rgw/pubsub: do init/validation in init_processing()
verify_permission() should do permission checks and nothing else!
admin/system users ignore errors from verify_permission() and go on to
call execute() regardless. that means that execute() can't rely on any
initialization that happened during verify_permission(), at risk of
crashing on admin/system requests. it also means that any permission
checks in execute() won't get overridden for admin/system users,
breaking their superuser access
by moving all parameter validation and initialization into
init_processing(), we can prepare all the state that verify_permission()
will need to do it's thing
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit
88a35fed3507e37ad191995b014cbd5b089280d0)
projects / ceph.git / commit