Chris Lu e7b2869aa9 s3tables: Use policy framework for GetTable authorization ...

Replace strict ownership check with policy-based authorization in GetTable.
Now checks both table and bucket policies for GetTable permission, allowing
authorized non-owners to read table metadata.

Authorization logic:
- Table policy grants GetTable → allowed
- Bucket policy grants GetTable → allowed
- Otherwise → 404 NotFound (no access disclosed)

Maintains security through policy evaluation while enabling read delegation.

2026-01-28 17:37:12 -08:00

22 KiB

Raw Blame History

View Raw