diff options
| author | Joao Eduardo Luis <joao.luis@inktank.com> | 2013-07-28 18:51:49 +0100 |
|---|---|---|
| committer | Sage Weil <sage@inktank.com> | 2013-08-02 15:19:13 -0700 |
| commit | 2146ab19a5c4dc770ba8bf036080b408dab3b71b (patch) | |
| tree | 7fe9659b300a49018b396cdc4a142ffdf1dc4b85 | |
| parent | afb1fc344b90e7bbdb8694ca5246ca957025877e (diff) | |
| download | ceph-2146ab19a5c4dc770ba8bf036080b408dab3b71b.tar.gz | |
mon: Monitor: purge old permission checking format on handle_command()
Signed-off-by: Joao Eduardo Luis <joao.luis@inktank.com>
| -rw-r--r-- | src/mon/Monitor.cc | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc index 20a799f3e52..4fc0c999340 100644 --- a/src/mon/Monitor.cc +++ b/src/mon/Monitor.cc @@ -2004,10 +2004,6 @@ void Monitor::handle_command(MMonCommand *m) return; } - bool access_cmd; - bool access_r; - bool access_all; - string module; string err; @@ -2020,10 +2016,6 @@ void Monitor::handle_command(MMonCommand *m) get_str_vec(prefix, fullcmd); module = fullcmd[0]; - access_cmd = _allowed_command(session, cmdmap); - access_r = (session->is_capable("mon", MON_CAP_R) || access_cmd); - access_all = (session->caps.is_allow_all() || access_cmd); - if (!_allowed_command(session, module, prefix, cmdmap)) { dout(1) << __func__ << " access denied" << dendl; reply_command(m, -EACCES, "access denied", 0); @@ -2056,11 +2048,6 @@ void Monitor::handle_command(MMonCommand *m) } if (module == "config-key") { - if (!access_all) { - r = -EACCES; - rs = "access denied"; - goto out; - } config_key_service->dispatch(m); return; } @@ -2092,11 +2079,6 @@ void Monitor::handle_command(MMonCommand *m) } if (prefix == "compact") { - if (!access_all) { - r = -EACCES; - rs = "access denied"; - goto out; - } dout(1) << "triggering manual compaction" << dendl; utime_t start = ceph_clock_now(g_ceph_context); store->compact(); @@ -2109,11 +2091,6 @@ void Monitor::handle_command(MMonCommand *m) r = 0; } else if (prefix == "injectargs") { - if (!access_all) { - r = -EACCES; - rs = "access denied"; - goto out; - } vector<string> injected_args; cmd_getval(g_ceph_context, cmdmap, "injected_args", injected_args); if (!injected_args.empty()) { @@ -2133,12 +2110,6 @@ void Monitor::handle_command(MMonCommand *m) } else if (prefix == "status" || prefix == "health" || prefix == "df") { - if (!access_r) { - r = -EACCES; - rs = "access denied"; - goto out; - } - string detail; cmd_getval(g_ceph_context, cmdmap, "detail", detail); @@ -2189,11 +2160,6 @@ void Monitor::handle_command(MMonCommand *m) rs = ""; r = 0; } else if (prefix == "report") { - if (!access_r) { - r = -EACCES; - rs = "access denied"; - goto out; - } // this must be formatted, in its current form if (!f) @@ -2232,11 +2198,6 @@ void Monitor::handle_command(MMonCommand *m) rs = ss2.str(); r = 0; } else if (prefix == "quorum_status") { - if (!access_r) { - r = -EACCES; - rs = "access denied"; - goto out; - } // make sure our map is readable and up to date if (!is_leader() && !is_peon()) { dout(10) << " waiting for quorum" << dendl; @@ -2248,11 +2209,6 @@ void Monitor::handle_command(MMonCommand *m) rs = ""; r = 0; } else if (prefix == "mon_status") { - if (!access_r) { - r = -EACCES; - rs = "access denied"; - goto out; - } _mon_status(f.get(), ds); rdata.append(ds); rs = ""; @@ -2273,11 +2229,6 @@ void Monitor::handle_command(MMonCommand *m) rs = ds.str(); r = 0; } else if (prefix == "heap") { - if (!access_all) { - r = -EACCES; - rs = "access denied"; - goto out; - } if (!ceph_using_tcmalloc()) rs = "tcmalloc not enabled, can't use heap profiler commands\n"; else { @@ -2292,11 +2243,6 @@ void Monitor::handle_command(MMonCommand *m) r = 0; } } else if (prefix == "quorum") { - if (!access_all) { - r = -EACCES; - rs = "access denied"; - goto out; - } string quorumcmd; cmd_getval(g_ceph_context, cmdmap, "quorumcmd", quorumcmd); if (quorumcmd == "exit") { @@ -2310,9 +2256,6 @@ void Monitor::handle_command(MMonCommand *m) rs = "started responding to quorum, initiated new election"; r = 0; } - } else if (!access_cmd) { - r = -EACCES; - rs = "access denied"; } out: |