rgw: add a method to purge all associate keys when removing a subuser #6002
Conversation
|
@yehudasa Need your review please.
|
|
@Sandy4999 I don't like the whole state changing scheme, can we change the underlying methods or add a method down at RGWUser that will just do it for us without the need to set and re-set the state? |
SandyXSD
changed the title
|
@yehudasa I add a method for RGWAccessKeyPool to do the purging keys. Please take a look at this, thank you |
|
@yehudasa Can you please review the changes? Thanks. |
|
@yehudasa I have added the check to make sure user info is populated and subuser is specified, and also the defer parameter. Moreover, I corrected the way to remove the swift key as it requires 'user:subuser' format index. Please review, thank you! |
|
@yehudasa Could you provide a bit more detailed explanation about this parameter? Thank you! |
|
@Sandy4999 this parameter is used when we want to stage changes, but not apply them immediately |
Fixes: ceph#12890 When removing a subuser, make sure all of its keys, including the swift key and possible s3 keys, are also deleted. Signed-off-by: Sangdi Xu <xu.sangdi@h3c.com>
| user->keys.remove(op_state, &subprocess_msg, true); | ||
| } | ||
| // always purge all associate keys | ||
| user->keys.remove_subuser_keys(op_state, &subprocess_msg, defer_user_update); |
There was a problem hiding this comment.
@yehudasa Okay, I have modified the third parameter to be defer_user_update, not always true. Please take a look at it, thank you!
rgw: add a method to purge all associate keys when removing a subuser Reviewed-by: Yehuda Sadeh <yehuda@redhat.com>
Fixes: #12890
When removing a subuser, make sure all of its keys, including the swift key and possible s3 keys, are also deleted.
Signed-off-by: Sangdi Xu xu.sangdi@h3c.com