]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9eac401)
rgw/sts: AssumeRole no longer writes to user metadata
authorCasey Bodley <cbodley@redhat.com>
Thu, 20 Apr 2023 13:25:49 +0000 (09:25 -0400)
committerCasey Bodley <cbodley@redhat.com>
Mon, 15 May 2023 13:37:05 +0000 (09:37 -0400)
`storeARN()` was storing the role's ARN in `RGWUserInfo::assumed_role_arn`,
but that field was unused

Fixes: https://tracker.ceph.com/issues/59495
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 2f60200bf69b0814ce7d1ae7d217d5c37f99f80e)

src/rgw/rgw_sts.cc patch | blob | history
src/rgw/rgw_sts.h patch | blob | history

diff --git a/src/rgw/rgw_sts.cc b/src/rgw/rgw_sts.cc
index b3926f5f7625fd8a9941e00c25b6167fb9a34948..b552834426a9cb8df1590e35190124229c018634 100644 (file)
--- a/src/rgw/rgw_sts.cc
+++ b/src/rgw/rgw_sts.cc
@@ -319,23 +319,6 @@ std::tuple<int, rgw::sal::RGWRole*> STSService::getRoleInfo(const DoutPrefixProv
   }
 }
 
-int STSService::storeARN(const DoutPrefixProvider *dpp, string& arn, optional_yield y)
-{
-  int ret = 0;
-  std::unique_ptr<rgw::sal::User> user = driver->get_user(user_id);
-  if ((ret = user->load_user(dpp, y)) < 0) {
-    return -ERR_NO_SUCH_ENTITY;
-  }
-
-  user->get_info().assumed_role_arn = arn;
-
-  ret = user->store_user(dpp, y, false, &user->get_info());
-  if (ret < 0) {
-    return -ERR_INTERNAL_ERROR;
-  }
-  return ret;
-}
-
 AssumeRoleWithWebIdentityResponse STSService::assumeRoleWithWebIdentity(const DoutPrefixProvider *dpp, AssumeRoleWithWebIdentityRequest& req)
 {
   AssumeRoleWithWebIdentityResponse response;
@@ -447,13 +430,6 @@ AssumeRoleResponse STSService::assumeRole(const DoutPrefixProvider *dpp,
     return response;
   }
 
-  //Save ARN with the user
-  string arn = response.user.getARN();
-  response.retCode = storeARN(dpp, arn, y);
-  if (response.retCode < 0) {
-    return response;
-  }
-
   response.retCode = 0;
   return response;
 }
diff --git a/src/rgw/rgw_sts.h b/src/rgw/rgw_sts.h
index 65dbb17477f151fb4c9a615d03b1954f94d5d190..5ee7ee444fcb19f94117bd823ff0b745cb61bdf9 100644 (file)
--- a/src/rgw/rgw_sts.h
+++ b/src/rgw/rgw_sts.h
@@ -238,7 +238,6 @@ class STSService {
   rgw_user user_id;
   std::unique_ptr<rgw::sal::RGWRole> role;
   rgw::auth::Identity* identity;
-  int storeARN(const DoutPrefixProvider *dpp, std::string& arn, optional_yield y);
 public:
   STSService() = default;
   STSService(CephContext* cct, rgw::sal::Driver* driver, rgw_user user_id,
Unnamed repository; edit this file 'description' to name the repository.