summaryrefslogtreecommitdiffstats
path: root/src/rgw/rgw_rest_iam.cc
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
commit483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch)
treee5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/rgw/rgw_rest_iam.cc
parentInitial commit. (diff)
downloadceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.tar.xz
ceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.zip
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/rgw/rgw_rest_iam.cc')
-rw-r--r--src/rgw/rgw_rest_iam.cc147
1 files changed, 147 insertions, 0 deletions
diff --git a/src/rgw/rgw_rest_iam.cc b/src/rgw/rgw_rest_iam.cc
new file mode 100644
index 00000000..ef0e958d
--- /dev/null
+++ b/src/rgw/rgw_rest_iam.cc
@@ -0,0 +1,147 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+
+#include <boost/tokenizer.hpp>
+
+#include "rgw_rest.h"
+#include "rgw_rest_iam.h"
+
+#include "rgw_request.h"
+#include "rgw_process.h"
+
+#include "rgw_rest_role.h"
+#include "rgw_rest_user_policy.h"
+
+#define dout_context g_ceph_context
+#define dout_subsys ceph_subsys_rgw
+
+void RGWHandler_REST_IAM::rgw_iam_parse_input()
+{
+ if (post_body.size() > 0) {
+ ldout(s->cct, 10) << "Content of POST: " << post_body << dendl;
+
+ if (post_body.find("Action") != string::npos) {
+ boost::char_separator<char> sep("&");
+ boost::tokenizer<boost::char_separator<char>> tokens(post_body, sep);
+ for (const auto& t : tokens) {
+ auto pos = t.find("=");
+ if (pos != string::npos) {
+ std::string key = t.substr(0, pos);
+ std::string value = t.substr(pos + 1, t.size() - 1);
+ if (key == "AssumeRolePolicyDocument" || key == "Path" || key == "PolicyDocument") {
+ value = url_decode(value);
+ }
+ s->info.args.append(key, value);
+ }
+ }
+ }
+ }
+ auto payload_hash = rgw::auth::s3::calc_v4_payload_hash(post_body);
+ s->info.args.append("PayloadHash", payload_hash);
+}
+
+RGWOp *RGWHandler_REST_IAM::op_post()
+{
+ rgw_iam_parse_input();
+
+ if (s->info.args.exists("Action")) {
+ string action = s->info.args.get("Action");
+ if (action.compare("CreateRole") == 0)
+ return new RGWCreateRole;
+ if (action.compare("DeleteRole") == 0)
+ return new RGWDeleteRole;
+ if (action.compare("GetRole") == 0)
+ return new RGWGetRole;
+ if (action.compare("UpdateAssumeRolePolicy") == 0)
+ return new RGWModifyRole;
+ if (action.compare("ListRoles") == 0)
+ return new RGWListRoles;
+ if (action.compare("PutRolePolicy") == 0)
+ return new RGWPutRolePolicy;
+ if (action.compare("GetRolePolicy") == 0)
+ return new RGWGetRolePolicy;
+ if (action.compare("ListRolePolicies") == 0)
+ return new RGWListRolePolicies;
+ if (action.compare("DeleteRolePolicy") == 0)
+ return new RGWDeleteRolePolicy;
+ if (action.compare("PutUserPolicy") == 0)
+ return new RGWPutUserPolicy;
+ if (action.compare("GetUserPolicy") == 0)
+ return new RGWGetUserPolicy;
+ if (action.compare("ListUserPolicies") == 0)
+ return new RGWListUserPolicies;
+ if (action.compare("DeleteUserPolicy") == 0)
+ return new RGWDeleteUserPolicy;
+ }
+
+ return nullptr;
+}
+
+int RGWHandler_REST_IAM::init(RGWRados *store,
+ struct req_state *s,
+ rgw::io::BasicClient *cio)
+{
+ s->dialect = "iam";
+
+ if (int ret = RGWHandler_REST_IAM::init_from_header(s, RGW_FORMAT_XML, true); ret < 0) {
+ ldout(s->cct, 10) << "init_from_header returned err=" << ret << dendl;
+ return ret;
+ }
+
+ return RGWHandler_REST::init(store, s, cio);
+}
+
+int RGWHandler_REST_IAM::authorize(const DoutPrefixProvider* dpp)
+{
+ return RGW_Auth_S3::authorize(dpp, store, auth_registry, s);
+}
+
+int RGWHandler_REST_IAM::init_from_header(struct req_state* s,
+ int default_formatter,
+ bool configurable_format)
+{
+ string req;
+ string first;
+
+ s->prot_flags = RGW_REST_IAM;
+
+ const char *p, *req_name;
+ if (req_name = s->relative_uri.c_str(); *req_name == '?') {
+ p = req_name;
+ } else {
+ p = s->info.request_params.c_str();
+ }
+
+ s->info.args.set(p);
+ s->info.args.parse();
+
+ /* must be called after the args parsing */
+ if (int ret = allocate_formatter(s, default_formatter, configurable_format); ret < 0)
+ return ret;
+
+ if (*req_name != '/')
+ return 0;
+
+ req_name++;
+
+ if (!*req_name)
+ return 0;
+
+ req = req_name;
+ int pos = req.find('/');
+ if (pos >= 0) {
+ first = req.substr(0, pos);
+ } else {
+ first = req;
+ }
+
+ return 0;
+}
+
+RGWHandler_REST*
+RGWRESTMgr_IAM::get_handler(struct req_state* const s,
+ const rgw::auth::StrategyRegistry& auth_registry,
+ const std::string& frontend_prefix)
+{
+ return new RGWHandler_REST_IAM(auth_registry);
+}