rgw: Address review comments, fix test cases for BucketEncryption APIs

Review comments are addressed.
Added documentation in authentication.rst for newly added IAM policies.
Test case failure due to incorrect IAM policy is fixed.

Signed-off-by: Rahul Dev Parashar <rahul.dev@flipkart.com>

diff --git a/doc/radosgw/s3/authentication.rst b/doc/radosgw/s3/authentication.rst
index 10143290d3c77092c5448d3095f9def3832cb4ec..64747cde27616192799e671a92381a927632ffcc 100644 (file)
--- a/doc/radosgw/s3/authentication.rst
+++ b/doc/radosgw/s3/authentication.rst
@@ -185,6 +185,8 @@ Internally, S3 operations are mapped to ACL permissions thus:
 +---------------------------------------+---------------+
 | ``s3:GetReplicationConfiguration``    | ``READ_ACP``  |
 +---------------------------------------+---------------+
+| ``s3:GetBucketEncryption``            | ``READ_ACP``  |
++---------------------------------------+---------------+
 | ``s3:DeleteBucketPolicy``             | ``WRITE_ACP`` |
 +---------------------------------------+---------------+
 | ``s3:DeleteBucketWebsite``            | ``WRITE_ACP`` |
@@ -219,6 +221,8 @@ Internally, S3 operations are mapped to ACL permissions thus:
 +---------------------------------------+---------------+
 | ``s3:PutReplicationConfiguration``    | ``WRITE_ACP`` |
 +---------------------------------------+---------------+
+| ``s3:PutBucketEncryption``            | ``WRITE_ACP`` |
++---------------------------------------+---------------+
 
 Some mappings, (e.g. ``s3:CreateBucket`` to ``WRITE``) are not
 applicable to S3 operation, but are required to allow Swift and S3 to

diff --git a/src/rgw/rgw_bucket_encryption.cc b/src/rgw/rgw_bucket_encryption.cc
index 2913ce8a0ed44b9b31ec001f944c30bf4dd201d9..0310e5ac5a84f36ecd93bcd093e16e61065b8f43 100644 (file)
--- a/src/rgw/rgw_bucket_encryption.cc
+++ b/src/rgw/rgw_bucket_encryption.cc
@@ -24,9 +24,6 @@ void ServerSideEncryptionConfiguration::dump_xml(Formatter *f) const {
 
 void RGWBucketEncryptionConfig::decode_xml(XMLObj *obj) {
   rule_exist = RGWXMLDecoder::decode_xml("Rule", rule, obj);
-  if(!rule_exist) {
-    throw RGWXMLDecoder::err("rule must be present in XML");
-  }
 }
 
 void RGWBucketEncryptionConfig::dump_xml(Formatter *f) const {

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index ea8692c2be85ee20b41a426bf3f0d44400a6d0fd..3357b00569633288f24a8c88e431066e42deb33d 100644 (file)
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -39,7 +39,6 @@
 #include "cls/rgw/cls_rgw_types.h"
 #include "include/rados/librados.hpp"
 #include "rgw_public_access.h"
-#include "rgw_bucket_encryption.h"
 
 namespace ceph {
   class Formatter;

diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 0575ce8617ca664ccd72b3839b179c379915441d..d609716c43b8ebc665d49e047c95d765ff8af5b0 100644 (file)
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -109,8 +109,7 @@ static constexpr std::uint64_t s3PutBucketPublicAccessBlock = 66;
 static constexpr std::uint64_t s3DeleteBucketPublicAccessBlock = 67;
 static constexpr std::uint64_t s3GetBucketEncryption = 68;
 static constexpr std::uint64_t s3PutBucketEncryption = 69;
-static constexpr std::uint64_t s3DeleteBucketEncryption = 70;
-static constexpr std::uint64_t s3All = 71;
+static constexpr std::uint64_t s3All = 70;
 
 static constexpr std::uint64_t iamPutUserPolicy = s3All + 1;
 static constexpr std::uint64_t iamGetUserPolicy = s3All + 2;