diff options
| author | Yehuda Sadeh <yehuda@hq.newdream.net> | 2011-09-06 14:37:30 -0700 |
|---|---|---|
| committer | Yehuda Sadeh <yehuda@hq.newdream.net> | 2011-09-06 14:37:57 -0700 |
| commit | 77153d9fd2403db23110139a143dfcf8e95db289 (patch) | |
| tree | 7b6d163d54829cc8568e8d04799976759aebfc5b | |
| parent | 988ff0fd51fcbc1e8e040ddfe56433fe01673a3b (diff) | |
| download | ceph-77153d9fd2403db23110139a143dfcf8e95db289.tar.gz | |
rgw: set perm_mask for swift operations
| -rw-r--r-- | src/rgw/rgw_common.cc | 5 | ||||
| -rw-r--r-- | src/rgw/rgw_rest_swift.cc | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/src/rgw/rgw_common.cc b/src/rgw/rgw_common.cc index abb644efeac..c1db8fa59c6 100644 --- a/src/rgw/rgw_common.cc +++ b/src/rgw/rgw_common.cc @@ -263,7 +263,10 @@ bool verify_permission(RGWAccessControlPolicy *policy, string& uid, int user_per if (!policy) return false; - int acl_perm = policy->get_perm(g_ceph_context, uid, perm) & user_perm_mask; + int policy_perm = policy->get_perm(g_ceph_context, uid, perm); + int acl_perm = policy_perm & user_perm_mask; + + RGW_LOG(10) << " uid=" << uid << " requested perm (type)=" << perm << ", policy perm=" << policy_perm << ", user_perm_mask=" << user_perm_mask << ", acl perm=" << acl_perm << dendl; return (perm == acl_perm); } diff --git a/src/rgw/rgw_rest_swift.cc b/src/rgw/rgw_rest_swift.cc index 62e0ec43117..694e47fff95 100644 --- a/src/rgw/rgw_rest_swift.cc +++ b/src/rgw/rgw_rest_swift.cc @@ -303,5 +303,7 @@ int RGWHandler_REST_SWIFT::authorize() if (!authorized) return -EPERM; + s->perm_mask = RGW_PERM_FULL_CONTROL; + return 0; } |