From: Ponnuvel Palaniyappan <ponnuvel.palaniyappan@canonical.com>
Date: Wed, 28 Apr 2021 12:12:52 +0000 (+0100)
Subject: rgw: Add a helper to validate rgw user attributes
X-Git-Tag: v15.2.14~17^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=412def218d5b9efa34d7663a12588e71314fe8e2;p=ceph.git

rgw: Add a helper to validate rgw user attributes

Signed-off-by: Ponnuvel Palaniyappan <ponnuvel.palaniyappan@canonical.com>
(cherry picked from commit de1b064dfe2dd6ed5d91dd83beaf4be5176a1814)

Conflicts:
	src/rgw/rgw_user.cc
- unused (no longer needed after introducing helper func) variables cleaned up
  and change in function prototype of RGWUser::user_add().
---

diff --git a/src/rgw/rgw_user.cc b/src/rgw/rgw_user.cc
index 23ccb344580a..39023d022148 100644
--- a/src/rgw/rgw_user.cc
+++ b/src/rgw/rgw_user.cc
@@ -326,7 +326,7 @@ static void set_err_msg(std::string *sink, std::string msg)
 /*
  * Dump either the full user info or a subset to a formatter.
  *
- * NOTE: It is the caller's respnsibility to ensure that the
+ * NOTE: It is the caller's responsibility to ensure that the
  * formatter is flushed at the correct time.
  */
 
@@ -441,6 +441,43 @@ static void dump_user_info(Formatter *f, RGWUserInfo &info,
   f->close_section();
 }
 
+static int user_add_helper(RGWUserAdminOpState& op_state, std::string *err_msg)
+{
+  int ret = 0;
+  const rgw_user& uid = op_state.get_user_id();
+  std::string user_email = op_state.get_user_email();
+  std::string display_name = op_state.get_display_name();
+
+  // fail if the user exists already
+  if (op_state.has_existing_user()) {
+    if (op_state.found_by_email) {
+      set_err_msg(err_msg, "email: " + user_email +
+          " is the email address of an existing user");
+      ret = -ERR_EMAIL_EXIST;
+    } else if (op_state.found_by_key) {
+      set_err_msg(err_msg, "duplicate key provided");
+      ret = -ERR_KEY_EXIST;
+    } else {
+      set_err_msg(err_msg, "user: " + uid.to_str() + " exists");
+      ret = -EEXIST;
+    }
+    return ret;
+  }
+
+  // fail if the user_info has already been populated
+  if (op_state.is_populated()) {
+    set_err_msg(err_msg, "cannot overwrite already populated user");
+    return -EEXIST;
+  }
+
+  // fail if the display name was not included
+  if (display_name.empty()) {
+    set_err_msg(err_msg, "no display name specified");
+    return -EINVAL;
+  }
+
+  return ret;
+}
 
 RGWAccessKeyPool::RGWAccessKeyPool(RGWUser* usr)
 {
@@ -1028,7 +1065,7 @@ int RGWSubUserPool::check_op(RGWUserAdminOpState& op_state,
   }
 
   if (op_state.get_subuser_perm() == RGW_PERM_INVALID) {
-    set_err_msg(err_msg, "invaild subuser access");
+    set_err_msg(err_msg, "invalid subuser access");
     return -EINVAL;
   }
 
@@ -1530,28 +1567,22 @@ int RGWUser::update(RGWUserAdminOpState& op_state, std::string *err_msg)
 
 int RGWUser::check_op(RGWUserAdminOpState& op_state, std::string *err_msg)
 {
-  bool same_id;
-  bool populated;
-  rgw_user& op_id = op_state.get_user_id();
-
-  RGWUserInfo user_info;
-
-  same_id = (user_id.compare(op_id) == 0);
-  populated = is_populated();
+  int ret = 0;
+  const rgw_user& uid = op_state.get_user_id();
 
-  if (op_id.compare(RGW_USER_ANON_ID) == 0) {
+  if (uid.compare(RGW_USER_ANON_ID) == 0) {
     set_err_msg(err_msg, "unable to perform operations on the anonymous user");
     return -EINVAL;
   }
 
-  if (populated && !same_id) {
-    set_err_msg(err_msg, "user id mismatch, operation id: " + op_id.to_str()
+  if (is_populated() && user_id.compare(uid) != 0) {
+    set_err_msg(err_msg, "user id mismatch, operation id: " + uid.to_str()
             + " does not match: " + user_id.to_str());
 
     return -EINVAL;
   }
 
-  int ret = rgw_validate_tenant_name(op_id.tenant);
+  ret = rgw_validate_tenant_name(uid.tenant);
   if (ret) {
     set_err_msg(err_msg,
 		"invalid tenant only alphanumeric and _ characters are allowed");
@@ -1691,46 +1722,12 @@ int RGWUser::execute_rename(RGWUserAdminOpState& op_state, std::string *err_msg)
 
 int RGWUser::execute_add(RGWUserAdminOpState& op_state, std::string *err_msg)
 {
-  std::string subprocess_msg;
-  int ret = 0;
-  bool defer_user_update = true;
-
-  RGWUserInfo user_info;
-
-  rgw_user& uid = op_state.get_user_id();
+  const rgw_user& uid = op_state.get_user_id();
   std::string user_email = op_state.get_user_email();
   std::string display_name = op_state.get_display_name();
 
-  // fail if the user exists already
-  if (op_state.has_existing_user()) {
-    if (op_state.found_by_email) {
-      set_err_msg(err_msg, "email: " + user_email +
-		  " is the email address an existing user");
-      ret = -ERR_EMAIL_EXIST;
-    } else if (op_state.found_by_key) {
-      set_err_msg(err_msg, "duplicate key provided");
-      ret = -ERR_KEY_EXIST;
-    } else {
-      set_err_msg(err_msg, "user: " + op_state.user_id.to_str() + " exists");
-      ret = -EEXIST;
-    }
-    return ret;
-  }
-
-  // fail if the user_info has already been populated
-  if (op_state.is_populated()) {
-    set_err_msg(err_msg, "cannot overwrite already populated user");
-    return -EEXIST;
-  }
-
-  // fail if the display name was not included
-  if (display_name.empty()) {
-    set_err_msg(err_msg, "no display name specified");
-    return -EINVAL;
-  }
-
-		
   // set the user info
+  RGWUserInfo user_info;
   user_id = uid;
   user_info.user_id = user_id;
   user_info.display_name = display_name;
@@ -1787,13 +1784,15 @@ int RGWUser::execute_add(RGWUserAdminOpState& op_state, std::string *err_msg)
   op_state.set_populated();
 
   // update the helper objects
-  ret = init_members(op_state);
+  int ret = init_members(op_state);
   if (ret < 0) {
     set_err_msg(err_msg, "unable to initialize user");
     return ret;
   }
 
   // see if we need to add an access key
+  std::string subprocess_msg;
+  bool defer_user_update = true;
   if (op_state.has_key_op()) {
     ret = keys.add(op_state, &subprocess_msg, defer_user_update);
     if (ret < 0) {
@@ -1818,11 +1817,14 @@ int RGWUser::execute_add(RGWUserAdminOpState& op_state, std::string *err_msg)
   return 0;
 }
 
-
 int RGWUser::add(RGWUserAdminOpState& op_state, std::string *err_msg)
 {
   std::string subprocess_msg;
-  int ret;
+  int ret = user_add_helper(op_state, &subprocess_msg);
+  if (ret != 0) {
+    set_err_msg(err_msg, "unable to parse parameters, " + subprocess_msg);
+    return ret;
+  }
 
   ret = check_op(op_state, &subprocess_msg);
   if (ret < 0) {
@@ -2096,14 +2098,7 @@ int RGWUser::modify(RGWUserAdminOpState& op_state, std::string *err_msg)
 
   ret = check_op(op_state, &subprocess_msg);
   if (ret < 0) {
-    if (is_populated() && (user_id.compare(op_state.get_user_id()) != 0)) {
-      set_err_msg(err_msg, "unable to create user " + user_id.to_str()
-		  + " because user id " + op_state.get_user_id().to_str()
-		  + " already exists with email "
-		  + op_state.get_user_email());
-    } else {
-      set_err_msg(err_msg, "unable to parse parameters, " + subprocess_msg);
-    }
+    set_err_msg(err_msg, "unable to parse parameters, " + subprocess_msg);
     return ret;
   }