auth server changes

Signed-off-by: shirady <57721533+shirady@users.noreply.github.com>

Author: shirady

src/server/common_services/auth_server.js

@@ -566,7 +566,20 @@ async function has_bucket_action_permission(bucket, account, action, req_query,
     );
 
     if (result === 'DENY') return false;
-    return is_owner || result === 'ALLOW';
+
+    let permission_by_arn_owner;
+    if (account.owner) {
+        const owner_account_identifier_arn = s3_bucket_policy_utils.create_arn_for_root(account.owner._id.toString());
+        permission_by_arn_owner = await s3_bucket_policy_utils.has_bucket_policy_permission(
+            bucket_policy,
+            owner_account_identifier_arn,
+            action,
+            `arn:aws:s3:::${bucket.name.unwrap()}${bucket_path}`,
+            req_query,
+        );
+        if (permission_by_arn_owner === 'DENY') return false;
+    }
+    return is_owner || result === 'ALLOW' || permission_by_arn_owner === 'ALLOW';
 }
 
 /**