Improvement/cldsrv 427 permissions checks

[benzekrimaha]

PR opened after closing : #5323 and #5421
Bucket policies are not correctly interpreted, this is part of the following epic to fix that: scality/Arsenal#2181

This PR is aiming enable authorization logics from IAM policies, bucket policies and ACLs to be interpreted in aggregate in CloudServer's 'isBucketAuthorized' and 'isObjectAuthorized' functions. , ticket linked to this issue here : https://scality.atlassian.net/browse/CLDSRV-427

PRs providing implicit Deny logic to CS for processing in this PR
scality/Arsenal#2181
https://github.com/scality/Vault/pull/2135
#5322
#5420

I'm not bumping a new CLDSRV version since a new version has been created in this merged PR : #5322 , Please let me know if it needs to be done anyways.

[nicolas2bert]

I did not mean to approve this draft PR.

[bert-e]

Hello benzekrimaha,

My role is to assist you with the merge of this
pull request. Please type @bert-e help to get information
on this process, or consult the user documentation.

Status report is not available.

[bert-e]

Incorrect fix version

The Fix Version/s in issue CLDSRV-427 contains:

• 7.70.30

Considering where you are trying to merge, I ignored possible hotfix versions and I expected to find:

• 7.10.33

• 7.70.30

• 8.6.12

• 8.7.31

• 8.8.5

Please check the Fix Version/s of CLDSRV-427, or the target
branch of this pull request.

[bert-e]

Incorrect fix version

The Fix Version/s in issue CLDSRV-427 contains:

• 7.70.30

Considering where you are trying to merge, I ignored possible hotfix versions and I expected to find:

• 7.10.33

• 7.70.31

• 8.6.13

• 8.7.31

• 8.8.5

Please check the Fix Version/s of CLDSRV-427, or the target
branch of this pull request.

[benzekrimaha]

ping

[bert-e]

Request integration branches

Waiting for integration branch creation to be requested by the user.

To request integration branches, please comment on this pull request with the following command:

/create_integration_branches

Alternatively, the /approve and /create_pull_requests commands will automatically
create the integration branches.

[benzekrimaha]

/create_integration_branches

[bert-e]

Conflict

A conflict has been raised during the creation of
integration branch w/7.70/improvement/CLDSRV-427-permissions-checks with contents from improvement/CLDSRV-427-permissions-checks
and development/7.70.

I have not created the integration branch.

Here are the steps to resolve this conflict:

 $ git fetch
 $ git checkout -B w/7.70/improvement/CLDSRV-427-permissions-checks origin/development/7.70
 $ git merge origin/improvement/CLDSRV-427-permissions-checks
 $ # <intense conflict resolution>
 $ git commit
 $ git push -u origin w/7.70/improvement/CLDSRV-427-permissions-checks

The following options are set: create_integration_branches

[bert-e]

Conflict

A conflict has been raised during the creation of
integration branch w/8.6/improvement/CLDSRV-427-permissions-checks with contents from w/7.70/improvement/CLDSRV-427-permissions-checks
and development/8.6.

I have not created the integration branch.

Here are the steps to resolve this conflict:

 $ git fetch
 $ git checkout -B w/8.6/improvement/CLDSRV-427-permissions-checks origin/development/8.6
 $ git merge origin/w/7.70/improvement/CLDSRV-427-permissions-checks
 $ # <intense conflict resolution>
 $ git commit
 $ git push -u origin w/8.6/improvement/CLDSRV-427-permissions-checks

The following options are set: create_integration_branches

[bert-e]

History mismatch

Merge commit #48b09afb4ba6309c9064afc7fbe9396f802a39c2 on the integration branch
w/7.70/improvement/CLDSRV-427-permissions-checks is merging a branch which is neither the current
branch improvement/CLDSRV-427-permissions-checks nor the development branch
development/7.70.

It is likely due to a rebase of the branch improvement/CLDSRV-427-permissions-checks and the
merge is not possible until all related w/* branches are deleted or updated.

Please use the reset command to have me reinitialize these branches.

The following options are set: create_integration_branches

[benzekrimaha]

/reset

[bert-e]

Reset complete

I have successfully deleted this pull request's integration branches.

The following options are set: create_integration_branches

[bert-e]

Conflict

A conflict has been raised during the creation of
integration branch w/8.6/improvement/CLDSRV-427-permissions-checks with contents from w/7.70/improvement/CLDSRV-427-permissions-checks
and development/8.6.

I have not created the integration branch.

Here are the steps to resolve this conflict:

 $ git fetch
 $ git checkout -B w/8.6/improvement/CLDSRV-427-permissions-checks origin/development/8.6
 $ git merge origin/w/7.70/improvement/CLDSRV-427-permissions-checks
 $ # <intense conflict resolution>
 $ git commit
 $ git push -u origin w/8.6/improvement/CLDSRV-427-permissions-checks

The following options are set: create_integration_branches

[benzekrimaha]

ping

[bert-e]

Integration data created

I have created the integration data for the additional destination branches.

