Skip to content

Commit

Permalink
rgw: cleanup for RGWDeleteObj::verify_permission()
Browse files Browse the repository at this point in the history 
- if the 'Effect' field of user policy and bucket policy
  is set to 'Allow', RGWDeleteObj::verify_permission()
  should return 0 instead of true;

- as the same with bucket policy, if the 'Effect' field
  of user policy is set to 'Deny', RGWDeleteObj::verify_permission()
  should return -EACCES instead of false;

Signed-off-by: Enming.Zhang <zvampirem77@gmail.com>
(cherry picked from commit 8633464)

Conflicts:
	src/rgw/rgw_op.cc : Resolved in verify_permission
  • Loading branch information
@ZVampirEM77
ZVampirEM77 authored and Prashant D committed Feb 6, 2019
1 parent 3874b20 commit 2a13868
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/rgw/rgw_op.cc
View file
Expand Up @@ -4238,7 +4238,7 @@ int RGWDeleteObj::verify_permission()
rgw::IAM::s3DeleteObjectVersion,
ARN(s->bucket, s->object.name));
if (r == Effect::Allow)
return true;
return 0;
else if (r == Effect::Deny)
return -EACCES;
}
Expand Down

0 comments on commit 2a13868

Please sign in to comment.