mds/MDSAuthCaps: normalize path, drop useless constant.

Use an empty string for no path--this is more efficient.  This generalizes
to losing any leading '/' character.

Signed-off-by: Sage Weil <sage@redhat.com>

diff --git a/src/mds/MDSAuthCaps.cc b/src/mds/MDSAuthCaps.cc
index 609836e1b5ad3735f327391362ef98ca68550277..b5b3c09454eccd7f4ac1469c765eee3061630d52 100644 (file)
--- a/src/mds/MDSAuthCaps.cc
+++ b/src/mds/MDSAuthCaps.cc
@@ -27,8 +27,6 @@ namespace qi = boost::spirit::qi;
 namespace ascii = boost::spirit::ascii;
 namespace phoenix = boost::phoenix;
 
-const std::string MDSCapMatch::MDS_AUTH_PATH_ROOT = "/";
-
 template <typename Iterator>
 struct MDSCapParser : qi::grammar<Iterator, MDSAuthCaps()>
 {
@@ -89,6 +87,18 @@ struct MDSCapParser : qi::grammar<Iterator, MDSAuthCaps()>
   qi::rule<Iterator, MDSAuthCaps()> mdscaps;
 };
 
+void MDSCapMatch::normalize_path()
+{
+  // drop any leading /
+  while (path.length() && path[0] == '/') {
+    path = path.substr(1);
+  }
+
+  // drop dup //
+  // drop .
+  // drop ..
+}
+
 bool MDSCapMatch::match(const std::string &target_path,
                        const int target_uid) const
 {
@@ -126,7 +136,11 @@ bool MDSAuthCaps::is_capable(const std::string &inode_path,
     if (i->match.match(inode_path, uid) &&
        i->spec.allows(mask & (MAY_READ|MAY_EXECUTE), mask & MAY_WRITE)) {
       // check unix permissions?
-      if (i->match.uid != MDS_AUTH_UID_ANY) {
+      if (i->match.uid != MDSCapMatch::MDS_AUTH_UID_ANY) {
+       // use fcntl.h macros for the file mode:
+       //  S_IRUSR  S_IRGRP  S_ROTH
+       //  S_IWUSR  S_IWGRP  S_WOTH
+       //  S_IXUSR  S_IXGRP  S_XOTH
 
        // WRITE ME
 
@@ -185,12 +199,11 @@ bool MDSAuthCaps::allow_all() const
 
 ostream &operator<<(ostream &out, const MDSCapMatch &match)
 {
-  if (match.path != MDSCapMatch::MDS_AUTH_PATH_ROOT) {
-    out << "path=\"" << match.path << "\"";
-  }
-  if (match.path != MDSCapMatch::MDS_AUTH_PATH_ROOT &&
-      match.uid != MDSCapMatch::MDS_AUTH_UID_ANY) {
-    out << " ";
+  if (match.path.length()) {
+    out << "path=\"/" << match.path << "\"";
+    if (match.uid != MDSCapMatch::MDS_AUTH_UID_ANY) {
+      out << " ";
+    }
   }
   if (match.uid != MDSCapMatch::MDS_AUTH_UID_ANY) {
     out << "uid=" << match.uid;

diff --git a/src/mds/MDSAuthCaps.h b/src/mds/MDSAuthCaps.h
index b4debb95caf41dfd0d175fbb49af85d9bf3f330c..89337227c2912aca08f16c33165da8cc342c20e0 100644 (file)
--- a/src/mds/MDSAuthCaps.h
+++ b/src/mds/MDSAuthCaps.h
@@ -52,18 +52,23 @@ struct MDSCapSpec {
 // conditions before we are allowed to do it
 struct MDSCapMatch {
   static const int64_t MDS_AUTH_UID_ANY = -1;
-  static const std::string MDS_AUTH_PATH_ROOT;
 
-  int64_t uid;          // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
+  int64_t uid;       // Require UID to be equal to this, if !=MDS_AUTH_UID_ANY
   std::vector<gid_t> gids;  // Use these GIDs
-  std::string path;     // Require path to be child of this (may be "/" for any)
+  std::string path;  // Require path to be child of this (may be "" or "/" for any)
 
-  MDSCapMatch() : uid(MDS_AUTH_UID_ANY), path(MDS_AUTH_PATH_ROOT) {}
-  MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_)
-    : uid(uid_), gids(gids_), path(MDS_AUTH_PATH_ROOT) {}
-  MDSCapMatch(std::string path_) : uid(MDS_AUTH_UID_ANY), path(path_) {}
+  MDSCapMatch() : uid(MDS_AUTH_UID_ANY) {}
+  MDSCapMatch(int64_t uid_, std::vector<gid_t>& gids_) : uid(uid_), gids(gids_) {}
+  MDSCapMatch(std::string path_)
+    : uid(MDS_AUTH_UID_ANY), path(path_) {
+    normalize_path();
+  }
   MDSCapMatch(std::string path_, int64_t uid_, std::vector<gid_t>& gids_)
-    : uid(uid_), gids(gids_), path(path_) {}
+    : uid(uid_), gids(gids_), path(path_) {
+    normalize_path();
+  }
+
+  void normalize_path();
   
   bool is_match_all() const
   {