Skip to content

Commit

Permalink
mon: add check_privileges function to OSDMon.
Browse files Browse the repository at this point in the history
  • Loading branch information
Greg Farnum committed Mar 8, 2010
1 parent 1b7119f commit 07df67f
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
10 changes: 10 additions & 0 deletions src/mon/OSDMonitor.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1386,3 +1386,13 @@ void OSDMonitor::_pool_op(MPoolOp *m, int replyCode, epoch_t epoch)
mon->send_reply(m, reply);
delete m;
}

//for now, this just checks against allow_all, auid equaling caps.auid,
//or auid being default public
bool OSDMonitor::check_privileges(__u64 auid, MonCaps& caps, int req_perm)
{
if (caps.allow_all) return true;
if (CEPH_AUTH_UID_DEFAULT == auid) return true;
if (auid == caps.auid) return true;
return false;
}
3 changes: 3 additions & 0 deletions src/mon/OSDMonitor.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@ class OSDMonitor : public PaxosService {
bool prepare_pool_op_delete(MPoolOp *m);
void _pool_op(MPoolOp *m, int replyCode, epoch_t epoch);

//check that the provided caps allow the given action in auid's name
bool check_privileges(__u64 auid, MonCaps& caps, int req_perm);

struct C_Booted : public Context {
OSDMonitor *cmon;
MOSDBoot *m;
Expand Down

0 comments on commit 07df67f

Please sign in to comment.