return get_decoratee().get_identity_type();
}
- string get_acct_name() const override {
+ std::string get_acct_name() const override {
return get_decoratee().get_acct_name();
}
- string get_subuser() const override {
+ std::string get_subuser() const override {
return get_decoratee().get_subuser();
}
get_decoratee().to_str(out);
}
- string get_role_tenant() const override { /* in/out */
+ std::string get_role_tenant() const override { /* in/out */
return get_decoratee().get_role_tenant();
}
template <typename T>
class ThirdPartyAccountApplier : public DecoratedApplier<T> {
- /* const */RGWCtl* const ctl;
+ rgw::sal::Store* store;
const rgw_user acct_user_override;
public:
static const rgw_user UNKNOWN_ACCT;
template <typename U>
- ThirdPartyAccountApplier(RGWCtl* const ctl,
+ ThirdPartyAccountApplier(rgw::sal::Store* store,
const rgw_user &acct_user_override,
U&& decoratee)
: DecoratedApplier<T>(std::move(decoratee)),
- ctl(ctl),
+ store(store),
acct_user_override(acct_user_override) {
}
} else {
/* Compatibility mechanism for multi-tenancy. For more details refer to
* load_acct_info method of rgw::auth::RemoteApplier. */
+ std::unique_ptr<rgw::sal::User> user;
+
if (acct_user_override.tenant.empty()) {
const rgw_user tenanted_uid(acct_user_override.id, acct_user_override.id);
+ user = store->get_user(tenanted_uid);
- if (ctl->user->get_info_by_uid(dpp, tenanted_uid, &user_info, null_yield) >= 0) {
+ if (user->load_user(dpp, null_yield) >= 0) {
+ user_info = user->get_info();
/* Succeeded. */
return;
}
}
- const int ret = ctl->user->get_info_by_uid(dpp, acct_user_override, &user_info, null_yield);
+ user = store->get_user(acct_user_override);
+ const int ret = user->load_user(dpp, null_yield);
if (ret < 0) {
/* We aren't trying to recover from ENOENT here. It's supposed that creating
* someone else's account isn't a thing we want to support in this filter. */
throw ret;
}
}
-
+ user_info = user->get_info();
}
}
template <typename T> static inline
-ThirdPartyAccountApplier<T> add_3rdparty(RGWCtl* const ctl,
+ThirdPartyAccountApplier<T> add_3rdparty(rgw::sal::Store* store,
const rgw_user &acct_user_override,
T&& t) {
- return ThirdPartyAccountApplier<T>(ctl, acct_user_override,
+ return ThirdPartyAccountApplier<T>(store, acct_user_override,
std::forward<T>(t));
}
template <typename T>
class SysReqApplier : public DecoratedApplier<T> {
CephContext* const cct;
- /*const*/ RGWCtl* const ctl;
+ rgw::sal::Store* store;
const RGWHTTPArgs& args;
mutable boost::tribool is_system;
public:
template <typename U>
SysReqApplier(CephContext* const cct,
- /*const*/ RGWCtl* const ctl,
+ rgw::sal::Store* store,
const req_state* const s,
U&& decoratee)
: DecoratedApplier<T>(std::forward<T>(decoratee)),
cct(cct),
- ctl(ctl),
+ store(store),
args(s->info.args),
is_system(boost::logic::indeterminate) {
}
/* We aren't writing directly to user_info for consistency and security
* reasons. rgw_get_user_info_by_uid doesn't trigger the operator=() but
* calls ::decode instead. */
- RGWUserInfo euser_info;
- if (ctl->user->get_info_by_uid(dpp, effective_uid, &euser_info, null_yield) < 0) {
+ std::unique_ptr<rgw::sal::User> user = store->get_user(effective_uid);
+ if (user->load_user(dpp, null_yield) < 0) {
//ldpp_dout(dpp, 0) << "User lookup failed!" << dendl;
throw -EACCES;
}
- user_info = euser_info;
+ user_info = user->get_info();
}
}
}
template <typename T> static inline
SysReqApplier<T> add_sysreq(CephContext* const cct,
- /* const */ RGWCtl* const ctl,
+ rgw::sal::Store* store,
const req_state* const s,
T&& t) {
- return SysReqApplier<T>(cct, ctl, s, std::forward<T>(t));
+ return SysReqApplier<T>(cct, store, s, std::forward<T>(t));
}
} /* namespace auth */