}
}
-} // namespace rgw::swift
-
-bool RGWAccessControlPolicy_SWIFTAcct::create(const DoutPrefixProvider *dpp,
- rgw::sal::Driver* driver,
- const rgw_user& id,
- const std::string& name,
- const std::string& acl_str)
+int create_account_policy(const DoutPrefixProvider* dpp,
+ rgw::sal::Driver* driver,
+ const rgw_user& id,
+ const std::string& name,
+ const std::string& acl_str,
+ RGWAccessControlPolicy& policy)
{
- acl.create_default(id, name);
- owner.id = id;
- owner.display_name = name;
+ policy.create_default(id, name);
+ auto& acl = policy.get_acl();
JSONParser parser;
-
if (!parser.parse(acl_str.c_str(), acl_str.length())) {
ldpp_dout(dpp, 0) << "ERROR: JSONParser::parse returned error=" << dendl;
- return false;
+ return -EINVAL;
}
JSONObjIter iter = parser.find_first("admin");
add_grants(dpp, driver, readonly, SWIFT_PERM_READ, acl);
}
- return true;
+ return 0;
}
+} // namespace rgw::swift
+
boost::optional<std::string> RGWAccessControlPolicy_SWIFTAcct::to_str() const
{
std::vector<std::string> admin;
void format_container_acls(const RGWAccessControlPolicy& policy,
std::string& read, std::string& write);
+/// Create a policy based on swift account acl header X-Account-Access-Control.
+int create_account_policy(const DoutPrefixProvider* dpp,
+ rgw::sal::Driver* driver,
+ const rgw_user& id,
+ const std::string& name,
+ const std::string& acl_str,
+ RGWAccessControlPolicy& policy);
+
} // namespace rgw::swift
class RGWAccessControlPolicy_SWIFT : public RGWAccessControlPolicy
class RGWAccessControlPolicy_SWIFTAcct : public RGWAccessControlPolicy
{
public:
- bool create(const DoutPrefixProvider *dpp,
- rgw::sal::Driver* driver,
- const rgw_user& id,
- const std::string& name,
- const std::string& acl_str);
boost::optional<std::string> to_str() const;
};
const char * const acl_attr = s->info.env->get("HTTP_X_ACCOUNT_ACCESS_CONTROL");
if (acl_attr) {
- RGWAccessControlPolicy_SWIFTAcct swift_acct_policy;
- const bool r = swift_acct_policy.create(s, driver,
- s->user->get_id(),
- s->user->get_display_name(),
- string(acl_attr));
- if (r != true) {
- return -EINVAL;
+ int r = rgw::swift::create_account_policy(s, driver,
+ s->user->get_id(),
+ s->user->get_display_name(),
+ acl_attr, *policy);
+ if (r < 0) {
+ return r;
}
- *policy = swift_acct_policy;
*has_policy = true;
}
projects / ceph-ci.git / commitdiff