Actions
Bug #19290
openradosgw/swift hammer acl weirdness
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
In ceph hammer, setting a swift acl with an invalid user results in puzzling behavior. The user is silently deleted from the acl. No error is sent back to the client. If valid users are also supplied in the acl, they are recorded properly.
In master, this behavior does not occur. 2 new lines are added in rgw_acl_swift.cc add_grants() after the comment "/* skipping silently */", "grant.set_canon(user, std::string(), perm);" and "acl.add_grant(&grant);".
Hammer probably needs something like this code if we want it to behave the same. Questions that should be resolved to make this change useful -- does swift allow setting invalid users like this? If the users are created after the acl is set, do they gain access?
Actions