return -EINVAL;
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- ret = role.get();
+ ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- ret = role.get();
+ ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
case OPT::ROLE_LIST:
{
vector<RGWRole> result;
- ret = RGWRole::get_roles_by_path_prefix(store->getRados(), g_ceph_context, path_prefix, tenant, result);
+ ret = RGWRole::get_roles_by_path_prefix(store->getRados(), g_ceph_context, path_prefix, tenant, result, null_yield);
if (ret < 0) {
return -ret;
}
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- ret = role.get();
+ ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
return -EINVAL;
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- ret = role.get();
+ ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
return -EINVAL;
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- int ret = role.get();
+ int ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
return -EINVAL;
}
RGWRole role(g_ceph_context, store->getRados()->pctl, role_name, tenant);
- ret = role.get();
+ ret = role.get(null_yield);
if (ret < 0) {
return -ret;
}
std::unique_ptr<rgw::sal::RGWUser> user = store->get_user(op_state.get_user_id());
int ret = store->get_bucket(user.get(), user->get_tenant(), op_state.get_bucket_name(),
- &bucket);
+ &bucket, y);
if (ret < 0)
return ret;
/* check if copy source is within the current domain */
if (!s->src_bucket_name.empty()) {
std::unique_ptr<rgw::sal::RGWBucket> src_bucket;
- ret = store->get_bucket(nullptr, s->src_tenant_name, s->src_bucket_name, &src_bucket);
+ ret = store->get_bucket(nullptr, s->src_tenant_name, s->src_bucket_name, &src_bucket, y);
if (ret == 0) {
ret = src_bucket->load_by_name(s->src_tenant_name, s->src_bucket_name,
s->bucket_instance_id, &obj_ctx, s->yield);
if (!s->bucket_name.empty()) {
s->bucket_exists = true;
- ret = store->get_bucket(s->user.get(), rgw_bucket(rgw_bucket_key(s->bucket_tenant, s->bucket_name, s->bucket_instance_id)), &s->bucket);
+ ret = store->get_bucket(s->user.get(), rgw_bucket(rgw_bucket_key(s->bucket_tenant, s->bucket_name, s->bucket_instance_id)), &s->bucket, y);
if (ret < 0) {
if (ret != -ENOENT) {
string bucket_log;
if (bucket_name.compare(s->bucket->get_name()) != 0) {
map<string, bufferlist> bucket_attrs;
- r = store->get_bucket(s->user.get(), s->user->get_tenant(), bucket_name, &ubucket);
+ r = store->get_bucket(s->user.get(), s->user->get_tenant(), bucket_name, &ubucket, y);
if (r < 0) {
ldpp_dout(this, 0) << "could not get bucket info for bucket="
<< bucket_name << dendl;
std::unique_ptr<rgw::sal::RGWBucket> tmp_bucket;
auto obj_ctx = store->svc()->sysobj->init_obj_ctx();
- int r = store->get_bucket(s->user.get(), s->user->get_tenant(), bucket_name, &tmp_bucket);
+ int r = store->get_bucket(s->user.get(), s->user->get_tenant(), bucket_name, &tmp_bucket, y);
if (r < 0) {
ldpp_dout(this, 0) << "could not get bucket info for bucket="
<< bucket_name << dendl;
return;
}
- op_ret = store->get_bucket(s->user.get(), s->bucket->get_key(), &bucket);
+ op_ret = store->get_bucket(s->user.get(), s->bucket->get_key(), &bucket, y);
if (op_ret) {
return;
}
