if (is_replication_request) {
// check for s3:GetObject(Version)Acl permission
- action = s->object->get_instance().empty() ? rgw::IAM::s3GetObjectAcl : rgw::IAM::s3GetObjectVersionAcl;
+ action = s->object_key.instance.empty() ? rgw::IAM::s3GetObjectAcl : rgw::IAM::s3GetObjectVersionAcl;
if (!verify_object_permission(this, s, action)) {
s->err.message = fmt::format("missing {} permission", rgw::IAM::action_bit_string(action));
ldpp_dout(this, 4) << "ERROR: fetching object for replication object=" << s->object << " reason=" << s->err.message << dendl;
}
// fallback to s3:GetObject(Version) permission
- action = s->object->get_instance().empty() ? rgw::IAM::s3GetObject : rgw::IAM::s3GetObjectVersion;
+ action = s->object_key.instance.empty() ? rgw::IAM::s3GetObject : rgw::IAM::s3GetObjectVersion;
// sse-kms is not supported by s3:GetObject(Version) permission
bufferlist bl;
return -EACCES;
}
} else if (get_torrent) {
- action = s->object->get_instance().empty() ? rgw::IAM::s3GetObjectTorrent : rgw::IAM::s3GetObjectVersionTorrent;
+ action = s->object_key.instance.empty() ? rgw::IAM::s3GetObjectTorrent : rgw::IAM::s3GetObjectVersionTorrent;
} else {
- action = s->object->get_instance().empty() ? rgw::IAM::s3GetObject : rgw::IAM::s3GetObjectVersion;
+ action = s->object_key.instance.empty() ? rgw::IAM::s3GetObject : rgw::IAM::s3GetObjectVersion;
}
if (!verify_object_permission(this, s, action)) {
int RGWGetObjTags::verify_permission(optional_yield y)
{
- auto iam_action = s->object->get_instance().empty()?
+ auto iam_action = s->object_key.instance.empty() ?
rgw::IAM::s3GetObjectTagging:
rgw::IAM::s3GetObjectVersionTagging;
int RGWPutObjTags::verify_permission(optional_yield y)
{
- auto iam_action = s->object->get_instance().empty() ?
+ auto iam_action = s->object_key.instance.empty() ?
rgw::IAM::s3PutObjectTagging:
rgw::IAM::s3PutObjectVersionTagging;
int RGWDeleteObjTags::verify_permission(optional_yield y)
{
if (!rgw::sal::Object::empty(s->object.get())) {
- auto iam_action = s->object->get_instance().empty() ?
+ auto iam_action = s->object_key.instance.empty() ?
rgw::IAM::s3DeleteObjectTagging:
rgw::IAM::s3DeleteObjectVersionTagging;
if (has_s3_existing_tag || has_s3_resource_tag)
rgw_iam_add_objtags(this, s, cs_object.get(), has_s3_existing_tag, has_s3_resource_tag);
- const auto action = cs_object->get_instance().empty() ?
+ const auto action = copy_source_version_id.empty() ?
rgw::IAM::s3GetObject :
rgw::IAM::s3GetObjectVersion;
rgw_iam_add_objtags(this, s, has_s3_existing_tag, has_s3_resource_tag);
const auto arn = ARN{s->object->get_obj()};
- const auto action = s->object->get_instance().empty() ?
+ const auto action = s->object_key.instance.empty() ?
rgw::IAM::s3DeleteObject :
rgw::IAM::s3DeleteObjectVersion;
}
if (s->bucket->get_info().mfa_enabled() &&
- !s->object->get_instance().empty() &&
+ !s->object_key.instance.empty() &&
!s->mfa_verified) {
ldpp_dout(this, 5) << "NOTICE: object delete request with a versioned object, mfa auth not provided" << dendl;
return -ERR_MFA_REQUIRED;
// make reservation for notification if needed
const auto versioned_object = s->bucket->versioning_enabled();
const auto event_type = versioned_object &&
- s->object->get_instance().empty() ?
+ s->object_key.instance.empty() ?
rgw::notify::ObjectRemovedDeleteMarkerCreated :
rgw::notify::ObjectRemovedDelete;
std::unique_ptr<rgw::sal::Notification> res
if (has_s3_existing_tag || has_s3_resource_tag)
rgw_iam_add_objtags(this, s, s->src_object.get(), has_s3_existing_tag, has_s3_resource_tag);
- const auto action = s->src_object->get_instance().empty() ?
+ const auto action = s->src_object_key.instance.empty() ?
rgw::IAM::s3GetObject :
rgw::IAM::s3GetObjectVersion;
bool perm;
auto [has_s3_existing_tag, has_s3_resource_tag] = rgw_check_policy_condition(this, s);
if (!rgw::sal::Object::empty(s->object.get())) {
- auto iam_action = s->object->get_instance().empty() ?
+ auto iam_action = s->object_key.instance.empty() ?
rgw::IAM::s3GetObjectAcl :
rgw::IAM::s3GetObjectVersionAcl;
if (has_s3_existing_tag || has_s3_resource_tag)
rgw_add_grant_to_iam_environment(s->env, s);
if (!rgw::sal::Object::empty(s->object.get())) {
- auto iam_action = s->object->get_instance().empty() ? rgw::IAM::s3PutObjectAcl : rgw::IAM::s3PutObjectVersionAcl;
+ auto iam_action = s->object_key.instance.empty() ? rgw::IAM::s3PutObjectAcl : rgw::IAM::s3PutObjectVersionAcl;
op_ret = rgw_iam_add_objtags(this, s, true, true);
perm = verify_object_permission(this, s, iam_action);
} else {
if (! rgw::sal::Object::empty(s->object.get())) {
- auto iam_action1 = s->object->get_instance().empty() ?
+ auto iam_action1 = s->object_key.instance.empty() ?
rgw::IAM::s3GetObject :
rgw::IAM::s3GetObjectVersion;
- auto iam_action2 = s->object->get_instance().empty() ?
+ auto iam_action2 = s->object_key.instance.empty() ?
rgw::IAM::s3GetObjectAttributes :
rgw::IAM::s3GetObjectVersionAttributes;
// make reservation for notification if needed
const auto versioned_object = s->bucket->versioning_enabled();
- const auto event_type = versioned_object && obj->get_instance().empty() ?
+ const auto event_type = versioned_object && o.instance.empty() ?
rgw::notify::ObjectRemovedDeleteMarkerCreated :
rgw::notify::ObjectRemovedDelete;
std::unique_ptr<rgw::sal::Notification> res
if (has_s3_existing_tag || has_s3_resource_tag)
rgw_iam_add_objtags(this, s, has_s3_existing_tag, has_s3_resource_tag);
- auto iam_action = s->object->get_instance().empty() ?
+ auto iam_action = s->object_key.instance.empty() ?
rgw::IAM::s3GetObject :
rgw::IAM::s3GetObjectVersion;
projects / ceph.git / commitdiff