From 7b8beecc8102fe26804ad150a46aab9efcd15929 Mon Sep 17 00:00:00 2001 From: Cody Maloney Date: Sat, 15 Jun 2019 10:11:10 -0700 Subject: [PATCH] Move lock to not surround pieces which don't use any internal members. (#7779) Previously the read/write lock applied both for gateway use cases as well the object store use case. Nothing from sys is touched or looked at in the gateway usecase though, so we don't need to lock. Don't lock to make the gateway policy getting a little more efficient, particularly as where this is called from (checkRequestAuthType) is quite common. --- cmd/policy.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/policy.go b/cmd/policy.go index e5f7230dc..5671e086f 100644 --- a/cmd/policy.go +++ b/cmd/policy.go @@ -85,9 +85,6 @@ func (sys *PolicySys) Remove(bucketName string) { // IsAllowed - checks given policy args is allowed to continue the Rest API. func (sys *PolicySys) IsAllowed(args policy.Args) bool { - sys.RLock() - defer sys.RUnlock() - if globalIsGateway { // When gateway is enabled, no cached value // is used to validate bucket policies. @@ -99,6 +96,9 @@ func (sys *PolicySys) IsAllowed(args policy.Args) bool { } } } else { + sys.RLock() + defer sys.RUnlock() + // If policy is available for given bucket, check the policy. if p, found := sys.bucketPolicyMap[args.BucketName]; found { return p.IsAllowed(args)