* fix: ListBuckets returns empty for users with bucket-specific permissions (#7796)
The ListBucketsHandler was using sequential AND logic where ownership check
happened before permission check. If a user had 'List:bucketname' permission
but didn't own the bucket (different AmzIdentityId or missing owner metadata),
the bucket was filtered out before the permission check could run.
Changed to OR logic: a bucket is now visible if the user owns it OR has
explicit permission to list it. This allows users with bucket-specific
permissions like 'List:geoserver' to see buckets they have access to,
even if they don't own them.
Changes:
- Modified ListBucketsHandler to check both ownership and permission,
including bucket if either check passes
- Renamed isBucketVisibleToIdentity to isBucketOwnedByIdentity for clarity
- Added comprehensive tests in TestListBucketsIssue7796
Fixes#7796
* address review comments: optimize permission check and add integration test
- Skip permission check if user is already the owner (performance optimization)
- Add integration test that simulates the complete handler filtering logic
to verify the combination of ownership OR permission check works correctly
* add visibility assertions to each sub-test for self-contained verification
Each sub-test now verifies the final outcome using isOwner || canList logic,
making tests more robust and independently verifiable.
a77b145590