• this pull request will merge improvement/CLDSRV-427-permissions-checks into
  development/7.10
• w/7.70/improvement/CLDSRV-427-permissions-checks will be merged into development/7.70
• w/8.6/improvement/CLDSRV-427-permissions-checks will be merged into development/8.6
• w/8.7/improvement/CLDSRV-427-permissions-checks will be merged into development/8.7
• w/8.8/improvement/CLDSRV-427-permissions-checks will be merged into development/8.8

The following branches will NOT be impacted:

• development/7.4

You can set option create_pull_requests if you need me to create
integration pull requests in addition to integration branches, with:

@bert-e create_pull_requests

The following options are set: create_integration_branches

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

The following options are set: create_integration_branches

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

The following reviewers are expecting changes from the author, or must review again:

• @anurag4DSB

The following options are set: create_integration_branches

[bert-e]

History mismatch

Merge commit #6e240c31b9231fb52bfbcc3bdaadc8d86dda135b on the integration branch
w/7.70/improvement/CLDSRV-427-permissions-checks is merging a branch which is neither the current
branch improvement/CLDSRV-427-permissions-checks nor the development branch
development/7.70.

It is likely due to a rebase of the branch improvement/CLDSRV-427-permissions-checks and the
merge is not possible until all related w/* branches are deleted or updated.

Please use the reset command to have me reinitialize these branches.

The following options are set: create_integration_branches

[benzekrimaha]

/reset

[bert-e]

Reset complete

I have successfully deleted this pull request's integration branches.

The following options are set: create_integration_branches

[bert-e]

Conflict

A conflict has been raised during the creation of
integration branch w/8.6/improvement/CLDSRV-427-permissions-checks with contents from w/7.70/improvement/CLDSRV-427-permissions-checks
and development/8.6.

I have not created the integration branch.

Here are the steps to resolve this conflict:

 $ git fetch
 $ git checkout -B w/8.6/improvement/CLDSRV-427-permissions-checks origin/development/8.6
 $ git merge origin/w/7.70/improvement/CLDSRV-427-permissions-checks
 $ # <intense conflict resolution>
 $ git commit
 $ git push -u origin w/8.6/improvement/CLDSRV-427-permissions-checks

The following options are set: create_integration_branches

[bert-e]

Integration data created

I have created the integration data for the additional destination branches.

• this pull request will merge improvement/CLDSRV-427-permissions-checks into
  development/7.10
• w/7.70/improvement/CLDSRV-427-permissions-checks will be merged into development/7.70
• w/8.6/improvement/CLDSRV-427-permissions-checks will be merged into development/8.6
• w/8.7/improvement/CLDSRV-427-permissions-checks will be merged into development/8.7
• w/8.8/improvement/CLDSRV-427-permissions-checks will be merged into development/8.8

The following branches will NOT be impacted:

• development/7.4

You can set option create_pull_requests if you need me to create
integration pull requests in addition to integration branches, with:

@bert-e create_pull_requests

The following options are set: create_integration_branches

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

The following options are set: create_integration_branches

[benzekrimaha]

@bert-e create_pull_requests

[bert-e]

Integration data created

I have created the integration data for the additional destination branches.

• this pull request will merge improvement/CLDSRV-427-permissions-checks into
  development/7.10
• w/7.70/improvement/CLDSRV-427-permissions-checks will be merged into development/7.70 (pull request INTEGRATION [PR#5432 > development/7.70] Improvement/cldsrv 427 permissions checks #5445)
• w/8.6/improvement/CLDSRV-427-permissions-checks will be merged into development/8.6 (pull request INTEGRATION [PR#5432 > development/8.6] Improvement/cldsrv 427 permissions checks #5446)
• w/8.7/improvement/CLDSRV-427-permissions-checks will be merged into development/8.7 (pull request INTEGRATION [PR#5432 > development/8.7] Improvement/cldsrv 427 permissions checks #5447)
• w/8.8/improvement/CLDSRV-427-permissions-checks will be merged into development/8.8 (pull request INTEGRATION [PR#5432 > development/8.8] Improvement/cldsrv 427 permissions checks #5448)

The following branches will NOT be impacted:

• development/7.4

Follow integration pull requests if you would like to be notified of
build statuses by email.

The following options are set: create_pull_requests, create_integration_branches

[bert-e]

Waiting for approval

The following approvals are needed before I can proceed with the merge:

• the author

• 2 peers

The following options are set: create_pull_requests, create_integration_branches

[benzekrimaha]

/approve

[bert-e]

In the queue

The changeset has received all authorizations and has been added to the
relevant queue(s). The queue(s) will be merged in the target development
branch(es) as soon as builds have passed.

The changeset will be merged in:

• ✔️ development/7.10

• ✔️ development/7.70

• ✔️ development/8.6

• ✔️ development/8.7

• ✔️ development/8.8

The following branches will NOT be impacted:

• development/7.4

There is no action required on your side. You will be notified here once
the changeset has been merged. In the unlikely event that the changeset
fails permanently on the queue, a member of the admin team will
contact you to help resolve the matter.

IMPORTANT

Please do not attempt to modify this pull request.

• Any commit you add on the source branch will trigger a new cycle after the
  current queue is merged.
• Any commit you add on one of the integration branches will be lost.

If you need this pull request to be removed from the queue, please contact a
member of the admin team now.

The following options are set: approve, create_pull_requests, create_integration_branches

[bert-e]

I have successfully merged the changeset of this pull request
into targetted development branches:

• ✔️ development/7.10

• ✔️ development/7.70

• ✔️ development/8.6

• ✔️ development/8.7

• ✔️ development/8.8

The following branches have NOT changed:

• development/7.4

Please check the status of the associated issue CLDSRV-427.

Goodbye benzekrimaha.