rgw: add free function forward_iam_request_to_master()

Signed-off-by: Casey Bodley <cbodley@redhat.com>

diff --git a/src/rgw/rgw_rest_role.cc b/src/rgw/rgw_rest_role.cc
index 14e164553665a2fc7ab5dce26a6ac9042affb35e..2b8d3920aceab3d85819d67efcac27ddd5763e33 100644 (file)
--- a/src/rgw/rgw_rest_role.cc
+++ b/src/rgw/rgw_rest_role.cc
@@ -13,15 +13,68 @@
 
 #include "rgw_common.h"
 #include "rgw_op.h"
+#include "rgw_process_env.h"
 #include "rgw_rest.h"
-#include "rgw_role.h"
+#include "rgw_rest_conn.h"
 #include "rgw_rest_role.h"
+#include "rgw_role.h"
 #include "rgw_sal.h"
 
 #define dout_subsys ceph_subsys_rgw
 
 using namespace std;
 
+int forward_iam_request_to_master(const DoutPrefixProvider* dpp,
+                                  const rgw::SiteConfig& site,
+                                  const RGWUserInfo& user,
+                                  bufferlist& indata,
+                                  RGWXMLDecoder::XMLParser& parser,
+                                  req_info& req, optional_yield y)
+{
+  const auto& period = site.get_period();
+  if (!period) {
+    return 0; // not multisite
+  }
+  if (site.is_meta_master()) {
+    return 0; // don't need to forward metadata requests
+  }
+  const auto& pmap = period->period_map;
+  auto zg = pmap.zonegroups.find(pmap.master_zonegroup);
+  if (zg == pmap.zonegroups.end()) {
+    return -EINVAL;
+  }
+  auto z = zg->second.zones.find(zg->second.master_zone);
+  if (z == zg->second.zones.end()) {
+    return -EINVAL;
+  }
+
+  RGWAccessKey creds;
+  if (auto i = user.access_keys.begin(); i != user.access_keys.end()) {
+    creds.id = i->first;
+    creds.key = i->second.key;
+  }
+
+  // use the master zone's endpoints
+  auto conn = RGWRESTConn{dpp->get_cct(), z->second.id, z->second.endpoints,
+                          std::move(creds), zg->second.id, zg->second.api_name};
+  bufferlist outdata;
+  constexpr size_t max_response_size = 128 * 1024; // we expect a very small response
+  int ret = conn.forward_iam_request(dpp, creds, req, nullptr, max_response_size,
+                                     &indata, &outdata, y);
+  if (ret < 0) {
+    return ret;
+  }
+
+  std::string r = outdata.to_str();
+  boost::replace_all(r, "&quot;", "\"");
+
+  if (!parser.parse(r.c_str(), r.length(), 1)) {
+    ldpp_dout(dpp, 0) << "ERROR: failed to parse response from master zonegroup" << dendl;
+    return -EIO;
+  }
+  return 0;
+}
+
 int RGWRestRole::verify_permission(optional_yield y)
 {
   if (s->auth.identity->is_anonymous()) {
@@ -209,7 +262,8 @@ void RGWCreateRole::execute(optional_yield y)
 
   std::string role_id;
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -231,15 +285,8 @@ void RGWCreateRole::execute(optional_yield y)
       }
     }
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -316,13 +363,13 @@ int RGWDeleteRole::get_params()
 void RGWDeleteRole::execute(optional_yield y)
 {
   bool is_master = true;
-  int master_op_ret = 0;
   op_ret = get_params();
   if (op_ret < 0) {
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     is_master = false;
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
@@ -335,17 +382,9 @@ void RGWDeleteRole::execute(optional_yield y)
     s->info.args.remove("Action");
     s->info.args.remove("Version");
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    master_op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
-    if (master_op_ret < 0) {
-      op_ret = master_op_ret;
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
+    if (op_ret < 0) {
       ldpp_dout(this, 0) << "forward_iam_request_to_master returned ret=" << op_ret << dendl;
       return;
     }
@@ -355,7 +394,7 @@ void RGWDeleteRole::execute(optional_yield y)
 
   if (op_ret == -ENOENT) {
     //Role has been deleted since metadata from master has synced up
-    if (!is_master && master_op_ret == 0) {
+    if (!is_master) {
       op_ret = 0;
     } else {
       op_ret = -ERR_NO_ROLE_FOUND;
@@ -466,7 +505,8 @@ void RGWModifyRoleTrustPolicy::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -480,15 +520,8 @@ void RGWModifyRoleTrustPolicy::execute(optional_yield y)
     s->info.args.remove("Action");
     s->info.args.remove("Version");
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -590,7 +623,8 @@ void RGWPutRolePolicy::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -605,15 +639,8 @@ void RGWPutRolePolicy::execute(optional_yield y)
     s->info.args.remove("Action");
     s->info.args.remove("Version");
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -723,7 +750,8 @@ void RGWDeleteRolePolicy::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -737,15 +765,8 @@ void RGWDeleteRolePolicy::execute(optional_yield y)
     s->info.args.remove("Action");
     s->info.args.remove("Version");
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -792,7 +813,8 @@ void RGWTagRole::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -811,15 +833,8 @@ void RGWTagRole::execute(optional_yield y)
       }
     }
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -906,7 +921,8 @@ void RGWUntagRole::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -929,15 +945,8 @@ void RGWUntagRole::execute(optional_yield y)
     for (auto& it : iters) {
       val_map.erase(it);
     }
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;
@@ -976,7 +985,8 @@ void RGWUpdateRole::execute(optional_yield y)
     return;
   }
 
-  if (!driver->is_meta_master()) {
+  const rgw::SiteConfig& site = *s->penv.site;
+  if (!site.is_meta_master()) {
     RGWXMLDecoder::XMLParser parser;
     if (!parser.init()) {
       ldpp_dout(this, 0) << "ERROR: failed to initialize xml parser" << dendl;
@@ -990,15 +1000,8 @@ void RGWUpdateRole::execute(optional_yield y)
     s->info.args.remove("Action");
     s->info.args.remove("Version");
 
-    RGWUserInfo info = s->user->get_info();
-    const auto& it = info.access_keys.begin();
-    RGWAccessKey key;
-    if (it != info.access_keys.end()) {
-      key.id = it->first;
-      RGWAccessKey cred = it->second;
-      key.key = cred.key;
-    }
-    op_ret = driver->forward_iam_request_to_master(s, key, nullptr, bl_post_body, &parser, s->info, y);
+    op_ret = forward_iam_request_to_master(this, site, s->user->get_info(),
+                                           bl_post_body, parser, s->info, y);
     if (op_ret < 0) {
       ldpp_dout(this, 20) << "ERROR: forward_iam_request_to_master failed with error code: " << op_ret << dendl;
       return;