rgw/sts: replacing load_stats with list_buckets

to correctly create a federated user in oidc namespace.

The idea was to check if the federated user had any buckets
associated with it from the time when the logic for creating
a shadow user was not in place, and this was done by calling
read_stats which returned -ENOENT when the user did not exist,
which was erroneously interpreted as buckets not existing for
the user - but this logic correctly led to creation of user
in oidc namespace. Later read_stats() was replaced by load_stats()
and load_stats() does not return -ENOENT when a user does
not exist, hence according to the code, the federated user
was not getting created in 'oidc' namespace. Hence replaced load_stats()
with list_buckets() and corrected the code to create a user
in oidc namespace if the user did not own any bucket.

Fixes: https://tracker.ceph.com/issues/69924
Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>

diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
index a0b494eb9c5bc6a723c55ccef73c31b132de5007..79108bbd667fac9825fb9431390e6d631dd2aab5 100644 (file)
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@@ -672,16 +672,18 @@ auto rgw::auth::WebIdentityApplier::load_acct_info(const DoutPrefixProvider* dpp
   }
 
   //Check if user_id.buckets already exists, may have been from the time, when shadow users didnt exist
-  RGWStorageStats stats;
-  ceph::real_time last_synced;
-  ceph::real_time last_updated;
-  int ret = driver->load_stats(dpp, null_yield, federated_user, stats,
-                               last_synced, last_updated);
-  if (ret < 0 && ret != -ENOENT) {
-    ldpp_dout(dpp, 0) << "ERROR: reading stats for the user returned error " << ret << dendl;
+  federated_user.ns = "";
+  constexpr bool need_stats = false;
+  const std::string marker; // empty
+  constexpr uint32_t max_items = 1;
+  rgw::sal::BucketList buckets;
+  auto ret = driver->list_buckets(dpp, federated_user, federated_user.tenant, marker, marker,
+                             max_items, need_stats, buckets, null_yield);
+  if (ret < 0) {
+    ldpp_dout(dpp, 0) << "ERROR: list buckets for the user returned error " << ret << dendl;
     return user;
   }
-  if (ret == -ENOENT) { /* in case of ENOENT, which means user doesnt have buckets */
+  if (buckets.buckets.empty()) { /* no buckets */
     //In this case user will be created in oidc namespace
     ldpp_dout(dpp, 5) << "NOTICE: incoming user has no buckets " << federated_user << dendl;
     federated_user.ns = "oidc";