From 09c91693f72ae82c4602b93ace5ddc20f1e9974c Mon Sep 17 00:00:00 2001
From: BohuTANG <overred.shuttler@gmail.com>
Date: Wed, 7 May 2025 15:07:01 +0800
Subject: [PATCH 1/2] fix(binder): fix external location table list check end
 with delimiter '/'

---
 src/query/sql/src/planner/binder/ddl/table.rs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/query/sql/src/planner/binder/ddl/table.rs b/src/query/sql/src/planner/binder/ddl/table.rs
index 38be14591c134..8911685f34b01 100644
--- a/src/query/sql/src/planner/binder/ddl/table.rs
+++ b/src/query/sql/src/planner/binder/ddl/table.rs
@@ -1856,8 +1856,9 @@ impl Binder {
     }
 }
 
-const VERIFICATION_KEY: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d";
-const VERIFICATION_KEY_DEL: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d_del";
+const VERIFICATION_KEY: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d/";
+const VERIFICATION_KEY_DEL: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d_del/";
+// This is compatible with the old way
 
 // verify that essential privileges has granted for accessing external location
 //

From 501a6a9435bb6627a7f0ef499cf8b9b195641028 Mon Sep 17 00:00:00 2001
From: BohuTANG <overred.shuttler@gmail.com>
Date: Wed, 7 May 2025 17:07:52 +0800
Subject: [PATCH 2/2] only add the end delimiter for the list

---
 src/query/sql/src/planner/binder/ddl/table.rs | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/query/sql/src/planner/binder/ddl/table.rs b/src/query/sql/src/planner/binder/ddl/table.rs
index 8911685f34b01..0b4ae8ded4f54 100644
--- a/src/query/sql/src/planner/binder/ddl/table.rs
+++ b/src/query/sql/src/planner/binder/ddl/table.rs
@@ -1856,9 +1856,8 @@ impl Binder {
     }
 }
 
-const VERIFICATION_KEY: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d/";
-const VERIFICATION_KEY_DEL: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d_del/";
-// This is compatible with the old way
+const VERIFICATION_KEY: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d";
+const VERIFICATION_KEY_DEL: &str = "_v_d77aa11285c22e0e1d4593a035c98c0d_del";
 
 // verify that essential privileges has granted for accessing external location
 //
@@ -1883,7 +1882,10 @@ async fn verify_external_location_privileges(dal: Operator) -> Result<()> {
         }
 
         // verify privilege to list
-        if let Err(e) = dal.list(VERIFICATION_KEY).await {
+        // Append "/" to the verification key to ensure we are listing the contents of the directory/prefix
+        // rather than attempting to list a single object.
+        // Like aws s3 express one, the list requires a end delimiter.
+        if let Err(e) = dal.list(&format!("{}{}", VERIFICATION_KEY, "/")).await {
             errors.push(format!("Permission check for [List] failed: {}", e));
         }