From: Radoslaw Zarzynski Date: Wed, 11 Jan 2017 16:01:17 +0000 (+0100) Subject: rgw: remove rgw/rgw_auth_decoimpl.h as it isn't necessary anymore. X-Git-Tag: v12.0.2~305^2~15 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=0e79c29b1cab20b634d3cc7c31c43c17d1384167;p=ceph.git rgw: remove rgw/rgw_auth_decoimpl.h as it isn't necessary anymore. Signed-off-by: Radoslaw Zarzynski Signed-off-by: Matt Benjamin --- diff --git a/src/rgw/rgw_auth_decoimpl.h b/src/rgw/rgw_auth_decoimpl.h deleted file mode 100644 index bd3742657b87c..0000000000000 --- a/src/rgw/rgw_auth_decoimpl.h +++ /dev/null @@ -1,169 +0,0 @@ -// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- -// vim: ts=8 sw=2 smarttab - - -#ifndef CEPH_RGW_AUTH_DECOIMPL_H -#define CEPH_RGW_AUTH_DECOIMPL_H - -#include "rgw_auth.h" - - -/* Abstract decorator over any implementation of RGWAuthApplier. */ -template -class RGWDecoratingAuthApplier : public RGWAuthApplier { - static_assert(std::is_base_of::value, - "DecorateeT must be a subclass of RGWAuthApplier"); - DecorateeT decoratee; - -public: - RGWDecoratingAuthApplier(const DecorateeT& decoratee) - : RGWAuthApplier(decoratee.cct), - decoratee(decoratee) { - } - - uint32_t get_perms_from_aclspec(const aclspec_t& aclspec) const override { - return decoratee.get_perms_from_aclspec(aclspec); - } - - bool is_admin_of(const rgw_user& uid) const override { - return decoratee.is_admin_of(uid); - } - - bool is_owner_of(const rgw_user& uid) const override { - return decoratee.is_owner_of(uid); - } - - uint32_t get_perm_mask() const override { - return decoratee.get_perm_mask(); - } - - void to_str(std::ostream& out) const override { - decoratee.to_str(out); - } - - void load_acct_info(RGWUserInfo& user_info) const override { /* out */ - return decoratee.load_acct_info(user_info); - } - - void modify_request_state(req_state * s) const override { /* in/out */ - return decoratee.modify_request_state(s); - } -}; - - -/* Decorator specialization for dealing with pointers to an applier. Useful - * for decorating the applier returned after successfull authenication. */ -template <> -class RGWDecoratingAuthApplier : public RGWAuthApplier { - aplptr_t decoratee; - -public: - RGWDecoratingAuthApplier(aplptr_t&& decoratee) - : RGWAuthApplier(decoratee->cct), - decoratee(std::move(decoratee)) { - } - - uint32_t get_perms_from_aclspec(const aclspec_t& aclspec) const override { - return decoratee->get_perms_from_aclspec(aclspec); - } - - bool is_admin_of(const rgw_user& uid) const override { - return decoratee->is_admin_of(uid); - } - - bool is_owner_of(const rgw_user& uid) const override { - return decoratee->is_owner_of(uid); - } - - uint32_t get_perm_mask() const override { - return decoratee->get_perm_mask(); - } - - void to_str(std::ostream& out) const override { - decoratee->to_str(out); - } - - void load_acct_info(RGWUserInfo& user_info) const override { /* out */ - return decoratee->load_acct_info(user_info); - } - - void modify_request_state(req_state * s) const override { /* in/out */ - return decoratee->modify_request_state(s); - } -}; - - -template -class RGWThirdPartyAccountAuthApplier : public RGWDecoratingAuthApplier { - /* const */RGWRados * const store; - const rgw_user acct_user_override; -public: - /* A value representing situations where there is no requested account - * override. In other words, acct_user_override will be equal to this - * constant where the request isn't a cross-tenant one. */ - static const rgw_user UNKNOWN_ACCT; - - template - RGWThirdPartyAccountAuthApplier(U&& decoratee, - RGWRados * const store, - const rgw_user acct_user_override) - : RGWDecoratingAuthApplier(std::move(decoratee)), - store(store), - acct_user_override(acct_user_override) { - } - - void to_str(std::ostream& out) const override; - void load_acct_info(RGWUserInfo& user_info) const override; /* out */ -}; - -/* static declaration: UNKNOWN_ACCT will be an empty rgw_user that is a result - * of the default construction. */ -template -const rgw_user RGWThirdPartyAccountAuthApplier::UNKNOWN_ACCT; - -template -void RGWThirdPartyAccountAuthApplier::to_str(std::ostream& out) const -{ - out << "RGWThirdPartyAccountAuthApplier(" + acct_user_override.to_str() + ")" - << " -> "; - RGWDecoratingAuthApplier::to_str(out); -} - -template -void RGWThirdPartyAccountAuthApplier::load_acct_info(RGWUserInfo& user_info) const -{ - if (UNKNOWN_ACCT == acct_user_override) { - /* There is no override specified by the upper layer. This means that we'll - * load the account owned by the authenticated identity (aka auth_user). */ - RGWDecoratingAuthApplier::load_acct_info(user_info); - } else if (RGWDecoratingAuthApplier::is_owner_of(acct_user_override)) { - /* The override has been specified but the account belongs to the authenticated - * identity. We may safely forward the call to a next stage. */ - RGWDecoratingAuthApplier::load_acct_info(user_info); - } else { - /* Compatibility mechanism for multi-tenancy. For more details refer to - * load_acct_info method of RGWRemoteAuthApplier. */ - if (acct_user_override.tenant.empty()) { - const rgw_user tenanted_uid(acct_user_override.id, acct_user_override.id); - - if (rgw_get_user_info_by_uid(store, tenanted_uid, user_info) >= 0) { - /* Succeeded. */ - return; - } - } - - int ret = rgw_get_user_info_by_uid(store, acct_user_override, user_info); - if (ret < 0) { - /* We aren't trying to recover from ENOENT here. It's supposed that creating - * someone else's account isn't a thing we want to support in this filter. */ - if (ret == -ENOENT) { - throw -EACCES; - } else { - throw ret; - } - } - - } -} - -#endif /* CEPH_RGW_AUTH_DECOIMPL_H */ diff --git a/src/rgw/rgw_rest_s3.h b/src/rgw/rgw_rest_s3.h index 1ba7242be8466..edc93966d3991 100644 --- a/src/rgw/rgw_rest_s3.h +++ b/src/rgw/rgw_rest_s3.h @@ -22,7 +22,6 @@ #include "include/assert.h" #include "rgw_auth.h" -#include "rgw_auth_decoimpl.h" #include "rgw_auth_filters.h" #define RGW_AUTH_GRACE_MINS 15 diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc index 94f31cd61c02d..3bcd7bf58bf22 100644 --- a/src/rgw/rgw_rest_swift.cc +++ b/src/rgw/rgw_rest_swift.cc @@ -19,7 +19,6 @@ #include "rgw_client_io.h" #include "rgw_auth.h" -#include "rgw_auth_decoimpl.h" #include "rgw_swift_auth.h" #include "rgw_request.h"