/* we need to make sure we read bucket info, it's not read before for this
* specific request */
- op_ret = store->get_bucket(s->user.get(), s->bucket_tenant, s->bucket_name, &s->bucket);
+ op_ret = store->get_bucket(s->user.get(), s->bucket_tenant, s->bucket_name, &s->bucket, y);
if (op_ret < 0 && op_ret != -ENOENT)
return;
s->bucket_exists = (op_ret != -ENOENT);
ACLOwner bowner;
RGWObjVersionTracker ot;
- int ret = store->get_bucket(s->user.get(), s->user->get_tenant(), path.bucket_name, &bucket);
+ int ret = store->get_bucket(s->user.get(), s->user->get_tenant(), path.bucket_name, &bucket, y);
if (ret < 0) {
goto binfo_fail;
}
std::unique_ptr<rgw::sal::RGWBucket> bucket;
ACLOwner bowner;
- op_ret = store->get_bucket(s->user.get(), rgw_bucket(rgw_bucket_key(s->user->get_tenant(), bucket_name)), &bucket);
+ op_ret = store->get_bucket(s->user.get(), rgw_bucket(rgw_bucket_key(s->user->get_tenant(), bucket_name)), &bucket, y);
if (op_ret == -ENOENT) {
ldpp_dout(this, 20) << "non existent directory=" << bucket_name << dendl;
} else if (op_ret < 0) {
return 0;
}
- virtual int retarget(RGWOp* op, RGWOp** new_op) {
+ virtual int retarget(RGWOp* op, RGWOp** new_op, optional_yield) {
*new_op = op;
return 0;
}
*/
if (! skip_retarget) {
ldpp_dout(op, 2) << "recalculating target" << dendl;
- ret = handler->retarget(op, &op);
+ ret = handler->retarget(op, &op, y);
if (ret < 0) {
return ret;
}
RESTArgs::get_string(s, "bucket", bucket_name, &bucket_name);
RESTArgs::get_bool(s, "purge-objects", false, &delete_children);
- op_ret = store->get_bucket(nullptr, string(), bucket_name, &bucket);
+ op_ret = store->get_bucket(nullptr, string(), bucket_name, &bucket, y);
if (op_ret < 0) {
ldpp_dout(this, 0) << "get_bucket returned ret=" << op_ret << dendl;
return;
string role_name = s->info.args.get("RoleName");
RGWRole role(s->cct, store->getRados()->pctl, role_name, s->user->get_tenant());
- if (op_ret = role.get(); op_ret < 0) {
+ if (op_ret = role.get(y); op_ret < 0) {
if (op_ret == -ENOENT) {
op_ret = -ERR_NO_ROLE_FOUND;
}
return;
}
RGWRole role(s->cct, store->getRados()->pctl, role_name, s->user->get_tenant());
- op_ret = role.get();
+ op_ret = role.get(y);
if (op_ret == -ENOENT) {
op_ret = -ERR_NO_ROLE_FOUND;
return;
}
vector<RGWRole> result;
- op_ret = RGWRole::get_roles_by_path_prefix(store->getRados(), s->cct, path_prefix, s->user->get_tenant(), result);
+ op_ret = RGWRole::get_roles_by_path_prefix(store->getRados(), s->cct, path_prefix, s->user->get_tenant(), result, y);
if (op_ret == 0) {
s->formatter->open_array_section("ListRolesResponse");
return RGWHandler_REST_S3::init(store, s, cio);
}
-int RGWHandler_REST_S3Website::retarget(RGWOp* op, RGWOp** new_op) {
+int RGWHandler_REST_S3Website::retarget(RGWOp* op, RGWOp** new_op, optional_yield y) {
*new_op = op;
ldpp_dout(s, 10) << __func__ << " Starting retarget" << dendl;
if (!(s->prot_flags & RGW_REST_WEBSITE))
return 0;
- int ret = store->get_bucket(nullptr, s->bucket_tenant, s->bucket_name, &s->bucket);
+ int ret = store->get_bucket(nullptr, s->bucket_tenant, s->bucket_name, &s->bucket, y);
if (ret < 0) {
// TODO-FUTURE: if the bucket does not exist, maybe expose it here?
