git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit

author	Casey Bodley <cbodley@redhat.com>
	Thu, 22 Feb 2024 18:16:00 +0000 (13:16 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Fri, 12 Apr 2024 19:34:29 +0000 (15:34 -0400)
commit	1e3d3ea333d39bb8643fae41e68590e9b943f168
tree	d7065a0d7968d073e80f010c3e92f602b94cf12d	tree \| snapshot
parent	cbc6fef433067a7ce3077bec191b2fef7fd372d5	commit \| diff

rgw/iam: Policy takes optional tenant name

the iam policy parser takes a tenant string to reject Resource ARNs that
specify resources in other tenants, and prevent wildcards from applying
to other tenants

this is problematic for account users, because cross-account access requires
an identity policy that covers another account's resource. it's the
cross-policy evaluation rules that prevent that from granting access to
things it shouldn't. so for account users, pass a null tenant string to
allow all resource arns

for resource policies, this restriction is unnecessary in the first
place, because the resource policy can only match itself as the resource

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7d99cbdd09bcad81619b1c4770a663fde2b30563)

src/rgw/rgw_admin.cc		diff \| blob \| history
src/rgw/rgw_auth.cc		diff \| blob \| history
src/rgw/rgw_iam_managed_policy.cc		diff \| blob \| history
src/rgw/rgw_iam_policy.cc		diff \| blob \| history
src/rgw/rgw_iam_policy.h		diff \| blob \| history
src/rgw/rgw_op.cc		diff \| blob \| history
src/rgw/rgw_polparser.cc		diff \| blob \| history
src/rgw/rgw_rest_iam_group.cc		diff \| blob \| history
src/rgw/rgw_rest_pubsub.cc		diff \| blob \| history
src/rgw/rgw_rest_role.cc		diff \| blob \| history
src/rgw/rgw_rest_sts.cc		diff \| blob \| history
src/rgw/rgw_rest_user_policy.cc		diff \| blob \| history
src/test/rgw/test_rgw_iam_policy.cc		diff \| blob \| history