git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit

author	Casey Bodley <cbodley@redhat.com>
	Mon, 19 Feb 2024 22:31:55 +0000 (17:31 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Wed, 10 Apr 2024 17:09:16 +0000 (13:09 -0400)
commit	8d50f6103ff481a6ef4bf7c894e1d4329eefcf49
tree	3d4ef16cbfd67b0f2161e121f343a2001ff9c4ed	tree \| snapshot
parent	1c3f201af21b526b1295d57bf344bf1b0a73c257	commit \| diff

rgw: forward_to_master() passes rgw_owner for effective uid header

when s3 requests get forwarded to the master zone in multisite, we sign
them as the multisite system user because we need to extend the s3
protocol. for example, CreateBucket requests issues by a system user
include an extra response body that encodes the RGWBucketInfo. this way,
the secondary zone can recreate exactly the same bucket that the master
zone did

these forwarded requests include a header like "rgwx-uid: myuserid" to
request that the system user impersonate the given uid. this isn't
necessary for authorization, because the system user overrides
permission checks already. but it's important for resource ownership -
the result of a forwarded CreateBucket request should be a bucket owned
by "myuserid", not the system user

because this "rgwx-uid" header is concerned with ownership, we pass the
string encoding of rgw_owner instead of rgw_user. on the receiving side,
we parse this header in SysReqApplier and override get_aclowner() to
expose it

Signed-off-by: Casey Bodley <cbodley@redhat.com>

src/rgw/rgw_auth_filters.h		diff \| blob \| history
src/rgw/rgw_op.cc		diff \| blob \| history
src/rgw/rgw_op.h		diff \| blob \| history
src/rgw/rgw_rest_conn.cc		diff \| blob \| history
src/rgw/rgw_rest_conn.h		diff \| blob \| history