rgw/admin: 'user modify' won't change existing account id

author Casey Bodley <cbodley@redhat.com>

Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)

committer Casey Bodley <cbodley@redhat.com>

Wed, 10 Apr 2024 17:09:17 +0000 (13:09 -0400)
author Casey Bodley <cbodley@redhat.com>
Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)
committer Casey Bodley <cbodley@redhat.com>
Wed, 10 Apr 2024 17:09:17 +0000 (13:09 -0400)
diff --git a/src/rgw/driver/rados/rgw_user.cc b/src/rgw/driver/rados/rgw_user.cc

index ff68f03ba6a1d2e10147e60e8723eb641922488e..43951559520a40f70b032cc4bbe983816c0e83c2 100644 (file)
--- a/src/rgw/driver/rados/rgw_user.cc
+++ b/src/rgw/driver/rados/rgw_user.cc
@@ -2137,6 +2137,11 @@ int RGWUser::execute_modify(const DoutPrefixProvider *dpp, RGWUserAdminOpState&
        return -EINVAL;
      }
      if (user_info.account_id != op_state.account_id) {
+      // allow users to migrate into an account, but don't allow them to leave
+      if (!user_info.account_id.empty()) {
+        set_err_msg(err_msg, "users cannot be moved out of their account");
+        return -EINVAL;
+      }
        user_info.account_id = op_state.account_id;
  
        // tenant must match new account.tenant
author	Casey Bodley <cbodley@redhat.com>
	Wed, 6 Mar 2024 22:43:02 +0000 (17:43 -0500)
committer	Casey Bodley <cbodley@redhat.com>
	Wed, 10 Apr 2024 17:09:17 +0000 (13:09 -0400)