mon/MonCap: simplify rwx match logic

Make this a positive check instead of double negative.

Signed-off-by: Sage Weil <sage@inktank.com>

2 files changed, 14 insertions, 5 deletions

diff --git a/src/mon/MonCap.cc b/src/mon/MonCap.cc
index 1114ca3b9da..8e35b775247 100644
--- a/src/mon/MonCap.cc
+++ b/src/mon/MonCap.cc
@@ -261,15 +261,21 @@ bool MonCap::is_capable(CephContext *cct,
     if (cct)
       ldout(cct, 20) << " allow so far " << allow << ", doing grant " << *p << dendl;
 
-    if (p->is_allow_all())
+    if (p->is_allow_all()) {
+      if (cct)
+	ldout(cct, 20) << " allow all" << dendl;
       return true;
+    }
 
     // check enumerated caps
     allow = allow | p->get_allowed(cct, name, service, command, command_args);
-    if (!((op_may_read && !(allow & MON_CAP_R)) ||
-	  (op_may_write && !(allow & MON_CAP_W)) ||
-	  (op_may_exec && !(allow & MON_CAP_X))))
+    if ((!op_may_read || (allow & MON_CAP_R)) &&
+	(!op_may_write || (allow & MON_CAP_W)) &&
+	(!op_may_exec || (allow & MON_CAP_X))) {
+      if (cct)
+	ldout(cct, 20) << " match" << dendl;
       return true;
+    }
   }
   return false;
 }
diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 8b38adf449d..7e484e8db6b 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -1523,8 +1523,10 @@ bool Monitor::_allowed_command(MonSession *s, map<string, cmd_vartype>& cmd)
 {
   bool retval = false;
 
-  if (s->caps.is_allow_all())
+  if (s->caps.is_allow_all()) {
+    dout(10) << __func__ << " allow_all" << dendl;
     return true;
+  }
 
   string prefix;
   cmd_getval(g_ceph_context, cmd, "prefix", prefix);
@@ -1542,6 +1544,7 @@ bool Monitor::_allowed_command(MonSession *s, map<string, cmd_vartype>& cmd)
     retval = true; 
   }
 
+  dout(10) << __func__ << " = " << retval << dendl;
   return retval;
 }