}
if (s->bucket->get_info().obj_lock_enabled() && versioning_status != VersioningEnabled) {
+ s->err.message = "bucket versioning cannot be disabled on buckets with object lock enabled";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_BUCKET_STATE;
return;
}
int object_lock_response = verify_object_lock(this, attrs, bypass_perm, bypass_governance_mode);
if (object_lock_response != 0) {
op_ret = object_lock_response;
+ if (op_ret == -EACCES) {
+ s->err.message = "forbidden by object lock";
+ }
return;
}
}
void RGWPutBucketObjectLock::execute(optional_yield y)
{
if (!s->bucket->get_info().obj_lock_enabled()) {
- ldpp_dout(this, 0) << "ERROR: object Lock configuration cannot be enabled on existing buckets" << dendl;
+ s->err.message = "object lock configuration can't be set if bucket object lock not enabled";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_BUCKET_STATE;
return;
}
return;
}
if (obj_lock.has_rule() && !obj_lock.retention_period_valid()) {
- ldpp_dout(this, 0) << "ERROR: retention period must be a positive integer value" << dendl;
+ s->err.message = "retention period must be a positive integer value";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_RETENTION_PERIOD;
return;
}
void RGWPutObjRetention::execute(optional_yield y)
{
if (!s->bucket->get_info().obj_lock_enabled()) {
- ldpp_dout(this, 0) << "ERROR: object retention can't be set if bucket object lock not configured" << dendl;
+ s->err.message = "object retention can't be set if bucket object lock not configured";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_REQUEST;
return;
}
}
if (ceph::real_clock::to_time_t(obj_retention.get_retain_until_date()) < ceph_clock_now()) {
- ldpp_dout(this, 0) << "ERROR: the retain until date must be in the future" << dendl;
+ s->err.message = "the retain-until date must be in the future";
+ ldpp_dout(this, 0) << "ERROR: " << s->err.message << dendl;
op_ret = -EINVAL;
return;
}
}
if (ceph::real_clock::to_time_t(obj_retention.get_retain_until_date()) < ceph::real_clock::to_time_t(old_obj_retention.get_retain_until_date())) {
if (old_obj_retention.get_mode().compare("GOVERNANCE") != 0 || !bypass_perm || !bypass_governance_mode) {
+ s->err.message = "proposed retain-until date shortens an existing retention period and governance bypass check failed";
op_ret = -EACCES;
return;
}
void RGWGetObjRetention::execute(optional_yield y)
{
if (!s->bucket->get_info().obj_lock_enabled()) {
- ldpp_dout(this, 0) << "ERROR: bucket object lock not configured" << dendl;
+ s->err.message = "bucket object lock not configured";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_REQUEST;
return;
}
void RGWPutObjLegalHold::execute(optional_yield y) {
if (!s->bucket->get_info().obj_lock_enabled()) {
- ldpp_dout(this, 0) << "ERROR: object legal hold can't be set if bucket object lock not configured" << dendl;
+ s->err.message = "object legal hold can't be set if bucket object lock not enabled";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_REQUEST;
return;
}
void RGWGetObjLegalHold::execute(optional_yield y)
{
if (!s->bucket->get_info().obj_lock_enabled()) {
- ldpp_dout(this, 0) << "ERROR: bucket object lock not configured" << dendl;
+ s->err.message = "bucket object lock not configured";
+ ldpp_dout(this, 4) << "ERROR: " << s->err.message << dendl;
op_ret = -ERR_INVALID_REQUEST;
return;
}
op_ret = store->cluster_stat(stats_op);
}
-
int RGWGetBucketPolicyStatus::verify_permission(optional_yield y)
{
if (!verify_bucket_permission(this, s, rgw::IAM::s3GetBucketPolicyStatus)) {
projects / ceph.git / commitdiff