Skip to content

Commit

Permalink
Allow console to recognize DeleteObject*
Browse files Browse the repository at this point in the history
  • Loading branch information
@allanrogerr
allanrogerr committed Jan 27, 2025
1 parent 31a5d64 commit ee1aacb
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 4 deletions.
2 changes: 2 additions & 0 deletions web-app/src/common/SecureComponent/permissions.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ export const IAM_SCOPES = {
S3_PUT_OBJECT: "s3:PutObject",
S3_GET_ACTIONS: "s3:Get*",
S3_PUT_ACTIONS: "s3:Put*",
S3_DELETE_OBJECT_ACTIONS: "s3:DeleteObject*",
S3_GET_OBJECT_LEGAL_HOLD: "s3:GetObjectLegalHold",
S3_PUT_OBJECT_LEGAL_HOLD: "s3:PutObjectLegalHold",
S3_DELETE_OBJECT: "s3:DeleteObject",
Expand Down Expand Up @@ -197,6 +198,7 @@ export const IAM_PERMISSIONS = {
IAM_SCOPES.S3_PUT_OBJECT,
IAM_SCOPES.S3_PUT_ACTIONS,
IAM_SCOPES.S3_DELETE_OBJECT,
IAM_SCOPES.S3_DELETE_OBJECT_ACTIONS,
],
[IAM_ROLES.BUCKET_VIEWER]: [
IAM_SCOPES.S3_LIST_BUCKET,
Expand Down
4 changes: 2 additions & 2 deletions web-app/src/screens/Console/Buckets/ListBuckets/Objects/ListObjects/ListObjects.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,7 @@ const ListObjects = () => {
]);
const canDelete = hasPermission(
[pathAsResourceInPolicy, ...sessionGrantWildCards],
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_OBJECT_ACTIONS],
);
const canUpload =
hasPermission(
Expand Down Expand Up @@ -912,7 +912,7 @@ const ListObjects = () => {
tooltip: canDelete
? "Delete Selected Files"
: permissionTooltipHelper(
[IAM_SCOPES.S3_DELETE_OBJECT],
[IAM_SCOPES.S3_DELETE_OBJECT, IAM_SCOPES.S3_DELETE_OBJECT_ACTIONS],
"delete objects in this bucket",
),
},
Expand Down
10 changes: 8 additions & 2 deletions web-app/src/screens/Console/Buckets/ListBuckets/Objects/ListObjects/ObjectDetailPanel.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -649,7 +649,10 @@ const ObjectDetailPanel = ({
canDelete
? ""
: permissionTooltipHelper(
[IAM_SCOPES.S3_DELETE_OBJECT],
[
IAM_SCOPES.S3_DELETE_OBJECT,
IAM_SCOPES.S3_DELETE_OBJECT_ACTIONS,
],
"delete this object",
)
}
Expand All @@ -665,7 +668,10 @@ const ObjectDetailPanel = ({
currentItem,
[bucketName, actualInfo.name].join("/"),
]}
scopes={[IAM_SCOPES.S3_DELETE_OBJECT]}
scopes={[
IAM_SCOPES.S3_DELETE_OBJECT,
IAM_SCOPES.S3_DELETE_OBJECT_ACTIONS,
]}
errorProps={{ disabled: true }}
>
<Button
Expand Down

0 comments on commit ee1aacb

Please sign in to comment.