From: Casey Bodley Date: Mon, 13 Nov 2023 18:14:13 +0000 (-0500) Subject: rgw: ACLOwner as raw struct X-Git-Tag: v19.0.0~9^2~22 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=4f2ce9b21c665abe668d4bfc41fee59c1ed30ff6;p=ceph.git rgw: ACLOwner as raw struct this was a class with two protected members, but with a getter/setter for each. this 'encapsulation' only added unnecessary boilerplate Signed-off-by: Casey Bodley --- diff --git a/src/rgw/driver/posix/rgw_sal_posix.cc b/src/rgw/driver/posix/rgw_sal_posix.cc index 766afd141ca66..5c1e50ca5c93c 100644 --- a/src/rgw/driver/posix/rgw_sal_posix.cc +++ b/src/rgw/driver/posix/rgw_sal_posix.cc @@ -916,7 +916,7 @@ int POSIXBucket::set_acl(const DoutPrefixProvider* dpp, acl.encode(aclbl); attrs[RGW_ATTR_ACL] = aclbl; - info.owner = acl.get_owner().get_id(); + info.owner = acl.get_owner().id; return write_attrs(dpp, y); } diff --git a/src/rgw/driver/rados/rgw_bucket.cc b/src/rgw/driver/rados/rgw_bucket.cc index bea3e9b09e5ab..5ac049af3499e 100644 --- a/src/rgw/driver/rados/rgw_bucket.cc +++ b/src/rgw/driver/rados/rgw_bucket.cc @@ -1068,9 +1068,9 @@ int RGWBucketAdminOp::link(rgw::sal::Driver* driver, RGWBucketAdminOpState& op_s return -EIO; } - int r = static_cast(driver)->ctl()->bucket->unlink_bucket(owner.get_id(), old_bucket->get_info().bucket, y, dpp, false); + int r = static_cast(driver)->ctl()->bucket->unlink_bucket(owner.id, old_bucket->get_info().bucket, y, dpp, false); if (r < 0) { - set_err_msg(err, "could not unlink policy from user " + owner.get_id().to_str()); + set_err_msg(err, "could not unlink policy from user " + owner.id.to_str()); return r; } diff --git a/src/rgw/driver/rados/rgw_cr_rados.cc b/src/rgw/driver/rados/rgw_cr_rados.cc index f903233cb02c2..2a4a02f29adc5 100644 --- a/src/rgw/driver/rados/rgw_cr_rados.cc +++ b/src/rgw/driver/rados/rgw_cr_rados.cc @@ -906,7 +906,7 @@ int RGWAsyncRemoveObj::_send_request(const DoutPrefixProvider *dpp) std::unique_ptr del_op = obj->get_delete_op(); - del_op->params.bucket_owner = bucket->get_info().owner; + del_op->params.bucket_owner.id = bucket->get_info().owner; del_op->params.obj_owner = policy.get_owner(); if (del_if_older) { del_op->params.unmod_since = timestamp; @@ -916,8 +916,8 @@ int RGWAsyncRemoveObj::_send_request(const DoutPrefixProvider *dpp) } del_op->params.olh_epoch = versioned_epoch; del_op->params.marker_version_id = marker_version_id; - del_op->params.obj_owner.set_id(rgw_user(owner)); - del_op->params.obj_owner.set_name(owner_display_name); + del_op->params.obj_owner.id = rgw_user(owner); + del_op->params.obj_owner.display_name = owner_display_name; del_op->params.mtime = timestamp; del_op->params.high_precision_time = true; del_op->params.zones_trace = &zones_trace; diff --git a/src/rgw/driver/rados/rgw_rados.cc b/src/rgw/driver/rados/rgw_rados.cc index 592d7a828bc13..e85552bc6605c 100644 --- a/src/rgw/driver/rados/rgw_rados.cc +++ b/src/rgw/driver/rados/rgw_rados.cc @@ -4327,8 +4327,8 @@ int RGWRados::fetch_remote_obj(RGWObjectCtx& obj_ctx, } ACLOwner new_owner; - new_owner.set_id(*override_owner); - new_owner.set_name(owner_info.display_name); + new_owner.id = *override_owner; + new_owner.display_name = owner_info.display_name; acl.set_owner(new_owner); @@ -5152,7 +5152,7 @@ int RGWRados::set_bucket_owner(rgw_bucket& bucket, ACLOwner& owner, const DoutPr return r; } - info.owner = owner.get_id(); + info.owner = owner.id; r = put_bucket_instance_info(info, false, real_time(), &attrs, dpp, y); if (r < 0) { @@ -5620,8 +5620,8 @@ int RGWRados::Object::Delete::delete_obj(optional_yield y, const DoutPrefixProvi struct rgw_bucket_dir_entry_meta meta; - meta.owner = params.obj_owner.get_id().to_str(); - meta.owner_display_name = params.obj_owner.get_display_name(); + meta.owner = params.obj_owner.id.to_str(); + meta.owner_display_name = params.obj_owner.display_name; if (real_clock::is_zero(params.mtime)) { meta.mtime = real_clock::now(); @@ -6892,8 +6892,8 @@ int RGWRados::Bucket::UpdateIndex::complete(const DoutPrefixProvider *dpp, int64 ldpp_dout(dpp, 0) << "WARNING: could not decode policy ret=" << ret << dendl; } } - ent.meta.owner = owner.get_id().to_str(); - ent.meta.owner_display_name = owner.get_display_name(); + ent.meta.owner = owner.id.to_str(); + ent.meta.owner_display_name = owner.display_name; ent.meta.content_type = content_type; ent.meta.appendable = appendable; @@ -10109,8 +10109,8 @@ int RGWRados::check_disk_state(const DoutPrefixProvider *dpp, object.meta.etag = etag; object.meta.content_type = content_type; object.meta.storage_class = storage_class; - object.meta.owner = owner.get_id().to_str(); - object.meta.owner_display_name = owner.get_display_name(); + object.meta.owner = owner.id.to_str(); + object.meta.owner_display_name = owner.display_name; object.meta.appendable = appendable; // encode suggested updates @@ -10139,8 +10139,8 @@ int RGWRados::check_disk_state(const DoutPrefixProvider *dpp, list_state.tag = astate->obj_tag.c_str(); } - list_state.meta.owner = owner.get_id().to_str(); - list_state.meta.owner_display_name = owner.get_display_name(); + list_state.meta.owner = owner.id.to_str(); + list_state.meta.owner_display_name = owner.display_name; list_state.exists = true; diff --git a/src/rgw/driver/rados/rgw_sal_rados.cc b/src/rgw/driver/rados/rgw_sal_rados.cc index 0d7359ea90a7a..4e71595736b4f 100644 --- a/src/rgw/driver/rados/rgw_sal_rados.cc +++ b/src/rgw/driver/rados/rgw_sal_rados.cc @@ -684,7 +684,7 @@ int RadosBucket::set_acl(const DoutPrefixProvider* dpp, RGWAccessControlPolicy & map& attrs = get_attrs(); attrs[RGW_ATTR_ACL] = aclbl; - info.owner = acl.get_owner().get_id(); + info.owner = acl.get_owner().id; int r = store->ctl()->bucket->store_bucket_instance_info(info.bucket, info, y, dpp, @@ -766,8 +766,10 @@ int RadosBucket::list_multiparts(const DoutPrefixProvider *dpp, if (!results.objs.empty()) { for (const rgw_bucket_dir_entry& dentry : results.objs) { rgw_obj_key key(dentry.key); - ACLOwner owner(rgw_user(dentry.meta.owner)); - owner.set_name(dentry.meta.owner_display_name); + const ACLOwner owner{ + .id = rgw_user(dentry.meta.owner), + .display_name = dentry.meta.owner_display_name + }; uploads.push_back(this->get_multipart_upload(key.name, std::nullopt, std::move(owner), dentry.meta.mtime)); } @@ -1663,7 +1665,7 @@ int RadosObject::chown(User& new_user, const DoutPrefixProvider* dpp, optional_y RGWAccessControlList& acl = policy.get_acl(); //Remove grant that is set to old owner - acl.remove_canon_user_grant(owner.get_id()); + acl.remove_canon_user_grant(owner.id); //Create a grant and add grant ACLGrant grant; @@ -1671,8 +1673,8 @@ int RadosObject::chown(User& new_user, const DoutPrefixProvider* dpp, optional_y acl.add_grant(&grant); //Update the ACL owner to the new user - owner.set_id(new_user.get_id()); - owner.set_name(new_user.get_display_name()); + owner.id = new_user.get_id(); + owner.display_name = new_user.get_display_name(); policy.set_owner(owner); bl.clear(); @@ -1986,7 +1988,7 @@ RadosObject::RadosDeleteOp::RadosDeleteOp(RadosObject *_source) : int RadosObject::RadosDeleteOp::delete_obj(const DoutPrefixProvider* dpp, optional_yield y) { - parent_op.params.bucket_owner = params.bucket_owner.get_id(); + parent_op.params.bucket_owner = params.bucket_owner.id; parent_op.params.versioning_status = params.versioning_status; parent_op.params.obj_owner = params.obj_owner; parent_op.params.olh_epoch = params.olh_epoch; @@ -2220,7 +2222,7 @@ int RadosMultipartUpload::abort(const DoutPrefixProvider *dpp, CephContext *cct, } std::unique_ptr del_op = meta_obj->get_delete_op(); - del_op->params.bucket_owner = bucket->get_info().owner; + del_op->params.bucket_owner.id = bucket->get_info().owner; del_op->params.versioning_status = 0; if (!remove_objs.empty()) { del_op->params.remove_objs = &remove_objs; @@ -2272,7 +2274,7 @@ int RadosMultipartUpload::init(const DoutPrefixProvider *dpp, optional_yield y, RGWRados::Object::Write obj_op(&op_target); op_target.set_versioning_disabled(true); /* no versioning for multipart meta */ - obj_op.meta.owner = owner.get_id(); + obj_op.meta.owner = owner.id; obj_op.meta.category = RGWObjCategory::MultiMeta; obj_op.meta.flags = PUT_OBJ_CREATE_EXCL; obj_op.meta.mtime = &mtime; @@ -2561,7 +2563,7 @@ int RadosMultipartUpload::complete(const DoutPrefixProvider *dpp, obj_op.meta.remove_objs = &remove_objs; obj_op.meta.ptag = &tag; /* use req_id as operation tag */ - obj_op.meta.owner = owner.get_id(); + obj_op.meta.owner = owner.id; obj_op.meta.flags = PUT_OBJ_CREATE; obj_op.meta.modify_tail = true; obj_op.meta.completeMultipart = true; diff --git a/src/rgw/driver/rados/rgw_sync_module_es.cc b/src/rgw/driver/rados/rgw_sync_module_es.cc index 13c2057bf7793..1030d9dce3514 100644 --- a/src/rgw/driver/rados/rgw_sync_module_es.cc +++ b/src/rgw/driver/rados/rgw_sync_module_es.cc @@ -501,7 +501,7 @@ struct es_obj_metadata { const RGWAccessControlList& acl = policy.get_acl(); - permissions.insert(policy.get_owner().get_id().to_str()); + permissions.insert(policy.get_owner().id.to_str()); for (auto acliter : acl.get_grant_map()) { const ACLGrant& grant = acliter.second; if (grant.get_type().get_type() == ACL_TYPE_CANON_USER && diff --git a/src/rgw/driver/rados/rgw_sync_module_es_rest.cc b/src/rgw/driver/rados/rgw_sync_module_es_rest.cc index db9d48adb366f..b456f0b4097a9 100644 --- a/src/rgw/driver/rados/rgw_sync_module_es_rest.cc +++ b/src/rgw/driver/rados/rgw_sync_module_es_rest.cc @@ -347,7 +347,7 @@ public: s->formatter->dump_format("ETag", "\"%s\"", e.meta.etag.c_str()); s->formatter->dump_string("ContentType", e.meta.content_type.c_str()); s->formatter->dump_string("StorageClass", e.meta.storage_class.c_str()); - dump_owner(s, e.owner.get_id(), e.owner.get_display_name()); + dump_owner(s, e.owner.id, e.owner.display_name); s->formatter->open_array_section("CustomMetadata"); for (auto& m : e.meta.custom_str) { s->formatter->open_object_section("Entry"); diff --git a/src/rgw/driver/rados/rgw_tools.cc b/src/rgw/driver/rados/rgw_tools.cc index aa387cb450d56..a9454c502dfbe 100644 --- a/src/rgw/driver/rados/rgw_tools.cc +++ b/src/rgw/driver/rados/rgw_tools.cc @@ -355,8 +355,7 @@ int RGWDataAccess::Object::put(bufferlist& data, string req_id = driver->zone_unique_id(driver->get_new_req_id()); std::unique_ptr processor; - processor = driver->get_atomic_writer(dpp, y, obj.get(), - owner.get_id(), + processor = driver->get_atomic_writer(dpp, y, obj.get(), owner.id, nullptr, olh_epoch, req_id); int ret = processor->prepare(y); diff --git a/src/rgw/rgw_acl.cc b/src/rgw/rgw_acl.cc index f32a73f26529c..7177a5f822ef7 100644 --- a/src/rgw/rgw_acl.cc +++ b/src/rgw/rgw_acl.cc @@ -61,13 +61,6 @@ bool operator!=(const RGWAccessControlList& lhs, return !(lhs == rhs); } -bool operator==(const ACLOwner& lhs, const ACLOwner& rhs) { - return lhs.id == rhs.id && lhs.display_name == rhs.display_name; -} -bool operator!=(const ACLOwner& lhs, const ACLOwner& rhs) { - return !(lhs == rhs); -} - bool operator==(const RGWAccessControlPolicy& lhs, const RGWAccessControlPolicy& rhs) { return lhs.acl == rhs.acl && lhs.owner == rhs.owner; @@ -187,7 +180,7 @@ uint32_t RGWAccessControlPolicy::get_perm(const DoutPrefixProvider* dpp, uint32_t perm = acl.get_perm(dpp, auth_identity, perm_mask); - if (auth_identity.is_owner_of(owner.get_id())) { + if (auth_identity.is_owner_of(owner.id)) { perm |= perm_mask & (RGW_PERM_READ_ACP | RGW_PERM_WRITE_ACP); } @@ -211,7 +204,7 @@ uint32_t RGWAccessControlPolicy::get_perm(const DoutPrefixProvider* dpp, } ldpp_dout(dpp, 5) << "-- Getting permissions done for identity=" << auth_identity - << ", owner=" << owner.get_id() + << ", owner=" << owner.id << ", perm=" << perm << dendl; return perm; @@ -367,10 +360,8 @@ void RGWAccessControlPolicy::generate_test_instances(listacl = *l; - string name = "radosgw"; - rgw_user id("rgw"); - p->owner.set_name(name); - p->owner.set_id(id); + p->owner.id.id = "rgw"; + p->owner.display_name = "radosgw"; o.push_back(p); diff --git a/src/rgw/rgw_acl.h b/src/rgw/rgw_acl.h index c520501583b81..f2dacf2854324 100644 --- a/src/rgw/rgw_acl.h +++ b/src/rgw/rgw_acl.h @@ -298,15 +298,9 @@ public: }; WRITE_CLASS_ENCODER(RGWAccessControlList) -class ACLOwner -{ -protected: +struct ACLOwner { rgw_user id; std::string display_name; -public: - ACLOwner() {} - ACLOwner(const rgw_user& _id) : id(_id) {} - ~ACLOwner() {} void encode(bufferlist& bl) const { ENCODE_START(3, 2, bl); @@ -327,15 +321,8 @@ public: void dump(Formatter *f) const; void decode_json(JSONObj *obj); static void generate_test_instances(std::list& o); - void set_id(const rgw_user& _id) { id = _id; } - void set_name(const std::string& name) { display_name = name; } - - rgw_user& get_id() { return id; } - const rgw_user& get_id() const { return id; } - std::string& get_display_name() { return display_name; } - const std::string& get_display_name() const { return display_name; } - friend bool operator==(const ACLOwner& lhs, const ACLOwner& rhs); - friend bool operator!=(const ACLOwner& lhs, const ACLOwner& rhs); + + auto operator<=>(const ACLOwner&) const = default; }; WRITE_CLASS_ENCODER(ACLOwner) @@ -388,15 +375,14 @@ public: DECODE_FINISH(bl); } - void set_owner(ACLOwner& o) { owner = o; } - ACLOwner& get_owner() { - return owner; - } + void set_owner(const ACLOwner& o) { owner = o; } + const ACLOwner& get_owner() const { return owner; } + ACLOwner& get_owner() { return owner; } - void create_default(const rgw_user& id, std::string& name) { + void create_default(const rgw_user& id, const std::string& name) { acl.create_default(id, name); - owner.set_id(id); - owner.set_name(name); + owner.id = id; + owner.display_name = name; } RGWAccessControlList& get_acl() { return acl; diff --git a/src/rgw/rgw_acl_s3.cc b/src/rgw/rgw_acl_s3.cc index 3fc072a33ca6b..46a427572be0f 100644 --- a/src/rgw/rgw_acl_s3.cc +++ b/src/rgw/rgw_acl_s3.cc @@ -366,11 +366,11 @@ int RGWAccessControlList_S3::create_canned(ACLOwner& owner, ACLOwner& bucket_own ACLGrant owner_grant; - rgw_user bid = bucket_owner.get_id(); - string bname = bucket_owner.get_display_name(); + const rgw_user& bid = bucket_owner.id; + const std::string& bname = bucket_owner.display_name; /* owner gets full control */ - owner_grant.set_canon(owner.get_id(), owner.get_display_name(), RGW_PERM_FULL_CONTROL); + owner_grant.set_canon(owner.id, owner.display_name, RGW_PERM_FULL_CONTROL); add_grant(&owner_grant); if (canned_acl.size() == 0 || canned_acl.compare("private") == 0) { @@ -392,12 +392,14 @@ int RGWAccessControlList_S3::create_canned(ACLOwner& owner, ACLOwner& bucket_own add_grant(&group_grant); } else if (canned_acl.compare("bucket-owner-read") == 0) { bucket_owner_grant.set_canon(bid, bname, RGW_PERM_READ); - if (bid != owner.get_id()) + if (bid != owner.id) { add_grant(&bucket_owner_grant); + } } else if (canned_acl.compare("bucket-owner-full-control") == 0) { bucket_owner_grant.set_canon(bid, bname, RGW_PERM_FULL_CONTROL); - if (bid != owner.get_id()) + if (bid != owner.id) { add_grant(&bucket_owner_grant); + } } else { return -EINVAL; } @@ -483,28 +485,27 @@ int RGWAccessControlPolicy_S3::rebuild(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver, ACLOwner *owner, RGWAccessControlPolicy& dest, std::string &err_msg) { - if (!owner) + if (!owner || owner->id.empty()) { return -EINVAL; + } ACLOwner *requested_owner = static_cast(find_first("Owner")); - if (requested_owner) { - rgw_user& requested_id = requested_owner->get_id(); - if (!requested_id.empty() && requested_id != owner->get_id()) - return -EPERM; + if (requested_owner && requested_owner->id != owner->id) { + return -EPERM; } - std::unique_ptr user = driver->get_user(owner->get_id()); + std::unique_ptr user = driver->get_user(owner->id); if (user->load_user(dpp, null_yield) < 0) { ldpp_dout(dpp, 10) << "owner info does not exist" << dendl; err_msg = "Invalid id"; return -EINVAL; } ACLOwner& dest_owner = dest.get_owner(); - dest_owner.set_id(owner->get_id()); - dest_owner.set_name(user->get_display_name()); + dest_owner.id = owner->id; + dest_owner.display_name = user->get_display_name(); - ldpp_dout(dpp, 20) << "owner id=" << owner->get_id() << dendl; - ldpp_dout(dpp, 20) << "dest owner id=" << dest.get_owner().get_id() << dendl; + ldpp_dout(dpp, 20) << "owner id=" << owner->id << dendl; + ldpp_dout(dpp, 20) << "dest owner id=" << dest.get_owner().id << dendl; RGWAccessControlList& dst_acl = dest.get_acl(); diff --git a/src/rgw/rgw_acl_s3.h b/src/rgw/rgw_acl_s3.h index 49964c6aa2bca..c58307600d444 100644 --- a/src/rgw/rgw_acl_s3.h +++ b/src/rgw/rgw_acl_s3.h @@ -89,7 +89,7 @@ public: virtual int create_canned(ACLOwner& _owner, ACLOwner& bucket_owner, const std::string& canned_acl) { RGWAccessControlList_S3& _acl = static_cast(acl); - if (_owner.get_id() == rgw_user("anonymous")) { + if (_owner.id == rgw_user("anonymous")) { owner = bucket_owner; } else { owner = _owner; diff --git a/src/rgw/rgw_acl_swift.cc b/src/rgw/rgw_acl_swift.cc index c6f06bbd37cc0..060cfabed83e9 100644 --- a/src/rgw/rgw_acl_swift.cc +++ b/src/rgw/rgw_acl_swift.cc @@ -188,8 +188,8 @@ int RGWAccessControlPolicy_SWIFT::create(const DoutPrefixProvider *dpp, uint32_t& rw_mask) { acl.create_default(id, name); - owner.set_id(id); - owner.set_name(name); + owner.id = id; + owner.display_name = name; rw_mask = 0; if (read_list) { @@ -338,8 +338,8 @@ bool RGWAccessControlPolicy_SWIFTAcct::create(const DoutPrefixProvider *dpp, const std::string& acl_str) { acl.create_default(id, name); - owner.set_id(id); - owner.set_name(name); + owner.id = id; + owner.display_name = name; JSONParser parser; @@ -395,7 +395,7 @@ boost::optional RGWAccessControlPolicy_SWIFTAcct::to_str() const continue; } id = SWIFT_GROUP_ALL_USERS; - } else if (owner.get_id() == id) { + } else if (owner.id == id) { continue; } diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc index 6c07e32324358..6ec10f2cc2f47 100644 --- a/src/rgw/rgw_common.cc +++ b/src/rgw/rgw_common.cc @@ -1421,7 +1421,7 @@ int verify_bucket_owner_or_policy(req_state* const s, identity_policy_res == Effect::Allow || (e == Effect::Pass && identity_policy_res == Effect::Pass && - s->auth.identity->is_owner_of(s->bucket_owner.get_id()))) { + s->auth.identity->is_owner_of(s->bucket_owner.id))) { return 0; } else { return -EACCES; diff --git a/src/rgw/rgw_file.cc b/src/rgw/rgw_file.cc index e1217173feda9..f0100e37c2bbe 100644 --- a/src/rgw/rgw_file.cc +++ b/src/rgw/rgw_file.cc @@ -1872,7 +1872,7 @@ namespace rgw { } } processor = get_driver()->get_atomic_writer(this, state->yield, state->object.get(), - state->bucket_owner.get_id(), + state->bucket_owner.id, &state->dest_placement, 0, state->req_id); op_ret = processor->prepare(state->yield); diff --git a/src/rgw/rgw_lc.cc b/src/rgw/rgw_lc.cc index 260ad1795bc02..2bef2ef31c399 100644 --- a/src/rgw/rgw_lc.cc +++ b/src/rgw/rgw_lc.cc @@ -546,9 +546,9 @@ static int remove_expired_obj( = obj->get_delete_op(); del_op->params.versioning_status = obj->get_bucket()->get_info().versioning_status(); - del_op->params.obj_owner.set_id(rgw_user {meta.owner}); - del_op->params.obj_owner.set_name(meta.owner_display_name); - del_op->params.bucket_owner.set_id(bucket_info.owner); + del_op->params.obj_owner.id = rgw_user{meta.owner}; + del_op->params.obj_owner.display_name = meta.owner_display_name; + del_op->params.bucket_owner.id = bucket_info.owner; del_op->params.unmod_since = meta.mtime; // notification supported only for RADOS driver for now diff --git a/src/rgw/rgw_lib.cc b/src/rgw/rgw_lib.cc index 5b0a3c728490b..8185ec042400e 100644 --- a/src/rgw/rgw_lib.cc +++ b/src/rgw/rgw_lib.cc @@ -601,8 +601,8 @@ namespace rgw { s->perm_mask = RGW_PERM_FULL_CONTROL; // populate the owner info - s->owner.set_id(s->user->get_id()); - s->owner.set_name(s->user->get_display_name()); + s->owner.id = s->user->get_id(); + s->owner.display_name = s->user->get_display_name(); return 0; } /* RGWHandler_Lib::authorize */ diff --git a/src/rgw/rgw_log.cc b/src/rgw/rgw_log.cc index 9bc27bbe9ffa7..8b8f85ef07bab 100644 --- a/src/rgw/rgw_log.cc +++ b/src/rgw/rgw_log.cc @@ -207,14 +207,14 @@ static void log_usage(req_state *s, const string& op_name) bucket_name = s->bucket_name; if (!bucket_name.empty()) { - bucket_name = s->bucket_name; - user = s->bucket_owner.get_id(); + bucket_name = s->bucket_name; + user = s->bucket_owner.id; if (!rgw::sal::Bucket::empty(s->bucket.get()) && s->bucket->get_info().requester_pays) { payer = s->user->get_id(); } } else { - user = s->user->get_id(); + user = s->user->get_id(); } bool error = s->err.is_err(); @@ -648,8 +648,8 @@ int rgw_log_op(RGWREST* const rest, req_state *s, const RGWOp* op, OpsLogSink *o entry.user = s->user->get_id().to_str(); if (s->object_acl) - entry.object_owner = s->object_acl->get_owner().get_id(); - entry.bucket_owner = s->bucket_owner.get_id(); + entry.object_owner = s->object_acl->get_owner().id; + entry.bucket_owner = s->bucket_owner.id; uint64_t bytes_sent = ACCOUNTING_IO(s)->get_bytes_sent(); uint64_t bytes_received = ACCOUNTING_IO(s)->get_bytes_received(); diff --git a/src/rgw/rgw_lua_request.cc b/src/rgw/rgw_lua_request.cc index cb819deff14c3..afef18be47bf3 100644 --- a/src/rgw/rgw_lua_request.cc +++ b/src/rgw/rgw_lua_request.cc @@ -260,10 +260,9 @@ struct OwnerMetaTable : public EmptyMetaTable { const char* index = luaL_checkstring(L, 2); if (strcasecmp(index, "DisplayName") == 0) { - pushstring(L, owner->get_display_name()); + pushstring(L, owner->display_name); } else if (strcasecmp(index, "User") == 0) { - create_metatable(L, name, index, false, - &(owner->get_id())); + create_metatable(L, name, index, false, &owner->id); } else { return error_unknown_field(L, index, name); } diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index 2193ff104c966..5574162aab043 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -456,7 +456,7 @@ static int read_obj_policy(const DoutPrefixProvider *dpp, if (ret < 0) { return ret; } - const rgw_user& bucket_owner = bucket_policy.get_owner().get_id(); + const rgw_user& bucket_owner = bucket_policy.get_owner().id; if (bucket_owner != s->user->get_id() && ! s->auth.identity->is_admin_of(bucket_owner)) { auto r = eval_identity_or_session_policies(dpp, s->iam_user_policies, s->env, @@ -577,7 +577,7 @@ int rgw_build_bucket_policies(const DoutPrefixProvider *dpp, rgw::sal::Driver* d s->bucket_acl.get(), s->bucket->get_key(), y); acct_acl_user = { s->bucket->get_info().owner, - s->bucket_acl->get_owner().get_display_name(), + s->bucket_acl->get_owner().display_name, }; s->bucket_owner = s->bucket_acl->get_owner(); @@ -1449,7 +1449,7 @@ int RGWOp::init_quota() driver->get_user(s->bucket->get_info().owner); rgw::sal::User* user; - if (s->user->get_id() == s->bucket_owner.get_id()) { + if (s->user->get_id() == s->bucket_owner.id) { user = s->user.get(); } else { int r = owner_user->load_user(this, s->yield); @@ -3527,8 +3527,8 @@ void RGWCreateBucket::execute(optional_yield y) } } - s->bucket_owner.set_id(s->user->get_id()); - s->bucket_owner.set_name(s->user->get_display_name()); + s->bucket_owner.id = s->user->get_id(); + s->bucket_owner.display_name = s->user->get_display_name(); createparams.owner = s->user->get_id(); buffer::list aclbl; @@ -3860,7 +3860,7 @@ int RGWPutObj::verify_permission(optional_yield y) } /* admin request overrides permission checks */ - if (! s->auth.identity->is_admin_of(cs_acl.get_owner().get_id())) { + if (! s->auth.identity->is_admin_of(cs_acl.get_owner().id)) { if (policy || ! s->iam_user_policies.empty() || !s->session_policies.empty()) { //add source object tags for permission evaluation auto [has_s3_existing_tag, has_s3_resource_tag] = rgw_check_policy_condition(this, policy, s->iam_user_policies, s->session_policies); @@ -4269,7 +4269,7 @@ void RGWPutObj::execute(optional_yield y) return; } processor = driver->get_append_writer(this, s->yield, s->object.get(), - s->bucket_owner.get_id(), + s->bucket_owner.id, pdest_placement, s->req_id, position, &cur_accounted_size); } else { @@ -4282,7 +4282,7 @@ void RGWPutObj::execute(optional_yield y) } } processor = driver->get_atomic_writer(this, s->yield, s->object.get(), - s->bucket_owner.get_id(), + s->bucket_owner.id, pdest_placement, olh_epoch, s->req_id); } @@ -4688,7 +4688,7 @@ void RGWPostObj::execute(optional_yield y) std::unique_ptr processor; processor = driver->get_atomic_writer(this, s->yield, obj.get(), - s->bucket_owner.get_id(), + s->bucket_owner.id, &s->dest_placement, 0, s->req_id); op_ret = processor->prepare(s->yield); if (op_ret < 0) { @@ -5512,7 +5512,7 @@ int RGWCopyObj::verify_permission(optional_yield y) } /* admin request overrides permission checks */ - if (!s->auth.identity->is_admin_of(src_acl.get_owner().get_id())) { + if (!s->auth.identity->is_admin_of(src_acl.get_owner().id)) { if (src_policy || ! s->iam_user_policies.empty() || !s->session_policies.empty()) { auto [has_s3_existing_tag, has_s3_resource_tag] = rgw_check_policy_condition(this, src_policy, s->iam_user_policies, s->session_policies); if (has_s3_existing_tag || has_s3_resource_tag) @@ -5596,7 +5596,7 @@ int RGWCopyObj::verify_permission(optional_yield y) } auto dest_iam_policy = get_iam_policy_from_attr(s->cct, s->bucket->get_attrs(), s->bucket->get_tenant()); /* admin request overrides permission checks */ - if (! s->auth.identity->is_admin_of(dest_policy.get_owner().get_id())){ + if (! s->auth.identity->is_admin_of(dest_policy.get_owner().id)){ if (dest_iam_policy != boost::none || ! s->iam_user_policies.empty() || !s->session_policies.empty()) { //Add destination bucket tags for authorization auto [has_s3_existing_tag, has_s3_resource_tag] = rgw_check_policy_condition(this, dest_iam_policy, s->iam_user_policies, s->session_policies); @@ -7445,7 +7445,7 @@ bool RGWBulkDelete::Deleter::delete_single(const acct_path_t& path, optional_yie if (!path.obj_key.empty()) { // object deletion ACLOwner bucket_owner; - bucket_owner.set_id(bucket->get_info().owner); + bucket_owner.id = bucket->get_info().owner; std::unique_ptr obj = bucket->get_object(path.obj_key); obj->set_atomic(); @@ -7858,7 +7858,7 @@ int RGWBulkUploadOp::handle_file(const std::string_view path, std::unique_ptr processor; processor = driver->get_atomic_writer(this, s->yield, obj.get(), - bowner.get_id(), + bowner.id, &s->dest_placement, 0, s->req_id); op_ret = processor->prepare(s->yield); if (op_ret < 0) { @@ -8243,7 +8243,7 @@ void RGWGetObjLayout::execute(optional_yield y) int RGWConfigBucketMetaSearch::verify_permission(optional_yield y) { - if (!s->auth.identity->is_owner_of(s->bucket_owner.get_id())) { + if (!s->auth.identity->is_owner_of(s->bucket_owner.id)) { return -EACCES; } @@ -8276,7 +8276,7 @@ void RGWConfigBucketMetaSearch::execute(optional_yield y) int RGWGetBucketMetaSearch::verify_permission(optional_yield y) { - if (!s->auth.identity->is_owner_of(s->bucket_owner.get_id())) { + if (!s->auth.identity->is_owner_of(s->bucket_owner.id)) { return -EACCES; } @@ -8290,7 +8290,7 @@ void RGWGetBucketMetaSearch::pre_exec() int RGWDelBucketMetaSearch::verify_permission(optional_yield y) { - if (!s->auth.identity->is_owner_of(s->bucket_owner.get_id())) { + if (!s->auth.identity->is_owner_of(s->bucket_owner.id)) { return -EACCES; } diff --git a/src/rgw/rgw_rest_metadata.cc b/src/rgw/rgw_rest_metadata.cc index 23f78819c645a..d7881c2289099 100644 --- a/src/rgw/rgw_rest_metadata.cc +++ b/src/rgw/rgw_rest_metadata.cc @@ -69,9 +69,7 @@ void RGWOp_Metadata_Get::execute(optional_yield y) { } void RGWOp_Metadata_Get_Myself::execute(optional_yield y) { - string owner_id; - - owner_id = s->owner.get_id().to_str(); + const std::string owner_id = s->owner.id.to_str(); s->info.args.append("key", owner_id); return RGWOp_Metadata_Get::execute(y); diff --git a/src/rgw/rgw_rest_pubsub.cc b/src/rgw/rgw_rest_pubsub.cc index 843b7eb7d0848..f43a9ef27228e 100644 --- a/src/rgw/rgw_rest_pubsub.cc +++ b/src/rgw/rgw_rest_pubsub.cc @@ -72,7 +72,7 @@ std::optional get_policy_from_text(req_state* const s, const auto bl = bufferlist::static_from_string(policy_text); try { return rgw::IAM::Policy( - s->cct, s->owner.get_id().tenant, bl, + s->cct, s->owner.id.tenant, bl, s->cct->_conf.get_val("rgw_policy_reject_invalid_principals")); } catch (rgw::IAM::PolicyParseException& e) { ldout(s->cct, 1) << "failed to parse policy:' " << policy_text @@ -86,7 +86,7 @@ int