From 21b3f1af98d34df6e56fcd2320615bdd2c3404bf Mon Sep 17 00:00:00 2001
From: Tim Burke <tim.burke@gmail.com>
Date: Fri, 14 Oct 2022 15:34:41 -0700
Subject: [PATCH] quotas: Move account-level handling to a separate function

Change-Id: I1ab7376b5e68a3deaad5aca113ad55bde00b2238
---
 swift/common/middleware/account_quotas.py | 47 +++++++++++++----------
 1 file changed, 26 insertions(+), 21 deletions(-)

diff --git a/swift/common/middleware/account_quotas.py b/swift/common/middleware/account_quotas.py
index cd41e34dae..cc2792fd42 100644
--- a/swift/common/middleware/account_quotas.py
+++ b/swift/common/middleware/account_quotas.py
@@ -67,6 +67,24 @@ class AccountQuotaMiddleware(object):
     def __init__(self, app, *args, **kwargs):
         self.app = app
 
+    def handle_account(self, request):
+        # account request, so we pay attention to the quotas
+        new_quota = request.headers.get(
+            'X-Account-Meta-Quota-Bytes')
+        if request.headers.get(
+                'X-Remove-Account-Meta-Quota-Bytes'):
+            new_quota = 0    # X-Remove dominates if both are present
+
+        if request.environ.get('reseller_request') is True:
+            if new_quota and not new_quota.isdigit():
+                return HTTPBadRequest()
+            return self.app
+
+        # deny quota set for non-reseller
+        if new_quota is not None:
+            return HTTPForbidden()
+        return self.app
+
     @wsgify
     def __call__(self, request):
 
@@ -80,30 +98,17 @@ class AccountQuotaMiddleware(object):
             return self.app
 
         if not container:
-            # account request, so we pay attention to the quotas
-            new_quota = request.headers.get(
-                'X-Account-Meta-Quota-Bytes')
-            remove_quota = request.headers.get(
-                'X-Remove-Account-Meta-Quota-Bytes')
-        else:
-            # container or object request; even if the quota headers are set
-            # in the request, they're meaningless
-            new_quota = remove_quota = None
-
-        if remove_quota:
-            new_quota = 0    # X-Remove dominates if both are present
-
-        if request.environ.get('reseller_request') is True:
-            if new_quota and not new_quota.isdigit():
-                return HTTPBadRequest()
-            return self.app
-
-        # deny quota set for non-reseller
-        if new_quota is not None:
-            return HTTPForbidden()
+            return self.handle_account(request)
+        # container or object request; even if the quota headers are set
+        # in the request, they're meaningless
 
         if request.method == "POST" or not obj:
             return self.app
+        # OK, object PUT
+
+        if request.environ.get('reseller_request') is True:
+            # but resellers aren't constrained by quotas :-)
+            return self.app
 
         content_length = (request.content_length or 0)