[Cyberduck-trac] [Cyberduck] #9322: S3 ACLs can't be changed in third-party buckets (due to incorrect Owner specification?)

[Cyberduck]

#9322: S3 ACLs can't be changed in third-party buckets (due to incorrect Owner
specification?)
------------------------+------------------------------
 Reporter:  bretmartin  |         Owner:  dkocher
     Type:  defect      |        Status:  assigned
 Priority:  normal      |     Milestone:  5.0
Component:  s3          |       Version:  Nightly Build
 Severity:  normal      |    Resolution:
 Keywords:              |  Architecture:
 Platform:              |
------------------------+------------------------------

Comment (by bretmartin):

 Here is the original ACL on `test.txt` as retrieved using `aws s3api get-
 object-acl ...`. Note in particular that the Owner is the ''third party
 account'' with ID starting '''e455d7...''':
 {{{
 {
     "Owner": {
         "DisplayName": "aws",
         "ID":
 "e455d7150e7518eef8ed181a177463ef25e98fa91ba7b18ecdcb4181626ee607"
     },
     "Grants": [
         {
             "Grantee": {
                 "DisplayName": "aws",
                 "ID":
 "e455d7150e7518eef8ed181a177463ef25e98fa91ba7b18ecdcb4181626ee607"
             },
             "Permission": "FULL_CONTROL"
         }
     ]
 }
 }}}
 Here is the XML of the ACL Cyberduck tries to set per my test above
 (extracted from Cyberduck debug log entries):
 {{{
 <?xml version="1.0"?>
 <AccessControlPolicy xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
   <Owner>
 <ID>ea495239f890028c88eb505804ee843a3c4b6eaa0f7033702baa21ddcebe7e00</ID>
     <DisplayName>bam</DisplayName>
   </Owner>
   <AccessControlList>
     <Grant>
       <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:type="CanonicalUser">
 <ID>ea495239f890028c88eb505804ee843a3c4b6eaa0f7033702baa21ddcebe7e00</ID>
       </Grantee>
       <Permission>FULL_CONTROL</Permission>
     </Grant>
     <Grant>
       <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:type="CanonicalUser">
 <ID>e455d7150e7518eef8ed181a177463ef25e98fa91ba7b18ecdcb4181626ee607</ID>
       </Grantee>
       <Permission>FULL_CONTROL</Permission>
     </Grant>
     <Grant>
       <Grantee xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:type="AmazonCustomerByEmail">
         <EmailAddress>bam at miranda.org</EmailAddress>
       </Grantee>
       <Permission>FULL_CONTROL</Permission>
     </Grant>
   </AccessControlList>
 </AccessControlPolicy>
 }}}
 Note that the Owner has changed to the ''bucket owner account'' with ID
 starting '''ea4952...'''. Unless I am mistaken, it is not possible to
 change the ownership of an S3 object (normally the recommended solution to
 change actual ownership is for the new owner to copy the object, and then
 delete the original one). I believe this is causing the error.

-- 
Ticket URL: <https://trac.cyberduck.io/ticket/9322#comment:6>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows