Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

S3FileObject.exists returns true even AmazonS3 returns 403 forbidden #76

Open
vangogs opened this issue Jun 22, 2021 · 1 comment
Open

Comments

@vangogs
Copy link

vangogs commented Jun 22, 2021

How to repeat:
Connect to bucket without access rights to it (Bucket is valid, keys valid (or IAM role), but no access rights)
Resolve fileObject and check it exists using
fileObject.exists()

S3FileObject.exists just checks getType()!=IMAGANARY

getType() tries to do attach.

During doAttach it fails with AmazonS3Exception e, e.getStatusCode() == 403
Then it performs doAttach with empty Matadata

doAttach(FILE, new ObjectMetadataHolder());

As the result fileObject.type == FILE and exists() will return true

Expected result:
exists must throw FileSystemException in case access is Forbidden

@vangogs
Copy link
Author

vangogs commented Nov 22, 2021

Looks like problem description was not convincing, therefore I am attaching unit test that repeats problem
vfs-s3-noAccessTest.diff.txt

Basically if you resolve file or folder without access rights fileObject.exists() returns true.
I tested this test on minio, but problem is repeatable also on amazon

I could try to fix it, but I don't understand why it is required to have empty ObjectMetadataHolder with isVirtual=True, when there was AmazonS3Exception with statusCode=403

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant