rgw/sts: code for aws:TagKeys to be used as Condition

element of a role's trust and permission policy.

This also includes implementation of ForAnyValue and
ForAllValues to be used in conjunction with
StringLike, StringEquals and StringEqualsIgnoreCase
which are used alongwith aws:TagKeys.

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>

1 files changed, 17 insertions, 0 deletions

diff --git a/src/rgw/rgw_iam_policy.h b/src/rgw/rgw_iam_policy.h
index 84dce04cf24..4a0f8f3b30f 100644
--- a/src/rgw/rgw_iam_policy.h
+++ b/src/rgw/rgw_iam_policy.h
@@ -391,6 +391,23 @@ struct Condition {
   };
 
   using unordered_multimap_it_pair = std::pair <std::unordered_multimap<std::string,std::string>::const_iterator, std::unordered_multimap<std::string,std::string>::const_iterator>;
+
+  template<typename F>
+  static bool andible(F&& f, const unordered_multimap_it_pair& it,
+		      const std::vector<std::string>& v) {
+    for (auto itr = it.first; itr != it.second; itr++) {
+      bool matched = false;
+      for (const auto& d : v) {
+        if (std::forward<F>(f)(itr->second, d)) {
+	        matched = true;
+      }
+     }
+     if (!matched)
+      return false;
+    }
+    return true;
+  }
+
   template<typename F>
   static bool orrible(F&& f, const unordered_multimap_it_pair& it,
 		      const std::vector<std::string>& v) {