git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit

author	Casey Bodley <cbodley@redhat.com>
	Thu, 22 Feb 2024 18:16:00 +0000 (13:16 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Wed, 10 Apr 2024 17:09:16 +0000 (13:09 -0400)
commit	7d99cbdd09bcad81619b1c4770a663fde2b30563
tree	937e28b93457b039e57eba9fcecbba34d57a34f7	tree \| snapshot
parent	b021d0f2f133da6ac9e5972b481094d86802e979	commit \| diff

rgw/iam: Policy takes optional tenant name

the iam policy parser takes a tenant string to reject Resource ARNs that
specify resources in other tenants, and prevent wildcards from applying
to other tenants

this is problematic for account users, because cross-account access requires
an identity policy that covers another account's resource. it's the
cross-policy evaluation rules that prevent that from granting access to
things it shouldn't. so for account users, pass a null tenant string to
allow all resource arns

for resource policies, this restriction is unnecessary in the first
place, because the resource policy can only match itself as the resource

Signed-off-by: Casey Bodley <cbodley@redhat.com>

src/rgw/rgw_admin.cc		diff \| blob \| history
src/rgw/rgw_auth.cc		diff \| blob \| history
src/rgw/rgw_iam_managed_policy.cc		diff \| blob \| history
src/rgw/rgw_iam_policy.cc		diff \| blob \| history
src/rgw/rgw_iam_policy.h		diff \| blob \| history
src/rgw/rgw_op.cc		diff \| blob \| history
src/rgw/rgw_polparser.cc		diff \| blob \| history
src/rgw/rgw_rest_iam_group.cc		diff \| blob \| history
src/rgw/rgw_rest_pubsub.cc		diff \| blob \| history
src/rgw/rgw_rest_role.cc		diff \| blob \| history
src/rgw/rgw_rest_sts.cc		diff \| blob \| history
src/rgw/rgw_rest_user_policy.cc		diff \| blob \| history
src/test/rgw/test_rgw_iam_policy.cc		diff \| blob \| history