Merge pull request ceph#65441 from linuxbox2/wip-72915

rgw: fix policy enforcement for GetObjectAttributes

Author: anrao19

src/rgw/rgw_op.cc

@@ -6235,10 +6235,7 @@ int RGWGetObjAttrs::verify_permission(optional_yield y)
       rgw_iam_add_objtags(this, s, has_s3_existing_tag, has_s3_resource_tag);
     }
 
-    /* XXXX the following conjunction should be &&--but iam_action2 is currently not
-     * hooked up and always fails (but should succeed if the requestor has READ
-     * acess to the object) */
-    perm = (verify_object_permission(this, s, iam_action1) || /* && */
+    perm = (verify_object_permission(this, s, iam_action1) &&
 	    verify_object_permission(this, s, iam_action2));
   }
 

src/rgw/rgw_op.h

@@ -2224,7 +2224,6 @@ class RGWGetHealthCheck : public RGWOp {
   }
 };
 
-
 class RGWDeleteMultiObj : public RGWOp {
   /**
    * Handles the deletion of an individual object and uses