From: Theofilos Mouratidis Date: Wed, 14 Jan 2026 08:44:21 +0000 (+0100) Subject: rgw: ListRoles returns "Access Denied" for a regular user with valid allow policy X-Git-Tag: v21.0.0~38^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=6594f6c6cc660be3af99b8b33da86051456814bf;p=ceph.git rgw: ListRoles returns "Access Denied" for a regular user with valid allow policy The ListRoles method doesn't initialise the arn resource, so a user that is allowed to call this method only via policies gets "Access Denied" Signed-off-by: Theofilos Mouratidis --- diff --git a/src/rgw/rgw_rest_role.cc b/src/rgw/rgw_rest_role.cc index 483f1b487ff..490803f59f5 100644 --- a/src/rgw/rgw_rest_role.cc +++ b/src/rgw/rgw_rest_role.cc @@ -514,6 +514,11 @@ int RGWListRoles::init_processing(optional_yield y) if (const auto* id = std::get_if(&s->owner.id); id) { account_id = *id; } + + const std::string resource_name = ""; + const rgw::ARN arn{resource_name, "role", account_id, true}; + resource = arn; + return 0; }