fix: access audit for bucket (#1270)

Policy listing in the Audit list tab was not displaying all the policies with access to the current bucket Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com>
2021-11-30 21:47:54 -08:00
parent a3d0cb37a3
commit b29fc0993b
1 changed files with 9 additions and 1 deletions
--- a/restapi/admin_policies.go
+++ b/restapi/admin_policies.go
@@ -20,6 +20,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
+	"fmt"
 	"sort"
 	"strings"

@@ -206,13 +207,20 @@ func listPoliciesWithBucket(ctx context.Context, bucket string, client MinioAdmi

 func policyMatchesBucket(policy *models.Policy, bucket string) bool {
 	policyData := &iampolicy.Policy{}
-	json.Unmarshal([]byte(policy.Policy), policyData)
+	err := json.Unmarshal([]byte(policy.Policy), policyData)
+	if err != nil {
+		LogError("error parsing policy: %v", err)
+		return false
+	}
 	policyStatements := policyData.Statements
 	for i := 0; i < len(policyStatements); i++ {
 		resources := policyStatements[i].Resources
 		if resources.Match(bucket, map[string][]string{}) {
 			return true
 		}
+		if resources.Match(fmt.Sprintf("%s/*", bucket), map[string][]string{}) {
+			return true
+		}
 	}
 	return false
 }