Skip to content

Commit

Permalink
fix(oss): extract principalID from appeals Account ID
Browse files Browse the repository at this point in the history
  • Loading branch information
Ayushi Sharma committed Dec 12, 2024
1 parent 0bd050f commit b9b3857
Showing 1 changed file with 23 additions and 2 deletions.
25 changes: 23 additions & 2 deletions plugins/providers/oss/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,10 @@ func revokePermissionsFromPolicy(policyString string, g domain.Grant) (string, e
return "", err
}

principalAccountID := g.AccountID
principalAccountID, err := getPrincipalFromAccountID(g.AccountID)
if err != nil {
return "", err
}
resourceAccountID, err := getAccountIDFromResource(g.Resource)
if err != nil {
return "", err
Expand Down Expand Up @@ -300,7 +303,11 @@ func updatePolicyToGrantPermissions(policy string, g domain.Grant) (string, erro
return "", err
}

principalAccountID := g.AccountID
principalAccountID, err := getPrincipalFromAccountID(g.AccountID)
if err != nil {
return "", err
}

resourceAccountID, err := getAccountIDFromResource(g.Resource)
if err != nil {
return "", err
Expand Down Expand Up @@ -422,6 +429,20 @@ func getAccountIDFromResource(resource *domain.Resource) (string, error) {
return urnParts[2], nil
}

func getPrincipalFromAccountID(accountID string) (string, error) {
accountIDParts := strings.Split(accountID, "$")
if len(accountIDParts) < 2 {
return "", fmt.Errorf("invalid accountID format")
}

subParts := strings.Split(accountIDParts[1], ":")
if len(subParts) < 2 {
return "", fmt.Errorf("invalid accountID format")
}

return subParts[1], nil
}

func unmarshalPolicy(policy string) (Policy, error) {
var bucketPolicy Policy
if err := json.Unmarshal([]byte(policy), &bucketPolicy); err != nil {
Expand Down

0 comments on commit b9b3857

Please sign in to comment.