Added LDAP Entities API (#2700)

This commit is contained in:
Alex
2023-03-10 09:16:29 -06:00
committed by GitHub
parent 5262c02a28
commit 4cceee8936
16 changed files with 1508 additions and 6 deletions

250
models/ldap_entities.go Normal file
View File

@@ -0,0 +1,250 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"strconv"
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapEntities ldap entities
//
// swagger:model ldapEntities
type LdapEntities struct {
// groups
Groups []*LdapGroupPolicyEntity `json:"groups"`
// policies
Policies []*LdapPolicyEntity `json:"policies"`
// timestamp
Timestamp string `json:"timestamp,omitempty"`
// users
Users []*LdapUserPolicyEntity `json:"users"`
}
// Validate validates this ldap entities
func (m *LdapEntities) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateGroups(formats); err != nil {
res = append(res, err)
}
if err := m.validatePolicies(formats); err != nil {
res = append(res, err)
}
if err := m.validateUsers(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *LdapEntities) validateGroups(formats strfmt.Registry) error {
if swag.IsZero(m.Groups) { // not required
return nil
}
for i := 0; i < len(m.Groups); i++ {
if swag.IsZero(m.Groups[i]) { // not required
continue
}
if m.Groups[i] != nil {
if err := m.Groups[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("groups" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("groups" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) validatePolicies(formats strfmt.Registry) error {
if swag.IsZero(m.Policies) { // not required
return nil
}
for i := 0; i < len(m.Policies); i++ {
if swag.IsZero(m.Policies[i]) { // not required
continue
}
if m.Policies[i] != nil {
if err := m.Policies[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("policies" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("policies" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) validateUsers(formats strfmt.Registry) error {
if swag.IsZero(m.Users) { // not required
return nil
}
for i := 0; i < len(m.Users); i++ {
if swag.IsZero(m.Users[i]) { // not required
continue
}
if m.Users[i] != nil {
if err := m.Users[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("users" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("users" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// ContextValidate validate this ldap entities based on the context it is used
func (m *LdapEntities) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
var res []error
if err := m.contextValidateGroups(ctx, formats); err != nil {
res = append(res, err)
}
if err := m.contextValidatePolicies(ctx, formats); err != nil {
res = append(res, err)
}
if err := m.contextValidateUsers(ctx, formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *LdapEntities) contextValidateGroups(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Groups); i++ {
if m.Groups[i] != nil {
if err := m.Groups[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("groups" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("groups" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) contextValidatePolicies(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Policies); i++ {
if m.Policies[i] != nil {
if err := m.Policies[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("policies" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("policies" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) contextValidateUsers(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Users); i++ {
if m.Users[i] != nil {
if err := m.Users[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("users" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("users" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// MarshalBinary interface implementation
func (m *LdapEntities) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapEntities) UnmarshalBinary(b []byte) error {
var res LdapEntities
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -0,0 +1,73 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapEntitiesRequest ldap entities request
//
// swagger:model ldapEntitiesRequest
type LdapEntitiesRequest struct {
// groups
Groups []string `json:"groups"`
// policies
Policies []string `json:"policies"`
// users
Users []string `json:"users"`
}
// Validate validates this ldap entities request
func (m *LdapEntitiesRequest) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap entities request based on context it is used
func (m *LdapEntitiesRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapEntitiesRequest) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapEntitiesRequest) UnmarshalBinary(b []byte) error {
var res LdapEntitiesRequest
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -0,0 +1,70 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapGroupPolicyEntity ldap group policy entity
//
// swagger:model ldapGroupPolicyEntity
type LdapGroupPolicyEntity struct {
// group
Group string `json:"group,omitempty"`
// policies
Policies []string `json:"policies"`
}
// Validate validates this ldap group policy entity
func (m *LdapGroupPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap group policy entity based on context it is used
func (m *LdapGroupPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapGroupPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapGroupPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapGroupPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -0,0 +1,73 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapPolicyEntity ldap policy entity
//
// swagger:model ldapPolicyEntity
type LdapPolicyEntity struct {
// groups
Groups []string `json:"groups"`
// policy
Policy string `json:"policy,omitempty"`
// users
Users []string `json:"users"`
}
// Validate validates this ldap policy entity
func (m *LdapPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap policy entity based on context it is used
func (m *LdapPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -0,0 +1,70 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapUserPolicyEntity ldap user policy entity
//
// swagger:model ldapUserPolicyEntity
type LdapUserPolicyEntity struct {
// policies
Policies []string `json:"policies"`
// user
User string `json:"user,omitempty"`
}
// Validate validates this ldap user policy entity
func (m *LdapUserPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap user policy entity based on context it is used
func (m *LdapUserPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapUserPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapUserPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapUserPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -85,6 +85,7 @@ var (
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
minioUpdateServiceAccountMock func(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error
minioGetLDAPPolicyEntitiesMock func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
)
func (ac AdminClientMock) serverInfo(ctx context.Context) (madmin.InfoMessage, error) {
@@ -391,3 +392,7 @@ func (ac AdminClientMock) infoServiceAccount(ctx context.Context, serviceAccount
func (ac AdminClientMock) updateServiceAccount(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error {
return minioUpdateServiceAccountMock(ctx, serviceAccount, opts)
}
func (ac AdminClientMock) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return minioGetLDAPPolicyEntitiesMock(ctx, query)
}

View File

@@ -20,6 +20,7 @@ package restapi
import (
"context"
"fmt"
"time"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
@@ -66,6 +67,13 @@ func registerIDPHandlers(api *operations.ConsoleAPI) {
}
return idp.NewGetConfigurationOK().WithPayload(response)
})
api.IdpGetLDAPEntitiesHandler = idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, session *models.Principal) middleware.Responder {
response, err := getLDAPEntitiesResponse(session, params)
if err != nil {
return idp.NewGetLDAPEntitiesDefault(int(err.Code)).WithPayload(err)
}
return idp.NewGetLDAPEntitiesOK().WithPayload(response)
})
}
func createIDPConfigurationResponse(session *models.Principal, params idp.CreateConfigurationParams) (*models.SetIDPResponse, *models.Error) {
@@ -208,3 +216,73 @@ func parseIDPConfigurationsInfo(infoList []madmin.IDPCfgInfo) (results []*models
}
return results
}
func getLDAPEntitiesResponse(session *models.Principal, params idp.GetLDAPEntitiesParams) (*models.LdapEntities, *models.Error) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel()
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
result, err := getEntitiesResult(ctx, AdminClient{Client: mAdmin}, params.Body.Users, params.Body.Groups, params.Body.Policies)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
return result, nil
}
func getEntitiesResult(ctx context.Context, client MinioAdmin, users, groups, policies []string) (*models.LdapEntities, error) {
entities, err := client.getLDAPPolicyEntities(ctx, madmin.PolicyEntitiesQuery{
Users: users,
Groups: groups,
Policy: policies,
})
if err != nil {
return nil, err
}
var result models.LdapEntities
var usersEntity []*models.LdapUserPolicyEntity
var groupsEntity []*models.LdapGroupPolicyEntity
var policiesEntity []*models.LdapPolicyEntity
result.Timestamp = entities.Timestamp.Format(time.RFC3339)
for _, userMapping := range entities.UserMappings {
mapItem := models.LdapUserPolicyEntity{
User: userMapping.User,
Policies: userMapping.Policies,
}
usersEntity = append(usersEntity, &mapItem)
}
result.Users = usersEntity
for _, groupsMapping := range entities.GroupMappings {
mapItem := models.LdapGroupPolicyEntity{
Group: groupsMapping.Group,
Policies: groupsMapping.Policies,
}
groupsEntity = append(groupsEntity, &mapItem)
}
result.Groups = groupsEntity
for _, policyMapping := range entities.PolicyMappings {
mapItem := models.LdapPolicyEntity{
Policy: policyMapping.Policy,
Users: policyMapping.Users,
Groups: policyMapping.Groups,
}
policiesEntity = append(policiesEntity, &mapItem)
}
result.Policies = policiesEntity
return &result, nil
}

View File

@@ -18,11 +18,15 @@ package restapi
import (
"context"
"errors"
"fmt"
"net/http"
"net/http/httptest"
"os"
"testing"
"github.com/minio/madmin-go/v2"
"github.com/minio/console/models"
"github.com/minio/console/restapi/operations"
"github.com/minio/console/restapi/operations/idp"
@@ -232,3 +236,84 @@ func (suite *IDPTestSuite) TestGetIDPConfigurationWithWrongType() {
func TestIDP(t *testing.T) {
suite.Run(t, new(IDPTestSuite))
}
func TestGetEntitiesResult(t *testing.T) {
assert := assert.New(t)
// mock minIO client
client := AdminClientMock{}
function := "getEntitiesResult()"
usersList := []string{"user1", "user2", "user3"}
policiesList := []string{"policy1", "policy2", "policy3"}
groupsList := []string{"group1", "group3", "group5"}
policyMap := []madmin.PolicyEntities{
{Policy: "testPolicy0", Groups: groupsList, Users: usersList},
{Policy: "testPolicy1", Groups: groupsList, Users: usersList},
}
usersMap := []madmin.UserPolicyEntities{
{User: "testUser0", Policies: policiesList},
{User: "testUser1", Policies: policiesList},
}
groupsMap := []madmin.GroupPolicyEntities{
{Group: "group0", Policies: policiesList},
{Group: "group1", Policies: policiesList},
}
// Test-1: getEntitiesResult list all information provided
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
mockResponse := madmin.PolicyEntitiesResult{
PolicyMappings: policyMap,
GroupMappings: groupsMap,
UserMappings: usersMap,
}
minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return mockResponse, nil
}
entities, err := getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
if err != nil {
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
}
for i, groupIt := range entities.Groups {
assert.Equal(fmt.Sprintf("group%d", i), groupIt.Group)
for i, polItm := range groupIt.Policies {
assert.Equal(policiesList[i], polItm)
}
}
for i, usrIt := range entities.Users {
assert.Equal(fmt.Sprintf("testUser%d", i), usrIt.User)
for i, polItm := range usrIt.Policies {
assert.Equal(policiesList[i], polItm)
}
}
for i, policyIt := range entities.Policies {
assert.Equal(fmt.Sprintf("testPolicy%d", i), policyIt.Policy)
for i, userItm := range policyIt.Users {
assert.Equal(usersList[i], userItm)
}
for i, grItm := range policyIt.Groups {
assert.Equal(groupsList[i], grItm)
}
}
// Test-2: getEntitiesResult error is returned from getLDAPPolicyEntities()
minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return madmin.PolicyEntitiesResult{}, errors.New("error")
}
_, err = getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
if assert.Error(err) {
assert.Equal("error", err.Error())
}
}

View File

@@ -157,6 +157,9 @@ type MinioAdmin interface {
listIDPConfig(ctx context.Context, idpType string) ([]madmin.IDPListItem, error)
deleteIDPConfig(ctx context.Context, idpType, cfgName string) (restart bool, err error)
getIDPConfig(ctx context.Context, cfgType, cfgName string) (c madmin.IDPConfig, err error)
// LDAP
getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
}
// Interface implementation
@@ -725,3 +728,7 @@ func (ac AdminClient) deleteIDPConfig(ctx context.Context, idpType, cfgName stri
func (ac AdminClient) getIDPConfig(ctx context.Context, idpType, cfgName string) (c madmin.IDPConfig, err error) {
return ac.Client.GetIDPConfig(ctx, idpType, cfgName)
}
func (ac AdminClient) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return ac.Client.GetLDAPPolicyEntities(ctx, query)
}

View File

@@ -3620,6 +3620,39 @@ func init() {
}
}
},
"/ldap-entities": {
"post": {
"tags": [
"idp"
],
"summary": "Get LDAP Entities",
"operationId": "GetLDAPEntities",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ldapEntitiesRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/ldapEntities"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/list-external-buckets": {
"post": {
"tags": [
@@ -6668,6 +6701,103 @@ func init() {
}
}
},
"ldapEntities": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapGroupPolicyEntity"
}
},
"policies": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapPolicyEntity"
}
},
"timestamp": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapUserPolicyEntity"
}
}
}
},
"ldapEntitiesRequest": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapGroupPolicyEntity": {
"type": "object",
"properties": {
"group": {
"type": "string"
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapPolicyEntity": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policy": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapUserPolicyEntity": {
"type": "object",
"properties": {
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"user": {
"type": "string"
}
}
},
"license": {
"type": "object",
"properties": {
@@ -12475,6 +12605,39 @@ func init() {
}
}
},
"/ldap-entities": {
"post": {
"tags": [
"idp"
],
"summary": "Get LDAP Entities",
"operationId": "GetLDAPEntities",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ldapEntitiesRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/ldapEntities"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/list-external-buckets": {
"post": {
"tags": [
@@ -15652,6 +15815,103 @@ func init() {
}
}
},
"ldapEntities": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapGroupPolicyEntity"
}
},
"policies": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapPolicyEntity"
}
},
"timestamp": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapUserPolicyEntity"
}
}
}
},
"ldapEntitiesRequest": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapGroupPolicyEntity": {
"type": "object",
"properties": {
"group": {
"type": "string"
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapPolicyEntity": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policy": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapUserPolicyEntity": {
"type": "object",
"properties": {
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"user": {
"type": "string"
}
}
},
"license": {
"type": "object",
"properties": {