verify_topic_owner_or_policy(req_state* const s, const rgw_pubsub_topic& topic, const std::string& zonegroup_name, const uint64_t op) { - if (topic.user == s->owner.get_id()) { + if (topic.user == s->owner.id) { return 0; } // no policy set. @@ -187,7 +187,7 @@ class RGWPSCreateTopicOp : public RGWOp { return ret; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); rgw_pubsub_topic result; ret = ps.get_topic(this, topic_name, result, y); if (ret == -ENOENT) { @@ -195,7 +195,7 @@ class RGWPSCreateTopicOp : public RGWOp { return 0; } if (ret == 0) { - if (result.user == s->owner.get_id() || + if (result.user == s->owner.id || !s->cct->_conf->mandatory_topic_permissions) { return 0; } @@ -251,9 +251,9 @@ void RGWPSCreateTopicOp::execute(optional_yield y) { return; } } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); op_ret = ps.create_topic(this, topic_name, dest, topic_arn, opaque_data, - s->owner.get_id(), policy_text, y); + s->owner.id, policy_text, y); if (op_ret < 0) { ldpp_dout(this, 1) << "failed to create topic '" << topic_name << "', ret=" << op_ret << dendl; return; @@ -306,7 +306,7 @@ public: }; void RGWPSListTopicsOp::execute(optional_yield y) { - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); op_ret = ps.get_topics(this, result, y); // if there are no topics it is not considered an error op_ret = op_ret == -ENOENT ? 0 : op_ret; @@ -393,7 +393,7 @@ void RGWPSGetTopicOp::execute(optional_yield y) { if (op_ret < 0) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); op_ret = ps.get_topic(this, topic_name, result, y); if (op_ret < 0) { ldpp_dout(this, 1) << "failed to get topic '" << topic_name << "', ret=" << op_ret << dendl; @@ -477,7 +477,7 @@ void RGWPSGetTopicAttributesOp::execute(optional_yield y) { if (op_ret < 0) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); op_ret = ps.get_topic(this, topic_name, result, y); if (op_ret < 0) { ldpp_dout(this, 1) << "failed to get topic '" << topic_name << "', ret=" << op_ret << dendl; @@ -605,7 +605,7 @@ class RGWPSSetTopicAttributesOp : public RGWOp { return ret; } rgw_pubsub_topic result; - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); ret = ps.get_topic(this, topic_name, result, y); if (ret < 0) { ldpp_dout(this, 1) << "failed to get topic '" << topic_name @@ -672,7 +672,7 @@ void RGWPSSetTopicAttributesOp::execute(optional_yield y) { return; } } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); op_ret = ps.create_topic(this, topic_name, dest, topic_arn, opaque_data, topic_owner, policy_text, y); if (op_ret < 0) { @@ -742,7 +742,7 @@ void RGWPSDeleteTopicOp::execute(optional_yield y) { if (op_ret < 0) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); rgw_pubsub_topic result; op_ret = ps.get_topic(this, topic_name, result, y); if (op_ret == 0) { @@ -970,7 +970,7 @@ void RGWPSCreateNotifOp::execute(optional_yield y) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); const RGWPubSub::Bucket b(ps, bucket.get()); if(configurations.list.empty()) { @@ -1042,7 +1042,7 @@ void RGWPSCreateNotifOp::execute(optional_yield y) { // ARN is cached to make the "GET" method faster op_ret = ps.create_topic(this, unique_topic_name, topic_info.dest, topic_info.arn, topic_info.opaque_data, - s->owner.get_id(), topic_info.policy_text, y); + s->owner.id, topic_info.policy_text, y); if (op_ret < 0) { ldpp_dout(this, 1) << "failed to auto-generate unique topic '" << unique_topic_name << "', ret=" << op_ret << dendl; @@ -1118,7 +1118,7 @@ void RGWPSDeleteNotifOp::execute(optional_yield y) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); const RGWPubSub::Bucket b(ps, bucket.get()); // get all topics on a bucket @@ -1215,7 +1215,7 @@ void RGWPSListNotifsOp::execute(optional_yield y) { return; } - const RGWPubSub ps(driver, s->owner.get_id().tenant); + const RGWPubSub ps(driver, s->owner.id.tenant); const RGWPubSub::Bucket b(ps, bucket.get()); // get all topics on a bucket diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index f12d5e733007a..dbc75955940f3 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -3162,8 +3162,8 @@ int RGWPostObj_ObjStore_S3::get_policy(optional_yield y) return -EACCES; } else { /* Populate the owner info. */ - s->owner.set_id(s->user->get_id()); - s->owner.set_name(s->user->get_display_name()); + s->owner.id = s->user->get_id(); + s->owner.display_name = s->user->get_display_name(); ldpp_dout(this, 20) << "Successful Signature Verification!" << dendl; } @@ -4107,7 +4107,7 @@ void RGWListMultipart_ObjStore_S3::send_response() s->formatter->dump_string("IsTruncated", (truncated ? "true" : "false")); ACLOwner& owner = policy.get_owner(); - dump_owner(s, owner.get_id(), owner.get_display_name()); + dump_owner(s, owner.id, owner.display_name); for (; iter != upload->get_parts().end(); ++iter) { rgw::sal::MultipartPart* part = iter->second.get(); @@ -4170,8 +4170,8 @@ void RGWListBucketMultiparts_ObjStore_S3::send_response() } s->formatter->dump_string("UploadId", upload->get_upload_id()); const ACLOwner& owner = upload->get_owner(); - dump_owner(s, owner.get_id(), owner.get_display_name(), "Initiator"); - dump_owner(s, owner.get_id(), owner.get_display_name()); // Owner + dump_owner(s, owner.id, owner.display_name, "Initiator"); + dump_owner(s, owner.id, owner.display_name); // Owner s->formatter->dump_string("StorageClass", "STANDARD"); dump_time(s, "Initiated", upload->get_mtime()); s->formatter->close_section(); @@ -5098,8 +5098,8 @@ int RGW_Auth_S3::authorize(const DoutPrefixProvider *dpp, const auto ret = rgw::auth::Strategy::apply(dpp, auth_registry.get_s3_main(), s, y); if (ret == 0) { /* Populate the owner info. */ - s->owner.set_id(s->user->get_id()); - s->owner.set_name(s->user->get_display_name()); + s->owner.id = s->user->get_id(); + s->owner.display_name = s->user->get_display_name(); } return ret; } diff --git a/src/rgw/rgw_sal_dbstore.cc b/src/rgw/rgw_sal_dbstore.cc index 49155fce409d5..308404c87b88b 100644 --- a/src/rgw/rgw_sal_dbstore.cc +++ b/src/rgw/rgw_sal_dbstore.cc @@ -354,7 +354,7 @@ namespace rgw::sal { Attrs attrs = get_attrs(); attrs[RGW_ATTR_ACL] = aclbl; - ret = store->getDB()->update_bucket(dpp, "attrs", info, false, &(acl.get_owner().get_id()), &attrs, nullptr, nullptr); + ret = store->getDB()->update_bucket(dpp, "attrs", info, false, &acl.get_owner().id, &attrs, nullptr, nullptr); return ret; } @@ -701,7 +701,7 @@ namespace rgw::sal { int DBObject::DBDeleteOp::delete_obj(const DoutPrefixProvider* dpp, optional_yield y) { - parent_op.params.bucket_owner = params.bucket_owner.get_id(); + parent_op.params.bucket_owner = params.bucket_owner.id; parent_op.params.versioning_status = params.versioning_status; parent_op.params.obj_owner = params.obj_owner; parent_op.params.olh_epoch = params.olh_epoch; @@ -793,7 +793,7 @@ namespace rgw::sal { int ret; std::unique_ptr del_op = meta_obj->get_delete_op(); - del_op->params.bucket_owner = bucket->get_info().owner; + del_op->params.bucket_owner.id = bucket->get_info().owner; del_op->params.versioning_status = 0; // Since the data objects are associated with meta obj till @@ -833,7 +833,7 @@ namespace rgw::sal { DB::Object::Write obj_op(&op_target); /* Create meta object */ - obj_op.meta.owner = owner.get_id(); + obj_op.meta.owner = owner.id; obj_op.meta.category = RGWObjCategory::MultiMeta; obj_op.meta.flags = PUT_OBJ_CREATE_EXCL; obj_op.meta.mtime = &mtime; @@ -1012,7 +1012,7 @@ namespace rgw::sal { DB::Object::Write obj_op(&op_target); ret = obj_op.prepare(dpp); - obj_op.meta.owner = owner.get_id(); + obj_op.meta.owner = owner.id; obj_op.meta.flags = PUT_OBJ_CREATE; obj_op.meta.category = RGWObjCategory::Main; obj_op.meta.modify_tail = true; diff --git a/src/test/rgw/test_rgw_lua.cc b/src/test/rgw/test_rgw_lua.cc index 078d186bab872..09f708309e508 100644 --- a/src/test/rgw/test_rgw_lua.cc +++ b/src/test/rgw/test_rgw_lua.cc @@ -662,9 +662,10 @@ TEST(TestRGWLua, Acl) )"; DEFINE_REQ_STATE; - ACLOwner owner; - owner.set_id(rgw_user("jack", "black")); - owner.set_name("jack black"); + const ACLOwner owner{ + .id = rgw_user("jack", "black"), + .display_name = "jack black" + }; s.user_acl.reset(new RGWAccessControlPolicy(g_cct)); s.user_acl->set_owner(owner); ACLGrant grant1, grant2, grant3, grant4, grant5, grant6_1, grant6_2; @@ -730,17 +731,17 @@ TEST(TestRGWLua, UseFunction) )"; DEFINE_REQ_STATE; - s.owner.set_name("user two"); - s.owner.set_id(rgw_user("tenant2", "user2")); + s.owner.display_name = "user two"; + s.owner.id = rgw_user("tenant2", "user2"); s.user_acl.reset(new RGWAccessControlPolicy()); - s.user_acl->get_owner().set_name("user three"); - s.user_acl->get_owner().set_id(rgw_user("tenant3", "user3")); + s.user_acl->get_owner().display_name = "user three"; + s.user_acl->get_owner().id = rgw_user("tenant3", "user3"); s.bucket_acl.reset(new RGWAccessControlPolicy()); - s.bucket_acl->get_owner().set_name("user four"); - s.bucket_acl->get_owner().set_id(rgw_user("tenant4", "user4")); + s.bucket_acl->get_owner().display_name = "user four"; + s.bucket_acl->get_owner().id = rgw_user("tenant4", "user4"); s.object_acl.reset(new RGWAccessControlPolicy()); - s.object_acl->get_owner().set_name("user five"); - s.object_acl->get_owner().set_id(rgw_user("tenant5", "user5")); + s.object_acl->get_owner().display_name = "user five"; + s.object_acl->get_owner().id = rgw_user("tenant5", "user5"); const auto rc = lua::request::execute(nullptr, nullptr, nullptr, &s, nullptr, script); ASSERT_EQ(rc, 0);