From 3e469f6d337d1046f34af5dd00ae3d3dfcc375bf Mon Sep 17 00:00:00 2001
From: Zengran Zhang <zhangzengran@h3c.com>
Date: Sun, 31 Jan 2016 23:58:58 -0500
Subject: [PATCH] rgw: fix the condition of authenticated user's permit check

before fix:
put a bucket under one user with authenticated-read permit
> ./s3curl.pl http://myobs.com/mybucket --put --H "x-amz-acl: authenticated-read"
GET the bucket with anonymous user
> curl http://myobs.com/mybucket -X GET

> successed!

after fix:
anonymous cant GET the authenticated-read bucket
other users who authenticated could GET it

Signed-off-by: Zengran Zhang <zhangzengran@h3c.com>
---
 src/rgw/rgw_acl.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rgw/rgw_acl.cc b/src/rgw/rgw_acl.cc
index d117caa64dfa8..8c0066ec32637 100644
--- a/src/rgw/rgw_acl.cc
+++ b/src/rgw/rgw_acl.cc
@@ -82,7 +82,7 @@ int RGWAccessControlPolicy::get_perm(rgw_user& id, int perm_mask) {
   if ((perm & perm_mask) != perm_mask) {
     perm |= acl.get_group_perm(ACL_GROUP_ALL_USERS, perm_mask);
 
-    if (!compare_group_name(id.id, ACL_GROUP_ALL_USERS)) {
+    if (id.compare(RGW_USER_ANON_ID)) {
       /* this is not the anonymous user */
       perm |= acl.get_group_perm(ACL_GROUP_AUTHENTICATED_USERS, perm_mask);
     }
-- 
2.47.3