From: Rahul Dev Parashar <d.rahul29@gmail.com>
Date: Mon, 19 Jul 2021 08:07:45 +0000 (+0530)
Subject: rgw: Address review comments, fix test cases for BucketEncryption APIs
X-Git-Tag: v17.1.0~1283^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=34befa4122f59f2b732de80f4be9190eb8a1678e;p=ceph.git

rgw: Address review comments, fix test cases for BucketEncryption APIs

Review comments are addressed.
Added documentation in authentication.rst for newly added IAM policies.
Test case failure due to incorrect IAM policy is fixed.

Signed-off-by: Rahul Dev Parashar <rahul.dev@flipkart.com>
---

diff --git a/doc/radosgw/s3/authentication.rst b/doc/radosgw/s3/authentication.rst
index 10143290d3c7..64747cde2761 100644
--- a/doc/radosgw/s3/authentication.rst
+++ b/doc/radosgw/s3/authentication.rst
@@ -185,6 +185,8 @@ Internally, S3 operations are mapped to ACL permissions thus:
 +---------------------------------------+---------------+
 | ``s3:GetReplicationConfiguration``    | ``READ_ACP``  |
 +---------------------------------------+---------------+
+| ``s3:GetBucketEncryption``            | ``READ_ACP``  |
++---------------------------------------+---------------+
 | ``s3:DeleteBucketPolicy``             | ``WRITE_ACP`` |
 +---------------------------------------+---------------+
 | ``s3:DeleteBucketWebsite``            | ``WRITE_ACP`` |
@@ -219,6 +221,8 @@ Internally, S3 operations are mapped to ACL permissions thus:
 +---------------------------------------+---------------+
 | ``s3:PutReplicationConfiguration``    | ``WRITE_ACP`` |
 +---------------------------------------+---------------+
+| ``s3:PutBucketEncryption``            | ``WRITE_ACP`` |
++---------------------------------------+---------------+
 
 Some mappings, (e.g. ``s3:CreateBucket`` to ``WRITE``) are not
 applicable to S3 operation, but are required to allow Swift and S3 to
diff --git a/src/rgw/rgw_bucket_encryption.cc b/src/rgw/rgw_bucket_encryption.cc
index 2913ce8a0ed4..0310e5ac5a84 100644
--- a/src/rgw/rgw_bucket_encryption.cc
+++ b/src/rgw/rgw_bucket_encryption.cc
@@ -24,9 +24,6 @@ void ServerSideEncryptionConfiguration::dump_xml(Formatter *f) const {
 
 void RGWBucketEncryptionConfig::decode_xml(XMLObj *obj) {
   rule_exist = RGWXMLDecoder::decode_xml("Rule", rule, obj);
-  if(!rule_exist) {
-    throw RGWXMLDecoder::err("rule must be present in XML");
-  }
 }
 
 void RGWBucketEncryptionConfig::dump_xml(Formatter *f) const {
diff --git a/src/rgw/rgw_common.h b/src/rgw/rgw_common.h
index ea8692c2be85..3357b0056963 100644
--- a/src/rgw/rgw_common.h
+++ b/src/rgw/rgw_common.h
@@ -39,7 +39,6 @@
 #include "cls/rgw/cls_rgw_types.h"
 #include "include/rados/librados.hpp"
 #include "rgw_public_access.h"
-#include "rgw_bucket_encryption.h"
 
 namespace ceph {
   class Formatter;
diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 0575ce8617ca..d609716c43b8 100644
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -109,8 +109,7 @@ static constexpr std::uint64_t s3PutBucketPublicAccessBlock = 66;
 static constexpr std::uint64_t s3DeleteBucketPublicAccessBlock = 67;
 static constexpr std::uint64_t s3GetBucketEncryption = 68;
 static constexpr std::uint64_t s3PutBucketEncryption = 69;
-static constexpr std::uint64_t s3DeleteBucketEncryption = 70;
-static constexpr std::uint64_t s3All = 71;
+static constexpr std::uint64_t s3All = 70;
 
 static constexpr std::uint64_t iamPutUserPolicy = s3All + 1;
 static constexpr std::uint64_t iamGetUserPolicy = s3All + 2;