mirror of
https://github.com/OpenMaxIO/openmaxio-object-browser
synced 2026-07-01 07:41:18 -07:00
access keys ui details improvement and edit (#3116)
This commit is contained in:
committed by
GitHub
parent
04e9cb0ac8
commit
e4d5f9610e
@@ -28,7 +28,6 @@ import (
|
|||||||
|
|
||||||
"github.com/go-openapi/swag"
|
"github.com/go-openapi/swag"
|
||||||
|
|
||||||
iampolicy "github.com/minio/pkg/v2/policy"
|
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -52,6 +51,21 @@ func TestAddServiceAccount(t *testing.T) {
|
|||||||
requestDataAddServiceAccount := map[string]interface{}{
|
requestDataAddServiceAccount := map[string]interface{}{
|
||||||
"accessKey": "testuser1",
|
"accessKey": "testuser1",
|
||||||
"secretKey": "password",
|
"secretKey": "password",
|
||||||
|
"policy": `{
|
||||||
|
"Version": "2012-10-17",
|
||||||
|
"Statement": [
|
||||||
|
{
|
||||||
|
"Effect": "Allow",
|
||||||
|
"Action": [
|
||||||
|
"s3:GetBucketLocation",
|
||||||
|
"s3:GetObject"
|
||||||
|
],
|
||||||
|
"Resource": [
|
||||||
|
"arn:aws:s3:::*"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}`,
|
||||||
}
|
}
|
||||||
|
|
||||||
requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount)
|
requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount)
|
||||||
@@ -75,75 +89,6 @@ func TestAddServiceAccount(t *testing.T) {
|
|||||||
assert.Equal(201, response.StatusCode, "Status Code is incorrect")
|
assert.Equal(201, response.StatusCode, "Status Code is incorrect")
|
||||||
}
|
}
|
||||||
|
|
||||||
requestDataPolicy := map[string]interface{}{
|
|
||||||
"policy": `
|
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Action": [
|
|
||||||
"s3:GetBucketLocation",
|
|
||||||
"s3:GetObject"
|
|
||||||
],
|
|
||||||
"Resource": [
|
|
||||||
"arn:aws:s3:::*"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}`,
|
|
||||||
}
|
|
||||||
requestDataJSON, _ = json.Marshal(requestDataPolicy)
|
|
||||||
requestDataBody = bytes.NewReader(requestDataJSON)
|
|
||||||
request, err = http.NewRequest(
|
|
||||||
"PUT", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", requestDataBody)
|
|
||||||
if err != nil {
|
|
||||||
log.Println(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
|
|
||||||
request.Header.Add("Content-Type", "application/json")
|
|
||||||
response, err = client.Do(request)
|
|
||||||
if err != nil {
|
|
||||||
log.Println(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
if response != nil {
|
|
||||||
fmt.Println("POST StatusCode:", response.StatusCode)
|
|
||||||
assert.Equal(200, response.StatusCode, "Status Code is incorrect")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Test policy
|
|
||||||
request, err = http.NewRequest(
|
|
||||||
"GET", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", nil)
|
|
||||||
if err != nil {
|
|
||||||
log.Println(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
|
|
||||||
request.Header.Add("Content-Type", "application/json")
|
|
||||||
response, err = client.Do(request)
|
|
||||||
if err != nil {
|
|
||||||
log.Println(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
if response != nil {
|
|
||||||
fmt.Println("POST StatusCode:", response.StatusCode)
|
|
||||||
assert.Equal(200, response.StatusCode, "Status Code is incorrect")
|
|
||||||
buf := new(bytes.Buffer)
|
|
||||||
buf.ReadFrom(response.Body)
|
|
||||||
var actual *iampolicy.Policy
|
|
||||||
var expected *iampolicy.Policy
|
|
||||||
json.Unmarshal(buf.Bytes(), actual)
|
|
||||||
policy, err := json.Marshal(requestDataAddServiceAccount["policy"])
|
|
||||||
if err != nil {
|
|
||||||
log.Println(err)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
json.Unmarshal(policy, expected)
|
|
||||||
assert.Equal(expected, actual)
|
|
||||||
}
|
|
||||||
|
|
||||||
// {{baseUrl}}/user?name=proident velit
|
// {{baseUrl}}/user?name=proident velit
|
||||||
// Investiga como se borra en el browser.
|
// Investiga como se borra en el browser.
|
||||||
request, err = http.NewRequest(
|
request, err = http.NewRequest(
|
||||||
|
|||||||
85
models/service_account.go
Normal file
85
models/service_account.go
Normal file
@@ -0,0 +1,85 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2023 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
|
||||||
|
"github.com/go-openapi/strfmt"
|
||||||
|
"github.com/go-openapi/swag"
|
||||||
|
)
|
||||||
|
|
||||||
|
// ServiceAccount service account
|
||||||
|
//
|
||||||
|
// swagger:model serviceAccount
|
||||||
|
type ServiceAccount struct {
|
||||||
|
|
||||||
|
// account status
|
||||||
|
AccountStatus string `json:"accountStatus,omitempty"`
|
||||||
|
|
||||||
|
// description
|
||||||
|
Description string `json:"description,omitempty"`
|
||||||
|
|
||||||
|
// expiration
|
||||||
|
Expiration string `json:"expiration,omitempty"`
|
||||||
|
|
||||||
|
// implied policy
|
||||||
|
ImpliedPolicy bool `json:"impliedPolicy,omitempty"`
|
||||||
|
|
||||||
|
// name
|
||||||
|
Name string `json:"name,omitempty"`
|
||||||
|
|
||||||
|
// parent user
|
||||||
|
ParentUser string `json:"parentUser,omitempty"`
|
||||||
|
|
||||||
|
// policy
|
||||||
|
Policy string `json:"policy,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validate validates this service account
|
||||||
|
func (m *ServiceAccount) Validate(formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// ContextValidate validates this service account based on context it is used
|
||||||
|
func (m *ServiceAccount) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// MarshalBinary interface implementation
|
||||||
|
func (m *ServiceAccount) MarshalBinary() ([]byte, error) {
|
||||||
|
if m == nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return swag.WriteJSON(m)
|
||||||
|
}
|
||||||
|
|
||||||
|
// UnmarshalBinary interface implementation
|
||||||
|
func (m *ServiceAccount) UnmarshalBinary(b []byte) error {
|
||||||
|
var res ServiceAccount
|
||||||
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
*m = res
|
||||||
|
return nil
|
||||||
|
}
|
||||||
@@ -34,6 +34,18 @@ import (
|
|||||||
// swagger:model serviceAccountRequest
|
// swagger:model serviceAccountRequest
|
||||||
type ServiceAccountRequest struct {
|
type ServiceAccountRequest struct {
|
||||||
|
|
||||||
|
// comment
|
||||||
|
Comment string `json:"comment,omitempty"`
|
||||||
|
|
||||||
|
// description
|
||||||
|
Description string `json:"description,omitempty"`
|
||||||
|
|
||||||
|
// expiry
|
||||||
|
Expiry string `json:"expiry,omitempty"`
|
||||||
|
|
||||||
|
// name
|
||||||
|
Name string `json:"name,omitempty"`
|
||||||
|
|
||||||
// policy to be applied to the Service Account if any
|
// policy to be applied to the Service Account if any
|
||||||
Policy string `json:"policy,omitempty"`
|
Policy string `json:"policy,omitempty"`
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -37,6 +37,18 @@ type ServiceAccountRequestCreds struct {
|
|||||||
// access key
|
// access key
|
||||||
AccessKey string `json:"accessKey,omitempty"`
|
AccessKey string `json:"accessKey,omitempty"`
|
||||||
|
|
||||||
|
// comment
|
||||||
|
Comment string `json:"comment,omitempty"`
|
||||||
|
|
||||||
|
// description
|
||||||
|
Description string `json:"description,omitempty"`
|
||||||
|
|
||||||
|
// expiry
|
||||||
|
Expiry string `json:"expiry,omitempty"`
|
||||||
|
|
||||||
|
// name
|
||||||
|
Name string `json:"name,omitempty"`
|
||||||
|
|
||||||
// policy to be applied to the Service Account if any
|
// policy to be applied to the Service Account if any
|
||||||
Policy string `json:"policy,omitempty"`
|
Policy string `json:"policy,omitempty"`
|
||||||
|
|
||||||
|
|||||||
@@ -31,18 +31,33 @@ import (
|
|||||||
"github.com/go-openapi/validate"
|
"github.com/go-openapi/validate"
|
||||||
)
|
)
|
||||||
|
|
||||||
// AddServiceAccountPolicyRequest add service account policy request
|
// UpdateServiceAccountRequest update service account request
|
||||||
//
|
//
|
||||||
// swagger:model addServiceAccountPolicyRequest
|
// swagger:model updateServiceAccountRequest
|
||||||
type AddServiceAccountPolicyRequest struct {
|
type UpdateServiceAccountRequest struct {
|
||||||
|
|
||||||
|
// description
|
||||||
|
Description string `json:"description,omitempty"`
|
||||||
|
|
||||||
|
// expiry
|
||||||
|
Expiry string `json:"expiry,omitempty"`
|
||||||
|
|
||||||
|
// name
|
||||||
|
Name string `json:"name,omitempty"`
|
||||||
|
|
||||||
// policy
|
// policy
|
||||||
// Required: true
|
// Required: true
|
||||||
Policy *string `json:"policy"`
|
Policy *string `json:"policy"`
|
||||||
|
|
||||||
|
// secret key
|
||||||
|
SecretKey string `json:"secretKey,omitempty"`
|
||||||
|
|
||||||
|
// status
|
||||||
|
Status string `json:"status,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate validates this add service account policy request
|
// Validate validates this update service account request
|
||||||
func (m *AddServiceAccountPolicyRequest) Validate(formats strfmt.Registry) error {
|
func (m *UpdateServiceAccountRequest) Validate(formats strfmt.Registry) error {
|
||||||
var res []error
|
var res []error
|
||||||
|
|
||||||
if err := m.validatePolicy(formats); err != nil {
|
if err := m.validatePolicy(formats); err != nil {
|
||||||
@@ -55,7 +70,7 @@ func (m *AddServiceAccountPolicyRequest) Validate(formats strfmt.Registry) error
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *AddServiceAccountPolicyRequest) validatePolicy(formats strfmt.Registry) error {
|
func (m *UpdateServiceAccountRequest) validatePolicy(formats strfmt.Registry) error {
|
||||||
|
|
||||||
if err := validate.Required("policy", "body", m.Policy); err != nil {
|
if err := validate.Required("policy", "body", m.Policy); err != nil {
|
||||||
return err
|
return err
|
||||||
@@ -64,13 +79,13 @@ func (m *AddServiceAccountPolicyRequest) validatePolicy(formats strfmt.Registry)
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// ContextValidate validates this add service account policy request based on context it is used
|
// ContextValidate validates this update service account request based on context it is used
|
||||||
func (m *AddServiceAccountPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
func (m *UpdateServiceAccountRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// MarshalBinary interface implementation
|
// MarshalBinary interface implementation
|
||||||
func (m *AddServiceAccountPolicyRequest) MarshalBinary() ([]byte, error) {
|
func (m *UpdateServiceAccountRequest) MarshalBinary() ([]byte, error) {
|
||||||
if m == nil {
|
if m == nil {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
@@ -78,8 +93,8 @@ func (m *AddServiceAccountPolicyRequest) MarshalBinary() ([]byte, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// UnmarshalBinary interface implementation
|
// UnmarshalBinary interface implementation
|
||||||
func (m *AddServiceAccountPolicyRequest) UnmarshalBinary(b []byte) error {
|
func (m *UpdateServiceAccountRequest) UnmarshalBinary(b []byte) error {
|
||||||
var res AddServiceAccountPolicyRequest
|
var res UpdateServiceAccountRequest
|
||||||
if err := swag.ReadJSON(b, &res); err != nil {
|
if err := swag.ReadJSON(b, &res); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@@ -214,8 +214,13 @@ export interface AddPolicyRequest {
|
|||||||
policy: string;
|
policy: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface AddServiceAccountPolicyRequest {
|
export interface UpdateServiceAccountRequest {
|
||||||
policy: string;
|
policy: string;
|
||||||
|
secretKey?: string;
|
||||||
|
name?: string;
|
||||||
|
description?: string;
|
||||||
|
expiry?: string;
|
||||||
|
status?: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface ListPoliciesResponse {
|
export interface ListPoliciesResponse {
|
||||||
@@ -727,6 +732,16 @@ export interface BulkUserGroups {
|
|||||||
groups: string[];
|
groups: string[];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export interface ServiceAccount {
|
||||||
|
parentUser?: string;
|
||||||
|
accountStatus?: string;
|
||||||
|
impliedPolicy?: boolean;
|
||||||
|
policy?: string;
|
||||||
|
name?: string;
|
||||||
|
description?: string;
|
||||||
|
expiration?: string;
|
||||||
|
}
|
||||||
|
|
||||||
export type ServiceAccounts = {
|
export type ServiceAccounts = {
|
||||||
accountStatus?: string;
|
accountStatus?: string;
|
||||||
name?: string;
|
name?: string;
|
||||||
@@ -738,6 +753,10 @@ export type ServiceAccounts = {
|
|||||||
export interface ServiceAccountRequest {
|
export interface ServiceAccountRequest {
|
||||||
/** policy to be applied to the Service Account if any */
|
/** policy to be applied to the Service Account if any */
|
||||||
policy?: string;
|
policy?: string;
|
||||||
|
name?: string;
|
||||||
|
description?: string;
|
||||||
|
expiry?: string;
|
||||||
|
comment?: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface ServiceAccountRequestCreds {
|
export interface ServiceAccountRequestCreds {
|
||||||
@@ -745,6 +764,10 @@ export interface ServiceAccountRequestCreds {
|
|||||||
policy?: string;
|
policy?: string;
|
||||||
accessKey?: string;
|
accessKey?: string;
|
||||||
secretKey?: string;
|
secretKey?: string;
|
||||||
|
name?: string;
|
||||||
|
description?: string;
|
||||||
|
expiry?: string;
|
||||||
|
comment?: string;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface ServiceAccountCreds {
|
export interface ServiceAccountCreds {
|
||||||
@@ -1720,9 +1743,10 @@ export class HttpClient<SecurityDataType = unknown> {
|
|||||||
? { "Content-Type": type }
|
? { "Content-Type": type }
|
||||||
: {}),
|
: {}),
|
||||||
},
|
},
|
||||||
signal: cancelToken
|
signal:
|
||||||
|
(cancelToken
|
||||||
? this.createAbortSignal(cancelToken)
|
? this.createAbortSignal(cancelToken)
|
||||||
: requestParams.signal,
|
: requestParams.signal) || null,
|
||||||
body:
|
body:
|
||||||
typeof body === "undefined" || body === null
|
typeof body === "undefined" || body === null
|
||||||
? null
|
? null
|
||||||
@@ -3052,23 +3076,6 @@ export class Api<
|
|||||||
...params,
|
...params,
|
||||||
}),
|
}),
|
||||||
|
|
||||||
/**
|
|
||||||
* No description
|
|
||||||
*
|
|
||||||
* @tags ServiceAccount
|
|
||||||
* @name DeleteServiceAccount
|
|
||||||
* @summary Delete Service Account
|
|
||||||
* @request DELETE:/service-accounts/{access_key}
|
|
||||||
* @secure
|
|
||||||
*/
|
|
||||||
deleteServiceAccount: (accessKey: string, params: RequestParams = {}) =>
|
|
||||||
this.request<void, ApiError>({
|
|
||||||
path: `/service-accounts/${accessKey}`,
|
|
||||||
method: "DELETE",
|
|
||||||
secure: true,
|
|
||||||
...params,
|
|
||||||
}),
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* No description
|
* No description
|
||||||
*
|
*
|
||||||
@@ -3094,14 +3101,14 @@ export class Api<
|
|||||||
* No description
|
* No description
|
||||||
*
|
*
|
||||||
* @tags ServiceAccount
|
* @tags ServiceAccount
|
||||||
* @name GetServiceAccountPolicy
|
* @name GetServiceAccount
|
||||||
* @summary Get Service Account Policy
|
* @summary Get Service Account
|
||||||
* @request GET:/service-accounts/{access_key}/policy
|
* @request GET:/service-accounts/{access_key}
|
||||||
* @secure
|
* @secure
|
||||||
*/
|
*/
|
||||||
getServiceAccountPolicy: (accessKey: string, params: RequestParams = {}) =>
|
getServiceAccount: (accessKey: string, params: RequestParams = {}) =>
|
||||||
this.request<IamEntity, ApiError>({
|
this.request<ServiceAccount, ApiError>({
|
||||||
path: `/service-accounts/${accessKey}/policy`,
|
path: `/service-accounts/${accessKey}`,
|
||||||
method: "GET",
|
method: "GET",
|
||||||
secure: true,
|
secure: true,
|
||||||
format: "json",
|
format: "json",
|
||||||
@@ -3112,24 +3119,41 @@ export class Api<
|
|||||||
* No description
|
* No description
|
||||||
*
|
*
|
||||||
* @tags ServiceAccount
|
* @tags ServiceAccount
|
||||||
* @name SetServiceAccountPolicy
|
* @name UpdateServiceAccount
|
||||||
* @summary Set Service Account Policy
|
* @summary Set Service Account Policy
|
||||||
* @request PUT:/service-accounts/{access_key}/policy
|
* @request PUT:/service-accounts/{access_key}
|
||||||
* @secure
|
* @secure
|
||||||
*/
|
*/
|
||||||
setServiceAccountPolicy: (
|
updateServiceAccount: (
|
||||||
accessKey: string,
|
accessKey: string,
|
||||||
policy: AddServiceAccountPolicyRequest,
|
body: UpdateServiceAccountRequest,
|
||||||
params: RequestParams = {},
|
params: RequestParams = {},
|
||||||
) =>
|
) =>
|
||||||
this.request<void, ApiError>({
|
this.request<void, ApiError>({
|
||||||
path: `/service-accounts/${accessKey}/policy`,
|
path: `/service-accounts/${accessKey}`,
|
||||||
method: "PUT",
|
method: "PUT",
|
||||||
body: policy,
|
body: body,
|
||||||
secure: true,
|
secure: true,
|
||||||
type: ContentType.Json,
|
type: ContentType.Json,
|
||||||
...params,
|
...params,
|
||||||
}),
|
}),
|
||||||
|
|
||||||
|
/**
|
||||||
|
* No description
|
||||||
|
*
|
||||||
|
* @tags ServiceAccount
|
||||||
|
* @name DeleteServiceAccount
|
||||||
|
* @summary Delete Service Account
|
||||||
|
* @request DELETE:/service-accounts/{access_key}
|
||||||
|
* @secure
|
||||||
|
*/
|
||||||
|
deleteServiceAccount: (accessKey: string, params: RequestParams = {}) =>
|
||||||
|
this.request<void, ApiError>({
|
||||||
|
path: `/service-accounts/${accessKey}`,
|
||||||
|
method: "DELETE",
|
||||||
|
secure: true,
|
||||||
|
...params,
|
||||||
|
}),
|
||||||
};
|
};
|
||||||
serviceAccountCredentials = {
|
serviceAccountCredentials = {
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -37,7 +37,7 @@ import withSuspense from "../Common/Components/withSuspense";
|
|||||||
|
|
||||||
import { selectSAs } from "../Configurations/utils";
|
import { selectSAs } from "../Configurations/utils";
|
||||||
import DeleteMultipleServiceAccounts from "../Users/DeleteMultipleServiceAccounts";
|
import DeleteMultipleServiceAccounts from "../Users/DeleteMultipleServiceAccounts";
|
||||||
import ServiceAccountPolicy from "./ServiceAccountPolicy";
|
import EditServiceAccount from "./EditServiceAccount";
|
||||||
|
|
||||||
import { selFeatures } from "../consoleSlice";
|
import { selFeatures } from "../consoleSlice";
|
||||||
import TooltipWrapper from "../Common/TooltipWrapper/TooltipWrapper";
|
import TooltipWrapper from "../Common/TooltipWrapper/TooltipWrapper";
|
||||||
@@ -82,7 +82,7 @@ const Account = () => {
|
|||||||
useState<boolean>(false);
|
useState<boolean>(false);
|
||||||
const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
|
const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
|
||||||
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
|
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
|
||||||
const [policyOpen, setPolicyOpen] = useState<boolean>(false);
|
const [isEditOpen, setIsEditOpen] = useState<boolean>(false);
|
||||||
|
|
||||||
const userIDP = (features && features.includes("external-idp")) || false;
|
const userIDP = (features && features.includes("external-idp")) || false;
|
||||||
|
|
||||||
@@ -137,13 +137,13 @@ const Account = () => {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
const policyModalOpen = (selectedServiceAccount: string) => {
|
const editModalOpen = (selectedServiceAccount: string) => {
|
||||||
setSelectedServiceAccount(selectedServiceAccount);
|
setSelectedServiceAccount(selectedServiceAccount);
|
||||||
setPolicyOpen(true);
|
setIsEditOpen(true);
|
||||||
};
|
};
|
||||||
|
|
||||||
const closePolicyModal = () => {
|
const closePolicyModal = () => {
|
||||||
setPolicyOpen(false);
|
setIsEditOpen(false);
|
||||||
setLoading(true);
|
setLoading(true);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -157,7 +157,7 @@ const Account = () => {
|
|||||||
type: "view",
|
type: "view",
|
||||||
onClick: (value: any) => {
|
onClick: (value: any) => {
|
||||||
if (value) {
|
if (value) {
|
||||||
policyModalOpen(value.accessKey);
|
editModalOpen(value.accessKey);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@@ -169,6 +169,14 @@ const Account = () => {
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
type: "edit",
|
||||||
|
onClick: (value: any) => {
|
||||||
|
if (value) {
|
||||||
|
editModalOpen(value.accessKey);
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
];
|
];
|
||||||
|
|
||||||
const filteredRecords = records.filter(
|
const filteredRecords = records.filter(
|
||||||
@@ -195,9 +203,9 @@ const Account = () => {
|
|||||||
/>
|
/>
|
||||||
)}
|
)}
|
||||||
|
|
||||||
{policyOpen && (
|
{isEditOpen && (
|
||||||
<ServiceAccountPolicy
|
<EditServiceAccount
|
||||||
open={policyOpen}
|
open={isEditOpen}
|
||||||
selectedAccessKey={selectedServiceAccount}
|
selectedAccessKey={selectedServiceAccount}
|
||||||
closeModalAndRefresh={closePolicyModal}
|
closeModalAndRefresh={closePolicyModal}
|
||||||
/>
|
/>
|
||||||
|
|||||||
@@ -29,6 +29,7 @@ import {
|
|||||||
Switch,
|
Switch,
|
||||||
ServiceAccountIcon,
|
ServiceAccountIcon,
|
||||||
HelpTip,
|
HelpTip,
|
||||||
|
DateTimeInput,
|
||||||
} from "mds";
|
} from "mds";
|
||||||
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
||||||
import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
|
import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
|
||||||
@@ -59,6 +60,11 @@ const AddServiceAccount = () => {
|
|||||||
useState<NewServiceAccount | null>(null);
|
useState<NewServiceAccount | null>(null);
|
||||||
const [policyJSON, setPolicyJSON] = useState<string>("");
|
const [policyJSON, setPolicyJSON] = useState<string>("");
|
||||||
|
|
||||||
|
const [name, setName] = useState<string>("");
|
||||||
|
const [description, setDescription] = useState<string>("");
|
||||||
|
const [comments, setComments] = useState<string>("");
|
||||||
|
const [expiry, setExpiry] = useState<any>();
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
dispatch(setHelpName("add_service_account"));
|
dispatch(setHelpName("add_service_account"));
|
||||||
// eslint-disable-next-line react-hooks/exhaustive-deps
|
// eslint-disable-next-line react-hooks/exhaustive-deps
|
||||||
@@ -66,12 +72,17 @@ const AddServiceAccount = () => {
|
|||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (addSending) {
|
if (addSending) {
|
||||||
|
const expiryDt = expiry ? expiry.toJSDate().toISOString() : null;
|
||||||
api.serviceAccountCredentials
|
api.serviceAccountCredentials
|
||||||
.createServiceAccountCreds(
|
.createServiceAccountCreds(
|
||||||
{
|
{
|
||||||
policy: policyJSON,
|
policy: policyJSON,
|
||||||
accessKey: accessKey,
|
accessKey: accessKey,
|
||||||
secretKey: secretKey,
|
secretKey: secretKey,
|
||||||
|
description: description,
|
||||||
|
comment: comments,
|
||||||
|
name: name,
|
||||||
|
expiry: expiryDt,
|
||||||
},
|
},
|
||||||
{ type: ContentType.Json },
|
{ type: ContentType.Json },
|
||||||
)
|
)
|
||||||
