From c654e709a037211cf08f476dec133489b1193f09 Mon Sep 17 00:00:00 2001
From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Tue, 10 Sep 2019 15:26:41 +0200
Subject: [PATCH] rgw: move IsPublic to RGWAccessControlPolicy class

This helps reusing when evaluating for PutACLs and Put Policy

Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
---
 src/rgw/rgw_acl.cc | 13 +++++++++++++
 src/rgw/rgw_acl.h  |  1 +
 src/rgw/rgw_op.cc  | 14 +-------------
 3 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/rgw/rgw_acl.cc b/src/rgw/rgw_acl.cc
index 8a58cca0aaf..ac6313f8150 100644
--- a/src/rgw/rgw_acl.cc
+++ b/src/rgw/rgw_acl.cc
@@ -186,3 +186,16 @@ bool RGWAccessControlPolicy::verify_permission(const DoutPrefixProvider* dpp,
 }
 
 
+bool RGWAccessControlPolicy::IsPublic() const
+{
+
+  static constexpr auto public_groups = {ACL_GROUP_ALL_USERS,
+					 ACL_GROUP_AUTHENTICATED_USERS};
+  return std::any_of(public_groups.begin(), public_groups.end(),
+                         [&](ACLGroupTypeEnum g) {
+                           auto p = acl.get_group_perm(g, RGW_PERM_FULL_CONTROL);
+                           return (p != RGW_PERM_NONE) && (p != RGW_PERM_INVALID);
+                         }
+                         );
+
+}
diff --git a/src/rgw/rgw_acl.h b/src/rgw/rgw_acl.h
index 2b9ff3694dc..0ba06ef8b6c 100644
--- a/src/rgw/rgw_acl.h
+++ b/src/rgw/rgw_acl.h
@@ -463,6 +463,7 @@ public:
   }
 
   virtual bool compare_group_name(string& id, ACLGroupTypeEnum group) { return false; }
+  bool IsPublic() const;
 };
 WRITE_CLASS_ENCODER(RGWAccessControlPolicy)
 
diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc
index 9757a75ef96..cb7f3d0aa05 100644
--- a/src/rgw/rgw_op.cc
+++ b/src/rgw/rgw_op.cc
@@ -8074,19 +8074,7 @@ int RGWGetBucketPolicyStatus::verify_permission()
 
 void RGWGetBucketPolicyStatus::execute()
 {
-  static constexpr auto public_groups = {ACL_GROUP_ALL_USERS,
-					 ACL_GROUP_AUTHENTICATED_USERS};
-
-  const auto& bucket_acl = s->bucket_acl->get_acl();
-  isPublic = std::any_of(public_groups.begin(), public_groups.end(),
-  			 [&bucket_acl](ACLGroupTypeEnum g) {
-  			    auto p = bucket_acl.get_group_perm(g, RGW_PERM_FULL_CONTROL);
-  			    return (p != RGW_PERM_NONE) && (p != RGW_PERM_INVALID);
-  			  }
-  			 );
-  ldout(s->cct,20) << __func__ << "ACL public status=" << isPublic << dendl;
-  if (s->iam_policy)
-    isPublic |= rgw::IAM::IsPublic(*s->iam_policy);
+  isPublic = rgw::IAM::IsPublic(*s->iam_policy) | s->bucket_acl->IsPublic();
 }
 
 int RGWPutBucketPublicAccessBlock::verify_permission()
-- 
2.39.5