vangogs
commented
2 years ago Looks like problem description was not convincing, therefore I am attaching unit test that repeats problem vfs-s3-noAccessTest.diff.txt
Basically if you resolve file or folder without access rights fileObject.exists() returns true. I tested this test on minio, but problem is repeatable also on amazon
I could try to fix it, but I don't understand why it is required to have empty ObjectMetadataHolder with isVirtual=True, when there was AmazonS3Exception with statusCode=403
How to repeat: Connect to bucket without access rights to it (Bucket is valid, keys valid (or IAM role), but no access rights) Resolve fileObject and check it exists using fileObject.exists()
S3FileObject.exists just checks getType()!=IMAGANARY
getType() tries to do attach.
During doAttach it fails with AmazonS3Exception e, e.getStatusCode() == 403 Then it performs doAttach with empty Matadata
doAttach(FILE, new ObjectMetadataHolder());
As the result fileObject.type == FILE and exists() will return true
Expected result: exists must throw FileSystemException in case access is Forbidden