From 36bb77d8b7fa953231e941b24c0e81cc3f184a89 Mon Sep 17 00:00:00 2001
From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Fri, 30 Aug 2019 11:35:34 +0200
Subject: [PATCH] rgw: both princ and nonprinc will not coexist in a single
 statement

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
---
 src/rgw/rgw_iam_policy.cc | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/rgw/rgw_iam_policy.cc b/src/rgw/rgw_iam_policy.cc
index c33db62149cb0..86bc8ac9be326 100644
--- a/src/rgw/rgw_iam_policy.cc
+++ b/src/rgw/rgw_iam_policy.cc
@@ -1443,14 +1443,13 @@ struct IsPublicStatement
     if (s.effect == Effect::Allow) {
       for (const auto& p : s.princ) {
 	if (p.is_wildcard()) {
-	  if (s.eval_conditions(iam_all_env) == Effect::Allow)
-	    return true;
+	  return s.eval_conditions(iam_all_env) == Effect::Allow;
 	}
       }
       // no princ should not contain fixed values
-      return std::all_of(s.noprinc.begin(), s.noprinc.end(), [](const rgw::auth::Principal& p) {
-								return !p.is_wildcard();
-							     });
+      return std::none_of(s.noprinc.begin(), s.noprinc.end(), [](const rgw::auth::Principal& p) {
+								return p.is_wildcard();
+							      });
     }
     return false;
   }
-- 
2.39.5