s3fs issue with IAM policy

[GoogleCodeExporter]

We are using s3fs in a scenario where we have created folders within a S3 
bucket and each user has access _only_ to his folder. This is achieved by 
applying an IAM policy to that user giving him the necessary folder access 
only. With that policy the user cannot list buckets or keys within the bucket 
his folder is in. He can only access keys with the prefix as his folder. 

This does not work with s3fs because when we do a get_bucket() call with 
validate=true, it tries to list the keys in the bucket without the prefix. The 
attached patch checks if the connection is created with a prefix in which case 
it uses validation=false as the parameter to get_bucket() and instead validates 
using get_key() on the prefix only.

We would like to submit this patch for submission into the upcoming release. 
Please let me know your thoughts.

Original issue reported on code.google.com by kalpak.s...@gmail.com on 25 Jun 2012 at 4:44

Attachments:

• s3fs-iam.patch

[GoogleCodeExporter]

This looks good to me.  Are  you happy for the patch to be committed as-is?

Original comment by rfkel...@gmail.com on 1 Jul 2012 at 11:46

[GoogleCodeExporter]

Thanks, Ryan. We have successfully tested the patch and it can be committed 
as-is.

Original comment by kalpak.s...@gmail.com on 2 Jul 2012 at 3:39

[GoogleCodeExporter]

committed in r795

Original comment by rfkel...@gmail.com on 9 Jul 2012 at 6:28

• Changed state: Fixed