Merge pull request #14307 from adamemerson/wip-sts-authorization
common: Add make_unique
submodule: Tencent's RapidJSON library
common: Add ISO-8601 Date Support
rgw: Add is_identity to AuthApplier class
rgw: Move globbing flags to header
buffer: Make the use of static areas more convenient
rgw: Add basic support for IAM policies
rgw: Build bucket permission and environment in req_state
rgw: Verify policies as WELL as ACLs
rgw: RESTful bucket policy ops
rgw: Write documentation for bucket policies
Reviewed-By: Casey Bodley <cbodley@redhat.com>
Reviewed-By: Radoslaw Zarzynski <rzarzynski@mirantis.com>
Reviewed-By: Kefu Chai <kchai@redhat.com>
Only hook into object/bucket checks for now. Once we have STS (giving
us Roles) or User/Group policies it will make sense to hook into
those, too.
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
Make three wrapper functions to tidy up the process of making a
bufferlist holding a single static buffer.
The lack of any decent handling of const in buffer::list makes me wax
wroth, but it's a bit much to fix right now.
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
Eventually this will allow us to match all authentication information
against all specified principals in a policy.
Right now it handles users and wildcards.
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
This is a high performance, MIT licensed JSON parsing library. It
provides a SAX interface so that I can compile an S3 policy without
building up a JSONObject tree in the middle that gets thrown away.
Signed-off-by: Adam C. Emerson <aemerson@redhat.com>
Follow-on to d7e6e8d60309e4800389b36f786b633d0ca2ec07; we need to
make sure the client gets the updated osdmap.
Fixes: http://tracker.ceph.com/issues/19963
Signed-off-by: Sage Weil <sage@redhat.com>
because include/types.h has a 'using namespace std', the call to
::swap() had previously been selecting overloads from namespace std. but
once any other swap() functions are present in the global namespace,
argument-dependent lookup [1] will not consider those from std
for example, when common/sstring.hh has been included, its global swap()
function is the only overload considered, so calls to ::swap() result in
errors like this:
/home/cbodley/ceph/src/osd/osd_types.h: In member function ‘void ObjectModDesc::swap(ObjectModDesc&)’:
/home/cbodley/ceph/src/osd/osd_types.h:3135:56: error: no matching function for call to ‘swap(bool&, bool&)’
::swap(other.can_local_rollback, can_local_rollback);
^
/home/cbodley/ceph/src/common/sstring.hh:589:6: note: candidate: template<class char_type, class size_type, size_type max_size> void swap(basic_sstring<char_type, size_type, Max>&, basic_sstring<char_type, size_type, Max>&)
void swap(basic_sstring<char_type, size_type, max_size>& x,
^
/home/cbodley/ceph/src/common/sstring.hh:589:6: note: template argument deduction/substitution failed:
/home/cbodley/ceph/src/osd/osd_types.h:3135:56: note: mismatched types ‘basic_sstring<char_type, size_type, Max>’ and ‘bool’
::swap(other.can_local_rollback, can_local_rollback);
adding a `using std::swap;` to the calling scope and removing :: from
the call to `swap()` allows argument-dependent lookup to resolve the
overloads in both namespaces
[1] http://en.cppreference.com/w/cpp/language/adl
Signed-off-by: Casey Bodley <cbodley@redhat.com>
The new fs setting standby_count_wanted is only avialable in luminous. Upgrade
tests were tripping on this.
Fixes: http://tracker.ceph.com/issues/19934
Signed-off-by: Patrick Donnelly <pdonnell@redhat.com>
1- encode into a sized buffer.
2- do not needlessly copy the set<> to a vector<> before encoding.
set<> and vector<> encode identically. Since we are converting from sorted
set<> to unsorted vector<>, the order doesn't change either.
Signed-off-by: Sage Weil <sage@redhat.com>
