From d57b38f85b683dfb365c3cb98362d486594f9eb3 Mon Sep 17 00:00:00 2001 From: Yehuda Sadeh Date: Fri, 27 Feb 2015 15:32:50 -0800 Subject: [PATCH] rgw: don't overwrite bucket / object owner when setting acls Fixes: #10978 Backport: hammer, firefly Signed-off-by: Yehuda Sadeh (cherry picked from commit eb13f2d4b60c031f16139f7cc4237c012644dd78) Conflicts: src/rgw/rgw_op.cc : trivial s/.empty()/== NULL/ --- src/rgw/rgw_op.cc | 7 ++++--- src/rgw/rgw_op.h | 1 + src/rgw/rgw_rest_s3.cc | 16 ++++++++-------- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/src/rgw/rgw_op.cc b/src/rgw/rgw_op.cc index cc9aea04d91..4cc12eabb38 100644 --- a/src/rgw/rgw_op.cc +++ b/src/rgw/rgw_op.cc @@ -2228,7 +2228,6 @@ void RGWPutACLs::execute() RGWAccessControlPolicy_S3 new_policy(s->cct); stringstream ss; char *new_data = NULL; - ACLOwner owner; rgw_obj obj; ret = 0; @@ -2238,8 +2237,10 @@ void RGWPutACLs::execute() return; } - owner.set_id(s->user.user_id); - owner.set_name(s->user.display_name); + + RGWAccessControlPolicy *existing_policy = (s->object == NULL? s->bucket_acl : s->object_acl); + + owner = existing_policy->get_owner(); ret = get_params(); if (ret < 0) diff --git a/src/rgw/rgw_op.h b/src/rgw/rgw_op.h index 55b82080171..bd6f96401d1 100644 --- a/src/rgw/rgw_op.h +++ b/src/rgw/rgw_op.h @@ -555,6 +555,7 @@ protected: int ret; size_t len; char *data; + ACLOwner owner; public: RGWPutACLs() { diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc index 68b379fbb06..6fcecf7ac54 100644 --- a/src/rgw/rgw_rest_s3.cc +++ b/src/rgw/rgw_rest_s3.cc @@ -321,16 +321,16 @@ void RGWStatBucket_ObjStore_S3::send_response() dump_start(s); } -static int create_s3_policy(struct req_state *s, RGWRados *store, RGWAccessControlPolicy_S3& s3policy) +static int create_s3_policy(struct req_state *s, RGWRados *store, RGWAccessControlPolicy_S3& s3policy, ACLOwner& owner) { if (s->has_acl_header) { if (!s->canned_acl.empty()) return -ERR_INVALID_REQUEST; - return s3policy.create_from_headers(store, s->info.env, s->owner); + return s3policy.create_from_headers(store, s->info.env, owner); } - return s3policy.create_canned(s->owner, s->bucket_owner, s->canned_acl); + return s3policy.create_canned(owner, s->bucket_owner, s->canned_acl); } class RGWLocationConstraint : public XMLObj @@ -386,7 +386,7 @@ int RGWCreateBucket_ObjStore_S3::get_params() { RGWAccessControlPolicy_S3 s3policy(s->cct); - int r = create_s3_policy(s, store, s3policy); + int r = create_s3_policy(s, store, s3policy, s->owner); if (r < 0) return r; @@ -487,7 +487,7 @@ int RGWPutObj_ObjStore_S3::get_params() if (!s->length) return -ERR_LENGTH_REQUIRED; - int r = create_s3_policy(s, store, s3policy); + int r = create_s3_policy(s, store, s3policy, s->owner); if (r < 0) return r; @@ -1198,7 +1198,7 @@ int RGWCopyObj_ObjStore_S3::init_dest_policy() RGWAccessControlPolicy_S3 s3policy(s->cct); /* build a policy for the target object */ - int r = create_s3_policy(s, store, s3policy); + int r = create_s3_policy(s, store, s3policy, s->owner); if (r < 0) return r; @@ -1313,7 +1313,7 @@ int RGWPutACLs_ObjStore_S3::get_policy_from_state(RGWRados *store, struct req_st s->canned_acl.clear(); } - int r = create_s3_policy(s, store, s3policy); + int r = create_s3_policy(s, store, s3policy, owner); if (r < 0) return r; @@ -1455,7 +1455,7 @@ void RGWOptionsCORS_ObjStore_S3::send_response() int RGWInitMultipart_ObjStore_S3::get_params() { RGWAccessControlPolicy_S3 s3policy(s->cct); - ret = create_s3_policy(s, store, s3policy); + ret = create_s3_policy(s, store, s3policy, s->owner); if (ret < 0) return ret; -- 2.47.3