rgw: Put useful policy error messages in error document

This affects the various create/put operations that take a policy document.

Signed-off-by: Adam C. Emerson <aemerson@redhat.com>

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index aa697e3d40de3f12d8ac7b84366731a18dde80b6..fe57827a15a879e2e5cf92f50afcdd81f74e69f9 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -8132,8 +8132,9 @@ void RGWPutBucketPolicy::execute(optional_yield y)
        return op_ret;
       });
   } catch (rgw::IAM::PolicyParseException& e) {
-    ldpp_dout(this, 20) << "failed to parse policy: " << e.what() << dendl;
+    ldpp_dout(this, 5) << "failed to parse policy: " << e.what() << dendl;
     op_ret = -EINVAL;
+    s->err.message = e.what();
   }
 }
 

diff --git a/src/rgw/rgw_rest_role.cc b/src/rgw/rgw_rest_role.cc
index 13f476ea991632d1936dd616309876fc5690b233..e71dff5708ff4300b9aba4b8eae0995d3fe72d4d 100644 (file)
--- a/src/rgw/rgw_rest_role.cc
+++ b/src/rgw/rgw_rest_role.cc
@@ -169,7 +169,8 @@ int RGWCreateRole::get_params()
       s->cct->_conf.get_val<bool>("rgw_policy_reject_invalid_principals"));
   }
   catch (rgw::IAM::PolicyParseException& e) {
-    ldpp_dout(this, 20) << "failed to parse policy: " << e.what() << dendl;
+    ldpp_dout(this, 5) << "failed to parse policy: " << e.what() << dendl;
+    s->err.message = e.what();
     return -ERR_MALFORMED_DOC;
   }
 
@@ -576,6 +577,7 @@ int RGWPutRolePolicy::get_params()
   }
   catch (rgw::IAM::PolicyParseException& e) {
     ldpp_dout(this, 20) << "failed to parse policy: " << e.what() << dendl;
+    s->err.message = e.what();
     return -ERR_MALFORMED_DOC;
   }
   return 0;

diff --git a/src/rgw/rgw_rest_sts.cc b/src/rgw/rgw_rest_sts.cc
index cc2922ef8c3b5def3b8a13eb166988005aff2737..b77b78c910197496b6ed5237c8c0e5b72d27e9a0 100644 (file)
--- a/src/rgw/rgw_rest_sts.cc
+++ b/src/rgw/rgw_rest_sts.cc
@@ -649,7 +649,8 @@ int RGWSTSAssumeRoleWithWebIdentity::get_params()
        s->cct->_conf.get_val<bool>("rgw_policy_reject_invalid_principals"));
     }
     catch (rgw::IAM::PolicyParseException& e) {
-      ldpp_dout(this, 20) << "failed to parse policy: " << e.what() << "policy" << policy << dendl;
+      ldpp_dout(this, 5) << "failed to parse policy: " << e.what() << "policy" << policy << dendl;
+      s->err.message = e.what();
       return -ERR_MALFORMED_DOC;
     }
   }
@@ -711,6 +712,7 @@ int RGWSTSAssumeRole::get_params()
     }
     catch (rgw::IAM::PolicyParseException& e) {
       ldpp_dout(this, 0) << "failed to parse policy: " << e.what() << "policy" << policy << dendl;
+      s->err.message = e.what();
       return -ERR_MALFORMED_DOC;
     }
   }

diff --git a/src/rgw/rgw_rest_user_policy.cc b/src/rgw/rgw_rest_user_policy.cc
index ea56ddd94bb79913eb714c26aed9213cd33e2ff9..1d693d9c0f5504bc06f5574a8de271e95f984536 100644 (file)
--- a/src/rgw/rgw_rest_user_policy.cc
+++ b/src/rgw/rgw_rest_user_policy.cc
@@ -162,7 +162,8 @@ void RGWPutUserPolicy::execute(optional_yield y)
     ldpp_dout(this, 0) << "ERROR: failed to decode user policies" << dendl;
     op_ret = -EIO;
   } catch (rgw::IAM::PolicyParseException& e) {
-    ldpp_dout(this, 20) << "failed to parse policy: " << e.what() << dendl;
+    ldpp_dout(this, 5) << "failed to parse policy: " << e.what() << dendl;
+    s->err.message = e.what();
     op_ret = -ERR_MALFORMED_DOC;
   }