rgw/sts: replacing load_stats with list_buckets

pritha-srivastava · pritha-srivastava · commit c834352cc706 · 2025-02-14T10:03:24.000+05:30
to correctly create a federated user in oidc namespace. The idea was to check if the federated user had any buckets associated with it from the time when the logic for creating a shadow user was not in place, and this was done by calling read_stats which returned -ENOENT when the user did not exist, which was erroneously interpreted as buckets not existing for the user - but this logic correctly led to creation of user in oidc namespace. Later read_stats() was replaced by load_stats() and load_stats() does not return -ENOENT when a user does not exist, hence according to the code, the federated user was not getting created in 'oidc' namespace. Hence replaced load_stats() with list_buckets() and corrected the code to create a user in oidc namespace if the user did not own any bucket. Fixes: https://tracker.ceph.com/issues/69924 Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
diff --git a/src/rgw/rgw_auth.cc b/src/rgw/rgw_auth.cc
@@ -672,16 +672,18 @@ auto rgw::auth::WebIdentityApplier::load_acct_info(const DoutPrefixProvider* dpp
   }
 
   //Check if user_id.buckets already exists, may have been from the time, when shadow users didnt exist
-  RGWStorageStats stats;
-  ceph::real_time last_synced;
-  ceph::real_time last_updated;
-  int ret = driver->load_stats(dpp, null_yield, federated_user, stats,
-                               last_synced, last_updated);
-  if (ret < 0 && ret != -ENOENT) {
-    ldpp_dout(dpp, 0) << "ERROR: reading stats for the user returned error " << ret << dendl;
+  federated_user.ns = "";
+  constexpr bool need_stats = false;
+  const std::string marker; // empty
+  constexpr uint32_t max_items = 1;
+  rgw::sal::BucketList buckets;
+  auto ret = driver->list_buckets(dpp, federated_user, federated_user.tenant, marker, marker,
+                             max_items, need_stats, buckets, null_yield);
+  if (ret < 0) {
+    ldpp_dout(dpp, 0) << "ERROR: list buckets for the user returned error " << ret << dendl;
     return user;
   }
-  if (ret == -ENOENT) { /* in case of ENOENT, which means user doesnt have buckets */
+  if (buckets.buckets.empty()) { /* no buckets */
     //In this case user will be created in oidc namespace
     ldpp_dout(dpp, 5) << "NOTICE: incoming user has no buckets " << federated_user << dendl;
     federated_user.ns = "oidc";
