You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
How to repeat:
Connect to bucket without access rights to it (Bucket is valid, keys valid (or IAM role), but no access rights)
Resolve fileObject and check it exists using
fileObject.exists()
S3FileObject.exists just checks getType()!=IMAGANARY
getType() tries to do attach.
During doAttach it fails with AmazonS3Exception e, e.getStatusCode() == 403
Then it performs doAttach with empty Matadata
doAttach(FILE, new ObjectMetadataHolder());
As the result fileObject.type == FILE and exists() will return true
Expected result:
exists must throw FileSystemException in case access is Forbidden
The text was updated successfully, but these errors were encountered:
Looks like problem description was not convincing, therefore I am attaching unit test that repeats problem vfs-s3-noAccessTest.diff.txt
Basically if you resolve file or folder without access rights fileObject.exists() returns true.
I tested this test on minio, but problem is repeatable also on amazon
I could try to fix it, but I don't understand why it is required to have empty ObjectMetadataHolder with isVirtual=True, when there was AmazonS3Exception with statusCode=403
How to repeat:
Connect to bucket without access rights to it (Bucket is valid, keys valid (or IAM role), but no access rights)
Resolve fileObject and check it exists using
fileObject.exists()
S3FileObject.exists just checks getType()!=IMAGANARY
getType() tries to do attach.
During doAttach it fails with AmazonS3Exception e, e.getStatusCode() == 403
Then it performs doAttach with empty Matadata
doAttach(FILE, new ObjectMetadataHolder());
As the result fileObject.type == FILE and exists() will return true
Expected result:
exists must throw FileSystemException in case access is Forbidden
The text was updated successfully, but these errors were encountered: