From e22b77288a45ebfd7fb78c5654fa246c8782fb03 Mon Sep 17 00:00:00 2001 From: Mark Houghton Date: Tue, 20 Oct 2020 17:54:32 +0100 Subject: [PATCH] rgw: Honour governance retention override in multi-object delete. Allow governance retention to be overridden by a suitably privileged user. Fixes: http://tracker.ceph.com/issues/47586 Signed-off-by: Mark Houghton (cherry picked from commit 6989da1bcbe59e4d561c9d16f0ff891f6c6ef567) Signed-off-by: Matt Benjamin Conflicts: src/rgw/rgw_op.cc --- src/rgw/rgw_op.h | 5 +++++ src/rgw/rgw_rest_s3.cc | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h index e76b12581f96c..90b4b84c46335 100644 --- a/src/rgw/rgw_op.h +++ b/src/rgw/rgw_op.h @@ -1849,11 +1849,16 @@ protected: bool quiet; bool status_dumped; bool acl_allowed = false; + bool bypass_perm; + bool bypass_governance_mode; + public: RGWDeleteMultiObj() { quiet = false; status_dumped = false; + bypass_perm = true; + bypass_governance_mode = false; } int verify_permission() override; void pre_exec() override; diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index f25890f527ab8..a92383b688abd 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -3188,6 +3188,12 @@ int RGWDeleteMultiObj_ObjStore_S3::get_params() return ret; } + const char *bypass_gov_header = s->info.env->get("HTTP_X_AMZ_BYPASS_GOVERNANCE_RETENTION"); + if (bypass_gov_header) { + std::string bypass_gov_decoded = url_decode(bypass_gov_header); + bypass_governance_mode = boost::algorithm::iequals(bypass_gov_decoded, "true"); + } + return do_aws4_auth_completion(); } -- 2.39.5