git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit

author	Casey Bodley <cbodley@redhat.com>
	Tue, 2 Jan 2024 22:11:03 +0000 (17:11 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Fri, 12 Apr 2024 19:34:27 +0000 (15:34 -0400)
commit	3afb792b89a055c459eac1f3a635692fa93e4928
tree	dbb227e3530ecd0239f9c4b5cc73ecf2d100d38e	tree \| snapshot
parent	0de9fe75a64065a33bac83211056fe45f99b2ed0	commit \| diff

rgw/auth: Identity::is_identity() takes one Principal

take a single Principal instead flat_set<Principal>, and iterate over
calls to is_identity() instead

why?
* it simplifies the logic of each is_identity() function because they
  can use early returns to avoid visiting all of the cases
* Statement::eval_principal() no longer has to allocate a flat_set
  with a single element when the Identity is a role
* rgw::auth::Identity no longer depends on rgw::iam's choice of
  container type

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 05c15502e8cd7f8a7d279d562e2c7abadcaaeafa)

src/rgw/rgw_auth.cc		diff \| blob \| history
src/rgw/rgw_auth.h		diff \| blob \| history
src/rgw/rgw_auth_filters.h		diff \| blob \| history
src/rgw/rgw_iam_policy.cc		diff \| blob \| history
src/test/rgw/test_rgw_iam_policy.cc		diff \| blob \| history
src/test/rgw/test_rgw_lua.cc		diff \| blob \| history