git.apps.os.sepia.ceph.com Git - ceph-ci.git/commit

author	Casey Bodley <cbodley@redhat.com>
	Sat, 18 Nov 2023 15:22:20 +0000 (10:22 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Thu, 30 Nov 2023 16:25:02 +0000 (11:25 -0500)
commit	ac4253b403cbcbcb4590fee6d6bd41794b45e763
tree	5c4d3a81e0473c950a850c7c2f7210131c0c2f8e	tree \| snapshot
parent	d28c05cb77d0e8ed8a76429ffbb2e6f7a575f588	commit \| diff

rgw/acl: req_state stores ACLs by value instead of unique_ptr

we no longer rely on polymorphism for the s3/swift variants of
`RGWAccessControlPolicy`, so `req_state` can store `bucket_acl`,
`object_acl` and `user_acl` by value

most functions now take these acls by const- or mutable reference
instead of pointers since they won't be nullptr

some code paths won't initialize some of these bucket/object/user acl
variables, and we rely on `RGWAccessControlPolicy::verify_permissions()`
to return false for those because we won't match an empty owner or
array of grants

in only one case, `verify_user_permissions()` has to return true when
`user_acl` is uninitialized, because S3 doesn't have user acls so
uninitialized user acls should not deny access

Signed-off-by: Casey Bodley <cbodley@redhat.com>

src/rgw/driver/rados/rgw_data_sync.cc		diff \| blob \| history
src/rgw/rgw_acl.cc		diff \| blob \| history
src/rgw/rgw_acl.h		diff \| blob \| history
src/rgw/rgw_common.cc		diff \| blob \| history
src/rgw/rgw_common.h		diff \| blob \| history
src/rgw/rgw_log.cc		diff \| blob \| history
src/rgw/rgw_lua_request.cc		diff \| blob \| history
src/rgw/rgw_op.cc		diff \| blob \| history
src/rgw/rgw_op.h		diff \| blob \| history
src/rgw/rgw_rest_swift.cc		diff \| blob \| history