RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-01-04 02:02:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

rgw: better tenant id from the uri on anonymous access

Browse Source 
When anonymous tries access public bucket, it gets 404,
because rgw doesn't check tenant correctly.

A previous fix for this broke legacy implicit tenants,
because it didn't check for anonymous access.  This version
restricts its behavior to the anonymous user.

Fixes: https://tracker.ceph.com/issues/48001 https://tracker.ceph.com/issues/48382

Original fix by
Author: Rafał Wądołowski <rafal@rafal.net.pl>
Signed-off-by: Rafał Wądołowski <rwadolowski@cloudferro.com>

This fix
Signed-off-by: Marcus Watts <mwatts@redhat.com>
This commit is contained in:
Marcus Watts 2022-07-07 03:33:31 -04:00
parent b76b6ea168
commit b5880caa50
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/rgw/rgw_rest_swift.cc
View File

@ -2805,7 +2805,12 @@ int RGWHandler_REST_SWIFT::postauth_init(optional_yield y)
struct req_init_state* t = &s->init_state;
/* XXX Stub this until Swift Auth sets account into URL. */
s->bucket_tenant = s->user->get_tenant();
if (g_conf()->rgw_swift_account_in_url
&& s->user->get_id().id == RGW_USER_ANON_ID) {
s->bucket_tenant = s->account_name;
} else {
s->bucket_tenant = s->user->get_tenant();
}
s->bucket_name = t->url_bucket;
if (!s->object) {