git.apps.os.sepia.ceph.com Git

author	Liam Monahan <liam@umiacs.umd.edu>
	Tue, 1 Oct 2013 21:10:05 +0000 (17:10 -0400)
committer	Liam Monahan <liam@umiacs.umd.edu>
	Thu, 24 Oct 2013 15:43:53 +0000 (11:43 -0400)
commit	1d7c204182e37f26b57393deda8acc1a234ae958
tree	ff6fac12b3c8cad9c3d1454f4a7ba6978e86ae61	tree \| snapshot
parent	1bdc3f70344acc46bf9a69d44f7936d346311423	commit \| diff

Add a configurable to allow bucket perms to be checked before key perms
through rgw_defer_to_bucket_acls config option.  This configurable defaults
to an empty string.  Option values include:

  - recurse: If requesting perm PERM on a key, allow if user has
    PERM on the
    bucket to which the key belongs.

  - full_control: If requesting perm PERM on a key, allow if user
    has
    FULL_CONTROL on the bucket to which the key belongs.

This allows users to give someone full bucket perms and be able to
operate on the keys in the bucket without modifying the perms of every
key in the bucket.  This breaks S3 compatability, but that's why
it's a configurable!

Signed-off-by: Liam Monahan <liam@umiacs.umd.edu>

src/common/config_opts.h		diff \| blob \| history
src/rgw/rgw_common.cc		diff \| blob \| history
src/rgw/rgw_common.h		diff \| blob \| history
src/rgw/rgw_env.cc		diff \| blob \| history