access-control: Save group permissions returned from backend

The backend permissions returned in stat for group is already masked
value. Use the xattr value

Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@gluster.com>

BUG: 3102 ()
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3102
Signed-off-by: Anand Avati <avati@gluster.com>

BUG: 3102 (Read calls go ahead even when the group has no permissions)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3102

2 files changed, 9 insertions, 2 deletions

diff --git a/xlators/system/posix-acl/src/posix-acl-xattr.c b/xlators/system/posix-acl/src/posix-acl-xattr.c
index a473c3666b3..aadb0ee2ab3 100644
--- a/xlators/system/posix-acl/src/posix-acl-xattr.c
+++ b/xlators/system/posix-acl/src/posix-acl-xattr.c
@@ -92,7 +92,6 @@ posix_acl_from_xattr (xlator_t *this, const char *xattr_buf, int xattr_size)
 
                 switch (ace->tag) {
                 case POSIX_ACL_USER_OBJ:
-                case POSIX_ACL_GROUP_OBJ:
                 case POSIX_ACL_MASK:
                 case POSIX_ACL_OTHER:
                         ace->id = POSIX_ACL_UNDEFINED_ID;
@@ -100,6 +99,7 @@ posix_acl_from_xattr (xlator_t *this, const char *xattr_buf, int xattr_size)
 
                 case POSIX_ACL_GROUP:
                 case POSIX_ACL_USER:
+                case POSIX_ACL_GROUP_OBJ:
                         ace->id = letoh32 (entry->id);
                         break;
 
diff --git a/xlators/system/posix-acl/src/posix-acl.c b/xlators/system/posix-acl/src/posix-acl.c
index 3cd8c4812c3..1c7ef573319 100644
--- a/xlators/system/posix-acl/src/posix-acl.c
+++ b/xlators/system/posix-acl/src/posix-acl.c
@@ -155,6 +155,7 @@ acl_permits (call_frame_t *frame, inode_t *inode, int want)
         int                     i = 0;
         int                     perm = 0;
         int                     found = 0;
+        int                     acl_present = 0;
 
         conf = frame->this->private;
 
@@ -173,6 +174,9 @@ acl_permits (call_frame_t *frame, inode_t *inode, int want)
 
         ace = acl->entries;
 
+        if (acl->count > 3)
+                acl_present = 1;
+        
         for (i = 0; i < acl->count; i++) {
                 switch (ace->tag) {
                 case POSIX_ACL_USER_OBJ:
@@ -186,7 +190,10 @@ acl_permits (call_frame_t *frame, inode_t *inode, int want)
                                 goto mask_check;
                         break;
                 case POSIX_ACL_GROUP_OBJ:
-                        perm = ((ctx->perm & S_IRWXG) >> 3);
+                        if (acl_present)
+                                perm = ace->perm;
+                        else
+                                perm = ((ctx->perm & S_IRWXG) >> 3);
                         if (frame_in_group (frame, ctx->gid)) {
                                 found = 1;
                                 if ((perm & want) == want)