@@ -89,7 +100,18 @@ const AddServiceAccount = () => {
|
|||||||
dispatch(setErrorSnackMessage(errorToHandler(res.error)));
|
dispatch(setErrorSnackMessage(errorToHandler(res.error)));
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
}, [addSending, setAddSending, dispatch, policyJSON, accessKey, secretKey]);
|
}, [
|
||||||
|
addSending,
|
||||||
|
setAddSending,
|
||||||
|
dispatch,
|
||||||
|
policyJSON,
|
||||||
|
accessKey,
|
||||||
|
secretKey,
|
||||||
|
name,
|
||||||
|
description,
|
||||||
|
expiry,
|
||||||
|
comments,
|
||||||
|
]);
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (isRestrictedByPolicy) {
|
if (isRestrictedByPolicy) {
|
||||||
@@ -221,6 +243,73 @@ const AddServiceAccount = () => {
|
|||||||
</Grid>
|
</Grid>
|
||||||
</Grid>
|
</Grid>
|
||||||
)}
|
)}
|
||||||
|
|
||||||
|
<Grid
|
||||||
|
xs={12}
|
||||||
|
sx={{
|
||||||
|
display: "flex",
|
||||||
|
alignItems: "center",
|
||||||
|
justifyContent: "start",
|
||||||
|
fontWeight: 600,
|
||||||
|
color: "rgb(7, 25, 62)",
|
||||||
|
gap: 2,
|
||||||
|
marginBottom: "15px",
|
||||||
|
marginTop: "15px",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<Box
|
||||||
|
sx={{
|
||||||
|
marginTop: "15px",
|
||||||
|
width: "100%",
|
||||||
|
"& label": { width: "180px" },
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<DateTimeInput
|
||||||
|
noLabelMinWidth
|
||||||
|
value={expiry}
|
||||||
|
onChange={(e) => {
|
||||||
|
setExpiry(e);
|
||||||
|
}}
|
||||||
|
id="expiryTime"
|
||||||
|
label={"Expiry"}
|
||||||
|
timeFormat={"24h"}
|
||||||
|
secondsSelector={false}
|
||||||
|
/>
|
||||||
|
</Box>
|
||||||
|
</Grid>
|
||||||
|
<InputBox
|
||||||
|
value={name}
|
||||||
|
label={"Name"}
|
||||||
|
id={"name"}
|
||||||
|
name={"name"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a name"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setName(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
<InputBox
|
||||||
|
value={description}
|
||||||
|
label={"Description"}
|
||||||
|
id={"description"}
|
||||||
|
name={"description"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a description"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setDescription(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
<InputBox
|
||||||
|
value={comments}
|
||||||
|
label={"Comments"}
|
||||||
|
id={"comment"}
|
||||||
|
name={"comment"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a comment"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setComments(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
|
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
|
||||||
<Button
|
<Button
|
||||||
id={"clear"}
|
id={"clear"}
|
||||||
|
|||||||
@@ -15,7 +15,15 @@
|
|||||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
import React, { useEffect, useState, Fragment } from "react";
|
import React, { useEffect, useState, Fragment } from "react";
|
||||||
import { Button, ChangeAccessPolicyIcon, Grid } from "mds";
|
import {
|
||||||
|
Box,
|
||||||
|
Button,
|
||||||
|
ChangeAccessPolicyIcon,
|
||||||
|
DateTimeInput,
|
||||||
|
Grid,
|
||||||
|
InputBox,
|
||||||
|
Switch,
|
||||||
|
} from "mds";
|
||||||
import { api } from "api";
|
import { api } from "api";
|
||||||
import { errorToHandler } from "api/errors";
|
import { errorToHandler } from "api/errors";
|
||||||
import CodeMirrorWrapper from "../Common/FormComponents/CodeMirrorWrapper/CodeMirrorWrapper";
|
import CodeMirrorWrapper from "../Common/FormComponents/CodeMirrorWrapper/CodeMirrorWrapper";
|
||||||
@@ -25,6 +33,7 @@ import { encodeURLString } from "common/utils";
|
|||||||
import { setErrorSnackMessage, setModalErrorSnackMessage } from "systemSlice";
|
import { setErrorSnackMessage, setModalErrorSnackMessage } from "systemSlice";
|
||||||
import ModalWrapper from "../Common/ModalWrapper/ModalWrapper";
|
import ModalWrapper from "../Common/ModalWrapper/ModalWrapper";
|
||||||
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
||||||
|
import { DateTime } from "luxon";
|
||||||
|
|
||||||
interface IServiceAccountPolicyProps {
|
interface IServiceAccountPolicyProps {
|
||||||
open: boolean;
|
open: boolean;
|
||||||
@@ -32,23 +41,40 @@ interface IServiceAccountPolicyProps {
|
|||||||
closeModalAndRefresh: () => void;
|
closeModalAndRefresh: () => void;
|
||||||
}
|
}
|
||||||
|
|
||||||
const ServiceAccountPolicy = ({
|
const EditServiceAccount = ({
|
||||||
open,
|
open,
|
||||||
selectedAccessKey,
|
selectedAccessKey,
|
||||||
closeModalAndRefresh,
|
closeModalAndRefresh,
|
||||||
}: IServiceAccountPolicyProps) => {
|
}: IServiceAccountPolicyProps) => {
|
||||||
const dispatch = useAppDispatch();
|
const dispatch = useAppDispatch();
|
||||||
const [loading, setLoading] = useState<boolean>(false);
|
const [loading, setLoading] = useState<boolean>(false);
|
||||||
const [policyDefinition, setPolicyDefinition] = useState<string>("");
|
const [policyDefinition, setPolicyDefinition] = useState<any>("");
|
||||||
|
|
||||||
|
const [name, setName] = useState<string>("");
|
||||||
|
const [description, setDescription] = useState<string>("");
|
||||||
|
const [expiry, setExpiry] = useState<any>();
|
||||||
|
const [status, setStatus] = useState<string | undefined>("enabled");
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (!loading && selectedAccessKey !== "") {
|
if (!loading && selectedAccessKey !== "") {
|
||||||
const sourceAccKey = encodeURLString(selectedAccessKey);
|
const sourceAccKey = encodeURLString(selectedAccessKey);
|
||||||
setLoading(true);
|
setLoading(true);
|
||||||
api.serviceAccounts
|
api.serviceAccounts
|
||||||
.getServiceAccountPolicy(sourceAccKey)
|
.getServiceAccount(sourceAccKey)
|
||||||
.then((res) => {
|
.then((res) => {
|
||||||
setLoading(false);
|
setLoading(false);
|
||||||
setPolicyDefinition(res.data);
|
const saInfo = res.data;
|
||||||
|
|
||||||
|
setName(saInfo?.name || "");
|
||||||
|
|
||||||
|
if (saInfo?.expiration) {
|
||||||
|
setExpiry(DateTime.fromISO(saInfo?.expiration));
|
||||||
|
}
|
||||||
|
|
||||||
|
setDescription(saInfo?.description || "");
|
||||||
|
setStatus(saInfo.accountStatus);
|
||||||
|
|
||||||
|
setPolicyDefinition(saInfo.policy || "");
|
||||||
})
|
})
|
||||||
.catch((err) => {
|
.catch((err) => {
|
||||||
setLoading(false);
|
setLoading(false);
|
||||||
@@ -61,8 +87,12 @@ const ServiceAccountPolicy = ({
|
|||||||
const setPolicy = (event: React.FormEvent, newPolicy: string) => {
|
const setPolicy = (event: React.FormEvent, newPolicy: string) => {
|
||||||
event.preventDefault();
|
event.preventDefault();
|
||||||
api.serviceAccounts
|
api.serviceAccounts
|
||||||
.setServiceAccountPolicy(encodeURLString(selectedAccessKey), {
|
.updateServiceAccount(encodeURLString(selectedAccessKey), {
|
||||||
policy: newPolicy,
|
policy: newPolicy,
|
||||||
|
description: description,
|
||||||
|
expiry: expiry,
|
||||||
|
name: name,
|
||||||
|
status: status,
|
||||||
})
|
})
|
||||||
.then(() => {
|
.then(() => {
|
||||||
closeModalAndRefresh();
|
closeModalAndRefresh();
|
||||||
@@ -75,7 +105,7 @@ const ServiceAccountPolicy = ({
|
|||||||
|
|
||||||
return (
|
return (
|
||||||
<ModalWrapper
|
<ModalWrapper
|
||||||
title="Access Key Policy"
|
title={`Edit details of - ${selectedAccessKey}`}
|
||||||
modalOpen={open}
|
modalOpen={open}
|
||||||
onClose={() => {
|
onClose={() => {
|
||||||
closeModalAndRefresh();
|
closeModalAndRefresh();
|
||||||
@@ -110,6 +140,99 @@ const ServiceAccountPolicy = ({
|
|||||||
}
|
}
|
||||||
/>
|
/>
|
||||||
</Grid>
|
</Grid>
|
||||||
|
<Box
|
||||||
|
sx={{
|
||||||
|
marginBottom: "15px",
|
||||||
|
marginTop: "15px",
|
||||||
|
display: "flex",
|
||||||
|
width: "100%",
|
||||||
|
"& label": { width: "195px" },
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<DateTimeInput
|
||||||
|
noLabelMinWidth
|
||||||
|
value={expiry}
|
||||||
|
onChange={(e) => {
|
||||||
|
setExpiry(e);
|
||||||
|
}}
|
||||||
|
id="expiryTime"
|
||||||
|
label={"Expiry"}
|
||||||
|
timeFormat={"24h"}
|
||||||
|
secondsSelector={false}
|
||||||
|
/>
|
||||||
|
</Box>
|
||||||
|
<Grid
|
||||||
|
xs={12}
|
||||||
|
sx={{
|
||||||
|
marginBottom: "15px",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<InputBox
|
||||||
|
value={name}
|
||||||
|
size={120}
|
||||||
|
label={"Name"}
|
||||||
|
id={"name"}
|
||||||
|
name={"name"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a name"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setName(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
</Grid>
|
||||||
|
<Grid
|
||||||
|
xs={12}
|
||||||
|
sx={{
|
||||||
|
marginBottom: "15px",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<InputBox
|
||||||
|
size={120}
|
||||||
|
value={description}
|
||||||
|
label={"Description"}
|
||||||
|
id={"description"}
|
||||||
|
name={"description"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a description"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setDescription(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
</Grid>
|
||||||
|
<Grid
|
||||||
|
xs={12}
|
||||||
|
sx={{
|
||||||
|
display: "flex",
|
||||||
|
alignItems: "center",
|
||||||
|
justifyContent: "start",
|
||||||
|
fontWeight: 600,
|
||||||
|
color: "rgb(7, 25, 62)",
|
||||||
|
gap: 2,
|
||||||
|
marginBottom: "15px",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<label style={{ width: "150px" }}>Status</label>
|
||||||
|
<Box
|
||||||
|
sx={{
|
||||||
|
padding: "2px",
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<Switch
|
||||||
|
style={{
|
||||||
|
gap: "115px",
|
||||||
|
}}
|
||||||
|
indicatorLabels={["Enabled", "Disabled"]}
|
||||||
|
checked={status === "on"}
|
||||||
|
id="saStatus"
|
||||||
|
name="saStatus"
|
||||||
|
label=""
|
||||||
|
onChange={(e) => {
|
||||||
|
setStatus(e.target.checked ? "on" : "off");
|
||||||
|
}}
|
||||||
|
value="yes"
|
||||||
|
/>
|
||||||
|
</Box>
|
||||||
|
</Grid>
|
||||||
<Grid item xs={12} sx={modalStyleUtils.modalButtonBar}>
|
<Grid item xs={12} sx={modalStyleUtils.modalButtonBar}>
|
||||||
<Button
|
<Button
|
||||||
id={"cancel-sa-policy"}
|
id={"cancel-sa-policy"}
|
||||||
@@ -127,7 +250,7 @@ const ServiceAccountPolicy = ({
|
|||||||
variant="callAction"
|
variant="callAction"
|
||||||
color="primary"
|
color="primary"
|
||||||
disabled={loading}
|
disabled={loading}
|
||||||
label={"Set"}
|
label={"Update"}
|
||||||
/>
|
/>
|
||||||
</Grid>
|
</Grid>
|
||||||
</Grid>
|
</Grid>
|
||||||
@@ -136,4 +259,4 @@ const ServiceAccountPolicy = ({
|
|||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
||||||
export default ServiceAccountPolicy;
|
export default EditServiceAccount;
|
||||||
@@ -29,6 +29,7 @@ import {
|
|||||||
ServiceAccountIcon,
|
ServiceAccountIcon,
|
||||||
Switch,
|
Switch,
|
||||||
HelpTip,
|
HelpTip,
|
||||||
|
DateTimeInput,
|
||||||
} from "mds";
|
} from "mds";
|
||||||
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
|
||||||
import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
|
import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
|
||||||
@@ -65,8 +66,14 @@ const AddServiceAccount = () => {
|
|||||||
|
|
||||||
const userName = decodeURLString(params.userName || "");
|
const userName = decodeURLString(params.userName || "");
|
||||||
|
|
||||||
|
const [name, setName] = useState<string>("");
|
||||||
|
const [description, setDescription] = useState<string>("");
|
||||||
|
const [comments, setComments] = useState<string>("");
