From bd855540a56af86383cb630063f5f96fa4cd0e24 Mon Sep 17 00:00:00 2001 From: Casey Bodley Date: Wed, 15 Nov 2023 21:07:59 -0500 Subject: [PATCH] rgw/acl: remove CephContext members remove the CephContext member variables and pass in DoutPrefixProvider for logging where it's necessary Signed-off-by: Casey Bodley --- src/rgw/driver/rados/rgw_bucket.cc | 6 +-- src/rgw/driver/rados/rgw_data_sync.cc | 2 - src/rgw/driver/rados/rgw_lc_tier.cc | 1 - src/rgw/driver/rados/rgw_rados.cc | 2 +- src/rgw/driver/rados/rgw_sal_rados.cc | 2 +- src/rgw/driver/rados/rgw_sync_module_aws.cc | 1 - src/rgw/driver/rados/rgw_tools.cc | 2 +- src/rgw/rgw_acl.cc | 12 +++--- src/rgw/rgw_acl.h | 19 --------- src/rgw/rgw_acl_s3.cc | 16 ++++---- src/rgw/rgw_acl_s3.h | 12 ++---- src/rgw/rgw_acl_swift.cc | 5 +-- src/rgw/rgw_acl_swift.h | 8 ---- src/rgw/rgw_file_int.h | 8 ++-- src/rgw/rgw_op.cc | 43 ++++++++++----------- src/rgw/rgw_op.h | 36 ----------------- src/rgw/rgw_rest_s3.cc | 14 +++---- src/rgw/rgw_rest_swift.cc | 4 +- 18 files changed, 58 insertions(+), 135 deletions(-) diff --git a/src/rgw/driver/rados/rgw_bucket.cc b/src/rgw/driver/rados/rgw_bucket.cc index 99d602bf0dd44..002485c672ff0 100644 --- a/src/rgw/driver/rados/rgw_bucket.cc +++ b/src/rgw/driver/rados/rgw_bucket.cc @@ -950,7 +950,7 @@ int RGWBucketAdminOp::get_policy(rgw::sal::Driver* driver, RGWBucketAdminOpState int RGWBucketAdminOp::get_policy(rgw::sal::Driver* driver, RGWBucketAdminOpState& op_state, RGWFormatterFlusher& flusher, const DoutPrefixProvider *dpp, optional_yield y) { - RGWAccessControlPolicy policy(driver->ctx()); + RGWAccessControlPolicy policy; int ret = get_policy(driver, op_state, policy, dpp, y); if (ret < 0) @@ -972,13 +972,13 @@ int RGWBucketAdminOp::get_policy(rgw::sal::Driver* driver, RGWBucketAdminOpState int RGWBucketAdminOp::dump_s3_policy(rgw::sal::Driver* driver, RGWBucketAdminOpState& op_state, ostream& os, const DoutPrefixProvider *dpp, optional_yield y) { - RGWAccessControlPolicy_S3 policy(driver->ctx()); + RGWAccessControlPolicy_S3 policy; int ret = get_policy(driver, op_state, policy, dpp, y); if (ret < 0) return ret; - policy.to_xml(os); + policy.to_xml(dpp, os); return 0; } diff --git a/src/rgw/driver/rados/rgw_data_sync.cc b/src/rgw/driver/rados/rgw_data_sync.cc index b5effb979c9b6..c754e60645215 100644 --- a/src/rgw/driver/rados/rgw_data_sync.cc +++ b/src/rgw/driver/rados/rgw_data_sync.cc @@ -2675,8 +2675,6 @@ public: static int policy_from_attrs(CephContext *cct, const map& attrs, RGWAccessControlPolicy *acl) { - acl->set_ctx(cct); - auto aiter = attrs.find(RGW_ATTR_ACL); if (aiter == attrs.end()) { return -ENOENT; diff --git a/src/rgw/driver/rados/rgw_lc_tier.cc b/src/rgw/driver/rados/rgw_lc_tier.cc index 2dd8a6625fcc1..67df024459572 100644 --- a/src/rgw/driver/rados/rgw_lc_tier.cc +++ b/src/rgw/driver/rados/rgw_lc_tier.cc @@ -464,7 +464,6 @@ int RGWLCStreamRead::init_rest_obj() { */ init_headers(attrs, rest_obj.attrs); - rest_obj.acls.set_ctx(cct); const auto aiter = attrs.find(RGW_ATTR_ACL); if (aiter != attrs.end()) { bufferlist& bl = aiter->second; diff --git a/src/rgw/driver/rados/rgw_rados.cc b/src/rgw/driver/rados/rgw_rados.cc index e85552bc6605c..9ef9227015508 100644 --- a/src/rgw/driver/rados/rgw_rados.cc +++ b/src/rgw/driver/rados/rgw_rados.cc @@ -1731,7 +1731,7 @@ int RGWRados::decode_policy(const DoutPrefixProvider *dpp, ACLOwner *owner) { auto i = bl.cbegin(); - RGWAccessControlPolicy policy(cct); + RGWAccessControlPolicy policy; try { policy.decode_owner(i); } catch (buffer::error& err) { diff --git a/src/rgw/driver/rados/rgw_sal_rados.cc b/src/rgw/driver/rados/rgw_sal_rados.cc index 4e71595736b4f..94c6001983ce8 100644 --- a/src/rgw/driver/rados/rgw_sal_rados.cc +++ b/src/rgw/driver/rados/rgw_sal_rados.cc @@ -1649,7 +1649,7 @@ int RadosObject::chown(User& new_user, const DoutPrefixProvider* dpp, optional_y } bufferlist& bl = aiter->second; - RGWAccessControlPolicy policy(store->ctx()); + RGWAccessControlPolicy policy; ACLOwner owner; auto bliter = bl.cbegin(); try { diff --git a/src/rgw/driver/rados/rgw_sync_module_aws.cc b/src/rgw/driver/rados/rgw_sync_module_aws.cc index 46b99968a5069..3c269a7494986 100644 --- a/src/rgw/driver/rados/rgw_sync_module_aws.cc +++ b/src/rgw/driver/rados/rgw_sync_module_aws.cc @@ -705,7 +705,6 @@ static int do_decode_rest_obj(const DoutPrefixProvider *dpp, CephContext *cct, m } } - info->acls.set_ctx(cct); auto aiter = attrs.find(RGW_ATTR_ACL); if (aiter != attrs.end()) { bufferlist& bl = aiter->second; diff --git a/src/rgw/driver/rados/rgw_tools.cc b/src/rgw/driver/rados/rgw_tools.cc index a9454c502dfbe..8219849af4680 100644 --- a/src/rgw/driver/rados/rgw_tools.cc +++ b/src/rgw/driver/rados/rgw_tools.cc @@ -412,7 +412,7 @@ int RGWDataAccess::Object::put(bufferlist& data, } if (!aclbl) { - RGWAccessControlPolicy_S3 policy(cct); + RGWAccessControlPolicy_S3 policy; policy.create_canned(bucket->policy.get_owner(), bucket->policy.get_owner(), string()); /* default private policy */ diff --git a/src/rgw/rgw_acl.cc b/src/rgw/rgw_acl.cc index 7177a5f822ef7..18824f86fe94a 100644 --- a/src/rgw/rgw_acl.cc +++ b/src/rgw/rgw_acl.cc @@ -90,9 +90,7 @@ void RGWAccessControlList::_add_grant(ACLGrant *grant) default: { rgw_user id; - if (!grant->get_id(id)) { - ldout(cct, 0) << "ERROR: grant->get_id() failed" << dendl; - } + grant->get_id(id); acl_user_map[id.to_str()] |= perm.get_permissions(); } } @@ -323,7 +321,7 @@ void ACLGranteeType::generate_test_instances(list& o) void RGWAccessControlList::generate_test_instances(list& o) { - RGWAccessControlList *acl = new RGWAccessControlList(NULL); + RGWAccessControlList *acl = new RGWAccessControlList; list glist; list::iterator iter; @@ -336,7 +334,7 @@ void RGWAccessControlList::generate_test_instances(list& delete grant; } o.push_back(acl); - o.push_back(new RGWAccessControlList(NULL)); + o.push_back(new RGWAccessControlList); } void ACLOwner::generate_test_instances(list& o) @@ -356,7 +354,7 @@ void RGWAccessControlPolicy::generate_test_instances(listacl = *l; @@ -368,7 +366,7 @@ void RGWAccessControlPolicy::generate_test_instances(list; class RGWAccessControlList { protected: - CephContext *cct; /* FIXME: in the feature we should consider switching to uint32_t also * in data structures. */ std::map acl_user_map; @@ -228,15 +227,6 @@ protected: ACLGrantMap grant_map; void _add_grant(ACLGrant *grant); public: - explicit RGWAccessControlList(CephContext *_cct) : cct(_cct) {} - RGWAccessControlList() : cct(NULL) {} - - void set_ctx(CephContext *ctx) { - cct = ctx; - } - - virtual ~RGWAccessControlList() {} - uint32_t get_perm(const DoutPrefixProvider* dpp, const rgw::auth::Identity& auth_identity, uint32_t perm_mask); @@ -329,19 +319,10 @@ WRITE_CLASS_ENCODER(ACLOwner) class RGWAccessControlPolicy { protected: - CephContext *cct; RGWAccessControlList acl; ACLOwner owner; public: - explicit RGWAccessControlPolicy(CephContext *_cct) : cct(_cct), acl(_cct) {} - RGWAccessControlPolicy() : cct(NULL), acl(NULL) {} - - void set_ctx(CephContext *ctx) { - cct = ctx; - acl.set_ctx(ctx); - } - uint32_t get_perm(const DoutPrefixProvider* dpp, const rgw::auth::Identity& auth_identity, uint32_t perm_mask, diff --git a/src/rgw/rgw_acl_s3.cc b/src/rgw/rgw_acl_s3.cc index 4700f09965142..2641c19ec178d 100644 --- a/src/rgw/rgw_acl_s3.cc +++ b/src/rgw/rgw_acl_s3.cc @@ -210,7 +210,7 @@ bool ACLGrant_S3::xml_end(const char *el) { return true; } -void ACLGrant_S3::to_xml(CephContext *cct, ostream& out) { +void ACLGrant_S3::to_xml(const DoutPrefixProvider* dpp, ostream& out) { ACLPermission_S3& perm = static_cast(permission); /* only show s3 compatible permissions */ @@ -233,7 +233,7 @@ void ACLGrant_S3::to_xml(CephContext *cct, ostream& out) { break; case ACL_TYPE_GROUP: if (!group_to_uri(group, uri)) { - ldout(cct, 0) << "ERROR: group_to_uri failed with group=" << (int)group << dendl; + ldpp_dout(dpp, 0) << "ERROR: group_to_uri failed with group=" << (int)group << dendl; break; } out << "" << uri << ""; @@ -270,12 +270,12 @@ bool RGWAccessControlList_S3::xml_end(const char *el) { return true; } -void RGWAccessControlList_S3::to_xml(ostream& out) { +void RGWAccessControlList_S3::to_xml(const DoutPrefixProvider* dpp, ostream& out) { multimap::iterator iter; out << ""; for (iter = grant_map.begin(); iter != grant_map.end(); ++iter) { ACLGrant_S3& grant = static_cast(iter->second); - grant.to_xml(cct, out); + grant.to_xml(dpp, out); } out << ""; } @@ -438,12 +438,12 @@ bool RGWAccessControlPolicy_S3::xml_end(const char *el) { return true; } -void RGWAccessControlPolicy_S3::to_xml(ostream& out) { +void RGWAccessControlPolicy_S3::to_xml(const DoutPrefixProvider* dpp, ostream& out) { out << ""; ACLOwner_S3& _owner = static_cast(owner); RGWAccessControlList_S3& _acl = static_cast(acl); _owner.to_xml(out); - _acl.to_xml(out); + _acl.to_xml(dpp, out); out << ""; } @@ -593,11 +593,11 @@ XMLObj *RGWACLXMLParser_S3::alloc_obj(const char *el) { XMLObj * obj = NULL; if (strcmp(el, "AccessControlPolicy") == 0) { - obj = new RGWAccessControlPolicy_S3(cct); + obj = new RGWAccessControlPolicy_S3(); } else if (strcmp(el, "Owner") == 0) { obj = new ACLOwner_S3(); } else if (strcmp(el, "AccessControlList") == 0) { - obj = new RGWAccessControlList_S3(cct); + obj = new RGWAccessControlList_S3(); } else if (strcmp(el, "ID") == 0) { obj = new ACLID_S3(); } else if (strcmp(el, "DisplayName") == 0) { diff --git a/src/rgw/rgw_acl_s3.h b/src/rgw/rgw_acl_s3.h index 96480ff8bdd8e..e024f5c42ffb0 100644 --- a/src/rgw/rgw_acl_s3.h +++ b/src/rgw/rgw_acl_s3.h @@ -41,7 +41,7 @@ public: ACLGrant_S3() {} virtual ~ACLGrant_S3() override {} - void to_xml(CephContext *cct, std::ostream& out); + void to_xml(const DoutPrefixProvider* dpp, std::ostream& out); bool xml_end(const char *el) override; bool xml_start(const char *el, const char **attr); @@ -52,11 +52,8 @@ public: class RGWAccessControlList_S3 : public RGWAccessControlList, public XMLObj { public: - explicit RGWAccessControlList_S3(CephContext *_cct) : RGWAccessControlList(_cct) {} - virtual ~RGWAccessControlList_S3() override {} - bool xml_end(const char *el) override; - void to_xml(std::ostream& out); + void to_xml(const DoutPrefixProvider* dpp, std::ostream& out); int create_canned(ACLOwner& owner, ACLOwner& bucket_owner, const std::string& canned_acl); int create_from_grants(std::list& grants); @@ -77,12 +74,9 @@ class RGWEnv; class RGWAccessControlPolicy_S3 : public RGWAccessControlPolicy, public XMLObj { public: - explicit RGWAccessControlPolicy_S3(CephContext *_cct) : RGWAccessControlPolicy(_cct) {} - virtual ~RGWAccessControlPolicy_S3() override {} - bool xml_end(const char *el) override; - void to_xml(std::ostream& out); + void to_xml(const DoutPrefixProvider* dpp, std::ostream& out); int rebuild(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver, ACLOwner *owner, RGWAccessControlPolicy& dest, std::string &err_msg); diff --git a/src/rgw/rgw_acl_swift.cc b/src/rgw/rgw_acl_swift.cc index 060cfabed83e9..e829788c6d5a9 100644 --- a/src/rgw/rgw_acl_swift.cc +++ b/src/rgw/rgw_acl_swift.cc @@ -115,7 +115,6 @@ static boost::optional referrer_to_grant(std::string url_spec, } static ACLGrant user_to_grant(const DoutPrefixProvider *dpp, - CephContext* const cct, rgw::sal::Driver* driver, const std::string& uid, const uint32_t perm) @@ -150,7 +149,7 @@ int RGWAccessControlPolicy_SWIFT::add_grants(const DoutPrefixProvider *dpp, const size_t pos = uid.find(':'); if (std::string::npos == pos) { /* No, it don't have -- we've got just a regular user identifier. */ - grant = user_to_grant(dpp, cct, driver, uid, perm); + grant = user_to_grant(dpp, driver, uid, perm); } else { /* Yes, *potentially* an HTTP referral. */ auto designator = uid.substr(0, pos); @@ -161,7 +160,7 @@ int RGWAccessControlPolicy_SWIFT::add_grants(const DoutPrefixProvider *dpp, boost::algorithm::trim(designatee); if (! boost::algorithm::starts_with(designator, ".")) { - grant = user_to_grant(dpp, cct, driver, uid, perm); + grant = user_to_grant(dpp, driver, uid, perm); } else if ((perm & SWIFT_PERM_WRITE) == 0 && is_referrer(designator)) { /* HTTP referrer-based ACLs aren't acceptable for writes. */ grant = referrer_to_grant(designatee, perm); diff --git a/src/rgw/rgw_acl_swift.h b/src/rgw/rgw_acl_swift.h index fee32ae06abf2..5ef83ab26a7d3 100644 --- a/src/rgw/rgw_acl_swift.h +++ b/src/rgw/rgw_acl_swift.h @@ -21,10 +21,6 @@ class RGWAccessControlPolicy_SWIFT : public RGWAccessControlPolicy uint32_t perm); public: - explicit RGWAccessControlPolicy_SWIFT(CephContext* const cct) - : RGWAccessControlPolicy(cct) { - } - int create(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver, const rgw_user& id, @@ -39,10 +35,6 @@ public: class RGWAccessControlPolicy_SWIFTAcct : public RGWAccessControlPolicy { public: - explicit RGWAccessControlPolicy_SWIFTAcct(CephContext * const cct) - : RGWAccessControlPolicy(cct) { - } - void add_grants(const DoutPrefixProvider *dpp, rgw::sal::Driver* driver, const std::vector& uids, diff --git a/src/rgw/rgw_file_int.h