return -ERR_NO_SUCH_BUCKET;
rgw::auth::RoleApplier::Role r;
if (! token.roleId.empty()) {
RGWRole role(s->cct, ctl, token.roleId);
- if (role.get_by_id() < 0) {
+ if (role.get_by_id(y) < 0) {
return result_t::deny(-EPERM);
}
r.id = token.roleId;
std::string original_object_name; // object name before retarget()
bool web_dir() const;
protected:
- int retarget(RGWOp *op, RGWOp **new_op) override;
+ int retarget(RGWOp *op, RGWOp **new_op, optional_yield y) override;
// TODO: this should be virtual I think, and ensure that it's always
// overridden, but that conflates that op_get/op_head are defined in this
// class and call this; and don't need to be overridden later.
sts = std::move(_sts);
string rArn = s->info.args.get("RoleArn");
- const auto& [ret, role] = sts.getRoleInfo(rArn);
+ const auto& [ret, role] = sts.getRoleInfo(rArn, y);
if (ret < 0) {
ldout(s->cct, 0) << "failed to get role info using role arn: " << rArn << dendl;
return ret;
return website_handler->error_handler(err_no, error_content, y);
}
- int retarget(RGWOp* op, RGWOp** new_op) override {
+ int retarget(RGWOp* op, RGWOp** new_op, optional_yield) override {
return website_handler->retarget_bucket(op, new_op);
}
return website_handler->error_handler(err_no, error_content, y);
}
- int retarget(RGWOp* op, RGWOp** new_op) override {
+ int retarget(RGWOp* op, RGWOp** new_op, optional_yield) override {
return website_handler->retarget_object(op, new_op);
}
}
/* check to see the name is not used */
- ret = read_id(name, tenant, id);
+ ret = read_id(name, tenant, id, y);
if (exclusive && ret == 0) {
ldout(cct, 0) << "ERROR: name " << name << " already in use for role id "
<< id << dendl;
auto svc = ctl->svc;
auto& pool = svc->zone->get_zone_params().roles_pool;
- int ret = read_name();
+ int ret = read_name(y);
if (ret < 0) {
return ret;
}
- ret = read_info();
+ ret = read_info(y);
if (ret < 0) {
return ret;
}
return ret;
}
-int RGWRole::get()
+int RGWRole::get(optional_yield y)
{
- int ret = read_name();
+ int ret = read_name(y);
if (ret < 0) {
return ret;
}
- ret = read_info();
+ ret = read_info(y);
if (ret < 0) {
return ret;
}
return 0;
}
-int RGWRole::get_by_id()
+int RGWRole::get_by_id(optional_yield y)
{
- int ret = read_info();
+ int ret = read_info(y);
if (ret < 0) {
return ret;
}
JSONDecoder::decode_json("assume_role_policy_document", trust_policy, obj);
}
-int RGWRole::read_id(const string& role_name, const string& tenant, string& role_id)
+int RGWRole::read_id(const string& role_name, const string& tenant, string& role_id, optional_yield y)
{
auto svc = ctl->svc;
auto& pool = svc->zone->get_zone_params().roles_pool;
bufferlist bl;
auto obj_ctx = svc->sysobj->init_obj_ctx();
- int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, null_yield);
+ int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, y);
if (ret < 0) {
return ret;
}
return 0;
}
-int RGWRole::read_info()
+int RGWRole::read_info(optional_yield y)
{
auto svc = ctl->svc;
auto& pool = svc->zone->get_zone_params().roles_pool;
bufferlist bl;
auto obj_ctx = svc->sysobj->init_obj_ctx();
- int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, null_yield);
+ int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, y);
if (ret < 0) {
ldout(cct, 0) << "ERROR: failed reading role info from pool: " << pool.name <<
": " << id << ": " << cpp_strerror(-ret) << dendl;
return 0;
}
-int RGWRole::read_name()
+int RGWRole::read_name(optional_yield y)
{
auto svc = ctl->svc;
auto& pool = svc->zone->get_zone_params().roles_pool;
bufferlist bl;
auto obj_ctx = svc->sysobj->init_obj_ctx();
