ACLs and container tempurls don't work with x-versions-enable: true
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
With legacy version modes (x-history-location & x-versions-
vagrant@saio:~$ swift stat test
Read ACL: .r:*,.rlistings
Write ACL:
Sync To:
Sync Key:
X-History-
X-
X-Openstack-
vagrant@saio:~$ curl http://
awesome
Containers using the new versions api (x-versions-enable: true) are not able to enable anonymous read access:
vagrant@saio:~$ swift stat new-test
Read ACL: .r:*,.rlistings
Write ACL:
Sync To:
Sync Key:
X-Versions-
X-
X-Openstack-
vagrant@saio:~$ curl http://
<html><
Similar troubles with container tempurls:
$ curl -I --no-verbose $( swift tempurl GET 600 http:// saio/v1/ AUTH_test/ bucket/ obj container-key ) test/bucket/ obj?version- id=1590512971. 59874 Version- Id: 1590512971.59874 14094d0f- 005ecd57ee Request- Id: txabd94623dab74 14094d0f- 005ecd57ee
HTTP/1.1 401 Unauthorized
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Www-Authenticate: Swift realm="AUTH_test"
Content-Location: /v1/AUTH_
X-Object-
X-Trans-Id: txabd94623dab74
X-Openstack-
Date: Tue, 26 May 2020 17:54:54 GMT
Account tempurls are fine, though:
$ curl -I --no-verbose $( swift tempurl GET 600 http:// saio/v1/ AUTH_test/ bucket/ obj account-key ) octet-stream 79219ba905ffa12 2c test/bucket/ obj?version- id=1590512971. 59874 Version- Id: 1590512971.59874 Disposition: attachment; filename="obj"; filename* =UTF-8' 'obj 835bcb63- 005ecd57e2 Request- Id: txa6b5d6c201ca4 835bcb63- 005ecd57e2
HTTP/1.1 200 OK
Content-Type: application/
Content-Length: 8721
Etag: edb906fbd9e6212
Last-Modified: Tue, 26 May 2020 17:09:32 GMT
X-Timestamp: 1590512971.59874
Accept-Ranges: bytes
Content-Location: /v1/AUTH_
X-Object-
Content-
Expires: Tue, 26 May 2020 18:04:42 GMT
X-Trans-Id: txa6b5d6c201ca4
X-Openstack-
Date: Tue, 26 May 2020 17:54:42 GMT