From: Casey Bodley <cbodley@redhat.com>
Date: Thu, 20 Apr 2023 13:25:49 +0000 (-0400)
Subject: rgw/sts: AssumeRole no longer writes to user metadata
X-Git-Tag: v19.0.0~1299^2~2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=2f60200bf69b0814ce7d1ae7d217d5c37f99f80e;p=ceph.git

rgw/sts: AssumeRole no longer writes to user metadata

`storeARN()` was storing the role's ARN in `RGWUserInfo::assumed_role_arn`,
but that field was unused

Fixes: https://tracker.ceph.com/issues/59495

Signed-off-by: Casey Bodley <cbodley@redhat.com>
---

diff --git a/src/rgw/rgw_sts.cc b/src/rgw/rgw_sts.cc
index b3926f5f7625..b552834426a9 100644
--- a/src/rgw/rgw_sts.cc
+++ b/src/rgw/rgw_sts.cc
@@ -319,23 +319,6 @@ std::tuple<int, rgw::sal::RGWRole*> STSService::getRoleInfo(const DoutPrefixProv
   }
 }
 
-int STSService::storeARN(const DoutPrefixProvider *dpp, string& arn, optional_yield y)
-{
-  int ret = 0;
-  std::unique_ptr<rgw::sal::User> user = driver->get_user(user_id);
-  if ((ret = user->load_user(dpp, y)) < 0) {
-    return -ERR_NO_SUCH_ENTITY;
-  }
-
-  user->get_info().assumed_role_arn = arn;
-
-  ret = user->store_user(dpp, y, false, &user->get_info());
-  if (ret < 0) {
-    return -ERR_INTERNAL_ERROR;
-  }
-  return ret;
-}
-
 AssumeRoleWithWebIdentityResponse STSService::assumeRoleWithWebIdentity(const DoutPrefixProvider *dpp, AssumeRoleWithWebIdentityRequest& req)
 {
   AssumeRoleWithWebIdentityResponse response;
@@ -447,13 +430,6 @@ AssumeRoleResponse STSService::assumeRole(const DoutPrefixProvider *dpp,
     return response;
   }
 
-  //Save ARN with the user
-  string arn = response.user.getARN();
-  response.retCode = storeARN(dpp, arn, y);
-  if (response.retCode < 0) {
-    return response;
-  }
-
   response.retCode = 0;
   return response;
 }
diff --git a/src/rgw/rgw_sts.h b/src/rgw/rgw_sts.h
index 65dbb17477f1..5ee7ee444fcb 100644
--- a/src/rgw/rgw_sts.h
+++ b/src/rgw/rgw_sts.h
@@ -238,7 +238,6 @@ class STSService {
   rgw_user user_id;
   std::unique_ptr<rgw::sal::RGWRole> role;
   rgw::auth::Identity* identity;
-  int storeARN(const DoutPrefixProvider *dpp, std::string& arn, optional_yield y);
 public:
   STSService() = default;
   STSService(CephContext* cct, rgw::sal::Driver* driver, rgw_user user_id,