rgw: parametrize the implicit tenancy of rgw::auth::RemoteApplier.

Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com>
2025-02-20 17:37:29 +00:00 · 2017-02-07 19:10:18 +01:00 · 2017-02-07 19:10:18 +01:00 · 92d44fe3a1
commit 92d44fe3a1
parent f13f04bbb3
5 changed files with 14 additions and 9 deletions
--- a/src/rgw/rgw_auth.cc
+++ b/src/rgw/rgw_auth.cc
@ -309,9 +309,9 @@ void rgw::auth::RemoteApplier::create_account(const rgw_user& acct_user,
    user_info.type = info.acct_type;
  }

-  /* Administrator may enforce creating new accounts within their own tenants.
-   * The config parameter name is kept due to legacy. */
-  if (new_acct_user.tenant.empty() && g_conf->rgw_keystone_implicit_tenants) {
+  /* An upper layer may enforce creating new accounts within their own
+   * tenants. */
+  if (new_acct_user.tenant.empty() && implicit_tenants) {
    new_acct_user.tenant = new_acct_user.id;
  }

--- a/src/rgw/rgw_auth.h
+++ b/src/rgw/rgw_auth.h
@ -369,6 +369,7 @@ protected:
  const acl_strategy_t extra_acl_strategy;

  const AuthInfo info;
+  const bool implicit_tenants;

  virtual void create_account(const rgw_user& acct_user,
                              RGWUserInfo& user_info) const;          /* out */
@ -377,11 +378,13 @@ public:
  RemoteApplier(CephContext* const cct,
                RGWRados* const store,
                acl_strategy_t&& extra_acl_strategy,
-                const AuthInfo& info)
+                const AuthInfo& info,
+                const bool implicit_tenants)
    : cct(cct),
      store(store),
      extra_acl_strategy(std::move(extra_acl_strategy)),
-      info(info) {
+      info(info),
+      implicit_tenants(implicit_tenants) {
  }

  uint32_t get_perms_from_aclspec(const aclspec_t& aclspec) const override;
--- a/src/rgw/rgw_auth_s3.h
+++ b/src/rgw/rgw_auth_s3.h
@ -37,7 +37,8 @@ class ExternalAuthStrategy : public rgw::auth::Strategy,
                             const rgw::auth::RemoteApplier::AuthInfo info
                            ) const override {
    auto apl = rgw::auth::add_sysreq(cct, store, s,
-      rgw::auth::RemoteApplier(cct, store, std::move(acl_alg), info));
+      rgw::auth::RemoteApplier(cct, store, std::move(acl_alg), info,
+                               false /* no implicit tenants */));
    /* TODO(rzarzynski): replace with static_ptr. */
    return aplptr_t(new decltype(apl)(std::move(apl)));
  }
--- a/src/rgw/rgw_rest_s3.h
+++ b/src/rgw/rgw_rest_s3.h
@ -787,7 +787,8 @@ public:
                             const rgw::auth::RemoteApplier::AuthInfo info
                            ) const override {
    return aplptr_t(
-      new rgw::auth::RemoteApplier(cct, store, std::move(acl_alg), info));
+      new rgw::auth::RemoteApplier(cct, store, std::move(acl_alg), info,
+                                   false /* no implicit tenants */));
  }

  aplptr_t create_apl_local(CephContext* const cct,
--- a/src/rgw/rgw_swift_auth.h
+++ b/src/rgw/rgw_swift_auth.h
@ -168,8 +168,8 @@ class DefaultStrategy : public rgw::auth::Strategy,
    auto apl = \
      rgw::auth::add_3rdparty(store, s->account_name,
        rgw::auth::add_sysreq(cct, store, s,
-          rgw::auth::RemoteApplier(cct, store, std::move(extra_acl_strategy),
-                                   info)));
+          rgw::auth::RemoteApplier(cct, store, std::move(extra_acl_strategy), info,
+                                   cct->_conf->rgw_keystone_implicit_tenants)));
    /* TODO(rzarzynski): replace with static_ptr. */
    return aplptr_t(new decltype(apl)(std::move(apl)));
  }