Cyberduck fails to create buckets with latest code

[fifieldt]

From vitoordaz in #15

After I have an error when create buckets via Cyberduck, it's because you translate PUT request with X-AMZ-ACL to POST request, but Cyberduck usually add X-AMZ-ACL when create bucket.

PUT /lol/ HTTP/1.1
Date: Tue, 16 Oct 2012 22:56:57 GMT
x-amz-acl: public-read
Content-Type: application/octet-stream
Authorization: AWS admin:admin:qibESADS8jtU8aZTJa2K0KJqo1g=
Content-Length: 0
Host: 192.168.1.20:443
Connection: Keep-Alive
User-Agent: Cyberduck/4.2.1 (Mac OS X/10.8.2) (i386)

HTTP/1.1 400 Bad Request
Content-Length: 142
Content-Type: text/xml
Date: Tue, 16 Oct 2012 22:56:53 GMT
Connection: keep-alive

account-server 127.0.0.1 - - [16/Oct/2012:22:56:53 +0000] "HEAD /sdb4/127477/AUTH_admin" 204 - "tx0530e3d57e004575ad43eddb90db4832" "-" "-" 0.0054 ""
container-server 127.0.0.1 - - [16/Oct/2012:22:56:53 +0000] "POST /sdb3/231295/AUTH_admin/lol" 404 - "tx0530e3d57e004575ad43eddb90db4832" "-" "-" 0.0012
container-server 127.0.0.1 - - [16/Oct/2012:22:56:53 +0000] "POST /sdb2/231295/AUTH_admin/lol" 404 - "tx0530e3d57e004575ad43eddb90db4832" "-" "-" 0.0013
container-server 127.0.0.1 - - [16/Oct/2012:22:56:53 +0000] "POST /sdb4/231295/AUTH_admin/lol" 404 - "tx0530e3d57e004575ad43eddb90db4832" "-" "-" 0.0010
proxy-server 192.168.1.50 192.168.1.50 16/Oct/2012/22/56/53 POST /v1/AUTH_admin/lol HTTP/1.0 499 - Cyberduck/4.2.1%20%28Mac%20OS%20X/10.8.2%29%20%28i386%29 admin%2Cs3 - 70 - tx0530e3d57e004575ad43eddb90db4832 - 0.0226 -

[fifieldt]

Ok, so the problem is to create a bucket swift needs PUT to create the bucket, and POST to make the acl - these are two separate requests/request types. Not quite sure how to implement that.

[vitoordaz]

First of all X-Amz-Acl can be used only when client create container. So you can make translation of x-Amz-Acl only when create container and then you don't need change request method.

[fifieldt]

http://docs.amazonwebservices.com/AmazonS3/latest/dev/ACLOverview.html#CannedACL
"You specify a canned ACL in your request using the x-amz-acl request header. When Amazon S3 receives a request with a canned ACL in the request, it adds the predefined grants to the ACL of the resource."
So, you can set the ACL using X-Amz-Acl any time ? Boto definitely uses this for its set_acl() method.

The next problem is - you don't know if the container exists or not at request time, so you don't know if it's a create request or an ACL set request :|

[fifieldt]

Suggested a test case creation at s3tests: ceph/s3-tests#2

[vitoordaz]

Different between X-Amz-Acl and PUT ?acl request it that for first you don't need WRITE_ACP permission when for second you need it. Also in amazon when you will send PUT (without any subresource) request to container and if it exists you will recieve error response, because bucket already exists.

[fifieldt]

Spoke with Fujita san last night, and we can't figure out a way to solve this.

My plan is to put in a patch to remove the code until we can find out a way to fix it.

[vitoordaz]

Also I think it will better if you will replace GET to HEAD when client send request acl subresource in BucketController, otherwise theer will client disconnect messages in Swift proxy server logs.

[vitoordaz]

Also I think it will better if you will replace GET to HEAD when client send request acl subresource in BucketController, otherwise there will client disconnect messages in Swift proxy server logs.

[fujita]

So what commit should I revert?

[vitoordaz]

This is a fix for error when create bucket with Cyberduck https://github.com/fujita/swift3/pull/18/files

[ruyang]

There are some questions for set container acl. I used to X-Amz-Acl and PUT of request. the error is ' Status Code: 409, AWS Service: Amazon S3, AWS Request ID: null, AWS Error Code: BucketAlreadyExists, AWS Error Message: The requested bucket name is not available, S3 Extended Request ID: null' please help me. thanks so much