AuthMonitor: no need to check permission in MDS caps

For "fs authorize" command, AuthMonitor.cc checks if permissions is "r"
or begins with "rw". This check is redundant now.
AuthMonitor::valid_caps() runs MDSAuthCaps.parse() which now runs same
check for the MDS caps, regardless of the command.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
(cherry picked from commit 8e1e322054ea14eb5e59969439c0ea27885503ab)

Conflicts:
	qa/tasks/cephfs/test_admin.py
	Since line numbers where the patch should be applied is
	different in quincy branch compared to main branch, the conflict
	occured.

diff --git a/qa/tasks/cephfs/test_admin.py b/qa/tasks/cephfs/test_admin.py
index ae04a4ca3154088ff97e3aec0f60afce2a0d9e08..340dde80e343062d1a108ae38d482a5784af3bc0 100644 (file)
--- a/qa/tasks/cephfs/test_admin.py
+++ b/qa/tasks/cephfs/test_admin.py
@@ -1180,3 +1180,10 @@ class TestPermErrMsg(CephFSTestCase):
     def test_auth_get_or_create_key(self):
         for mdscap in self.MDSCAPS:
             self._negtestcmd('auth get-or-create-key', mdscap)
+
+    def test_fs_authorize(self):
+        for wrong_perm in ('w', 'wr'):
+            self.negtest_ceph_cmd(
+                args=(f'fs authorize {self.fs.name} {self.CLIENT_NAME} / '
+                      f'{wrong_perm}'), retval=self.EXPECTED_ERRNO,
+                errmsgs=self.EXPECTED_ERRMSG)

diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index 395ff4926189971ad7b4d9487bd6ed582dcc102d..59adc404eb4f86f71ad12cd1a3d6fc12f7a245b0 100644 (file)
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -1769,11 +1769,6 @@ bool AuthMonitor::prepare_command(MonOpRequestRef op)
        ++it;
       }
 
-      if (cap != "r" && cap.compare(0, 2, "rw")) {
-       ss << "Permission flags must start with 'r' or 'rw'.";
-       err = -EINVAL;
-       goto done;
-      }
       if (cap.compare(0, 2, "rw") == 0)
        osd_cap_wanted = "rw";