rgw: move IsPublic to RGWAccessControlPolicy class

This helps reusing when evaluating for PutACLs and Put Policy

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>

diff --git a/src/rgw/rgw_acl.cc b/src/rgw/rgw_acl.cc
index 8a58cca0aaf6bf432f561eadb8f022593a9287a4..ac6313f8150793baad17b98c6bb4aeb9eed60073 100644 (file)
--- a/src/rgw/rgw_acl.cc
+++ b/src/rgw/rgw_acl.cc
@@ -186,3 +186,16 @@ bool RGWAccessControlPolicy::verify_permission(const DoutPrefixProvider* dpp,
 }
 
 
+bool RGWAccessControlPolicy::IsPublic() const
+{
+
+  static constexpr auto public_groups = {ACL_GROUP_ALL_USERS,
+                                        ACL_GROUP_AUTHENTICATED_USERS};
+  return std::any_of(public_groups.begin(), public_groups.end(),
+                         [&](ACLGroupTypeEnum g) {
+                           auto p = acl.get_group_perm(g, RGW_PERM_FULL_CONTROL);
+                           return (p != RGW_PERM_NONE) && (p != RGW_PERM_INVALID);
+                         }
+                         );
+
+}

diff --git a/src/rgw/rgw_acl.h b/src/rgw/rgw_acl.h
index 2b9ff3694dc3a9db4a2df322c10cbae56a832cc1..0ba06ef8b6cc8bfe356e6af577dbed117bc1e1ac 100644 (file)
--- a/src/rgw/rgw_acl.h
+++ b/src/rgw/rgw_acl.h
@@ -463,6 +463,7 @@ public:
   }
 
   virtual bool compare_group_name(string& id, ACLGroupTypeEnum group) { return false; }
+  bool IsPublic() const;
 };
 WRITE_CLASS_ENCODER(RGWAccessControlPolicy)
 

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 9757a75ef96ca4d4bc39fd52b63755243c2cfcd4..cb7f3d0aa050b485d768c294e47911ff65438bf4 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -8074,19 +8074,7 @@ int RGWGetBucketPolicyStatus::verify_permission()
 
 void RGWGetBucketPolicyStatus::execute()
 {
-  static constexpr auto public_groups = {ACL_GROUP_ALL_USERS,
-                                        ACL_GROUP_AUTHENTICATED_USERS};
-
-  const auto& bucket_acl = s->bucket_acl->get_acl();
-  isPublic = std::any_of(public_groups.begin(), public_groups.end(),
-                        [&bucket_acl](ACLGroupTypeEnum g) {
-                           auto p = bucket_acl.get_group_perm(g, RGW_PERM_FULL_CONTROL);
-                           return (p != RGW_PERM_NONE) && (p != RGW_PERM_INVALID);
-                         }
-                        );
-  ldout(s->cct,20) << __func__ << "ACL public status=" << isPublic << dendl;
-  if (s->iam_policy)
-    isPublic |= rgw::IAM::IsPublic(*s->iam_policy);
+  isPublic = rgw::IAM::IsPublic(*s->iam_policy) | s->bucket_acl->IsPublic();
 }
 
 int RGWPutBucketPublicAccessBlock::verify_permission()