From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Wed, 4 Sep 2019 17:42:07 +0000 (+0200)
Subject: rgw: iam: calculate Action_t actions instead of a string
X-Git-Tag: v15.1.0~103^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=1791de53eaf89eed17e32ae5f8a8504610d25957;p=ceph-ci.git

rgw: iam: calculate Action_t actions instead of a string

currently every new action added will change 4 iam Action bitsets which require
the string to be modified by hand and validated by hand. Use a function to do
this instead

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
---

diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 637942471d0..cee2f05262c 100644
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -129,12 +129,24 @@ static constexpr std::uint64_t allCount = stsAll + 1;
 using Action_t = bitset<allCount>;
 using NotAction_t = Action_t;
 
+template <size_t N>
+constexpr std::bitset<N> make_bitmask(size_t s) {
+  // unfortunately none of the shift/logic operators of std::bitset have a constexpr variation
+  return s < 64 ? std::bitset<N> ((1ULL << s) - 1) :
+    std::bitset<N>((1ULL << 63) - 1) | make_bitmask<N> (s - 63) << 63;
+}
+
+template <size_t N>
+constexpr std::bitset<N> set_cont_bits(size_t start, size_t end)
+{
+  return (make_bitmask<N>(end - start)) << start;
+}
+
 static const Action_t None(0);
-static const Action_t s3AllValue("1111111111111111111111111111111111111111111111111111111111111");
-static const Action_t iamAllValue("111111111111100000000000000000000000000000000000000000000000000000000000000");
-static const Action_t stsAllValue("1110000000000000000000000000000000000000000000000000000000000000000000000000000");
-//Modify allValue if more Actions are added
-static const Action_t allValue("11111111111111111111111111111111111111111111111111111111111111111111111111111111");
+static const Action_t s3AllValue = set_cont_bits<allCount>(0,s3All);
+static const Action_t iamAllValue = set_cont_bits<allCount>(s3All+1,iamAll);
+static const Action_t stsAllValue = set_cont_bits<allCount>(iamAll+1,stsAll);
+static const Action_t allValue = set_cont_bits<allCount>(0,allCount);
 
 namespace {
 // Please update the table in doc/radosgw/s3/authentication.rst if you
diff --git a/src/test/rgw/test_rgw_iam_policy.cc b/src/test/rgw/test_rgw_iam_policy.cc
index ca8c3d921c6..dfe1f5edd0c 100644
--- a/src/test/rgw/test_rgw_iam_policy.cc
+++ b/src/test/rgw/test_rgw_iam_policy.cc
@@ -1202,3 +1202,20 @@ TEST(MatchPolicy, String)
   EXPECT_TRUE(match_policy("a:*:e", "a:bcd:e", flag));
   EXPECT_TRUE(match_policy("a:*", "a:b:c", flag)); // can span segments
 }
+
+static const Action_t s3AllValuet("1111111111111111111111111111111111111111111111111111111111111");
+static const Action_t iamAllValuet("111111111111100000000000000000000000000000000000000000000000000000000000000");
+static const Action_t stsAllValuet("1110000000000000000000000000000000000000000000000000000000000000000000000000000");
+static const Action_t allValuet("11111111111111111111111111111111111111111111111111111111111111111111111111111111");
+
+using rgw::IAM::s3AllValue;
+using rgw::IAM::stsAllValue;
+using rgw::IAM::allValue;
+using rgw::IAM::iamAllValue;
+TEST(set_cont_bits, iamconsts)
+{
+  EXPECT_EQ(s3AllValue, s3AllValuet);
+  EXPECT_EQ(iamAllValue, iamAllValuet);
+  EXPECT_EQ(stsAllValue, stsAllValuet);
+  EXPECT_EQ(allValue , allValuet);
+}