View File

@@ -253,6 +253,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
IdpGetConfigurationHandler: idp.GetConfigurationHandlerFunc(func(params idp.GetConfigurationParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation idp.GetConfiguration has not yet been implemented")
}),
IdpGetLDAPEntitiesHandler: idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation idp.GetLDAPEntities has not yet been implemented")
}),
ObjectGetObjectMetadataHandler: object.GetObjectMetadataHandlerFunc(func(params object.GetObjectMetadataParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation object.GetObjectMetadata has not yet been implemented")
}),
@@ -726,6 +729,8 @@ type ConsoleAPI struct {
SupportGetCallHomeOptionValueHandler support.GetCallHomeOptionValueHandler
// IdpGetConfigurationHandler sets the operation handler for the get configuration operation
IdpGetConfigurationHandler idp.GetConfigurationHandler
// IdpGetLDAPEntitiesHandler sets the operation handler for the get l d a p entities operation
IdpGetLDAPEntitiesHandler idp.GetLDAPEntitiesHandler
// ObjectGetObjectMetadataHandler sets the operation handler for the get object metadata operation
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
@@ -1182,6 +1187,9 @@ func (o *ConsoleAPI) Validate() error {
if o.IdpGetConfigurationHandler == nil {
unregistered = append(unregistered, "idp.GetConfigurationHandler")
}
if o.IdpGetLDAPEntitiesHandler == nil {
unregistered = append(unregistered, "idp.GetLDAPEntitiesHandler")
}
if o.ObjectGetObjectMetadataHandler == nil {
unregistered = append(unregistered, "object.GetObjectMetadataHandler")
}
@@ -1809,6 +1817,10 @@ func (o *ConsoleAPI) initHandlerCache() {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/idp/{type}/{name}"] = idp.NewGetConfiguration(o.context, o.IdpGetConfigurationHandler)
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/ldap-entities"] = idp.NewGetLDAPEntities(o.context, o.IdpGetLDAPEntitiesHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}

View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// GetLDAPEntitiesHandlerFunc turns a function with the right signature into a get l d a p entities handler
type GetLDAPEntitiesHandlerFunc func(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn GetLDAPEntitiesHandlerFunc) Handle(params GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// GetLDAPEntitiesHandler interface for that can handle valid get l d a p entities params
type GetLDAPEntitiesHandler interface {
Handle(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
}
// NewGetLDAPEntities creates a new http.Handler for the get l d a p entities operation
func NewGetLDAPEntities(ctx *middleware.Context, handler GetLDAPEntitiesHandler) *GetLDAPEntities {
return &GetLDAPEntities{Context: ctx, Handler: handler}
}
/*
GetLDAPEntities swagger:route POST /ldap-entities idp getLDAPEntities
Get LDAP Entities
*/
type GetLDAPEntities struct {
Context *middleware.Context
Handler GetLDAPEntitiesHandler
}
func (o *GetLDAPEntities) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewGetLDAPEntitiesParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