|
||||||
|
const [expiry, setExpiry] = useState<any>();
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
if (addSending) {
|
if (addSending) {
|
||||||
|
const expiryDt = expiry ? expiry.toJSDate().toISOString() : null;
|
||||||
api
|
api
|
||||||
.invoke(
|
.invoke(
|
||||||
"POST",
|
"POST",
|
||||||
@@ -77,6 +84,10 @@ const AddServiceAccount = () => {
|
|||||||
policy: policyJSON,
|
policy: policyJSON,
|
||||||
accessKey: accessKey,
|
accessKey: accessKey,
|
||||||
secretKey: secretKey,
|
secretKey: secretKey,
|
||||||
|
description: description,
|
||||||
|
comment: comments,
|
||||||
|
name: name,
|
||||||
|
expiry: expiryDt,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
.then((res) => {
|
.then((res) => {
|
||||||
@@ -100,6 +111,10 @@ const AddServiceAccount = () => {
|
|||||||
userName,
|
userName,
|
||||||
accessKey,
|
accessKey,
|
||||||
secretKey,
|
secretKey,
|
||||||
|
name,
|
||||||
|
description,
|
||||||
|
expiry,
|
||||||
|
comments,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
@@ -198,6 +213,7 @@ const AddServiceAccount = () => {
|
|||||||
}}
|
}}
|
||||||
startIcon={<PasswordKeyIcon />}
|
startIcon={<PasswordKeyIcon />}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
<Switch
|
<Switch
|
||||||
value="serviceAccountPolicy"
|
value="serviceAccountPolicy"
|
||||||
id="serviceAccountPolicy"
|
id="serviceAccountPolicy"
|
||||||
@@ -254,6 +270,61 @@ const AddServiceAccount = () => {
|
|||||||
</Grid>
|
</Grid>
|
||||||
</Grid>
|
</Grid>
|
||||||
)}
|
)}
|
||||||
|
|
||||||
|
<Box
|
||||||
|
sx={{
|
||||||
|
marginBottom: "15px",
|
||||||
|
marginTop: "15px",
|
||||||
|
width: "100%",
|
||||||
|
"& label": { width: "180px" },
|
||||||
|
}}
|
||||||
|
>
|
||||||
|
<DateTimeInput
|
||||||
|
noLabelMinWidth
|
||||||
|
value={expiry}
|
||||||
|
onChange={(e) => {
|
||||||
|
setExpiry(e);
|
||||||
|
}}
|
||||||
|
id="expiryTime"
|
||||||
|
label={"Expiry"}
|
||||||
|
timeFormat={"24h"}
|
||||||
|
secondsSelector={false}
|
||||||
|
/>
|
||||||
|
</Box>
|
||||||
|
|
||||||
|
<InputBox
|
||||||
|
value={name}
|
||||||
|
label={"Name"}
|
||||||
|
id={"name"}
|
||||||
|
name={"name"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a name"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setName(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
<InputBox
|
||||||
|
value={description}
|
||||||
|
label={"Description"}
|
||||||
|
id={"description"}
|
||||||
|
name={"description"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a description"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setDescription(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
|
<InputBox
|
||||||
|
value={comments}
|
||||||
|
label={"Comments"}
|
||||||
|
id={"comment"}
|
||||||
|
name={"comment"}
|
||||||
|
type={"text"}
|
||||||
|
placeholder={"Enter a comment"}
|
||||||
|
onChange={(e) => {
|
||||||
|
setComments(e.target.value);
|
||||||
|
}}
|
||||||
|
/>
|
||||||
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
|
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
|
||||||
<Button
|
<Button
|
||||||
id={"clear"}
|
id={"clear"}
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ import CredentialsPrompt from "../Common/CredentialsPrompt/CredentialsPrompt";
|
|||||||
|
|
||||||
import DeleteMultipleServiceAccounts from "./DeleteMultipleServiceAccounts";
|
import DeleteMultipleServiceAccounts from "./DeleteMultipleServiceAccounts";
|
||||||
import { selectSAs } from "../Configurations/utils";
|
import { selectSAs } from "../Configurations/utils";
|
||||||
import ServiceAccountPolicy from "../Account/ServiceAccountPolicy";
|
import EditServiceAccount from "../Account/EditServiceAccount";
|
||||||
import {
|
import {
|
||||||
CONSOLE_UI_RESOURCE,
|
CONSOLE_UI_RESOURCE,
|
||||||
IAM_SCOPES,
|
IAM_SCOPES,
|
||||||
@@ -66,7 +66,7 @@ const UserServiceAccountsPanel = ({
|
|||||||
useState<NewServiceAccount | null>(null);
|
useState<NewServiceAccount | null>(null);
|
||||||
const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
|
const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
|
||||||
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
|
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
|
||||||
const [policyOpen, setPolicyOpen] = useState<boolean>(false);
|
const [editOpen, setEditOpen] = useState<boolean>(false);
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
fetchRecords();
|
fetchRecords();
|
||||||
@@ -114,9 +114,9 @@ const UserServiceAccountsPanel = ({
|
|||||||
setNewServiceAccount(null);
|
setNewServiceAccount(null);
|
||||||
};
|
};
|
||||||
|
|
||||||
const policyModalOpen = (selectedServiceAccount: string) => {
|
const editModalOpen = (selectedServiceAccount: string) => {
|
||||||
setSelectedServiceAccount(selectedServiceAccount);
|
setSelectedServiceAccount(selectedServiceAccount);
|
||||||
setPolicyOpen(true);
|
setEditOpen(true);
|
||||||
};
|
};
|
||||||
|
|
||||||
const confirmDeleteServiceAccount = (selectedServiceAccount: string) => {
|
const confirmDeleteServiceAccount = (selectedServiceAccount: string) => {
|
||||||
@@ -125,7 +125,7 @@ const UserServiceAccountsPanel = ({
|
|||||||
};
|
};
|
||||||
|
|
||||||
const closePolicyModal = () => {
|
const closePolicyModal = () => {
|
||||||
setPolicyOpen(false);
|
setEditOpen(false);
|
||||||
setLoading(true);
|
setLoading(true);
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -134,7 +134,7 @@ const UserServiceAccountsPanel = ({
|
|||||||
type: "view",
|
type: "view",
|
||||||
onClick: (value: any) => {
|
onClick: (value: any) => {
|
||||||
if (value) {
|
if (value) {
|
||||||
policyModalOpen(value.accessKey);
|
editModalOpen(value.accessKey);
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
@@ -146,6 +146,14 @@ const UserServiceAccountsPanel = ({
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
type: "edit",
|
||||||
|
onClick: (value: any) => {
|
||||||
|
if (value) {
|
||||||
|
editModalOpen(value.accessKey);
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
];
|
];
|
||||||
|
|
||||||
useEffect(() => {
|
useEffect(() => {
|
||||||
@@ -181,9 +189,9 @@ const UserServiceAccountsPanel = ({
|
|||||||
entity="Access Key"
|
entity="Access Key"
|
||||||
/>
|
/>
|
||||||
)}
|
)}
|
||||||
{policyOpen && (
|
{editOpen && (
|
||||||
<ServiceAccountPolicy
|
<EditServiceAccount
|
||||||
open={policyOpen}
|
open={editOpen}
|
||||||
selectedAccessKey={selectedServiceAccount}
|
selectedAccessKey={selectedServiceAccount}
|
||||||
closeModalAndRefresh={closePolicyModal}
|
closeModalAndRefresh={closePolicyModal}
|
||||||
/>
|
/>
|
||||||
|
|||||||
@@ -80,7 +80,7 @@ var (
|
|||||||
minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error
|
minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error
|
||||||
|
|
||||||
minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
|
minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
|
||||||
minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
|
minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, description string, name string, expiry *time.Time, status string) (madmin.Credentials, error)
|
||||||
minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
|
minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
|
||||||
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
|
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
|
||||||
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
|
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
|
||||||
@@ -377,8 +377,8 @@ func (ac AdminClientMock) AccountInfo(ctx context.Context) (madmin.AccountInfo,
|
|||||||
return minioAccountInfoMock(ctx)
|
return minioAccountInfoMock(ctx)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ac AdminClientMock) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) {
|
func (ac AdminClientMock) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, description string, name string, expiry *time.Time, status string) (madmin.Credentials, error) {
|
||||||
return minioAddServiceAccountMock(ctx, policy, user, accessKey, secretKey)
|
return minioAddServiceAccountMock(ctx, policy, user, accessKey, secretKey, description, name, expiry, status)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ac AdminClientMock) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) {
|
func (ac AdminClientMock) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) {
|
||||||
|
|||||||
@@ -70,7 +70,7 @@ type MinioAdmin interface {
|
|||||||
heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string,
|
heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string,
|
||||||
forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error)
|
forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error)
|
||||||
// Service Accounts
|
// Service Accounts
|
||||||
addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
|
addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error)
|
||||||
listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
|
listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
|
||||||
deleteServiceAccount(ctx context.Context, serviceAccount string) error
|
deleteServiceAccount(ctx context.Context, serviceAccount string) error
|
||||||
infoServiceAccount(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
|
infoServiceAccount(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
|
||||||
@@ -305,7 +305,7 @@ func (ac AdminClient) getLogs(ctx context.Context, node string, lineCnt int, log
|
|||||||
}
|
}
|
||||||
|
|
||||||
// implements madmin.AddServiceAccount()
|
// implements madmin.AddServiceAccount()
|
||||||
func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) {
|
func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
|
||||||
buf, err := json.Marshal(policy)
|
buf, err := json.Marshal(policy)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return madmin.Credentials{}, err
|
return madmin.Credentials{}, err
|
||||||
@@ -315,6 +315,10 @@ func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.P
|
|||||||
TargetUser: user,
|
TargetUser: user,
|
||||||
AccessKey: accessKey,
|
AccessKey: accessKey,
|
||||||
SecretKey: secretKey,
|
SecretKey: secretKey,
|
||||||
|
Name: name,
|
||||||
|
Description: description,
|
||||||
|
Expiration: expiry,
|
||||||
|
Comment: comment,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -4452,6 +4452,69 @@ func init() {
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/service-accounts/{access_key}": {
|
"/service-accounts/{access_key}": {
|
||||||
|
"get": {
|
||||||
|
"tags": [
|
||||||
|
"ServiceAccount"
|
||||||
|
],
|
||||||
|
"summary": "Get Service Account",
|
||||||
|
"operationId": "GetServiceAccount",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "access_key",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/serviceAccount"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/ApiError"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"put": {
|
||||||
|
"tags": [
|
||||||
|
"ServiceAccount"
|
||||||
|
],
|
||||||
|
"summary": "Set Service Account Policy",
|
||||||
|
"operationId": "UpdateServiceAccount",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "access_key",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "body",
|
||||||
|
"in": "body",
|
||||||
|
"required": true,
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/updateServiceAccountRequest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response."
