commit 9d0162a793115d55dd11c40b619657db41fa9968
Author: Tim Burke <email address hidden>
Date: Tue May 29 16:37:42 2018 -0700
Make ACLs work with Unicode in user/account names
There were two separate complications:
- Account ACLs are stored as JSON, so they were getting deserialized
to Unicode. That's fine for ASCII names (as u'a' == b'a' under py2),
but not arbitrary Unicode (as u'\u1234' != u'\u1234'.encode('utf8')
for both py2 and py3). So, under py2, encode all account ACL members
as UTF-8.
- Container ACLs are stored as comma-separated values in a header, but
values may contain arbitrary characters including not only non-ASCII
Unicode but also commas and newlines. Fortunately, we have precedent
for using URL-encoding in headers to resolve this. See crypto,
symlink, dlo, versioned_writes, copy...
Reviewed: https:/ /review. openstack. org/571048 /git.openstack. org/cgit/ openstack/ swift/commit/ ?id=9d0162a7931 15d55dd11c40b61 9657db41fa9968
Committed: https:/
Submitter: Zuul
Branch: master
commit 9d0162a793115d5 5dd11c40b619657 db41fa9968
Author: Tim Burke <email address hidden>
Date: Tue May 29 16:37:42 2018 -0700
Make ACLs work with Unicode in user/account names
There were two separate complications:
- Account ACLs are stored as JSON, so they were getting deserialized .encode( 'utf8')
to Unicode. That's fine for ASCII names (as u'a' == b'a' under py2),
but not arbitrary Unicode (as u'\u1234' != u'\u1234'
for both py2 and py3). So, under py2, encode all account ACL members
as UTF-8.
- Container ACLs are stored as comma-separated values in a header, but
values may contain arbitrary characters including not only non-ASCII
Unicode but also commas and newlines. Fortunately, we have precedent
for using URL-encoding in headers to resolve this. See crypto,
symlink, dlo, versioned_writes, copy...
Change-Id: I37a97bb9d039a9 63c7cc57bd97876 d0ec2134cf1
Partial-Bug: 1774238