S3: Signature verification should not check permissions (#7335)

* Signature verification should not check permissions - that's done later in authRequest

* test permissions during signature verfication

* fix s3 test path

* s3tests_boto3 => s3tests

* remove extra lines

weed/s3api/auth_signature_v4.go

@@ -190,12 +190,6 @@ func (iam *IdentityAccessManagement) doesSignatureMatch(hashedPayload string, r
 		return nil, s3err.ErrInvalidAccessKeyID
 	}
 
-	bucket, object := s3_constants.GetBucketAndObject(r)
-	canDoResult := identity.canDo(s3_constants.ACTION_WRITE, bucket, object)
-	if !canDoResult {
-		return nil, s3err.ErrAccessDenied
-	}
-
 	// Extract date, if not present throw error.
 	var dateStr string
 	if dateStr = req.Header.Get("x-amz-date"); dateStr == "" {
@@ -331,12 +325,6 @@ func (iam *IdentityAccessManagement) doesPresignedSignatureMatch(hashedPayload s
 		return nil, s3err.ErrInvalidAccessKeyID
 	}
 
-	// Check permissions
-	bucket, object := s3_constants.GetBucketAndObject(r)
-	if !identity.canDo(s3_constants.ACTION_READ, bucket, object) {
-		return nil, s3err.ErrAccessDenied
-	}
-
 	// Parse date
 	t, e := time.Parse(iso8601Format, dateStr)
 	if e != nil {