{
bufferlist bl;
- RGWAccessControlPolicy *policy;
+ RGWAccessControlPolicy *policy = NULL;
RGWXMLParser parser;
RGWAccessControlPolicy new_policy;
+ stringstream ss;
+ char *orig_data = data;
+ char *new_data = NULL;
if (!verify_permission(s, RGW_PERM_WRITE_ACP)) {
ret = -EACCES;
if (get_params() < 0)
goto done;
- RGW_LOG(15) << "read data=" << data << " len=" << len << endl;
+ RGW_LOG(15) << "read len=" << len << " data=" << (data ? data : "") << endl;
+
+ if (!s->canned_acl.empty() && len) {
+ ret = -EINVAL;
+ goto done;
+ }
+ if (!s->canned_acl.empty()) {
+ RGWAccessControlPolicy canned_policy;
+ bool r = canned_policy.create_canned(s->user.user_id, s->user.display_name, s->canned_acl);
+ if (!r) {
+ ret = -EINVAL;
+ goto done;
+ }
+ canned_policy.to_xml(ss);
+ new_data = strdup(ss.str().c_str());
+ data = new_data;
+ len = ss.str().size();
+ }
+
if (!parser.parse(data, len, 1)) {
ret = -EACCES;
ret = -EINVAL;
goto done;
}
+
if (rgw_log_level >= 15) {
RGW_LOG(15) << "Old AccessControlPolicy" << endl;
- policy->to_xml(cerr);
+ policy->to_xml(cout);
RGW_LOG(15) << endl;
}
RGW_ATTR_ACL, bl);
done:
- free(data);
+ free(orig_data);
+ free(new_data);
send_response();
return;
break;
case OP_PUT:
/* is it a 'create bucket' request? */
- if (s->object_str.size() == 0)
- return 0;
if (is_acl_op(s)) {
only_bucket = false;
break;
}
+ if (s->object_str.size() == 0)
+ return 0;
case OP_DELETE:
only_bucket = true;
break;
projects / ceph.git / commitdiff