- int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, null_yield);
+ int ret = rgw_get_system_obj(obj_ctx, pool, oid, bl, NULL, NULL, y);
if (ret < 0) {
ldout(cct, 0) << "ERROR: failed reading role name from pool: " << pool.name << ": "
<< name << ": " << cpp_strerror(-ret) << dendl;
CephContext *cct,
const string& path_prefix,
const string& tenant,
- vector<RGWRole>& roles)
+ vector<RGWRole>& roles,
+ optional_yield y)
{
auto pool = store->svc.zone->get_zone_params().roles_pool;
string prefix;
RGWRole role(cct, store->pctl);
role.set_id(id);
- int ret = role.read_info();
+ int ret = role.read_info(y);
if (ret < 0) {
return ret;
}
#include "rgw/rgw_rados.h"
-class RGWCtl;
+struct RGWCtl;
class RGWRole
{
int store_info(bool exclusive, optional_yield y);
int store_name(bool exclusive, optional_yield y);
int store_path(bool exclusive, optional_yield y);
- int read_id(const string& role_name, const string& tenant, string& role_id);
- int read_name();
- int read_info();
+ int read_id(const string& role_name, const string& tenant, string& role_id, optional_yield y);
+ int read_name(optional_yield y);
+ int read_info(optional_yield y);
bool validate_input();
void extract_name_tenant(const std::string& str);
int create(bool exclusive, optional_yield y);
int delete_obj(optional_yield y);
- int get();
- int get_by_id();
+ int get(optional_yield y);
+ int get_by_id(optional_yield y);
int update(optional_yield y);
void update_trust_policy(string& trust_policy);
void set_perm_policy(const string& policy_name, const string& perm_policy);
CephContext *cct,
const string& path_prefix,
const string& tenant,
- vector<RGWRole>& roles);
+ vector<RGWRole>& roles,
+ optional_yield y);
};
WRITE_CLASS_ENCODER(RGWRole)
#endif /* CEPH_RGW_ROLE_H */
virtual std::unique_ptr<RGWUser> get_user(const rgw_user& u) = 0;
virtual std::unique_ptr<RGWObject> get_object(const rgw_obj_key& k) = 0;
- virtual int get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket) = 0;
+ virtual int get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket, optional_yield y) = 0;
virtual int get_bucket(RGWUser* u, const RGWBucketInfo& i, std::unique_ptr<RGWBucket>* bucket) = 0;
- virtual int get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket) = 0;
+ virtual int get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket, optional_yield y) = 0;
virtual int create_bucket(RGWUser& u, const rgw_bucket& b,
const std::string& zonegroup_id,
rgw_placement_rule& placement_rule,
// if we deleted children above we will force delete, as any that
// remain is detrius from a prior bug
- ret = store->getRados()->delete_bucket(info, ot, null_yield, !delete_children);
+ ret = store->getRados()->delete_bucket(info, ot, y, !delete_children);
if (ret < 0) {
lderr(store->ctx()) << "ERROR: could not remove bucket " <<
info.bucket.name << dendl;
return ret;
}
- ret = store->ctl()->bucket->unlink_bucket(info.owner, info.bucket, null_yield, false);
+ ret = store->ctl()->bucket->unlink_bucket(info.owner, info.bucket, y, false);
if (ret < 0) {
lderr(store->ctx()) << "ERROR: unable to remove user bucket information" << dendl;
}
acls = acl;
acl.encode(aclbl);
- return store->ctl()->bucket->set_acl(acl.get_owner(), info.bucket, info, aclbl, null_yield);
+ return store->ctl()->bucket->set_acl(acl.get_owner(), info.bucket, info, aclbl, y);
}
std::unique_ptr<RGWObject> RGWRadosBucket::get_object(const rgw_obj_key& k)
return parent_op.iterate(ofs, end, cb, y);
}
-int RGWRadosStore::get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket)