b/src/rgw/rgw_file_int.h index 91c858e5b3bdd..4e3b269ffd0a3 100644 --- a/src/rgw/rgw_file_int.h +++ b/src/rgw/rgw_file_int.h @@ -1914,7 +1914,7 @@ public: int get_params(optional_yield) override { req_state* state = get_state(); - RGWAccessControlPolicy_S3 s3policy(state->cct); + RGWAccessControlPolicy_S3 s3policy; /* we don't have (any) headers, so just create canned ACLs */ int ret = s3policy.create_canned(state->owner, state->bucket_owner, state->canned_acl); policy = s3policy; @@ -2030,7 +2030,7 @@ public: int get_params(optional_yield) override { req_state* state = get_state(); - RGWAccessControlPolicy_S3 s3policy(state->cct); + RGWAccessControlPolicy_S3 s3policy; /* we don't have (any) headers, so just create canned ACLs */ int ret = s3policy.create_canned(state->owner, state->bucket_owner, state->canned_acl); policy = s3policy; @@ -2534,7 +2534,7 @@ public: int get_params(optional_yield) override { req_state* state = get_state(); - RGWAccessControlPolicy_S3 s3policy(state->cct); + RGWAccessControlPolicy_S3 s3policy; /* we don't have (any) headers, so just create canned ACLs */ int ret = s3policy.create_canned(state->owner, state->bucket_owner, state->canned_acl); policy = s3policy; @@ -2641,7 +2641,7 @@ public: int get_params(optional_yield) override { req_state* s = get_state(); - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; /* we don't have (any) headers, so just create canned ACLs */ int ret = s3policy.create_canned(s->owner, s->bucket_owner, s->canned_acl); dest_policy = s3policy; diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index 5574162aab043..39e12a5ab0966 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -231,7 +231,7 @@ static int decode_policy(const DoutPrefixProvider *dpp, if (cct->_conf->subsys.should_gather()) { ldpp_dout(dpp, 15) << __func__ << " Read AccessControlPolicy"; RGWAccessControlPolicy_S3 *s3policy = static_cast(policy); - s3policy->to_xml(*_dout); + s3policy->to_xml(dpp, *_dout); *_dout << dendl; } return 0; @@ -450,7 +450,7 @@ static int read_obj_policy(const DoutPrefixProvider *dpp, if (ret == -ENOENT) { /* object does not exist checking the bucket's ACL to make sure that we send a proper error code */ - RGWAccessControlPolicy bucket_policy(s->cct); + RGWAccessControlPolicy bucket_policy; ret = rgw_op_get_bucket_policy_from_attr(dpp, s->cct, driver, bucket_info.owner, bucket_attrs, &bucket_policy, y); if (ret < 0) { @@ -513,17 +513,17 @@ int rgw_build_bucket_policies(const DoutPrefixProvider *dpp, rgw::sal::Driver* d } if(s->dialect.compare("s3") == 0) { - s->bucket_acl = std::make_unique(s->cct); + s->bucket_acl = std::make_unique(); } else if(s->dialect.compare("swift") == 0) { /* We aren't allocating the account policy for those operations using * the Swift's infrastructure that don't really need req_state::user. * Typical example here is the implementation of /info. */ if (!s->user->get_id().empty()) { - s->user_acl = std::make_unique(s->cct); + s->user_acl = std::make_unique(); } - s->bucket_acl = std::make_unique(s->cct); + s->bucket_acl = std::make_unique(); } else { - s->bucket_acl = std::make_unique(s->cct); + s->bucket_acl = std::make_unique(); } const RGWZoneGroup& zonegroup = s->penv.site->get_zonegroup(); @@ -696,7 +696,7 @@ int