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/ApiError"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"delete": {
|
"delete": {
|
||||||
"tags": [
|
"tags": [
|
||||||
"ServiceAccount"
|
"ServiceAccount"
|
||||||
@@ -4479,71 +4542,6 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/service-accounts/{access_key}/policy": {
|
|
||||||
"get": {
|
|
||||||
"tags": [
|
|
||||||
"ServiceAccount"
|
|
||||||
],
|
|
||||||
"summary": "Get Service Account Policy",
|
|
||||||
"operationId": "GetServiceAccountPolicy",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"type": "string",
|
|
||||||
"name": "access_key",
|
|
||||||
"in": "path",
|
|
||||||
"required": true
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "A successful response.",
|
|
||||||
"schema": {
|
|
||||||
"type": "string"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"default": {
|
|
||||||
"description": "Generic error response.",
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/ApiError"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"put": {
|
|
||||||
"tags": [
|
|
||||||
"ServiceAccount"
|
|
||||||
],
|
|
||||||
"summary": "Set Service Account Policy",
|
|
||||||
"operationId": "SetServiceAccountPolicy",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"type": "string",
|
|
||||||
"name": "access_key",
|
|
||||||
"in": "path",
|
|
||||||
"required": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "policy",
|
|
||||||
"in": "body",
|
|
||||||
"required": true,
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/addServiceAccountPolicyRequest"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "A successful response."
|
|
||||||
},
|
|
||||||
"default": {
|
|
||||||
"description": "Generic error response.",
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/ApiError"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"/service/restart": {
|
"/service/restart": {
|
||||||
"post": {
|
"post": {
|
||||||
"tags": [
|
"tags": [
|
||||||
@@ -5546,17 +5544,6 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"addServiceAccountPolicyRequest": {
|
|
||||||
"type": "object",
|
|
||||||
"required": [
|
|
||||||
"policy"
|
|
||||||
],
|
|
||||||
"properties": {
|
|
||||||
"policy": {
|
|
||||||
"type": "string"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"addUserRequest": {
|
"addUserRequest": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -8071,6 +8058,32 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"serviceAccount": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"accountStatus": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiration": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"impliedPolicy": {
|
||||||
|
"type": "boolean"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"parentUser": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"serviceAccountCreds": {
|
"serviceAccountCreds": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
@@ -8088,6 +8101,18 @@ func init() {
|
|||||||
"serviceAccountRequest": {
|
"serviceAccountRequest": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
"comment": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
"policy": {
|
"policy": {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"title": "policy to be applied to the Service Account if any"
|
"title": "policy to be applied to the Service Account if any"
|
||||||
@@ -8100,6 +8125,18 @@ func init() {
|
|||||||
"accessKey": {
|
"accessKey": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
|
"comment": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
"policy": {
|
"policy": {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"title": "policy to be applied to the Service Account if any"
|
"title": "policy to be applied to the Service Account if any"
|
||||||
@@ -8861,6 +8898,32 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"updateServiceAccountRequest": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"policy"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"secretKey": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"status": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"updateUser": {
|
"updateUser": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -13571,6 +13634,69 @@ func init() {
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/service-accounts/{access_key}": {
|
"/service-accounts/{access_key}": {
|
||||||
|
"get": {
|
||||||
|
"tags": [
|
||||||
|
"ServiceAccount"
|
||||||
|
],
|
||||||
|
"summary": "Get Service Account",
|
||||||
|
"operationId": "GetServiceAccount",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "access_key",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/serviceAccount"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/ApiError"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"put": {
|
||||||
|
"tags": [
|
||||||
|
"ServiceAccount"
|
||||||
|
],
|
||||||
|
"summary": "Set Service Account Policy",
|
||||||
|
"operationId": "UpdateServiceAccount",
|
||||||
|
"parameters": [
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"name": "access_key",
|
||||||
|
"in": "path",
|
||||||
|
"required": true
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "body",
|
||||||
|
"in": "body",
|
||||||
|
"required": true,
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/updateServiceAccountRequest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"responses": {
|
||||||
|
"200": {
|
||||||
|
"description": "A successful response."
|
||||||
|
},
|
||||||
|
"default": {
|
||||||
|
"description": "Generic error response.",
|
||||||
|
"schema": {
|
||||||
|
"$ref": "#/definitions/ApiError"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"delete": {
|
"delete": {
|
||||||
"tags": [
|
"tags": [
|
||||||
"ServiceAccount"
|
"ServiceAccount"
|
||||||
@@ -13598,71 +13724,6 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"/service-accounts/{access_key}/policy": {
|
|
||||||
"get": {
|
|
||||||
"tags": [
|
|
||||||
"ServiceAccount"
|
|
||||||
],
|
|
||||||
"summary": "Get Service Account Policy",
|
|
||||||
"operationId": "GetServiceAccountPolicy",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"type": "string",
|
|
||||||
"name": "access_key",
|
|
||||||
"in": "path",
|
|
||||||
"required": true
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "A successful response.",
|
|
||||||
"schema": {
|
|
||||||
"type": "string"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"default": {
|
|
||||||
"description": "Generic error response.",
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/ApiError"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"put": {
|
|
||||||
"tags": [
|
|
||||||
"ServiceAccount"
|
|
||||||
],
|
|
||||||
"summary": "Set Service Account Policy",
|
|
||||||
"operationId": "SetServiceAccountPolicy",
|
|
||||||
"parameters": [
|
|
||||||
{
|
|
||||||
"type": "string",
|
|
||||||
"name": "access_key",
|
|
||||||
"in": "path",
|
|
||||||
"required": true
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "policy",
|
|
||||||
"in": "body",
|
|
||||||
"required": true,
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/addServiceAccountPolicyRequest"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"responses": {
|
|
||||||
"200": {
|
|
||||||
"description": "A successful response."
|
|
||||||
},
|
|
||||||
"default": {
|
|
||||||
"description": "Generic error response.",
|
|
||||||
"schema": {
|
|
||||||
"$ref": "#/definitions/ApiError"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"/service/restart": {
|
"/service/restart": {
|
||||||
"post": {
|
"post": {
|
||||||
"tags": [
|
"tags": [
|
||||||
@@ -14827,17 +14888,6 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"addServiceAccountPolicyRequest": {
|
|
||||||
"type": "object",
|
|
||||||
"required": [
|
|
||||||
"policy"
|
|
||||||
],
|
|
||||||
"properties": {
|
|
||||||
"policy": {
|
|
||||||
"type": "string"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"addUserRequest": {
|
"addUserRequest": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
@@ -17347,6 +17397,32 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"serviceAccount": {
|
||||||
|
"type": "object",
|
||||||
|
"properties": {
|
||||||
|
"accountStatus": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiration": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"impliedPolicy": {
|
||||||
|
"type": "boolean"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"parentUser": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"serviceAccountCreds": {
|
"serviceAccountCreds": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
@@ -17364,6 +17440,18 @@ func init() {
|
|||||||
"serviceAccountRequest": {
|
"serviceAccountRequest": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"properties": {
|
"properties": {
|
||||||
|
"comment": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
"policy": {
|
"policy": {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"title": "policy to be applied to the Service Account if any"
|
"title": "policy to be applied to the Service Account if any"
|
||||||
@@ -17376,6 +17464,18 @@ func init() {
|
|||||||
"accessKey": {
|
"accessKey": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
|
"comment": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
"policy": {
|
"policy": {
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"title": "policy to be applied to the Service Account if any"
|
"title": "policy to be applied to the Service Account if any"
|
||||||
@@ -18120,6 +18220,32 @@ func init() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"updateServiceAccountRequest": {
|
||||||
|
"type": "object",
|
||||||
|
"required": [
|
||||||
|
"policy"
|
||||||
|
],
|
||||||
|
"properties": {
|
||||||
|
"description": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"expiry": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"name": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"policy": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"secretKey": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
|
"status": {
|
||||||
|
"type": "string"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"updateUser": {
|
"updateUser": {
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"required": [
|
"required": [
|
||||||
|
|||||||
@@ -265,8 +265,8 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
|
|||||||
PolicyGetSAUserPolicyHandler: policy.GetSAUserPolicyHandlerFunc(func(params policy.GetSAUserPolicyParams, principal *models.Principal) middleware.Responder {
|
PolicyGetSAUserPolicyHandler: policy.GetSAUserPolicyHandlerFunc(func(params policy.GetSAUserPolicyParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation policy.GetSAUserPolicy has not yet been implemented")
|
return middleware.NotImplemented("operation policy.GetSAUserPolicy has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
ServiceAccountGetServiceAccountPolicyHandler: service_account.GetServiceAccountPolicyHandlerFunc(func(params service_account.GetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder {
|
ServiceAccountGetServiceAccountHandler: service_account.GetServiceAccountHandlerFunc(func(params service_account.GetServiceAccountParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation service_account.GetServiceAccountPolicy has not yet been implemented")
|
return middleware.NotImplemented("operation service_account.GetServiceAccount has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
SiteReplicationGetSiteReplicationInfoHandler: site_replication.GetSiteReplicationInfoHandlerFunc(func(params site_replication.GetSiteReplicationInfoParams, principal *models.Principal) middleware.Responder {
|
SiteReplicationGetSiteReplicationInfoHandler: site_replication.GetSiteReplicationInfoHandlerFunc(func(params site_replication.GetSiteReplicationInfoParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation site_replication.GetSiteReplicationInfo has not yet been implemented")
|
return middleware.NotImplemented("operation site_replication.GetSiteReplicationInfo has not yet been implemented")
|
||||||
@@ -502,9 +502,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
|
|||||||
PolicySetPolicyMultipleHandler: policy.SetPolicyMultipleHandlerFunc(func(params policy.SetPolicyMultipleParams, principal *models.Principal) middleware.Responder {
|
PolicySetPolicyMultipleHandler: policy.SetPolicyMultipleHandlerFunc(func(params policy.SetPolicyMultipleParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation policy.SetPolicyMultiple has not yet been implemented")
|
return middleware.NotImplemented("operation policy.SetPolicyMultiple has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
ServiceAccountSetServiceAccountPolicyHandler: service_account.SetServiceAccountPolicyHandlerFunc(func(params service_account.SetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder {
|
|
||||||
return middleware.NotImplemented("operation service_account.SetServiceAccountPolicy has not yet been implemented")
|
|
||||||
}),
|
|
||||||
ObjectShareObjectHandler: object.ShareObjectHandlerFunc(func(params object.ShareObjectParams, principal *models.Principal) middleware.Responder {
|
ObjectShareObjectHandler: object.ShareObjectHandlerFunc(func(params object.ShareObjectParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation object.ShareObject has not yet been implemented")
|
return middleware.NotImplemented("operation object.ShareObject has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
@@ -550,6 +547,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
|
|||||||
BucketUpdateMultiBucketReplicationHandler: bucket.UpdateMultiBucketReplicationHandlerFunc(func(params bucket.UpdateMultiBucketReplicationParams, principal *models.Principal) middleware.Responder {
|
BucketUpdateMultiBucketReplicationHandler: bucket.UpdateMultiBucketReplicationHandlerFunc(func(params bucket.UpdateMultiBucketReplicationParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation bucket.UpdateMultiBucketReplication has not yet been implemented")
|
return middleware.NotImplemented("operation bucket.UpdateMultiBucketReplication has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
