New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rgw: add a method to purge all associate keys when removing a subuser #6002
Conversation
@yehudasa Need your review please.
|
@Sandy4999 I don't like the whole state changing scheme, can we change the underlying methods or add a method down at RGWUser that will just do it for us without the need to set and re-set the state? |
@yehudasa I add a method for RGWAccessKeyPool to do the purging keys. Please take a look at this, thank you |
@yehudasa Can you please review the changes? Thanks. |
@yehudasa I have added the check to make sure user info is populated and subuser is specified, and also the defer parameter. Moreover, I corrected the way to remove the swift key as it requires 'user:subuser' format index. Please review, thank you! |
@yehudasa Could you provide a bit more detailed explanation about this parameter? Thank you! |
@Sandy4999 this parameter is used when we want to stage changes, but not apply them immediately |
Fixes: ceph#12890 When removing a subuser, make sure all of its keys, including the swift key and possible s3 keys, are also deleted. Signed-off-by: Sangdi Xu <xu.sangdi@h3c.com>
user->keys.remove(op_state, &subprocess_msg, true); | ||
} | ||
// always purge all associate keys | ||
user->keys.remove_subuser_keys(op_state, &subprocess_msg, defer_user_update); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@yehudasa Okay, I have modified the third parameter to be defer_user_update, not always true. Please take a look at it, thank you!
rgw: add a method to purge all associate keys when removing a subuser Reviewed-by: Yehuda Sadeh <yehuda@redhat.com>
Fixes: #12890
When removing a subuser, make sure all of its keys, including the swift key and possible s3 keys, are also deleted.
Signed-off-by: Sangdi Xu xu.sangdi@h3c.com