View File

@@ -0,0 +1,101 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"io"
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/validate"
"github.com/minio/console/models"
)
// NewGetLDAPEntitiesParams creates a new GetLDAPEntitiesParams object
//
// There are no default values defined in the spec.
func NewGetLDAPEntitiesParams() GetLDAPEntitiesParams {
return GetLDAPEntitiesParams{}
}
// GetLDAPEntitiesParams contains all the bound params for the get l d a p entities operation
// typically these are obtained from a http.Request
//
// swagger:parameters GetLDAPEntities
type GetLDAPEntitiesParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: body
*/
Body *models.LdapEntitiesRequest
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewGetLDAPEntitiesParams() beforehand.
func (o *GetLDAPEntitiesParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if runtime.HasBody(r) {
defer r.Body.Close()
var body models.LdapEntitiesRequest
if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF {
res = append(res, errors.Required("body", "body", ""))
} else {
res = append(res, errors.NewParseError("body", "body", "", err))
}
} else {
// validate body object
if err := body.Validate(route.Formats); err != nil {
res = append(res, err)
}
ctx := validate.WithOperationRequest(r.Context())
if err := body.ContextValidate(ctx, route.Formats); err != nil {
res = append(res, err)
}
if len(res) == 0 {
o.Body = &body
}
}
} else {
res = append(res, errors.Required("body", "body", ""))
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

View File

@@ -0,0 +1,135 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetLDAPEntitiesOKCode is the HTTP code returned for type GetLDAPEntitiesOK
const GetLDAPEntitiesOKCode int = 200
/*
GetLDAPEntitiesOK A successful response.
swagger:response getLDAPEntitiesOK
*/
type GetLDAPEntitiesOK struct {
/*
In: Body
*/
Payload *models.LdapEntities `json:"body,omitempty"`
}
// NewGetLDAPEntitiesOK creates GetLDAPEntitiesOK with default headers values
func NewGetLDAPEntitiesOK() *GetLDAPEntitiesOK {
return &GetLDAPEntitiesOK{}
}
// WithPayload adds the payload to the get l d a p entities o k response
func (o *GetLDAPEntitiesOK) WithPayload(payload *models.LdapEntities) *GetLDAPEntitiesOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get l d a p entities o k response
func (o *GetLDAPEntitiesOK) SetPayload(payload *models.LdapEntities) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetLDAPEntitiesOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*
GetLDAPEntitiesDefault Generic error response.
swagger:response getLDAPEntitiesDefault
*/
type GetLDAPEntitiesDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewGetLDAPEntitiesDefault creates GetLDAPEntitiesDefault with default headers values
func NewGetLDAPEntitiesDefault(code int) *GetLDAPEntitiesDefault {
if code <= 0 {
code = 500
}
return &GetLDAPEntitiesDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) WithStatusCode(code int) *GetLDAPEntitiesDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) WithPayload(payload *models.Error) *GetLDAPEntitiesDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetLDAPEntitiesDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// GetLDAPEntitiesURL generates an URL for the get l d a p entities operation
type GetLDAPEntitiesURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetLDAPEntitiesURL) WithBasePath(bp string) *GetLDAPEntitiesURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetLDAPEntitiesURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *GetLDAPEntitiesURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/ldap-entities"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *GetLDAPEntitiesURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *GetLDAPEntitiesURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *GetLDAPEntitiesURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on GetLDAPEntitiesURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on GetLDAPEntitiesURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *GetLDAPEntitiesURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

View File

@@ -3452,6 +3452,29 @@ paths:
$ref: "#/definitions/error"
tags:
- idp
/ldap-entities:
post:
summary: Get LDAP Entities
operationId: GetLDAPEntities
parameters:
- name: body
in: body
required: true
schema:
$ref: "#/definitions/ldapEntitiesRequest"
responses:
200:
description: A successful response.
schema:
$ref: "#/definitions/ldapEntities"
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- idp
/releases:
get:
summary: Get repo releases for a given version
@@ -6049,3 +6072,71 @@ definitions:
type: boolean
logsState:
type: boolean
ldapEntitiesRequest:
type: object
properties:
users:
type: array
items:
type: string
groups:
type: array
items:
type: string
policies:
type: array
items:
type: string
ldapEntities:
type: object
properties:
timestamp:
type: string
users:
type: array
items:
$ref: "#/definitions/ldapUserPolicyEntity"
groups:
type: array
items:
$ref: "#/definitions/ldapGroupPolicyEntity"
policies:
type: array
items:
$ref: "#/definitions/ldapPolicyEntity"
ldapUserPolicyEntity:
type: object
properties:
user:
type: string
policies:
type: array
items:
type: string
ldapGroupPolicyEntity:
type: object
properties:
group:
type: string
policies:
type: array
items:
type: string
ldapPolicyEntity:
type: object
properties:
policy:
type: string
users:
type: array
items:
type: string
groups:
type: array
items:
type: string