|
ServiceAccountUpdateServiceAccountHandler: service_account.UpdateServiceAccountHandlerFunc(func(params service_account.UpdateServiceAccountParams, principal *models.Principal) middleware.Responder {
|
||||||
|
return middleware.NotImplemented("operation service_account.UpdateServiceAccount has not yet been implemented")
|
||||||
|
}),
|
||||||
UserUpdateUserGroupsHandler: user.UpdateUserGroupsHandlerFunc(func(params user.UpdateUserGroupsParams, principal *models.Principal) middleware.Responder {
|
UserUpdateUserGroupsHandler: user.UpdateUserGroupsHandlerFunc(func(params user.UpdateUserGroupsParams, principal *models.Principal) middleware.Responder {
|
||||||
return middleware.NotImplemented("operation user.UpdateUserGroups has not yet been implemented")
|
return middleware.NotImplemented("operation user.UpdateUserGroups has not yet been implemented")
|
||||||
}),
|
}),
|
||||||
@@ -740,8 +740,8 @@ type ConsoleAPI struct {
|
|||||||
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
|
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
|
||||||
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
|
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
|
||||||
PolicyGetSAUserPolicyHandler policy.GetSAUserPolicyHandler
|
PolicyGetSAUserPolicyHandler policy.GetSAUserPolicyHandler
|
||||||
// ServiceAccountGetServiceAccountPolicyHandler sets the operation handler for the get service account policy operation
|
// ServiceAccountGetServiceAccountHandler sets the operation handler for the get service account operation
|
||||||
ServiceAccountGetServiceAccountPolicyHandler service_account.GetServiceAccountPolicyHandler
|
ServiceAccountGetServiceAccountHandler service_account.GetServiceAccountHandler
|
||||||
// SiteReplicationGetSiteReplicationInfoHandler sets the operation handler for the get site replication info operation
|
// SiteReplicationGetSiteReplicationInfoHandler sets the operation handler for the get site replication info operation
|
||||||
SiteReplicationGetSiteReplicationInfoHandler site_replication.GetSiteReplicationInfoHandler
|
SiteReplicationGetSiteReplicationInfoHandler site_replication.GetSiteReplicationInfoHandler
|
||||||
// SiteReplicationGetSiteReplicationStatusHandler sets the operation handler for the get site replication status operation
|
// SiteReplicationGetSiteReplicationStatusHandler sets the operation handler for the get site replication status operation
|
||||||
@@ -898,8 +898,6 @@ type ConsoleAPI struct {
|
|||||||
PolicySetPolicyHandler policy.SetPolicyHandler
|
PolicySetPolicyHandler policy.SetPolicyHandler
|
||||||
// PolicySetPolicyMultipleHandler sets the operation handler for the set policy multiple operation
|
// PolicySetPolicyMultipleHandler sets the operation handler for the set policy multiple operation
|
||||||
PolicySetPolicyMultipleHandler policy.SetPolicyMultipleHandler
|
PolicySetPolicyMultipleHandler policy.SetPolicyMultipleHandler
|
||||||
// ServiceAccountSetServiceAccountPolicyHandler sets the operation handler for the set service account policy operation
|
|
||||||
ServiceAccountSetServiceAccountPolicyHandler service_account.SetServiceAccountPolicyHandler
|
|
||||||
// ObjectShareObjectHandler sets the operation handler for the share object operation
|
// ObjectShareObjectHandler sets the operation handler for the share object operation
|
||||||
ObjectShareObjectHandler object.ShareObjectHandler
|
ObjectShareObjectHandler object.ShareObjectHandler
|
||||||
// SiteReplicationSiteReplicationEditHandler sets the operation handler for the site replication edit operation
|
// SiteReplicationSiteReplicationEditHandler sets the operation handler for the site replication edit operation
|
||||||
@@ -930,6 +928,8 @@ type ConsoleAPI struct {
|
|||||||
GroupUpdateGroupHandler group.UpdateGroupHandler
|
GroupUpdateGroupHandler group.UpdateGroupHandler
|
||||||
// BucketUpdateMultiBucketReplicationHandler sets the operation handler for the update multi bucket replication operation
|
// BucketUpdateMultiBucketReplicationHandler sets the operation handler for the update multi bucket replication operation
|
||||||
BucketUpdateMultiBucketReplicationHandler bucket.UpdateMultiBucketReplicationHandler
|
BucketUpdateMultiBucketReplicationHandler bucket.UpdateMultiBucketReplicationHandler
|
||||||
|
// ServiceAccountUpdateServiceAccountHandler sets the operation handler for the update service account operation
|
||||||
|
ServiceAccountUpdateServiceAccountHandler service_account.UpdateServiceAccountHandler
|
||||||
// UserUpdateUserGroupsHandler sets the operation handler for the update user groups operation
|
// UserUpdateUserGroupsHandler sets the operation handler for the update user groups operation
|
||||||
UserUpdateUserGroupsHandler user.UpdateUserGroupsHandler
|
UserUpdateUserGroupsHandler user.UpdateUserGroupsHandler
|
||||||
// UserUpdateUserInfoHandler sets the operation handler for the update user info operation
|
// UserUpdateUserInfoHandler sets the operation handler for the update user info operation
|
||||||
@@ -1204,8 +1204,8 @@ func (o *ConsoleAPI) Validate() error {
|
|||||||
if o.PolicyGetSAUserPolicyHandler == nil {
|
if o.PolicyGetSAUserPolicyHandler == nil {
|
||||||
unregistered = append(unregistered, "policy.GetSAUserPolicyHandler")
|
unregistered = append(unregistered, "policy.GetSAUserPolicyHandler")
|
||||||
}
|
}
|
||||||
if o.ServiceAccountGetServiceAccountPolicyHandler == nil {
|
if o.ServiceAccountGetServiceAccountHandler == nil {
|
||||||
unregistered = append(unregistered, "service_account.GetServiceAccountPolicyHandler")
|
unregistered = append(unregistered, "service_account.GetServiceAccountHandler")
|
||||||
}
|
}
|
||||||
if o.SiteReplicationGetSiteReplicationInfoHandler == nil {
|
if o.SiteReplicationGetSiteReplicationInfoHandler == nil {
|
||||||
unregistered = append(unregistered, "site_replication.GetSiteReplicationInfoHandler")
|
unregistered = append(unregistered, "site_replication.GetSiteReplicationInfoHandler")
|
||||||
@@ -1441,9 +1441,6 @@ func (o *ConsoleAPI) Validate() error {
|
|||||||
if o.PolicySetPolicyMultipleHandler == nil {
|
if o.PolicySetPolicyMultipleHandler == nil {
|
||||||
unregistered = append(unregistered, "policy.SetPolicyMultipleHandler")
|
unregistered = append(unregistered, "policy.SetPolicyMultipleHandler")
|
||||||
}
|
}
|
||||||
if o.ServiceAccountSetServiceAccountPolicyHandler == nil {
|
|
||||||
unregistered = append(unregistered, "service_account.SetServiceAccountPolicyHandler")
|
|
||||||
}
|
|
||||||
if o.ObjectShareObjectHandler == nil {
|
if o.ObjectShareObjectHandler == nil {
|
||||||
unregistered = append(unregistered, "object.ShareObjectHandler")
|
unregistered = append(unregistered, "object.ShareObjectHandler")
|
||||||
}
|
}
|
||||||
@@ -1489,6 +1486,9 @@ func (o *ConsoleAPI) Validate() error {
|
|||||||
if o.BucketUpdateMultiBucketReplicationHandler == nil {
|
if o.BucketUpdateMultiBucketReplicationHandler == nil {
|
||||||
unregistered = append(unregistered, "bucket.UpdateMultiBucketReplicationHandler")
|
unregistered = append(unregistered, "bucket.UpdateMultiBucketReplicationHandler")
|
||||||
}
|
}
|
||||||
|
if o.ServiceAccountUpdateServiceAccountHandler == nil {
|
||||||
|
unregistered = append(unregistered, "service_account.UpdateServiceAccountHandler")
|
||||||
|
}
|
||||||
if o.UserUpdateUserGroupsHandler == nil {
|
if o.UserUpdateUserGroupsHandler == nil {
|
||||||
unregistered = append(unregistered, "user.UpdateUserGroupsHandler")
|
unregistered = append(unregistered, "user.UpdateUserGroupsHandler")
|
||||||
}
|
}
|
||||||
@@ -1844,7 +1844,7 @@ func (o *ConsoleAPI) initHandlerCache() {
|
|||||||
if o.handlers["GET"] == nil {
|
if o.handlers["GET"] == nil {
|
||||||
o.handlers["GET"] = make(map[string]http.Handler)
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
o.handlers["GET"]["/service-accounts/{access_key}/policy"] = service_account.NewGetServiceAccountPolicy(o.context, o.ServiceAccountGetServiceAccountPolicyHandler)
|
o.handlers["GET"]["/service-accounts/{access_key}"] = service_account.NewGetServiceAccount(o.context, o.ServiceAccountGetServiceAccountHandler)
|
||||||
if o.handlers["GET"] == nil {
|
if o.handlers["GET"] == nil {
|
||||||
o.handlers["GET"] = make(map[string]http.Handler)
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
@@ -2157,10 +2157,6 @@ func (o *ConsoleAPI) initHandlerCache() {
|
|||||||
o.handlers["PUT"] = make(map[string]http.Handler)
|
o.handlers["PUT"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
o.handlers["PUT"]["/set-policy-multi"] = policy.NewSetPolicyMultiple(o.context, o.PolicySetPolicyMultipleHandler)
|
o.handlers["PUT"]["/set-policy-multi"] = policy.NewSetPolicyMultiple(o.context, o.PolicySetPolicyMultipleHandler)
|
||||||
if o.handlers["PUT"] == nil {
|
|
||||||
o.handlers["PUT"] = make(map[string]http.Handler)
|
|
||||||
}
|
|
||||||
o.handlers["PUT"]["/service-accounts/{access_key}/policy"] = service_account.NewSetServiceAccountPolicy(o.context, o.ServiceAccountSetServiceAccountPolicyHandler)
|
|
||||||
if o.handlers["GET"] == nil {
|
if o.handlers["GET"] == nil {
|
||||||
o.handlers["GET"] = make(map[string]http.Handler)
|
o.handlers["GET"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
@@ -2224,6 +2220,10 @@ func (o *ConsoleAPI) initHandlerCache() {
|
|||||||
if o.handlers["PUT"] == nil {
|
if o.handlers["PUT"] == nil {
|
||||||
o.handlers["PUT"] = make(map[string]http.Handler)
|
o.handlers["PUT"] = make(map[string]http.Handler)
|
||||||
}
|
}
|
||||||
|
o.handlers["PUT"]["/service-accounts/{access_key}"] = service_account.NewUpdateServiceAccount(o.context, o.ServiceAccountUpdateServiceAccountHandler)
|
||||||
|
if o.handlers["PUT"] == nil {
|
||||||
|
o.handlers["PUT"] = make(map[string]http.Handler)
|
||||||
|
}
|
||||||
o.handlers["PUT"]["/user/{name}/groups"] = user.NewUpdateUserGroups(o.context, o.UserUpdateUserGroupsHandler)
|
o.handlers["PUT"]["/user/{name}/groups"] = user.NewUpdateUserGroups(o.context, o.UserUpdateUserGroupsHandler)
|
||||||
if o.handlers["PUT"] == nil {
|
if o.handlers["PUT"] == nil {
|
||||||
o.handlers["PUT"] = make(map[string]http.Handler)
|
o.handlers["PUT"] = make(map[string]http.Handler)
|
||||||
|
|||||||
@@ -30,40 +30,40 @@ import (
|
|||||||
"github.com/minio/console/models"
|
"github.com/minio/console/models"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GetServiceAccountPolicyHandlerFunc turns a function with the right signature into a get service account policy handler
|
// GetServiceAccountHandlerFunc turns a function with the right signature into a get service account handler
|
||||||
type GetServiceAccountPolicyHandlerFunc func(GetServiceAccountPolicyParams, *models.Principal) middleware.Responder
|
type GetServiceAccountHandlerFunc func(GetServiceAccountParams, *models.Principal) middleware.Responder
|
||||||
|
|
||||||
// Handle executing the request and returning a response
|
// Handle executing the request and returning a response
|
||||||
func (fn GetServiceAccountPolicyHandlerFunc) Handle(params GetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder {
|
func (fn GetServiceAccountHandlerFunc) Handle(params GetServiceAccountParams, principal *models.Principal) middleware.Responder {
|
||||||
return fn(params, principal)
|
return fn(params, principal)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetServiceAccountPolicyHandler interface for that can handle valid get service account policy params
|
// GetServiceAccountHandler interface for that can handle valid get service account params
|
||||||
type GetServiceAccountPolicyHandler interface {
|
type GetServiceAccountHandler interface {
|
||||||
Handle(GetServiceAccountPolicyParams, *models.Principal) middleware.Responder
|
Handle(GetServiceAccountParams, *models.Principal) middleware.Responder
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewGetServiceAccountPolicy creates a new http.Handler for the get service account policy operation
|
// NewGetServiceAccount creates a new http.Handler for the get service account operation
|
||||||
func NewGetServiceAccountPolicy(ctx *middleware.Context, handler GetServiceAccountPolicyHandler) *GetServiceAccountPolicy {
|
func NewGetServiceAccount(ctx *middleware.Context, handler GetServiceAccountHandler) *GetServiceAccount {
|
||||||
return &GetServiceAccountPolicy{Context: ctx, Handler: handler}
|
return &GetServiceAccount{Context: ctx, Handler: handler}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
GetServiceAccountPolicy swagger:route GET /service-accounts/{access_key}/policy ServiceAccount getServiceAccountPolicy
|
GetServiceAccount swagger:route GET /service-accounts/{access_key} ServiceAccount getServiceAccount
|
||||||
|
|
||||||
Get Service Account Policy
|
Get Service Account
|
||||||
*/
|
*/
|
||||||
type GetServiceAccountPolicy struct {
|
type GetServiceAccount struct {
|
||||||
Context *middleware.Context
|
Context *middleware.Context
|
||||||
Handler GetServiceAccountPolicyHandler
|
Handler GetServiceAccountHandler
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *GetServiceAccountPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
func (o *GetServiceAccount) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
route, rCtx, _ := o.Context.RouteInfo(r)
|
route, rCtx, _ := o.Context.RouteInfo(r)
|
||||||
if rCtx != nil {
|
if rCtx != nil {
|
||||||
*r = *rCtx
|
*r = *rCtx
|
||||||
}
|
}
|
||||||
var Params = NewGetServiceAccountPolicyParams()
|
var Params = NewGetServiceAccountParams()
|
||||||
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
o.Context.Respond(rw, r, route.Produces, route, err)
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
@@ -30,19 +30,19 @@ import (
|
|||||||
"github.com/go-openapi/strfmt"
|
"github.com/go-openapi/strfmt"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewGetServiceAccountPolicyParams creates a new GetServiceAccountPolicyParams object
|
// NewGetServiceAccountParams creates a new GetServiceAccountParams object
|
||||||
//
|
//
|
||||||
// There are no default values defined in the spec.
