From: Yehuda Sadeh <yehuda@hq.newdream.net>
Date: Thu, 14 Apr 2011 21:41:13 +0000 (-0700)
Subject: rgw: allow changing acl using canned acl
X-Git-Tag: v0.27~67
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=6f730af1926f9d4fe5904ac10dbe019c0a6aef8d;p=ceph.git

rgw: allow changing acl using canned acl
---

diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 320c70dde15f9..5ada240f7e78f 100644
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -682,9 +682,12 @@ void RGWPutACLs::execute()
 {
   bufferlist bl;
 
-  RGWAccessControlPolicy *policy;
+  RGWAccessControlPolicy *policy = NULL;
   RGWXMLParser parser;
   RGWAccessControlPolicy new_policy;
+  stringstream ss;
+  char *orig_data = data;
+  char *new_data = NULL;
 
   if (!verify_permission(s, RGW_PERM_WRITE_ACP)) {
     ret = -EACCES;
@@ -709,7 +712,25 @@ void RGWPutACLs::execute()
   if (get_params() < 0)
     goto done;
 
-  RGW_LOG(15) << "read data=" << data << " len=" << len << endl;
+  RGW_LOG(15) << "read len=" << len << " data=" << (data ? data : "") << endl;
+
+  if (!s->canned_acl.empty() && len) {
+    ret = -EINVAL;
+    goto done;
+  }
+  if (!s->canned_acl.empty()) {
+    RGWAccessControlPolicy canned_policy;
+    bool r = canned_policy.create_canned(s->user.user_id, s->user.display_name, s->canned_acl);
+    if (!r) {
+      ret = -EINVAL;
+      goto done;
+    }
+    canned_policy.to_xml(ss);
+    new_data = strdup(ss.str().c_str());
+    data = new_data;
+    len = ss.str().size();
+  }
+
 
   if (!parser.parse(data, len, 1)) {
     ret = -EACCES;
@@ -720,9 +741,10 @@ void RGWPutACLs::execute()
     ret = -EINVAL;
     goto done;
   }
+
   if (rgw_log_level >= 15) {
     RGW_LOG(15) << "Old AccessControlPolicy" << endl;
-    policy->to_xml(cerr);
+    policy->to_xml(cout);
     RGW_LOG(15) << endl;
   }
 
@@ -741,7 +763,8 @@ void RGWPutACLs::execute()
                        RGW_ATTR_ACL, bl);
 
 done:
-  free(data);
+  free(orig_data);
+  free(new_data);
 
   send_response();
   return;
diff --git a/src/rgw/rgw_rest.cc b/src/rgw/rgw_rest.cc
index 086f2566e81d1..b24d094064530 100644
--- a/src/rgw/rgw_rest.cc
+++ b/src/rgw/rgw_rest.cc
@@ -665,12 +665,12 @@ int RGWHandler_REST::read_permissions()
     break;
   case OP_PUT:
     /* is it a 'create bucket' request? */
-    if (s->object_str.size() == 0)
-      return 0;
     if (is_acl_op(s)) {
       only_bucket = false;
       break;
     }
+    if (s->object_str.size() == 0)
+      return 0;
   case OP_DELETE:
     only_bucket = true;
     break;