예제 #1
0
// isValidActions - are actions valid.
func isValidActions(actions set.StringSet) (err error) {
	// Statement actions cannot be empty.
	if len(actions) == 0 {
		err = errors.New("Action list cannot be empty.")
		return err
	}
	if unsupportedActions := actions.Difference(supportedActionMap); !unsupportedActions.IsEmpty() {
		err = fmt.Errorf("Unsupported actions found: ‘%#v’, please validate your policy document.", unsupportedActions)
		return err
	}
	return nil
}
예제 #2
0
// isValidPrincipals - are valid principals.
func isValidPrincipals(principals set.StringSet) (err error) {
	// Statement principal should have a value.
	if len(principals) == 0 {
		err = errors.New("Principal cannot be empty.")
		return err
	}
	if unsuppPrincipals := principals.Difference(set.CreateStringSet([]string{"*"}...)); !unsuppPrincipals.IsEmpty() {
		// Minio does not support or implement IAM, "*" is the only valid value.
		// Amazon s3 doc on principals: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html#Principal
		err = fmt.Errorf("Unsupported principals found: ‘%#v’, please validate your policy document.", unsuppPrincipals)
		return err
	}
	return nil
}