rgw_build_object_policies(const DoutPrefixProvider *dpp, rgw::sal::Driver* d if (!s->bucket_exists) { return -ERR_NO_SUCH_BUCKET; } - s->object_acl = std::make_unique(s->cct); + s->object_acl = std::make_unique(); s->object->set_atomic(); if (prefetch_data) { @@ -1642,7 +1642,7 @@ int rgw_policy_from_attrset(const DoutPrefixProvider *dpp, CephContext *cct, map if (cct->_conf->subsys.should_gather()) { RGWAccessControlPolicy_S3 *s3policy = static_cast(policy); ldpp_dout(dpp, 15) << __func__ << " Read AccessControlPolicy"; - s3policy->to_xml(*_dout); + s3policy->to_xml(dpp, *_dout); *_dout << dendl; } return 0; @@ -1667,7 +1667,7 @@ int RGWGetObj::read_user_manifest_part(rgw::sal::Bucket* bucket, std::unique_ptr part = bucket->get_object(ent.key); - RGWAccessControlPolicy obj_policy(s->cct); + RGWAccessControlPolicy obj_policy; ldpp_dout(this, 20) << "reading obj=" << part << " ofs=" << cur_ofs << " end=" << cur_end << dendl; @@ -1962,7 +1962,7 @@ int RGWGetObj::handle_user_manifest(const char *prefix, optional_yield y) const std::string bucket_name = url_decode(prefix_view.substr(0, pos)); const std::string obj_prefix = url_decode(prefix_view.substr(pos + 1)); - RGWAccessControlPolicy _bucket_acl(s->cct); + RGWAccessControlPolicy _bucket_acl; RGWAccessControlPolicy *bucket_acl; boost::optional _bucket_policy; boost::optional* bucket_policy; @@ -2100,8 +2100,7 @@ int RGWGetObj::handle_slo_manifest(bufferlist& bl, optional_yield y) bucket_policy = piter->second.second.get_ptr(); bucket = buckets[bucket_name].get(); } else { - allocated_acls.push_back(RGWAccessControlPolicy(s->cct)); - RGWAccessControlPolicy& _bucket_acl = allocated_acls.back(); + RGWAccessControlPolicy& _bucket_acl = allocated_acls.emplace_back(); std::unique_ptr tmp_bucket; int r = driver->load_bucket(this, rgw_bucket(s->user->get_tenant(), @@ -3516,7 +3515,7 @@ void RGWCreateBucket::execute(optional_yield y) } // don't allow changes to the acl policy - RGWAccessControlPolicy old_policy(get_cct()); + RGWAccessControlPolicy old_policy; int r = rgw_op_get_bucket_policy_from_attr(this, s->cct, driver, info.owner, s->bucket->get_attrs(), &old_policy, y); @@ -3843,7 +3842,7 @@ int RGWPutObj::verify_permission(optional_yield y) { if (! copy_source.empty()) { - RGWAccessControlPolicy cs_acl(s->cct); + RGWAccessControlPolicy cs_acl; boost::optional policy; map cs_attrs; auto cs_bucket = driver->get_bucket(copy_source_bucket_info); @@ -5484,7 +5483,7 @@ int RGWCopyObj::init_processing(optional_yield y) int RGWCopyObj::verify_permission(optional_yield y) { - RGWAccessControlPolicy src_acl(s->cct); + RGWAccessControlPolicy src_acl; boost::optional src_policy; /* get buckets info (source and dest) */ @@ -5583,7 +5582,7 @@ int RGWCopyObj::verify_permission(optional_yield y) } } - RGWAccessControlPolicy dest_bucket_policy(s->cct); + RGWAccessControlPolicy dest_bucket_policy; s->object->set_atomic(); @@ -5898,7 +5897,7 @@ void RGWGetACLs::execute(optional_yield y) (!rgw::sal::Object::empty(s->object.get()) ? s->object_acl.get() : s->bucket_acl.get()); RGWAccessControlPolicy_S3* const s3policy = \ static_cast(acl); - s3policy->to_xml(ss); + s3policy->to_xml(this, ss); acls = ss.str(); } @@ -5993,7 +5992,7 @@ void RGWPutACLs::execute(optional_yield