+int RGWRadosStore::get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket, optional_yield y)
{
int ret;
RGWBucket* bp;
bp = new RGWRadosBucket(this, b, u);
- ret = bp->get_bucket_info(null_yield);
+ ret = bp->get_bucket_info(y);
if (ret < 0) {
delete bp;
return ret;
return 0;
}
-int RGWRadosStore::get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket)
+int RGWRadosStore::get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket, optional_yield y)
{
rgw_bucket b;
b.tenant = tenant;
b.name = name;
- return get_bucket(u, b, bucket);
+ return get_bucket(u, b, bucket, y);
}
static int decode_policy(CephContext *cct,
}
static int rgw_op_get_bucket_policy_from_attr(RGWRadosStore *store,
- RGWUser& user,
- RGWAttrs& bucket_attrs,
- RGWAccessControlPolicy *policy)
+ RGWUser& user,
+ RGWAttrs& bucket_attrs,
+ RGWAccessControlPolicy *policy,
+ optional_yield y)
{
auto aiter = bucket_attrs.find(RGW_ATTR_ACL);
} else {
ldout(store->ctx(), 0) << "WARNING: couldn't find acl header for bucket, generating default" << dendl;
/* object exists, but policy is broken */
- int r = user.load_by_id(null_yield);
+ int r = user.load_by_id(y);
if (r < 0)
return r;
obj_version objv, *pobjv = NULL;
/* If it exists, look it up; otherwise create it */
- ret = get_bucket(&u, b, &bucket);
+ ret = get_bucket(&u, b, &bucket, y);
if (ret < 0 && ret != -ENOENT)
return ret;
// don't allow changes to the acl policy
int r = rgw_op_get_bucket_policy_from_attr(this, u, bucket->get_attrs(),
- &old_policy);
+ &old_policy, y);
if (r >= 0 && old_policy != policy) {
bucket_out->swap(bucket);
return -EEXIST;
virtual std::unique_ptr<RGWUser> get_user(const rgw_user& u);
virtual std::unique_ptr<RGWObject> get_object(const rgw_obj_key& k) override;
- virtual int get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket) override;
+ virtual int get_bucket(RGWUser* u, const rgw_bucket& b, std::unique_ptr<RGWBucket>* bucket, optional_yield y) override;
virtual int get_bucket(RGWUser* u, const RGWBucketInfo& i, std::unique_ptr<RGWBucket>* bucket) override;
- virtual int get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket) override;
+ virtual int get_bucket(RGWUser* u, const std::string& tenant, const std::string&name, std::unique_ptr<RGWBucket>* bucket, optional_yield y) override;
virtual int create_bucket(RGWUser& u, const rgw_bucket& b,
const std::string& zonegroup_id,
rgw_placement_rule& placement_rule,
return AssumeRoleRequestBase::validate_input();
}
-std::tuple<int, RGWRole> STSService::getRoleInfo(const string& arn)
+std::tuple<int, RGWRole> STSService::getRoleInfo(const string& arn,
+ optional_yield y)
{
if (auto r_arn = rgw::ARN::parse(arn); r_arn) {
auto pos = r_arn->resource.find_last_of('/');
string roleName = r_arn->resource.substr(pos + 1);
RGWRole role(cct, store->getRados()->pctl, roleName, r_arn->account);
- if (int ret = role.get(); ret < 0) {
+ if (int ret = role.get(y); ret < 0) {
if (ret == -ENOENT) {
ldout(cct, 0) << "Role doesn't exist: " << roleName << dendl;
ret = -ERR_NO_ROLE_FOUND;
STSService(CephContext* cct, rgw::sal::RGWRadosStore *store, rgw_user user_id,
rgw::auth::Identity* identity)
: cct(cct), store(store), user_id(user_id), identity(identity) {}
- std::tuple<int, RGWRole> getRoleInfo(const string& arn);
+ std::tuple<int, RGWRole> getRoleInfo(const string& arn, optional_yield y);
AssumeRoleResponse assumeRole(AssumeRoleRequest& req, optional_yield y);
GetSessionTokenResponse getSessionToken(GetSessionTokenRequest& req);
AssumeRoleWithWebIdentityResponse assumeRoleWithWebIdentity(AssumeRoleWithWebIdentityRequest& req);
projects / ceph.git / commitdiff