gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bea0f8eda0eef4ad7b20c45b8b1cfc294d1f7735
seaweedFS/weed
History
Chris Lu bea0f8eda0 s3tables: Use policy framework for table creation authorization 
Replace strict ownership check in CreateTable with policy-based authorization.
Now checks both namespace and bucket policies for CreateTable permission,
allowing delegation via resource policies while still respecting owner bypass.

Authorization logic:
- Namespace policy grants CreateTable → allowed
- Bucket policy grants CreateTable → allowed
- Otherwise → denied (even if same owner)

This enables cross-principal table creation via policies while maintaining
security through explicit allow/deny semantics.
2026-01-28 17:36:53 -08:00
..
admin
Fix jwt error in admin UI (#8140)
2026-01-27 17:27:02 -08:00
cluster
go fmt
2026-01-28 14:34:07 -08:00
command
command: fix stale error variable logging in filer serving goroutines
2026-01-28 11:27:18 -08:00
credential
Implement IAM propagation to S3 servers (#8130)
2026-01-26 22:59:43 -08:00
filer
Fix S3 Gateway Read Failover #8076 (#8087)
2026-01-22 14:07:24 -08:00
filer_client
Clean up logs and deprecated functions (#7339)
2025-10-17 22:11:50 -07:00
glog
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
iam
iam: support ForAnyValue and ForAllValues condition set operators (#8105)
2026-01-24 13:34:49 -08:00
iamapi
Refactor Admin UI to use unified IAM storage and add MultipleFileStore (#8101)
2026-01-23 20:12:59 -08:00
images
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
kms
S3 API: Add integration with KMS providers (#7152)
2025-08-22 22:10:30 -07:00
mount
mount: apply UID/GID mapping in lookupEntry for cache misses (#8144)
2026-01-27 18:41:37 -08:00
mq
cast i to int64 first, ensuring the calculation happens in 64-bit space
2026-01-22 14:05:45 -08:00
notification
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
operation
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
pb
Implement IAM propagation to S3 servers (#8130)
2026-01-26 22:59:43 -08:00
query
fix: comprehensive go vet error fixes and add CI enforcement (#7861)
2025-12-23 14:48:50 -08:00
remote_storage
fix(gcs): resolve credential conflict in remote storage mount (#8013)
2026-01-12 12:22:42 -08:00
replication
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
s3api
s3tables: Use policy framework for table creation authorization
2026-01-28 17:36:53 -08:00
security
feat: Optional path-prefix and method scoping for Filer HTTP JWT (#8014)
2026-01-12 13:21:48 -08:00
sequence
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
server
Implement IAM propagation to S3 servers (#8130)
2026-01-26 22:59:43 -08:00
sftpd
SFTP: support reloading user store on HUP signal (#7651)
2025-12-08 01:24:42 -08:00
shell
feat(shell): add Object Lock management commands (#8141)
2026-01-27 10:50:16 -08:00
static
Fix Broken Links (#5287)
2024-02-14 08:26:38 -08:00
stats
chore: execute goimports to format the code (#7983)
2026-01-07 13:06:08 -08:00
storage
Update store_ec_recovery_test.go
2026-01-23 16:38:36 -08:00
telemetry
Prevent split-brain: Persistent ClusterID and Join Validation (#8022)
2026-01-18 14:02:34 -08:00
topology
Prevent split-brain: Persistent ClusterID and Join Validation (#8022)
2026-01-18 14:02:34 -08:00
util
4.07
2026-01-18 15:48:09 -08:00
wdclient
Fix S3 Gateway Read Failover #8076 (#8087)
2026-01-22 14:07:24 -08:00
worker
Update detection.go
2026-01-23 21:38:51 -08:00
Makefile
Update README and weed/Makefile (#7571)
2025-11-29 11:36:22 -08:00
weed.go
Fix the issue where fuse command on a node cannot specify multiple configuration directory paths (#7874)
2025-12-25 11:36:38 -08:00