{"AttachRolePolicy", make_iam_attach_role_policy_op},
{"DetachRolePolicy", make_iam_detach_role_policy_op},
{"ListAttachedRolePolicies", make_iam_list_attached_role_policies_op},
- {"PutUserPolicy", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWPutUserPolicy;}},
+ {"PutUserPolicy", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWPutUserPolicy(bl_post_body);}},
{"GetUserPolicy", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWGetUserPolicy;}},
{"ListUserPolicies", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWListUserPolicies;}},
- {"DeleteUserPolicy", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWDeleteUserPolicy;}},
+ {"DeleteUserPolicy", [](const bufferlist& bl_post_body) -> RGWOp* {return new RGWDeleteUserPolicy(bl_post_body);}},
{"AttachUserPolicy", make_iam_attach_user_policy_op},
{"DetachUserPolicy", make_iam_detach_user_policy_op},
{"ListAttachedUserPolicies", make_iam_list_attached_user_policies_op},
}
-RGWPutUserPolicy::RGWPutUserPolicy()
- : RGWRestUserPolicy(rgw::IAM::iamPutUserPolicy, RGW_CAP_WRITE)
+RGWPutUserPolicy::RGWPutUserPolicy(const ceph::bufferlist& post_body)
+ : RGWRestUserPolicy(rgw::IAM::iamPutUserPolicy, RGW_CAP_WRITE),
+ post_body(post_body)
{
}
return RGWRestUserPolicy::get_params();
}
+int RGWPutUserPolicy::forward_to_master(optional_yield y, const rgw::SiteConfig& site)
+{
+ RGWXMLDecoder::XMLParser parser;
+ if (!parser.init()) {
+ ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
+ return -EINVAL;
+ }
+
+ s->info.args.remove("UserName");
+ s->info.args.remove("PolicyName");
+ s->info.args.remove("PolicyDocument");
+ s->info.args.remove("Action");
+ s->info.args.remove("Version");
+
+ int r = forward_iam_request_to_master(this, site, s->user->get_info(),
+ post_body, parser, s->info, y);
+ if (r < 0) {
+ ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << r << dendl;
+ return r;
+ }
+ return 0;
+}
+
void RGWPutUserPolicy::execute(optional_yield y)
{
// validate the policy document
return;
}
- op_ret = rgw_forward_request_to_master(this, *s->penv.site, s->user->get_id(),
- nullptr, nullptr, s->info, y);
- if (op_ret < 0) {
- ldpp_dout(this, 0) << "ERROR: forward_request_to_master returned ret=" << op_ret << dendl;
- return;
+ const rgw::SiteConfig& site = *s->penv.site;
+ if (!site.is_meta_master()) {
+ op_ret = forward_to_master(y, site);
+ if (op_ret) {
+ return;
+ }
}
op_ret = retry_raced_user_write(this, y, user.get(),
}
-RGWDeleteUserPolicy::RGWDeleteUserPolicy()
- : RGWRestUserPolicy(rgw::IAM::iamDeleteUserPolicy, RGW_CAP_WRITE)
+RGWDeleteUserPolicy::RGWDeleteUserPolicy(const ceph::bufferlist& post_body)
+ : RGWRestUserPolicy(rgw::IAM::iamDeleteUserPolicy, RGW_CAP_WRITE),
+ post_body(post_body)
{
}
return RGWRestUserPolicy::get_params();
}
+int RGWDeleteUserPolicy::forward_to_master(optional_yield y, const rgw::SiteConfig& site)
+{
+ RGWXMLDecoder::XMLParser parser;
+ if (!parser.init()) {
+ ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
+ return -EINVAL;
+ }
+
+ s->info.args.remove("UserName");
+ s->info.args.remove("PolicyName");
+ s->info.args.remove("Action");
+ s->info.args.remove("Version");
+
+ int r = forward_iam_request_to_master(this, site, s->user->get_info(),
+ post_body, parser, s->info, y);
+ if (r < 0) {
+ ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << r << dendl;
+ return r;
+ }
+ return 0;
+}
+
void RGWDeleteUserPolicy::execute(optional_yield y)
{
- op_ret = rgw_forward_request_to_master(this, *s->penv.site, s->user->get_id(),
- nullptr, nullptr, s->info, y);
- if (op_ret < 0) {
- // a policy might've been uploaded to this site when there was no sync
- // req. in earlier releases, proceed deletion
- if (op_ret != -ENOENT) {
- ldpp_dout(this, 5) << "forward_request_to_master returned ret=" << op_ret << dendl;
+ const rgw::SiteConfig& site = *s->penv.site;
+ if (!site.is_meta_master()) {
+ op_ret = forward_to_master(y, site);
+ if (op_ret) {
return;
}
- ldpp_dout(this, 0) << "ERROR: forward_request_to_master returned ret=" << op_ret << dendl;
}
op_ret = retry_raced_user_write(this, y, user.get(),
- [this, y] {
+ [this, y, &site] {
rgw::sal::Attrs& attrs = user->get_attrs();
std::map<std::string, std::string> policies;
if (auto it = attrs.find(RGW_ATTR_USER_POLICY); it != attrs.end()) try {
auto policy = policies.find(policy_name);
if (policy == policies.end()) {
+ if (!site.is_meta_master()) {
+ return 0; // delete succeeded on the master
+ }
s->err.message = "No such PolicyName on the user";
return -ERR_NO_SUCH_ENTITY;
}
}
op_ret = retry_raced_user_write(this, y, user.get(),
- [this, y] {
+ [this, y, &site] {
rgw::sal::Attrs& attrs = user->get_attrs();
rgw::IAM::ManagedPolicies policies;
if (auto it = attrs.find(RGW_ATTR_MANAGED_POLICY); it != attrs.end()) try {
auto i = policies.arns.find(policy_arn);
if (i == policies.arns.end()) {
+ if (!site.is_meta_master()) {
+ return 0; // delete succeeded on the master
+ }
s->err.message = "No such PolicyArn on the user";
return ERR_NO_SUCH_ENTITY;
}
projects / ceph-ci.git / commitdiff