|
// There are no default values defined in the spec.
|
||||||
func NewGetServiceAccountPolicyParams() GetServiceAccountPolicyParams {
|
func NewGetServiceAccountParams() GetServiceAccountParams {
|
||||||
|
|
||||||
return GetServiceAccountPolicyParams{}
|
return GetServiceAccountParams{}
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetServiceAccountPolicyParams contains all the bound params for the get service account policy operation
|
// GetServiceAccountParams contains all the bound params for the get service account operation
|
||||||
// typically these are obtained from a http.Request
|
// typically these are obtained from a http.Request
|
||||||
//
|
//
|
||||||
// swagger:parameters GetServiceAccountPolicy
|
// swagger:parameters GetServiceAccount
|
||||||
type GetServiceAccountPolicyParams struct {
|
type GetServiceAccountParams struct {
|
||||||
|
|
||||||
// HTTP Request Object
|
// HTTP Request Object
|
||||||
HTTPRequest *http.Request `json:"-"`
|
HTTPRequest *http.Request `json:"-"`
|
||||||
@@ -57,8 +57,8 @@ type GetServiceAccountPolicyParams struct {
|
|||||||
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
||||||
// for simple values it will use straight method calls.
|
// for simple values it will use straight method calls.
|
||||||
//
|
//
|
||||||
// To ensure default values, the struct must have been initialized with NewGetServiceAccountPolicyParams() beforehand.
|
// To ensure default values, the struct must have been initialized with NewGetServiceAccountParams() beforehand.
|
||||||
func (o *GetServiceAccountPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
func (o *GetServiceAccountParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
||||||
var res []error
|
var res []error
|
||||||
|
|
||||||
o.HTTPRequest = r
|
o.HTTPRequest = r
|
||||||
@@ -74,7 +74,7 @@ func (o *GetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
|
|||||||
}
|
}
|
||||||
|
|
||||||
// bindAccessKey binds and validates parameter AccessKey from path.
|
// bindAccessKey binds and validates parameter AccessKey from path.
|
||||||
func (o *GetServiceAccountPolicyParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
func (o *GetServiceAccountParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
var raw string
|
var raw string
|
||||||
if len(rawData) > 0 {
|
if len(rawData) > 0 {
|
||||||
raw = rawData[len(rawData)-1]
|
raw = rawData[len(rawData)-1]
|
||||||
@@ -1,133 +0,0 @@
|
|||||||
// Code generated by go-swagger; DO NOT EDIT.
|
|
||||||
|
|
||||||
// This file is part of MinIO Console Server
|
|
||||||
// Copyright (c) 2023 MinIO, Inc.
|
|
||||||
//
|
|
||||||
// This program is free software: you can redistribute it and/or modify
|
|
||||||
// it under the terms of the GNU Affero General Public License as published by
|
|
||||||
// the Free Software Foundation, either version 3 of the License, or
|
|
||||||
// (at your option) any later version.
|
|
||||||
//
|
|
||||||
// This program is distributed in the hope that it will be useful,
|
|
||||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
// GNU Affero General Public License for more details.
|
|
||||||
//
|
|
||||||
// You should have received a copy of the GNU Affero General Public License
|
|
||||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
//
|
|
||||||
|
|
||||||
package service_account
|
|
||||||
|
|
||||||
// This file was generated by the swagger tool.
|
|
||||||
// Editing this file might prove futile when you re-run the swagger generate command
|
|
||||||
|
|
||||||
import (
|
|
||||||
"net/http"
|
|
||||||
|
|
||||||
"github.com/go-openapi/runtime"
|
|
||||||
|
|
||||||
"github.com/minio/console/models"
|
|
||||||
)
|
|
||||||
|
|
||||||
// GetServiceAccountPolicyOKCode is the HTTP code returned for type GetServiceAccountPolicyOK
|
|
||||||
const GetServiceAccountPolicyOKCode int = 200
|
|
||||||
|
|
||||||
/*
|
|
||||||
GetServiceAccountPolicyOK A successful response.
|
|
||||||
|
|
||||||
swagger:response getServiceAccountPolicyOK
|
|
||||||
*/
|
|
||||||
type GetServiceAccountPolicyOK struct {
|
|
||||||
|
|
||||||
/*
|
|
||||||
In: Body
|
|
||||||
*/
|
|
||||||
Payload string `json:"body,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewGetServiceAccountPolicyOK creates GetServiceAccountPolicyOK with default headers values
|
|
||||||
func NewGetServiceAccountPolicyOK() *GetServiceAccountPolicyOK {
|
|
||||||
|
|
||||||
return &GetServiceAccountPolicyOK{}
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithPayload adds the payload to the get service account policy o k response
|
|
||||||
func (o *GetServiceAccountPolicyOK) WithPayload(payload string) *GetServiceAccountPolicyOK {
|
|
||||||
o.Payload = payload
|
|
||||||
return o
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetPayload sets the payload to the get service account policy o k response
|
|
||||||
func (o *GetServiceAccountPolicyOK) SetPayload(payload string) {
|
|
||||||
o.Payload = payload
|
|
||||||
}
|
|
||||||
|
|
||||||
// WriteResponse to the client
|
|
||||||
func (o *GetServiceAccountPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
|
||||||
|
|
||||||
rw.WriteHeader(200)
|
|
||||||
payload := o.Payload
|
|
||||||
if err := producer.Produce(rw, payload); err != nil {
|
|
||||||
panic(err) // let the recovery middleware deal with this
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
GetServiceAccountPolicyDefault Generic error response.
|
|
||||||
|
|
||||||
swagger:response getServiceAccountPolicyDefault
|
|
||||||
*/
|
|
||||||
type GetServiceAccountPolicyDefault struct {
|
|
||||||
_statusCode int
|
|
||||||
|
|
||||||
/*
|
|
||||||
In: Body
|
|
||||||
*/
|
|
||||||
Payload *models.APIError `json:"body,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewGetServiceAccountPolicyDefault creates GetServiceAccountPolicyDefault with default headers values
|
|
||||||
func NewGetServiceAccountPolicyDefault(code int) *GetServiceAccountPolicyDefault {
|
|
||||||
if code <= 0 {
|
|
||||||
code = 500
|
|
||||||
}
|
|
||||||
|
|
||||||
return &GetServiceAccountPolicyDefault{
|
|
||||||
_statusCode: code,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithStatusCode adds the status to the get service account policy default response
|
|
||||||
func (o *GetServiceAccountPolicyDefault) WithStatusCode(code int) *GetServiceAccountPolicyDefault {
|
|
||||||
o._statusCode = code
|
|
||||||
return o
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetStatusCode sets the status to the get service account policy default response
|
|
||||||
func (o *GetServiceAccountPolicyDefault) SetStatusCode(code int) {
|
|
||||||
o._statusCode = code
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithPayload adds the payload to the get service account policy default response
|
|
||||||
func (o *GetServiceAccountPolicyDefault) WithPayload(payload *models.APIError) *GetServiceAccountPolicyDefault {
|
|
||||||
o.Payload = payload
|
|
||||||
return o
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetPayload sets the payload to the get service account policy default response
|
|
||||||
func (o *GetServiceAccountPolicyDefault) SetPayload(payload *models.APIError) {
|
|
||||||
o.Payload = payload
|
|
||||||
}
|
|
||||||
|
|
||||||
// WriteResponse to the client
|
|
||||||
func (o *GetServiceAccountPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
|
||||||
|
|
||||||
rw.WriteHeader(o._statusCode)
|
|
||||||
if o.Payload != nil {
|
|
||||||
payload := o.Payload
|
|
||||||
if err := producer.Produce(rw, payload); err != nil {
|
|
||||||
panic(err) // let the recovery middleware deal with this
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -0,0 +1,135 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2023 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package service_account
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// GetServiceAccountOKCode is the HTTP code returned for type GetServiceAccountOK
|
||||||
|
const GetServiceAccountOKCode int = 200
|
||||||
|
|
||||||
|
/*
|
||||||
|
GetServiceAccountOK A successful response.
|
||||||
|
|
||||||
|
swagger:response getServiceAccountOK
|
||||||
|
*/
|
||||||
|
type GetServiceAccountOK struct {
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.ServiceAccount `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewGetServiceAccountOK creates GetServiceAccountOK with default headers values
|
||||||
|
func NewGetServiceAccountOK() *GetServiceAccountOK {
|
||||||
|
|
||||||
|
return &GetServiceAccountOK{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the get service account o k response
|
||||||
|
func (o *GetServiceAccountOK) WithPayload(payload *models.ServiceAccount) *GetServiceAccountOK {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the get service account o k response
|
||||||
|
func (o *GetServiceAccountOK) SetPayload(payload *models.ServiceAccount) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *GetServiceAccountOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(200)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
GetServiceAccountDefault Generic error response.
|
||||||
|
|
||||||
|
swagger:response getServiceAccountDefault
|
||||||
|
*/
|
||||||
|
type GetServiceAccountDefault struct {
|
||||||
|
_statusCode int
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.APIError `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewGetServiceAccountDefault creates GetServiceAccountDefault with default headers values
|
||||||
|
func NewGetServiceAccountDefault(code int) *GetServiceAccountDefault {
|
||||||
|
if code <= 0 {
|
||||||
|
code = 500
|
||||||
|
}
|
||||||
|
|
||||||
|
return &GetServiceAccountDefault{
|
||||||
|
_statusCode: code,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithStatusCode adds the status to the get service account default response
|
||||||
|
func (o *GetServiceAccountDefault) WithStatusCode(code int) *GetServiceAccountDefault {
|
||||||
|
o._statusCode = code
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetStatusCode sets the status to the get service account default response
|
||||||
|
func (o *GetServiceAccountDefault) SetStatusCode(code int) {
|
||||||
|
o._statusCode = code
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the get service account default response
|
||||||
|
func (o *GetServiceAccountDefault) WithPayload(payload *models.APIError) *GetServiceAccountDefault {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the get service account default response
|
||||||
|
func (o *GetServiceAccountDefault) SetPayload(payload *models.APIError) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *GetServiceAccountDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(o._statusCode)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -29,8 +29,8 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GetServiceAccountPolicyURL generates an URL for the get service account policy operation
|
// GetServiceAccountURL generates an URL for the get service account operation
|
||||||
type GetServiceAccountPolicyURL struct {
|
type GetServiceAccountURL struct {
|
||||||
AccessKey string
|
AccessKey string
|
||||||
|
|
||||||
_basePath string
|
_basePath string
|
||||||
@@ -41,7 +41,7 @@ type GetServiceAccountPolicyURL struct {
|
|||||||
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
// base path specified in the swagger spec.
|
// base path specified in the swagger spec.
|
||||||
// When the value of the base path is an empty string
|
// When the value of the base path is an empty string
|
||||||
func (o *GetServiceAccountPolicyURL) WithBasePath(bp string) *GetServiceAccountPolicyURL {
|
func (o *GetServiceAccountURL) WithBasePath(bp string) *GetServiceAccountURL {
|
||||||
o.SetBasePath(bp)
|
o.SetBasePath(bp)
|
||||||
return o
|
return o
|
||||||
}
|
}
|
||||||
@@ -49,21 +49,21 @@ func (o *GetServiceAccountPolicyURL) WithBasePath(bp string) *GetServiceAccountP
|
|||||||
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
// base path specified in the swagger spec.
