rgw/admin: 'user modify' won't change existing account id

author Casey Bodley <cbodley@redhat.com>

Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)

committer Casey Bodley <cbodley@redhat.com>

Fri, 12 Apr 2024 19:34:29 +0000 (15:34 -0400)
author Casey Bodley <cbodley@redhat.com>
Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)
committer Casey Bodley <cbodley@redhat.com>
Fri, 12 Apr 2024 19:34:29 +0000 (15:34 -0400)
diff --git a/src/rgw/driver/rados/rgw_user.cc b/src/rgw/driver/rados/rgw_user.cc

index c71eed93767cf02e06954402adecfb00e4612405..d764bd6c181e963b6b0b5f4ab0ae42d93f60a42f 100644 (file)
--- a/src/rgw/driver/rados/rgw_user.cc
+++ b/src/rgw/driver/rados/rgw_user.cc
@@ -2133,6 +2133,11 @@ int RGWUser::execute_modify(const DoutPrefixProvider *dpp, RGWUserAdminOpState&
        return -EINVAL;
      }
      if (user_info.account_id != op_state.account_id) {
+      // allow users to migrate into an account, but don't allow them to leave
+      if (!user_info.account_id.empty()) {
+        set_err_msg(err_msg, "users cannot be moved out of their account");
+        return -EINVAL;
+      }
        user_info.account_id = op_state.account_id;
  
        // tenant must match new account.tenant
author	Casey Bodley <cbodley@redhat.com>
	Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Fri, 12 Apr 2024 19:34:29 +0000 (15:34 -0400)