktrash:
metadata now has additional __complete__, __service__, __user__ fields - again: intentional?
This is a bug.
Fixed in 97841e5.
comment:4 in reply to: ↑ 3 Changed on Sep 1, 2013 at 9:30:19 PM by dkocher
Replying to dkocher:
Replying to dkocher:
Replying to blacktrash:
metadata now has additional __complete__, __service__, __user__ fields - again: intentional?
This is a bug.
Fixed in 97841e5.
In r12625.
comment:5 Changed on Sep 2, 2013 at 11:32:48 AM by dkocher
- Status changed from new to assigned
comment:6 follow-up: ↓ 8 Changed on Sep 2, 2013 at 4:47:28 PM by dkocher
Do you know if FULL_CONTROL for the owner of the bucket or file is implicitly given?
comment:7 Changed on Sep 2, 2013 at 4:48:11 PM by dkocher
Changes in r12646.
comment:8 in reply to: ↑ 6 Changed on Sep 2, 2013 at 6:59:57 PM by blacktrash
Replying to dkocher:
Do you know if FULL_CONTROL for the owner of the bucket or file is implicitly given?
It seems so. At least I can still control the files, even though the permissions in the console now also say:
Grantee: Authenticated Users - x Open/Download Grantee: Everyone - x Open/Download
which seems like a useless duplication.
Previously:
Grantee: USERNAME - x Open/Download - x View Permissions - x Edit Permissions Grantee: Everyone - x Open/Download
comment:9 Changed on Sep 10, 2013 at 3:44:35 PM by dkocher
- Resolution set to fixed
- Status changed from assigned to closed
In 4.4 when uploading without Preferences → Uploads → Permissions → Uploads → Change Permissions selected, the uploaded objects have only set
Username Grantee - FULL_CONTROL
See also #7356.
When Preferences → Uploads → Permissions → Uploads → Change Permissions is selected, the ACL set (assuming the file is world readable on the local filesystem or Others → Read is selected for custom upload permissions) is
Everyone - READ http://acs.amazonaws.com/groups/global/AuthenticatedUsers - READ Username Grantee - FULL_CONTROL
The http://acs.amazonaws.com/groups/global/AuthenticatedUsers grantee is added when theGoup → Read|Write is selected.
Fix with added canonical grantee with FULL_CONTROL for owner in r12810.
Replying to blacktrash:
This is a bug.