rgw: can set negative max_buckets on RGWUserInfo

This can be used to disable user's bucket creation

Fixes: http://tracker.ceph.com/issues/14534
Signed-off-by: Yehuda Sadeh <yehuda@redhat.com>
(cherry picked from commit 626d795139a6c5104be098780b70500c2de9b8f4)

diff --git a/src/common/config_opts.h b/src/common/config_opts.h
index 082a367c9505c188e01013227e4b2421e1ddef8f..2a4170f01f5d22d52a127722c84a996c7115c4ca 100644 (file)
--- a/src/common/config_opts.h
+++ b/src/common/config_opts.h
@@ -1394,7 +1394,7 @@ OPTION(rgw_multipart_part_upload_limit, OPT_INT, 10000) // parts limit in multip
 OPTION(rgw_max_slo_entries, OPT_INT, 1000) // default number of max entries in slo
 
 OPTION(rgw_olh_pending_timeout_sec, OPT_INT, 3600) // time until we retire a pending olh change
-OPTION(rgw_user_max_buckets, OPT_U32, 1000) // global option to set max buckets count for all user
+OPTION(rgw_user_max_buckets, OPT_INT, 1000) // global option to set max buckets count for all user
 
 OPTION(rgw_objexp_gc_interval, OPT_U32, 60 * 10) // maximum time between round of expired objects garbage collecting
 OPTION(rgw_objexp_time_step, OPT_U32, 4096) // number of seconds for rounding the timestamps

diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc
index f6de39f7e5cf4492f945a08862fd9b16222614a4..8e0187d37d093ebf30324e2308489b66a4a0da0d 100644 (file)
--- a/src/rgw/rgw_admin.cc
+++ b/src/rgw/rgw_admin.cc
@@ -2001,6 +2001,7 @@ int main(int argc, char **argv)
   int remove_bad = false;
   int check_head_obj_locator = false;
   int max_buckets = -1;
+  bool max_buckets_specified = false;
   map<string, bool> categories;
   string caps;
   int check_objects = false;
@@ -2139,6 +2140,7 @@ int main(int argc, char **argv)
         cerr << "ERROR: failed to parse max buckets: " << err << std::endl;
         return EINVAL;
       }
+      max_buckets_specified = true;
     } else if (ceph_argparse_witharg(args, i, &val, "--max-entries", (char*)NULL)) {
       max_entries = (int)strict_strtol(val.c_str(), 10, &err);
       if (!err.empty()) {
@@ -3634,7 +3636,7 @@ int main(int argc, char **argv)
   if (gen_secret_key)
     user_op.set_gen_secret(); // assume that a key pair should be created
 
-  if (max_buckets >= 0)
+  if (max_buckets_specified)
     user_op.set_max_buckets(max_buckets);
 
   if (system_specified)

diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index a907f441bfcdadd0255ba59cd441b643d2de0faf..bf6c44c876e1086c522725055a6e9576d925fc5d 100644 (file)
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -535,7 +535,7 @@ struct RGWUserInfo
   map<string, RGWAccessKey> swift_keys;
   map<string, RGWSubUser> subusers;
   __u8 suspended;
-  uint32_t max_buckets;
+  int32_t max_buckets;
   uint32_t op_mask;
   RGWUserCaps caps;
   __u8 system;

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index a655a217a73df8a76fc6e88ac6a8a0c57fb0bfb2..dc995c037b2648ccfce861b0582210dc9c2970fb 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -1782,6 +1782,9 @@ int RGWCreateBucket::verify_permission()
       << dendl;
     return -EACCES;
   }
+  if (s->user->max_buckets < 0) {
+    return -EPERM;
+  }
 
   if (s->user->max_buckets) {
     RGWUserBuckets buckets;

diff --git a/src/rgw/rgw_rest_user.cc b/src/rgw/rgw_rest_user.cc
index 587e6d00db202759fd116a25c3e16e7be468c9a4..915c4eacfe5253ebdd72f854239850a9b4974fc0 100644 (file)
--- a/src/rgw/rgw_rest_user.cc
+++ b/src/rgw/rgw_rest_user.cc
@@ -73,8 +73,8 @@ void RGWOp_User_Create::execute()
   bool system;
   bool exclusive;
 
-  uint32_t max_buckets;
-  uint32_t default_max_buckets = s->cct->_conf->rgw_user_max_buckets;
+  int32_t max_buckets;
+  int32_t default_max_buckets = s->cct->_conf->rgw_user_max_buckets;
 
   RGWUserAdminOpState op_state;
 
@@ -89,7 +89,7 @@ void RGWOp_User_Create::execute()
   RESTArgs::get_string(s, "user-caps", caps, &caps);
   RESTArgs::get_bool(s, "generate-key", true, &gen_key);
   RESTArgs::get_bool(s, "suspended", false, &suspended);
-  RESTArgs::get_uint32(s, "max-buckets", default_max_buckets, &max_buckets);
+  RESTArgs::get_int32(s, "max-buckets", default_max_buckets, &max_buckets);
   RESTArgs::get_bool(s, "system", false, &system);
   RESTArgs::get_bool(s, "exclusive", false, &exclusive);
 
@@ -174,7 +174,7 @@ void RGWOp_User_Modify::execute()
   bool suspended;
   bool system;
 
-  uint32_t max_buckets;
+  int32_t max_buckets;
 
   RGWUserAdminOpState op_state;
 
@@ -188,7 +188,7 @@ void RGWOp_User_Modify::execute()
   RESTArgs::get_string(s, "user-caps", caps, &caps);
   RESTArgs::get_bool(s, "generate-key", false, &gen_key);
   RESTArgs::get_bool(s, "suspended", false, &suspended);
-  RESTArgs::get_uint32(s, "max-buckets", RGW_DEFAULT_MAX_BUCKETS, &max_buckets);
+  RESTArgs::get_int32(s, "max-buckets", RGW_DEFAULT_MAX_BUCKETS, &max_buckets);
   RESTArgs::get_string(s, "key-type", key_type_str, &key_type_str);
 
   RESTArgs::get_bool(s, "system", false, &system);

diff --git a/src/rgw/rgw_user.h b/src/rgw/rgw_user.h
index 4ede53c677b1717b7a7aa993e8d4ca2f192e4ddd..269ae90dc30fadc8ff575bcc93c3e87580ca5eee 100644 (file)
--- a/src/rgw/rgw_user.h
+++ b/src/rgw/rgw_user.h
@@ -157,7 +157,7 @@ struct RGWUserAdminOpState {
   rgw_user user_id;
   std::string user_email;
   std::string display_name;
-  uint32_t max_buckets;
+  int32_t max_buckets;
   __u8 suspended;
   __u8 system;
   __u8 exclusive;
@@ -335,7 +335,7 @@ struct RGWUserAdminOpState {
     info = user_info;
   }
 
-  void set_max_buckets(uint32_t mb) {
+  void set_max_buckets(int32_t mb) {
     max_buckets = mb;
     max_buckets_specified = true;
   }
@@ -410,7 +410,7 @@ struct RGWUserAdminOpState {
   __u8 get_suspension_status() { return suspended; }
   int32_t get_key_type() {return key_type; }
   uint32_t get_subuser_perm() { return perm_mask; }
-  uint32_t get_max_buckets() { return max_buckets; }
+  int32_t get_max_buckets() { return max_buckets; }
   uint32_t get_op_mask() { return op_mask; }
   RGWQuotaInfo& get_bucket_quota() { return bucket_quota; }
   RGWQuotaInfo& get_user_quota() { return user_quota; }