From: Greg Farnum <gregf@hq.newdream.net>
Date: Wed, 10 Mar 2010 18:20:44 +0000 (-0800)
Subject: osd: Check auid permissions in get_pool_cap
X-Git-Tag: v0.20~292
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=543c9eb460c571a59cb9c279a23247d527db50e7;p=ceph.git

osd: Check auid permissions in get_pool_cap
---

diff --git a/src/osd/OSD.cc b/src/osd/OSD.cc
index 17dddc30acb1..58343e3f13a6 100644
--- a/src/osd/OSD.cc
+++ b/src/osd/OSD.cc
@@ -4043,7 +4043,7 @@ void OSD::handle_op(MOSDOp *op)
 
   OSDCaps& caps = session->caps;
   int pool = pgid.pool();
-  int perm = caps.get_pool_cap(pool);
+  int perm = caps.get_pool_cap(pool, osdmap->get_pg_pool(pool)->v.auid);
 
   dout(10) << "request for pool=" << pool << " perm=" << perm
 	   << " may_read=" << op->may_read() << " may_write=" << op->may_write()
diff --git a/src/osd/OSDCaps.cc b/src/osd/OSDCaps.cc
index 461793410ffa..27a89a066642 100644
--- a/src/osd/OSDCaps.cc
+++ b/src/osd/OSDCaps.cc
@@ -191,6 +191,11 @@ int OSDCaps::get_pool_cap(int pool_id, __u64 uid)
     //the owner has full access unless they've removed some by setting
     //new caps
     cap = OSD_POOL_CAP_ALL;
+  } else if ((iter = auid_map.find(uid)) != pools_map.end()) {
+    //if the owner is granted permissions on the pool owner's auid, grant them
+    OSDCap& auid_cap = iter->second;
+    cap |= auid_cap.allow;
+    cap &= ~auid_cap.deny;
   }
 
   return cap;