access-control: Allow Writes/Reads to proceed without perm checks

a. We expect that when the fds are opened through FUSE, thats when the
perm checks happen, depending on the read/write mode used.

b. In case of nfs clients, we expect the nfs clients to perform the checks
based on getattr/access nfs requests.

Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
Signed-off-by: Anand V. Avati <avati@dev.gluster.com>

BUG: 2058 (posix permission compliance error)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2058

1 files changed, 12 insertions, 0 deletions

diff --git a/xlators/features/access-control/src/access-control.c b/xlators/features/access-control/src/access-control.c
index 7fb0651215c..802d7cf6f7f 100644
--- a/xlators/features/access-control/src/access-control.c
+++ b/xlators/features/access-control/src/access-control.c
@@ -1823,8 +1823,20 @@ struct xlator_fops fops = {
         .link           = ac_link,
         .create         = ac_create,
         .open           = ac_open,
+/*
+ * Allow Writes and Reads to proceed without permission checks because:
+ * a. We expect that when the fds are opened, thats when the perm checks happen
+ * depending on the read/write mode used.
+ *
+ * b. In case of nfs clients, we expect the nfs clients to perform the checks
+ * based on getattr/access nfs requests.
+ *
+ * Keep these functions around in case we ever run into a nfs client that
+ * depends on nfs server to perform these checks. Till then, just remove the
+ * references from here instead.
         .readv          = ac_readv,
         .writev         = ac_writev,
+*/
         .opendir        = ac_opendir,
         .setattr        = ac_setattr,
         .fsetattr       = ac_fsetattr,