mds/MDSAuthCaps: move allows() into MDSCapSpec

Also, fix this so that 'any' implies that we can read or write.

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/src/mds/MDSAuthCaps.cc b/src/mds/MDSAuthCaps.cc
index 9aa65c5f43663a634d71e4b5c74a7179e9788ade..4f78db7ac0853788d677fdf2ac5855ce4c538801 100644 (file)
--- a/src/mds/MDSAuthCaps.cc
+++ b/src/mds/MDSAuthCaps.cc
@@ -97,16 +97,13 @@ struct MDSCapParser : qi::grammar<Iterator, MDSAuthCaps()>
  * requested path + op.
  *
  */
-bool MDSAuthCaps::is_capable(const std::string &path, int uid, bool may_read, bool may_write) const
+bool MDSAuthCaps::is_capable(const std::string &path, int uid,
+                            bool may_read, bool may_write) const
 {
   for (std::vector<MDSCapGrant>::const_iterator i = grants.begin(); i != grants.end(); ++i) {
-    if (i->match.match(path, uid)) {
-      if ((may_read && !i->spec.read) ||
-          (may_write && !i->spec.write)) {
-        continue;
-      } else {
-        return true;
-      }
+    if (i->match.match(path, uid) &&
+       i->spec.allows(may_read, may_write)) {
+      return true;
     }
   }
 

diff --git a/src/mds/MDSAuthCaps.h b/src/mds/MDSAuthCaps.h
index c243ef424caf44e326a203e68e45529c236ecb38..13cdc29e3583ea4804b393fe0b2b5b8346ea4607 100644 (file)
--- a/src/mds/MDSAuthCaps.h
+++ b/src/mds/MDSAuthCaps.h
@@ -32,6 +32,15 @@ struct MDSCapSpec {
   bool allow_all() const {
     return any;
   }
+  bool allows(bool r, bool w) const {
+    if (any)
+      return true;
+    if (r && !read)
+      return false;
+    if (w && !write)
+      return false;
+    return true;
+  }
 };
 
 // conditions before we are allowed to do it