virtual void load_acct_info(RGWUserInfo& user_info) const = 0; /* out */
/* Apply any changes to request state. This method will be most useful for
- * TempURL of Swift API or AWSv4. */
- virtual void modify_request_state(req_state * s) const {} /* in/out */
+ * TempURL of Swift API. */
+ virtual void modify_request_state(req_state* s) const {} /* in/out */
};
* E. execute-commit - commit the modifications from point C. */
class Completer {
public:
- typedef std::unique_ptr<Completer> cmplptr_t;
+ /* It's expected that Completers would tend to implement many interfaces
+ * and be used not only in req_state::auth::completer. Ref counting their
+ * instances woild be helpful. */
+ typedef std::shared_ptr<Completer> cmplptr_t;
virtual ~Completer() = default;
* the completion succeeded. On error throws rgw::auth::Exception storing
* the reason. */
virtual bool complete() = 0;
+
+ /* Apply any changes to request state. The initial use case was injecting
+ * the AWSv4 filter over rgw::io::RestfulClient in req_state. */
+ virtual void modify_request_state(req_state* s) = 0; /* in/out */
};
* through a well-defined interface. For more details, see rgw_auth.h. */
std::unique_ptr<rgw::auth::Identity> identity;
- std::unique_ptr<rgw::auth::Completer> completer;
+ std::shared_ptr<rgw::auth::Completer> completer;
/* A container for credentials of the S3's browser upload. It's necessary
* because: 1) the ::authenticate() method of auth engines and strategies
try {
auto applier = result.get_applier();
+ auto completer = result.get_completer();
applier->load_acct_info(*s->user);
s->perm_mask = applier->get_perm_mask();
+
+ /* This is the signle place where we pass req_state as a pointer
+ * to non-const and thus its modification is allowed. In the time
+ * of writing only RGWTempURLEngine needed that feature. */
applier->modify_request_state(s);
+ if (completer) {
+ completer->modify_request_state(s);
+ }
+
s->auth.identity = std::move(applier);
+ s->auth.completer = std::move(completer);
s->owner.set_id(s->user->user_id);
s->owner.set_name(s->user->display_name);
}
try {
auto applier = result.get_applier();
+ auto completer = result.get_completer();
applier->load_acct_info(*s->user);
s->perm_mask = applier->get_perm_mask();
+
+ /* This is the signle place where we pass req_state as a pointer
+ * to non-const and thus its modification is allowed. In the time
+ * of writing only RGWTempURLEngine needed that feature. */
applier->modify_request_state(s);
+ if (completer) {
+ completer->modify_request_state(s);
+ }
s->auth.identity = std::move(applier);
- s->auth.completer = result.get_completer();
+ s->auth.completer = std::move(completer);
/* Populate the owner info. */
s->owner.set_id(s->user->user_id);
try {
rgw::auth::IdentityApplier::aplptr_t applier = result.get_applier();
+ rgw::auth::Completer::cmplptr_t completer = result.get_completer();
/* Account used by a given RGWOp is decoupled from identity employed
* in the authorization phase (RGWOp::verify_permissions). */
* to non-const and thus its modification is allowed. In the time
* of writing only RGWTempURLEngine needed that feature. */
applier->modify_request_state(s);
+ if (completer) {
+ completer->modify_request_state(s);
+ }
s->auth.identity = std::move(applier);
- s->auth.completer = std::move(result.get_completer());
+ s->auth.completer = std::move(completer);
return 0;
} catch (int err) {
projects / ceph.git / commitdiff