rgw: skip read_policy checks for system_users

author Josh Durgin <josh.durgin@inktank.com>

Thu, 10 Oct 2013 22:50:39 +0000 (15:50 -0700)

committer Josh Durgin <josh.durgin@inktank.com>

Thu, 24 Oct 2013 15:56:02 +0000 (08:56 -0700)
author Josh Durgin <josh.durgin@inktank.com>
Thu, 10 Oct 2013 22:50:39 +0000 (15:50 -0700)
committer Josh Durgin <josh.durgin@inktank.com>
Thu, 24 Oct 2013 15:56:02 +0000 (08:56 -0700)
diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc

index aa7ff9bb3f51fa02858d1809544b0c3294985e51..c750276596f8327765273b4f310cb2b396b18268 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -269,7 +269,7 @@ static int read_policy(RGWRados *store, struct req_state *s,
    string oid = object;
    rgw_obj obj;
  
-  if (bucket_info.flags & BUCKET_SUSPENDED) {
+  if (!s->system_request && bucket_info.flags & BUCKET_SUSPENDED) {
      ldout(s->cct, 0) << "NOTICE: bucket " << bucket_info.bucket.name << " is suspended" << dendl;
      return -ERR_USER_SUSPENDED;
    }
@@ -292,7 +292,7 @@ static int read_policy(RGWRados *store, struct req_state *s,
      if (ret < 0)
        return ret;
      string& owner = bucket_policy.get_owner().get_id();
-    if (owner.compare(s->user.user_id) != 0 &&
+    if (!s->system_request && owner.compare(s->user.user_id) != 0 &&
          !bucket_policy.verify_permission(s->user.user_id, s->perm_mask, RGW_PERM_READ))
        ret = -EACCES;
      else
author	Josh Durgin <josh.durgin@inktank.com>
	Thu, 10 Oct 2013 22:50:39 +0000 (15:50 -0700)
committer	Josh Durgin <josh.durgin@inktank.com>
	Thu, 24 Oct 2013 15:56:02 +0000 (08:56 -0700)