#define dout_subsys ceph_subsys_rgw
+RGWRestUserPolicy::RGWRestUserPolicy(uint64_t action, uint32_t perm)
+ : action(action), perm(perm)
+{
+}
+
void RGWRestUserPolicy::send_response()
{
if (op_ret) {
return r;
}
+int RGWRestUserPolicy::check_caps(const RGWUserCaps& caps)
+{
+ return caps.check_cap("user-policy", perm);
+}
+
int RGWRestUserPolicy::verify_permission(optional_yield y)
{
if (s->auth.identity->is_anonymous()) {
return 0;
}
- uint64_t op = get_op();
- if (! verify_user_permission(this, s, user_arn, op)) {
+ if (! verify_user_permission(this, s, user_arn, action)) {
return -EACCES;
}
return 0;
}
-int RGWUserPolicyRead::check_caps(const RGWUserCaps& caps)
-{
- return caps.check_cap("user-policy", RGW_CAP_READ);
-}
-int RGWUserPolicyWrite::check_caps(const RGWUserCaps& caps)
+RGWPutUserPolicy::RGWPutUserPolicy()
+ : RGWRestUserPolicy(rgw::IAM::iamPutUserPolicy, RGW_CAP_WRITE)
{
- return caps.check_cap("user-policy", RGW_CAP_WRITE);
-}
-
-
-uint64_t RGWPutUserPolicy::get_op()
-{
- return rgw::IAM::iamPutUserPolicy;
}
int RGWPutUserPolicy::get_params()
return -EINVAL;
}
- return RGWUserPolicyWrite::get_params();
+ return RGWRestUserPolicy::get_params();
}
void RGWPutUserPolicy::execute(optional_yield y)
}
}
-uint64_t RGWGetUserPolicy::get_op()
+
+RGWGetUserPolicy::RGWGetUserPolicy()
+ : RGWRestUserPolicy(rgw::IAM::iamGetUserPolicy, RGW_CAP_READ)
{
- return rgw::IAM::iamGetUserPolicy;
}
int RGWGetUserPolicy::get_params()
return -EINVAL;
}
- return RGWUserPolicyRead::get_params();
+ return RGWRestUserPolicy::get_params();
}
void RGWGetUserPolicy::execute(optional_yield y)
s->formatter->close_section();
}
-uint64_t RGWListUserPolicies::get_op()
+
+RGWListUserPolicies::RGWListUserPolicies()
+ : RGWRestUserPolicy(rgw::IAM::iamListUserPolicies, RGW_CAP_READ)
{
- return rgw::IAM::iamListUserPolicies;
}
void RGWListUserPolicies::execute(optional_yield y)
s->formatter->close_section(); // ListUserPoliciesResponse
}
-uint64_t RGWDeleteUserPolicy::get_op()
+
+RGWDeleteUserPolicy::RGWDeleteUserPolicy()
+ : RGWRestUserPolicy(rgw::IAM::iamDeleteUserPolicy, RGW_CAP_WRITE)
{
- return rgw::IAM::iamDeleteUserPolicy;
}
int RGWDeleteUserPolicy::get_params()
return -EINVAL;
}
- return RGWUserPolicyWrite::get_params();
+ return RGWRestUserPolicy::get_params();
}
void RGWDeleteUserPolicy::execute(optional_yield y)
class RGWRestUserPolicy : public RGWRESTOp {
protected:
+ RGWRestUserPolicy(uint64_t action, uint32_t perm);
+
+ uint64_t action;
+ uint32_t perm;
std::unique_ptr<rgw::sal::User> user;
rgw::ARN user_arn;
std::string policy_name;
public:
int init_processing(optional_yield y) override;
+ int check_caps(const RGWUserCaps& caps) override;
int verify_permission(optional_yield y) override;
- virtual uint64_t get_op() = 0;
void send_response() override;
};
-class RGWUserPolicyRead : public RGWRestUserPolicy {
-public:
- RGWUserPolicyRead() = default;
- int check_caps(const RGWUserCaps& caps) override;
-};
-
-class RGWUserPolicyWrite : public RGWRestUserPolicy {
-public:
- RGWUserPolicyWrite() = default;
- int check_caps(const RGWUserCaps& caps) override;
-};
-
-class RGWPutUserPolicy : public RGWUserPolicyWrite {
+class RGWPutUserPolicy : public RGWRestUserPolicy {
int get_params() override;
public:
- RGWPutUserPolicy() = default;
+ RGWPutUserPolicy();
void execute(optional_yield y) override;
const char* name() const override { return "put_user_policy"; }
- uint64_t get_op() override;
RGWOpType get_type() override { return RGW_OP_PUT_USER_POLICY; }
};
-class RGWGetUserPolicy : public RGWUserPolicyRead {
+class RGWGetUserPolicy : public RGWRestUserPolicy {
int get_params() override;
public:
- RGWGetUserPolicy() = default;
+ RGWGetUserPolicy();
void execute(optional_yield y) override;
const char* name() const override { return "get_user_policy"; }
- uint64_t get_op() override;
RGWOpType get_type() override { return RGW_OP_GET_USER_POLICY; }
};
-class RGWListUserPolicies : public RGWUserPolicyRead {
+class RGWListUserPolicies : public RGWRestUserPolicy {
public:
- RGWListUserPolicies() = default;
+ RGWListUserPolicies();
void execute(optional_yield y) override;
const char* name() const override { return "list_user_policies"; }
- uint64_t get_op() override;
RGWOpType get_type() override { return RGW_OP_LIST_USER_POLICIES; }
};
-class RGWDeleteUserPolicy : public RGWUserPolicyWrite {
+class RGWDeleteUserPolicy : public RGWRestUserPolicy {
int get_params() override;
public:
- RGWDeleteUserPolicy() = default;
+ RGWDeleteUserPolicy();
void execute(optional_yield y) override;
const char* name() const override { return "delete_user_policy"; }
- uint64_t get_op() override;
RGWOpType get_type() override { return RGW_OP_DELETE_USER_POLICY; }
};
projects / ceph-ci.git / commitdiff