Unable to create new paths inside the folders of the buckets

[w1ndy]

Users with permission s3:* on a bucket (granted for the resources bucket and bucket/*) cannot create new paths inside the folders of this bucket.

Expected Behavior

Minio console should allow users to create new paths since they have sufficient permissions.

Current Behavior

Create new path button is disabled inside folders, saying You require additional permissions in order to create a new path. Please ask your MinIO administrator to grant you s3:PutObject, s3:Put* permissions in order to create a new path.

Possible Solution

It looks like the BrowserBreadcrumbs component is passing paths without bucket names (e.g., /test/ rather than bucket/test/) to the hasPermission func, which compares the paths with bucket/* and fails.

https://github.com/minio/console/blob/a062a59288a642a9f23e4f56a0a8a66a0825497e/portal-ui/src/screens/Console/ObjectBrowser/BrowserBreadcrumbs.tsx#L94-L114

Steps to Reproduce (for bugs)

1. Create a bucket named bucket with a folder named test inside.
2. Create a user with the following policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::bucket",
                "arn:aws:s3:::bucket/*"
            ]
        }
    ]
}

3. Login as this user and navigate inside the test folder.
4. The Create new path button becomes gray.

Context

N/A

Regression

No

Your Environment

• MinIO version used (minio --version): minio version RELEASE.2023-06-19T19-52-50Z (commit-id=f9b8d1c6999e65ab31899cbbe0314f5a4e5257c3)
• Server setup and configuration: Installed by Helm, SNSD
• Operating System and version (uname -a): Linux minio-data-cdf5477dd-dp4d7 5.15.0-76-generic #83-Ubuntu SMP Thu Jun 15 19:16:32 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[farhadh91]

I'm wondering why I couldn't create new paths inside the folders of the buckets when I applied some sort of extension limitation on the buckets. I use the image tag bitnami/minio:2023.7.18
This is the IAM Policy that I use and the "Create new path" button still is disabled.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetReplicationConfiguration",
                "s3:ListAllMyBuckets",
                "s3:ListBucket",
                "s3:ReplicateObject",
                "s3:ReplicateTags",
                "s3:DeleteObject",
                "s3:GetObject",
                "s3:GetObjectVersion",
                "s3:GetObjectVersionTagging"
            ],
            "Resource": [
                "arn:aws:s3:::test",
                "arn:aws:s3:::test/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:Put*",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::test/*.jpg",
                "arn:aws:s3:::test/*.pdf"
            ]
        }
    ]
}