]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5ad3ce9)
rgw: policy: modify s3:ListBucketMultiPartUploads to s3:ListBucketMultipartUploads 21917/head
authorxiangxiang <xiangxiang@xsky.com>
Tue, 20 Mar 2018 12:38:07 +0000 (20:38 +0800)
committerNathan Cutler <ncutler@suse.com>
Wed, 9 May 2018 18:49:05 +0000 (20:49 +0200)
according to AWS S3, the permission keyword should be s3:ListBucketMultipartUploads
rather than s3:ListBucketMultiPartUploads.

all operation permission list in AWS S3 as follows:
  https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html?shortFooter=true

Signed-off-by: xiangxiang <xiangxiang@xsky.com>
(cherry picked from commit 41ef62d9047ca7469023181f203e79c63ec30d64)

src/rgw/rgw_iam_policy.cc patch | blob | history
src/rgw/rgw_iam_policy.h patch | blob | history
src/rgw/rgw_op.cc patch | blob | history
src/test/rgw/test_rgw_iam_policy.cc patch | blob | history

diff --git a/src/rgw/rgw_iam_policy.cc b/src/rgw/rgw_iam_policy.cc
index 675db22c21603b80d9032af5f9c8b979d94dc46d..9f31db2eaad7b73e3feb7592d139abf331170b77 100644 (file)
--- a/src/rgw/rgw_iam_policy.cc
+++ b/src/rgw/rgw_iam_policy.cc
@@ -421,7 +421,7 @@ static const actpair actpairs[] =
  { "s3:GetObjectVersionTagging", s3GetObjectVersionTagging},
  { "s3:GetReplicationConfiguration", s3GetReplicationConfiguration },
  { "s3:ListAllMyBuckets", s3ListAllMyBuckets },
- { "s3:ListBucketMultiPartUploads", s3ListBucketMultiPartUploads },
+ { "s3:ListBucketMultipartUploads", s3ListBucketMultipartUploads },
  { "s3:ListBucket", s3ListBucket },
  { "s3:ListBucketVersions", s3ListBucketVersions },
  { "s3:ListMultipartUploadParts", s3ListMultipartUploadParts },
@@ -1325,8 +1325,8 @@ const char* action_bit_string(uint64_t action) {
   case s3ListAllMyBuckets:
     return "s3:ListAllMyBuckets";
 
-  case s3ListBucketMultiPartUploads:
-    return "s3:ListBucketMultiPartUploads";
+  case s3ListBucketMultipartUploads:
+    return "s3:ListBucketMultipartUploads";
 
   case s3GetAccelerateConfiguration:
     return "s3:GetAccelerateConfiguration";
diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 032840151a6ff083a2c6015d8127d306f6d0a201..8791861a54d16cbce186b4b898312e5310939848 100644 (file)
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -60,7 +60,7 @@ static constexpr std::uint64_t s3DeleteBucket = 1ULL << 15;
 static constexpr std::uint64_t s3ListBucket = 1ULL << 16;
 static constexpr std::uint64_t s3ListBucketVersions = 1ULL << 17;
 static constexpr std::uint64_t s3ListAllMyBuckets = 1ULL << 18;
-static constexpr std::uint64_t s3ListBucketMultiPartUploads = 1ULL << 19;
+static constexpr std::uint64_t s3ListBucketMultipartUploads = 1ULL << 19;
 static constexpr std::uint64_t s3GetAccelerateConfiguration = 1ULL << 20;
 static constexpr std::uint64_t s3PutAccelerateConfiguration = 1ULL << 21;
 static constexpr std::uint64_t s3GetBucketAcl = 1ULL << 22;
@@ -109,7 +109,7 @@ inline int op_to_perm(std::uint64_t op) {
   case s3GetObjectVersionTagging:
   case s3ListAllMyBuckets:
   case s3ListBucket:
-  case s3ListBucketMultiPartUploads:
+  case s3ListBucketMultipartUploads:
   case s3ListBucketVersions:
   case s3ListMultipartUploadParts:
     return RGW_PERM_READ;
diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index f20cbd9b862bc877599a4d29669bd697486c0a71..f593f5729ec81ca97790e3222de47466dc67ba04 100644 (file)
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -5732,7 +5732,7 @@ void RGWListMultipart::execute()
 int RGWListBucketMultiparts::verify_permission()
 {
   if (!verify_bucket_permission(s,
-                               rgw::IAM::s3ListBucketMultiPartUploads))
+                               rgw::IAM::s3ListBucketMultipartUploads))
     return -EACCES;
 
   return 0;
diff --git a/src/test/rgw/test_rgw_iam_policy.cc b/src/test/rgw/test_rgw_iam_policy.cc
index 50d428a86be90e6d8208b8175340b9098d0e0bbf..738ce1b78efc8e6300f4db6735ca59cd7081e29c 100644 (file)
--- a/src/test/rgw/test_rgw_iam_policy.cc
+++ b/src/test/rgw/test_rgw_iam_policy.cc
@@ -71,7 +71,7 @@ using rgw::IAM::s3GetReplicationConfiguration;
 using rgw::IAM::s3ListAllMyBuckets;
 using rgw::IAM::s3ListBucket;
 using rgw::IAM::s3ListBucket;
-using rgw::IAM::s3ListBucketMultiPartUploads;
+using rgw::IAM::s3ListBucketMultipartUploads;
 using rgw::IAM::s3ListBucketVersions;
 using rgw::IAM::s3ListMultipartUploadParts;
 using rgw::IAM::s3None;
@@ -315,7 +315,7 @@ TEST_F(PolicyTest, Parse3) {
   EXPECT_EQ(p->statements[2].action, (s3ListMultipartUploadParts |
                                      s3ListBucket | s3ListBucketVersions |
                                      s3ListAllMyBuckets |
-                                     s3ListBucketMultiPartUploads |
+                                     s3ListBucketMultipartUploads |
                                      s3GetObject | s3GetObjectVersion |
                                      s3GetObjectAcl | s3GetObjectVersionAcl |
                                      s3GetObjectTorrent |
@@ -370,7 +370,7 @@ TEST_F(PolicyTest, Eval3) {
 
   auto s3allow = (s3ListMultipartUploadParts | s3ListBucket |
                  s3ListBucketVersions | s3ListAllMyBuckets |
-                 s3ListBucketMultiPartUploads | s3GetObject |
+                 s3ListBucketMultipartUploads | s3GetObject |
                  s3GetObjectVersion | s3GetObjectAcl | s3GetObjectVersionAcl |
                  s3GetObjectTorrent | s3GetObjectVersionTorrent |
                  s3GetAccelerateConfiguration | s3GetBucketAcl |
Unnamed repository; edit this file 'description' to name the repository.