rgw: fix up the use of tenant before it's available

A big problem that cropped up with the multi-tenancy as it
went in was that it used tenant to initialize bucket names
before tenant was actually available by parsing a token.
Thus, although multi-tenancy worked, accessing anything across
tenants was actually impossible. This patch fixes that oversight.
Unfortunately, a new method postauth_init() was needed for it.

We also fix small bugs:

 - validate_tenant_name() used a proper-looking C++ but was
   incorrect. We simply use C for now, which may be not as
   pretty but is correct.

 - We now make a distinction between empty tenant syntax that
   means "the logged-in tenant" ("bucket") and the syntax
   that means "the legacy compatibility tenant with no name
   (":bucket").

 - We make rgw_make_bucket_entry_name() more robust against
   empty inputs. It's not used for work, but produces odd-looking
   debugging logs.

Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>

1 files changed, 9 insertions, 1 deletions

diff --git a/src/rgw/rgw_main.cc b/src/rgw/rgw_main.cc
index a19b462f3eb..3a4ad478e93 100644
--- a/src/rgw/rgw_main.cc
+++ b/src/rgw/rgw_main.cc
@@ -573,7 +573,7 @@ static int process_request(RGWRados *store, RGWREST *rest, RGWRequest *req, RGWC
 
   should_log = mgr->get_logging();
 
-  req->log(s, "getting op");
+  req->log_format(s, "getting op %d", s->op);
   op = handler->get_op(store);
   if (!op) {
     abort_early(s, NULL, -ERR_METHOD_NOT_ALLOWED);
@@ -589,6 +589,14 @@ static int process_request(RGWRados *store, RGWREST *rest, RGWRequest *req, RGWC
     goto done;
   }
 
+  req->log(s, "normalizing buckets and tenants");
+  ret = handler->postauth_init();
+  if (ret < 0) {
+    dout(10) << "failed to run post-auth init" << dendl;
+    abort_early(s, op, ret);
+    goto done;
+  }
+
   if (s->user.suspended) {
     dout(10) << "user is suspended, uid=" << s->user.user_id << dendl;
     abort_early(s, op, -ERR_USER_SUSPENDED);