Cyberduck Mountain Duck CLI

#8749 closed defect (worksforme)

Access control list not editable

Reported by: max@… Owned by: dkocher
Priority: normal Milestone: 4.7
Component: s3 Version: 4.6.5
Severity: normal Keywords:
Cc: Architecture:
Platform:

Description (last modified by dkocher)

Editing S3 permissions on objects seems to be broken. For example:

Info → Permissions → Gear → Everyone → Modify dropdown to READ

I get the following error in the log drawer:

GET /?acl HTTP/1.1
Date: Thu, 16 Apr 2015 15:06:30 GMT
Authorization: AWS **REDACTED**
Host: **REDACTED**.s3.amazonaws.com:443
Connection: Keep-Alive
User-Agent: Cyberduck/4.6.5 (Mac OS X/10.9.5) (x86_64)
HTTP/1.1 403 Forbidden
x-amz-request-id: **REDACTED**
x-amz-id-2: **REDACTED**
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 16 Apr 2015 15:06:30 GMT
Server: AmazonS3

I've already verified that I can make the same request via the API with the same permissions.

Change History (7)

comment:1 Changed on Apr 16, 2015 at 4:46:12 PM by dkocher

  • Component changed from core to s3
  • Milestone set to 4.7
  • Owner set to dkocher

Possibly related to #8724. Can you please try with the latest snapshot build available.

comment:2 Changed on Apr 16, 2015 at 6:32:24 PM by max@…

Updating to the latest snapshot did not resolve the issue.

comment:3 Changed on Apr 17, 2015 at 7:26:44 AM by dkocher

  • Description modified (diff)

comment:4 Changed on Apr 17, 2015 at 7:37:48 AM by dkocher

  • Summary changed from S3 permissions not editable to Access control list not editable

Added test in r17317. We cannot reproduce this issue. What is the error message displayed?

comment:5 Changed on Apr 17, 2015 at 7:48:31 AM by dkocher

  • Resolution set to worksforme
  • Status changed from new to closed

Please make sure you have READ_ACP or FULL_CONTROL permission for the object.

comment:6 follow-up: Changed on Apr 17, 2015 at 2:00:01 PM by max@…

No error message is displayed. When I select the permission (READ, FULL_CONTROL, etc.), the item disappears from the list and the error above is displayed in the log drawer.

Looking at the error above, it appears that CyberDuck might be attempting to get the bucket ACLs in addition to the object ACLs. Allowing access to GetBucketAcl resolved the issue.

comment:7 in reply to: ↑ 6 Changed on Apr 17, 2015 at 2:22:23 PM by dkocher

Replying to max@…:

No error message is displayed. When I select the permission (READ, FULL_CONTROL, etc.), the item disappears from the list and the error above is displayed in the log drawer.

Looking at the error above, it appears that CyberDuck might be attempting to get the bucket ACLs in addition to the object ACLs. Allowing access to GetBucketAcl resolved the issue.

Thanks for posting the resolution to this issue.

Note: See TracTickets for help on using tickets.
swiss made software