From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Tue, 22 Mar 2016 14:27:49 +0000 (+0100)
Subject: rgw: return -EACCESS for system requests also
X-Git-Tag: v11.0.0~532^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=bcdb467af45bc6f8d08ad361de02565e9feb7388;p=ceph.git

rgw: return -EACCESS for system requests also

In a multisite scenario, if a user created in a secondary zone tries to
create a bucket, fail with AccessDenied instead of a NoSuchKey, which
doesn't make sense for a create Bucket request for eg.

Fixes: #15234
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
---

diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 9c525d15adea..a0365bdbbb26 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -3600,7 +3600,7 @@ int RGW_Auth_S3::authorize_v4(RGWRados *store, struct req_state *s)
       int ret = rgw_get_user_info_by_uid(store, effective_uid, effective_user);
       if (ret < 0) {
         ldout(s->cct, 0) << "User lookup failed!" << dendl;
-        return -ENOENT;
+        return -EACCES;
       }
       *(s->user) = effective_user;
     }
@@ -3808,7 +3808,7 @@ int RGW_Auth_S3::authorize_v2(RGWRados *store, struct req_state *s)
         ret = rgw_get_user_info_by_uid(store, euid, effective_user);
         if (ret < 0) {
           ldout(s->cct, 0) << "User lookup failed!" << dendl;
-          return -ENOENT;
+          return -EACCES;
         }
         *(s->user) = effective_user;
       }