From fe78199234404826f065e8a29adbd06ae1a0bfdb Mon Sep 17 00:00:00 2001
From: Andy Lo-A-Foe <andy.loafoe@gmail.com>
Date: Mon, 29 Mar 2021 18:46:30 +0200
Subject: [PATCH] Add all supported actions

---
 s3creds/policy.go | 106 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 105 insertions(+), 1 deletion(-)

diff --git a/s3creds/policy.go b/s3creds/policy.go
index 8c39cfd6..267f140c 100644
--- a/s3creds/policy.go
+++ b/s3creds/policy.go
@@ -64,7 +64,111 @@ func (p *Policy) Equals(other *Policy) bool {
 }
 
 func validateActions(fl validator.FieldLevel) bool {
-	validActions := []string{"GET", "PUT", "LIST", "DELETE", "ALL_OBJECT", "ALL_BUCKET"}
+	validActions := []string{
+		"GET",
+		"PUT",
+		"LIST",
+		"DELETE",
+		"ALL_OBJECT",
+		"ALL_BUCKET",
+		"AbortMultipartUpload",
+		"CompleteMultipartUpload",
+		"CopyObject",
+		"CreateBucket",
+		"CreateMultipartUpload",
+		"DeleteBucket",
+		"DeleteBucketAnalyticsConfiguration",
+		"DeleteBucketCors",
+		"DeleteBucketEncryption",
+		"DeleteBucketIntelligentTieringConfiguration",
+		"DeleteBucketInventoryConfiguration",
+		"DeleteBucketLifecycle",
+		"DeleteBucketMetricsConfiguration",
+		"DeleteBucketOwnershipControls",
+		"DeleteBucketPolicy",
+		"DeleteBucketReplication",
+		"DeleteBucketTagging",
+		"DeleteBucketWebsite",
+		"DeleteObject",
+		"DeleteObjects",
+		"DeleteObjectTagging",
+		"DeletePublicAccessBlock",
+		"GetBucketAccelerateConfiguration",
+		"GetBucketAcl",
+		"GetBucketAnalyticsConfiguration",
+		"GetBucketCors",
+		"GetBucketEncryption",
+		"GetBucketIntelligentTieringConfiguration",
+		"GetBucketInventoryConfiguration",
+		"GetBucketLifecycle",
+		"GetBucketLifecycleConfiguration",
+		"GetBucketLocation",
+		"GetBucketLogging",
+		"GetBucketMetricsConfiguration",
+		"GetBucketNotification",
+		"GetBucketNotificationConfiguration",
+		"GetBucketOwnershipControls",
+		"GetBucketPolicy",
+		"GetBucketPolicyStatus",
+		"GetBucketReplication",
+		"GetBucketRequestPayment",
+		"GetBucketTagging",
+		"GetBucketVersioning",
+		"GetBucketWebsite",
+		"GetObject",
+		"GetObjectAcl",
+		"GetObjectLegalHold",
+		"GetObjectLockConfiguration",
+		"GetObjectRetention",
+		"GetObjectTagging",
+		"GetObjectTorrent",
+		"GetPublicAccessBlock",
+		"HeadBucket",
+		"HeadObject",
+		"ListBucketAnalyticsConfigurations",
+		"ListBucketIntelligentTieringConfigurations",
+		"ListBucketInventoryConfigurations",
+		"ListBucketMetricsConfigurations",
+		"ListBuckets",
+		"ListMultipartUploads",
+		"ListObjects",
+		"ListObjectsV2",
+		"ListObjectVersions",
+		"ListParts",
+		"PutBucketAccelerateConfiguration",
+		"PutBucketAcl",
+		"PutBucketAnalyticsConfiguration",
+		"PutBucketCors",
+		"PutBucketEncryption",
+		"PutBucketIntelligentTieringConfiguration",
+		"PutBucketInventoryConfiguration",
+		"PutBucketLifecycle",
+		"PutBucketLifecycleConfiguration",
+		"PutBucketLogging",
+		"PutBucketMetricsConfiguration",
+		"PutBucketNotification",
+		"PutBucketNotificationConfiguration",
+		"PutBucketOwnershipControls",
+		"PutBucketPolicy",
+		"PutBucketReplication",
+		"PutBucketRequestPayment",
+		"PutBucketTagging",
+		"PutBucketVersioning",
+		"PutBucketWebsite",
+		"PutObject",
+		"PutObjectAcl",
+		"PutObjectLegalHold",
+		"PutObjectLockConfiguration",
+		"PutObjectRetention",
+		"PutObjectTagging",
+		"PutPublicAccessBlock",
+		"RestoreObject",
+		"SelectObjectContent",
+		"UploadPart",
+		"UploadPartCopy",
+		"WriteGetObjectResponse",
+	}
+	// Also need to check for granular objects
 	actions, ok := fl.Field().Interface().([]string)
 	if !ok {
 		return false