Beispiel #1
0
        /**
         * Returns whether given statement is valid to process for given bucket name.
         */
        public bool isValid(string bucketName)
        {
            ISet <string> intersection;

            if (this.actions != null)
            {
                intersection = new HashSet <string>(this.actions);
            }
            else
            {
                intersection = new HashSet <string>();
            }

            intersection.IntersectWith(PolicyConstants.VALID_ACTIONS());

            if (intersection.Count == 0)
            {
                return(false);
            }
            if (!this.effect.Equals("Allow"))
            {
                return(false);
            }

            IList <string> aws = this.principal != null?this.principal.aws() : null;

            if (aws == null || !aws.Contains("*"))
            {
                return(false);
            }

            string bucketResource = PolicyConstants.AWS_RESOURCE_PREFIX + bucketName;

            if (this.resources == null)
            {
                return(false);
            }

            if (this.resources.Contains(bucketResource))
            {
                return(true);
            }

            if (this.resources.startsWith(bucketResource + "/").Count == 0)
            {
                return(false);
            }

            return(true);
        }
Beispiel #2
0
        /**
         * Removes object actions for given object resource.
         */
        public void removeObjectActions(string objectResource)
        {
            if (this.conditions != null)
            {
                return;
            }

            if (this.resources.Count > 1)
            {
                this.resources.Remove(objectResource);
            }
            else
            {
                this.actions.Except(PolicyConstants.READ_WRITE_OBJECT_ACTIONS());
            }
        }