y) RGWAccessControlPolicy_S3 *policy = NULL; RGWACLXMLParser_S3 parser(s->cct); - RGWAccessControlPolicy_S3 new_policy(s->cct); + RGWAccessControlPolicy_S3 new_policy; stringstream ss; op_ret = 0; /* XXX redundant? */ @@ -6085,7 +6084,7 @@ void RGWPutACLs::execute(optional_yield y) if (s->cct->_conf->subsys.should_gather()) { ldpp_dout(this, 15) << "Old AccessControlPolicy"; - policy->to_xml(*_dout); + policy->to_xml(this, *_dout); *_dout << dendl; } @@ -6095,7 +6094,7 @@ void RGWPutACLs::execute(optional_yield y) if (s->cct->_conf->subsys.should_gather()) { ldpp_dout(this, 15) << "New AccessControlPolicy:"; - new_policy.to_xml(*_dout); + new_policy.to_xml(this, *_dout); *_dout << dendl; } @@ -7408,7 +7407,7 @@ bool RGWBulkDelete::Deleter::verify_permission(RGWBucketInfo& binfo, ACLOwner& bucket_owner /* out */, optional_yield y) { - RGWAccessControlPolicy bacl(driver->ctx()); + RGWAccessControlPolicy bacl; int ret = read_bucket_policy(dpp, driver, s, binfo, battrs, &bacl, binfo.bucket, y); if (ret < 0) { return false; @@ -7747,7 +7746,7 @@ bool RGWBulkUploadOp::handle_file_verify_permission(RGWBucketInfo& binfo, ACLOwner& bucket_owner /* out */, optional_yield y) { - RGWAccessControlPolicy bacl(driver->ctx()); + RGWAccessControlPolicy bacl; op_ret = read_bucket_policy(this, driver, s, binfo, battrs, &bacl, binfo.bucket, y); if (op_ret < 0) { ldpp_dout(this, 20) << "cannot read_policy() for bucket" << dendl; diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h index be7232ae392da..70266cbfc6673 100644 --- a/src/rgw/rgw_op.h +++ b/src/rgw/rgw_op.h @@ -1098,7 +1098,6 @@ class RGWCreateBucket : public RGWOp { void execute(optional_yield y) override; void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); relaxed_region_enforcement = s->cct->_conf.get_val("rgw_relaxed_region_enforcement"); } @@ -1249,11 +1248,6 @@ public: delete obj_legal_hold; } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } - virtual int init_processing(optional_yield y) override; void emplace_attr(std::string&& key, buffer::list&& bl) { @@ -1328,11 +1322,6 @@ public: attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */ } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } - int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override; @@ -1367,10 +1356,6 @@ public: has_policy(false) { } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } int init_processing(optional_yield y) override; int verify_permission(optional_yield y) override; void pre_exec() override { } @@ -1406,11 +1391,6 @@ public: attrs.emplace(std::move(key), std::move(bl)); /* key and bl are r-value refs */ } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } - int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override; @@ -1433,10 +1413,6 @@ public: : dlo_manifest(NULL) {} - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override; @@ -1560,10 +1536,6 @@ public: attrs.emplace(std::move(key), std::move(bl)); } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - dest_policy.set_ctx(s->cct); - } int init_processing(optional_yield y) override; int verify_permission(optional_yield y) override; void pre_exec() override; @@ -1844,10 +1816,6 @@ protected: public: RGWInitMultipart() {} - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy.set_ctx(s->cct); - } int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override; @@ -1919,10 +1887,6 @@ public: truncated = false; } - void init(rgw::sal::Driver* driver, req_state *s, RGWHandler *h) override { - RGWOp::init(driver, s, h); - policy = RGWAccessControlPolicy(s->cct); - } int verify_permission(optional_yield y) override; void pre_exec() override; void execute(optional_yield y) override; diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index dbc75955940f3..e4c90bc81e1d7 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -2447,7 +2447,7 @@ public: int RGWCreateBucket_ObjStore_S3::get_params(optional_yield y) { - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; bool relaxed_names = s->cct->_conf->rgw_relaxed_s3_bucket_names; int r; @@ -2589,7 +2589,7 @@ int RGWPutObj_ObjStore_S3::get_params(optional_yield y) return ret; } - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; ret = create_s3_policy(s, driver, s3policy, s->owner); if (ret < 0) return ret; @@ -3215,7 +3215,7 @@ int RGWPostObj_ObjStore_S3::get_policy(optional_yield y) string canned_acl; part_str(parts, "acl", &canned_acl); - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; ldpp_dout(this, 20) << "canned_acl=" << canned_acl << dendl; if (s3policy.create_canned(s->owner, s->bucket_owner, canned_acl) < 0) { err_msg = "Bad canned ACLs"; @@ -3450,7 +3450,7 @@ void RGWDeleteObj_ObjStore_S3::send_response() int RGWCopyObj_ObjStore_S3::init_dest_policy() { - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; /* build a policy for the target object */ int r = create_s3_policy(s, driver, s3policy, s->owner); @@ -3625,7 +3625,7 @@ int RGWPutACLs_ObjStore_S3::get_policy_from_state(rgw::sal::Driver* driver, req_state *s, stringstream& ss) { - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; // bucket-* canned acls do not apply to bucket if (rgw::sal::Object::empty(s->object.get())) { @@ -3637,7 +3637,7 @@ int RGWPutACLs_ObjStore_S3::get_policy_from_state(rgw::sal::Driver* driver, if (r < 0) return r; - s3policy.to_xml(ss); + s3policy.to_xml(this, ss); return 0; } @@ -3972,7 +3972,7 @@ int RGWInitMultipart_ObjStore_S3::get_params(optional_yield y) return ret; } - RGWAccessControlPolicy_S3 s3policy(s->cct); + RGWAccessControlPolicy_S3 s3policy; ret = create_s3_policy(s, driver, s3policy, s->owner); if (ret < 0) return ret; diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc index 25ba61841613f..a92d1f56f810e 100644 --- a/src/rgw/rgw_rest_swift.cc +++ b/src/rgw/rgw_rest_swift.cc @@ -607,7 +607,7 @@ static int get_swift_container_settings(req_state * const s, *has_policy = false; if (read_list || write_list) { - RGWAccessControlPolicy_SWIFT swift_policy(s->cct); + RGWAccessControlPolicy_SWIFT swift_policy; const auto r = swift_policy.create(s, driver, s->user->get_id(), s->user->get_display_name(), @@ -1067,7 +1067,7 @@ static int get_swift_account_settings(req_state * const s, const char * const acl_attr = s->info.env->get("HTTP_X_ACCOUNT_ACCESS_CONTROL"); if (acl_attr) { - RGWAccessControlPolicy_SWIFTAcct swift_acct_policy(s->cct); + RGWAccessControlPolicy_SWIFTAcct swift_acct_policy; const bool r = swift_acct_policy.create(s, driver, s->user->get_id(), s->user->get_display_name(), -- 2.39.5