From: Greg Farnum <gfarnum@redhat.com>
Date: Wed, 3 Aug 2016 22:27:34 +0000 (-0700)
Subject: client: stop using UserGroups for posix ACL checks
X-Git-Tag: v11.0.1~36^2~19
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=ead687b924826de1cd18740de928e943b1d74e0f;p=ceph.git

client: stop using UserGroups for posix ACL checks

Signed-off-by: Greg Farnum <gfarnum@redhat.com>
---

diff --git a/src/client/Client.cc b/src/client/Client.cc
index 31b4e0cbff8f..35f545ce9ffa 100644
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -12363,10 +12363,8 @@ int Client::_posix_acl_permission(Inode *in, const UserPerm& perms, unsigned wan
   if (acl_type == POSIX_ACL) {
     if (in->xattrs.count(ACL_EA_ACCESS)) {
       const bufferptr& access_acl = in->xattrs[ACL_EA_ACCESS];
-      RequestUserGroups groups(perms.uid(), perms.gid());
-      init_groups(&groups);
 
-      return posix_acl_permits(access_acl, in->uid, in->gid, perms.uid(), groups, want);
+      return posix_acl_permits(access_acl, in->uid, in->gid, perms, want);
     }
   }
   return -EAGAIN;
diff --git a/src/client/posix_acl.cc b/src/client/posix_acl.cc
index d92d17a8f858..e6331ed294c2 100644
--- a/src/client/posix_acl.cc
+++ b/src/client/posix_acl.cc
@@ -1,7 +1,7 @@
 #include "include/types.h"
 #include <sys/stat.h>
 #include "posix_acl.h"
-#include "UserGroups.h"
+#include "UserPerm.h"
 
 #ifndef ACCESSPERMS
 #define ACCESSPERMS (S_IRWXU|S_IRWXG|S_IRWXO)
@@ -220,7 +220,7 @@ int posix_acl_access_chmod(bufferptr& acl, mode_t mode)
 }
 
 int posix_acl_permits(const bufferptr& acl, uid_t i_uid, gid_t i_gid,
-			 uid_t uid, UserGroups& groups, unsigned want)
+			 const UserPerm& perms, unsigned want)
 {
   if (posix_acl_check(acl.c_str(), acl.length()) < 0)
     return -EIO;
@@ -238,19 +238,19 @@ int posix_acl_permits(const bufferptr& acl, uid_t i_uid, gid_t i_gid,
     perm = entry->e_perm;
     switch(tag) {
       case ACL_USER_OBJ:
-	if (i_uid == uid)
+	if (i_uid == perms.uid())
 	  goto check_perm;
 	break;
       case ACL_USER:
 	id = entry->e_id;
-	if (id == uid)
+	if (id == perms.uid())
 	  goto check_mask;
 	break;
       case ACL_GROUP_OBJ:
 	/* fall through */
       case ACL_GROUP:
 	id = (tag == ACL_GROUP_OBJ) ? i_gid : entry->e_id;
-	if (groups.is_in(id)) {
+	if (perms.gid_in_groups(id)) {
 	  group_found = 1;
 	  if ((perm & want) == want)
 	    goto check_mask;
diff --git a/src/client/posix_acl.h b/src/client/posix_acl.h
index d9c5cc854bd9..4afcc3fe2e1e 100644
--- a/src/client/posix_acl.h
+++ b/src/client/posix_acl.h
@@ -24,12 +24,12 @@ typedef struct {
   acl_ea_entry    a_entries[0];
 } acl_ea_header;
 
-class UserGroups;
+class UserPerm;
 
 int posix_acl_check(const void *xattr, size_t size);
 int posix_acl_equiv_mode(const void *xattr, size_t size, mode_t *mode_p);
 int posix_acl_inherit_mode(bufferptr& acl, mode_t *mode_p);
 int posix_acl_access_chmod(bufferptr& acl, mode_t mode);
 int posix_acl_permits(const bufferptr& acl, uid_t i_uid, gid_t i_gid,
-		      uid_t uid, UserGroups& groups, unsigned want);
+		      const UserPerm& groups, unsigned want);
 #endif