|
// base path specified in the swagger spec.
|
||||||
// When the value of the base path is an empty string
|
// When the value of the base path is an empty string
|
||||||
func (o *GetServiceAccountPolicyURL) SetBasePath(bp string) {
|
func (o *GetServiceAccountURL) SetBasePath(bp string) {
|
||||||
o._basePath = bp
|
o._basePath = bp
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build a url path and query string
|
// Build a url path and query string
|
||||||
func (o *GetServiceAccountPolicyURL) Build() (*url.URL, error) {
|
func (o *GetServiceAccountURL) Build() (*url.URL, error) {
|
||||||
var _result url.URL
|
var _result url.URL
|
||||||
|
|
||||||
var _path = "/service-accounts/{access_key}/policy"
|
var _path = "/service-accounts/{access_key}"
|
||||||
|
|
||||||
accessKey := o.AccessKey
|
accessKey := o.AccessKey
|
||||||
if accessKey != "" {
|
if accessKey != "" {
|
||||||
_path = strings.Replace(_path, "{access_key}", accessKey, -1)
|
_path = strings.Replace(_path, "{access_key}", accessKey, -1)
|
||||||
} else {
|
} else {
|
||||||
return nil, errors.New("accessKey is required on GetServiceAccountPolicyURL")
|
return nil, errors.New("accessKey is required on GetServiceAccountURL")
|
||||||
}
|
}
|
||||||
|
|
||||||
_basePath := o._basePath
|
_basePath := o._basePath
|
||||||
@@ -76,7 +76,7 @@ func (o *GetServiceAccountPolicyURL) Build() (*url.URL, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must is a helper function to panic when the url builder returns an error
|
// Must is a helper function to panic when the url builder returns an error
|
||||||
func (o *GetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
|
func (o *GetServiceAccountURL) Must(u *url.URL, err error) *url.URL {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
@@ -87,17 +87,17 @@ func (o *GetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// String returns the string representation of the path with query string
|
// String returns the string representation of the path with query string
|
||||||
func (o *GetServiceAccountPolicyURL) String() string {
|
func (o *GetServiceAccountURL) String() string {
|
||||||
return o.Must(o.Build()).String()
|
return o.Must(o.Build()).String()
|
||||||
}
|
}
|
||||||
|
|
||||||
// BuildFull builds a full url with scheme, host, path and query string
|
// BuildFull builds a full url with scheme, host, path and query string
|
||||||
func (o *GetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, error) {
|
func (o *GetServiceAccountURL) BuildFull(scheme, host string) (*url.URL, error) {
|
||||||
if scheme == "" {
|
if scheme == "" {
|
||||||
return nil, errors.New("scheme is required for a full url on GetServiceAccountPolicyURL")
|
return nil, errors.New("scheme is required for a full url on GetServiceAccountURL")
|
||||||
}
|
}
|
||||||
if host == "" {
|
if host == "" {
|
||||||
return nil, errors.New("host is required for a full url on GetServiceAccountPolicyURL")
|
return nil, errors.New("host is required for a full url on GetServiceAccountURL")
|
||||||
}
|
}
|
||||||
|
|
||||||
base, err := o.Build()
|
base, err := o.Build()
|
||||||
@@ -111,6 +111,6 @@ func (o *GetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, e
|
|||||||
}
|
}
|
||||||
|
|
||||||
// StringFull returns the string representation of a complete url
|
// StringFull returns the string representation of a complete url
|
||||||
func (o *GetServiceAccountPolicyURL) StringFull(scheme, host string) string {
|
func (o *GetServiceAccountURL) StringFull(scheme, host string) string {
|
||||||
return o.Must(o.BuildFull(scheme, host)).String()
|
return o.Must(o.BuildFull(scheme, host)).String()
|
||||||
}
|
}
|
||||||
@@ -1,115 +0,0 @@
|
|||||||
// Code generated by go-swagger; DO NOT EDIT.
|
|
||||||
|
|
||||||
// This file is part of MinIO Console Server
|
|
||||||
// Copyright (c) 2023 MinIO, Inc.
|
|
||||||
//
|
|
||||||
// This program is free software: you can redistribute it and/or modify
|
|
||||||
// it under the terms of the GNU Affero General Public License as published by
|
|
||||||
// the Free Software Foundation, either version 3 of the License, or
|
|
||||||
// (at your option) any later version.
|
|
||||||
//
|
|
||||||
// This program is distributed in the hope that it will be useful,
|
|
||||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
// GNU Affero General Public License for more details.
|
|
||||||
//
|
|
||||||
// You should have received a copy of the GNU Affero General Public License
|
|
||||||
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
||||||
//
|
|
||||||
|
|
||||||
package service_account
|
|
||||||
|
|
||||||
// This file was generated by the swagger tool.
|
|
||||||
// Editing this file might prove futile when you re-run the swagger generate command
|
|
||||||
|
|
||||||
import (
|
|
||||||
"net/http"
|
|
||||||
|
|
||||||
"github.com/go-openapi/runtime"
|
|
||||||
|
|
||||||
"github.com/minio/console/models"
|
|
||||||
)
|
|
||||||
|
|
||||||
// SetServiceAccountPolicyOKCode is the HTTP code returned for type SetServiceAccountPolicyOK
|
|
||||||
const SetServiceAccountPolicyOKCode int = 200
|
|
||||||
|
|
||||||
/*
|
|
||||||
SetServiceAccountPolicyOK A successful response.
|
|
||||||
|
|
||||||
swagger:response setServiceAccountPolicyOK
|
|
||||||
*/
|
|
||||||
type SetServiceAccountPolicyOK struct {
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewSetServiceAccountPolicyOK creates SetServiceAccountPolicyOK with default headers values
|
|
||||||
func NewSetServiceAccountPolicyOK() *SetServiceAccountPolicyOK {
|
|
||||||
|
|
||||||
return &SetServiceAccountPolicyOK{}
|
|
||||||
}
|
|
||||||
|
|
||||||
// WriteResponse to the client
|
|
||||||
func (o *SetServiceAccountPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
|
||||||
|
|
||||||
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
|
|
||||||
|
|
||||||
rw.WriteHeader(200)
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
SetServiceAccountPolicyDefault Generic error response.
|
|
||||||
|
|
||||||
swagger:response setServiceAccountPolicyDefault
|
|
||||||
*/
|
|
||||||
type SetServiceAccountPolicyDefault struct {
|
|
||||||
_statusCode int
|
|
||||||
|
|
||||||
/*
|
|
||||||
In: Body
|
|
||||||
*/
|
|
||||||
Payload *models.APIError `json:"body,omitempty"`
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewSetServiceAccountPolicyDefault creates SetServiceAccountPolicyDefault with default headers values
|
|
||||||
func NewSetServiceAccountPolicyDefault(code int) *SetServiceAccountPolicyDefault {
|
|
||||||
if code <= 0 {
|
|
||||||
code = 500
|
|
||||||
}
|
|
||||||
|
|
||||||
return &SetServiceAccountPolicyDefault{
|
|
||||||
_statusCode: code,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithStatusCode adds the status to the set service account policy default response
|
|
||||||
func (o *SetServiceAccountPolicyDefault) WithStatusCode(code int) *SetServiceAccountPolicyDefault {
|
|
||||||
o._statusCode = code
|
|
||||||
return o
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetStatusCode sets the status to the set service account policy default response
|
|
||||||
func (o *SetServiceAccountPolicyDefault) SetStatusCode(code int) {
|
|
||||||
o._statusCode = code
|
|
||||||
}
|
|
||||||
|
|
||||||
// WithPayload adds the payload to the set service account policy default response
|
|
||||||
func (o *SetServiceAccountPolicyDefault) WithPayload(payload *models.APIError) *SetServiceAccountPolicyDefault {
|
|
||||||
o.Payload = payload
|
|
||||||
return o
|
|
||||||
}
|
|
||||||
|
|
||||||
// SetPayload sets the payload to the set service account policy default response
|
|
||||||
func (o *SetServiceAccountPolicyDefault) SetPayload(payload *models.APIError) {
|
|
||||||
o.Payload = payload
|
|
||||||
}
|
|
||||||
|
|
||||||
// WriteResponse to the client
|
|
||||||
func (o *SetServiceAccountPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
|
||||||
|
|
||||||
rw.WriteHeader(o._statusCode)
|
|
||||||
if o.Payload != nil {
|
|
||||||
payload := o.Payload
|
|
||||||
if err := producer.Produce(rw, payload); err != nil {
|
|
||||||
panic(err) // let the recovery middleware deal with this
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -30,40 +30,40 @@ import (
|
|||||||
"github.com/minio/console/models"
|
"github.com/minio/console/models"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SetServiceAccountPolicyHandlerFunc turns a function with the right signature into a set service account policy handler
|
// UpdateServiceAccountHandlerFunc turns a function with the right signature into a update service account handler
|
||||||
type SetServiceAccountPolicyHandlerFunc func(SetServiceAccountPolicyParams, *models.Principal) middleware.Responder
|
type UpdateServiceAccountHandlerFunc func(UpdateServiceAccountParams, *models.Principal) middleware.Responder
|
||||||
|
|
||||||
// Handle executing the request and returning a response
|
// Handle executing the request and returning a response
|
||||||
func (fn SetServiceAccountPolicyHandlerFunc) Handle(params SetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder {
|
func (fn UpdateServiceAccountHandlerFunc) Handle(params UpdateServiceAccountParams, principal *models.Principal) middleware.Responder {
|
||||||
return fn(params, principal)
|
return fn(params, principal)
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetServiceAccountPolicyHandler interface for that can handle valid set service account policy params
|
// UpdateServiceAccountHandler interface for that can handle valid update service account params
|
||||||
type SetServiceAccountPolicyHandler interface {
|
type UpdateServiceAccountHandler interface {
|
||||||
Handle(SetServiceAccountPolicyParams, *models.Principal) middleware.Responder
|
Handle(UpdateServiceAccountParams, *models.Principal) middleware.Responder
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewSetServiceAccountPolicy creates a new http.Handler for the set service account policy operation
|
// NewUpdateServiceAccount creates a new http.Handler for the update service account operation
|
||||||
func NewSetServiceAccountPolicy(ctx *middleware.Context, handler SetServiceAccountPolicyHandler) *SetServiceAccountPolicy {
|
func NewUpdateServiceAccount(ctx *middleware.Context, handler UpdateServiceAccountHandler) *UpdateServiceAccount {
|
||||||
return &SetServiceAccountPolicy{Context: ctx, Handler: handler}
|
return &UpdateServiceAccount{Context: ctx, Handler: handler}
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
SetServiceAccountPolicy swagger:route PUT /service-accounts/{access_key}/policy ServiceAccount setServiceAccountPolicy
|
UpdateServiceAccount swagger:route PUT /service-accounts/{access_key} ServiceAccount updateServiceAccount
|
||||||
|
|
||||||
Set Service Account Policy
|
Set Service Account Policy
|
||||||
*/
|
*/
|
||||||
type SetServiceAccountPolicy struct {
|
type UpdateServiceAccount struct {
|
||||||
Context *middleware.Context
|
Context *middleware.Context
|
||||||
Handler SetServiceAccountPolicyHandler
|
Handler UpdateServiceAccountHandler
|
||||||
}
|
}
|
||||||
|
|
||||||
func (o *SetServiceAccountPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
func (o *UpdateServiceAccount) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
|
||||||
route, rCtx, _ := o.Context.RouteInfo(r)
|
route, rCtx, _ := o.Context.RouteInfo(r)
|
||||||
if rCtx != nil {
|
if rCtx != nil {
|
||||||
*r = *rCtx
|
*r = *rCtx
|
||||||
}
|
}
|
||||||
var Params = NewSetServiceAccountPolicyParams()
|
var Params = NewUpdateServiceAccountParams()
|
||||||
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
uprinc, aCtx, err := o.Context.Authorize(r, route)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
o.Context.Respond(rw, r, route.Produces, route, err)
|
o.Context.Respond(rw, r, route.Produces, route, err)
|
||||||
@@ -35,19 +35,19 @@ import (
|
|||||||
"github.com/minio/console/models"
|
"github.com/minio/console/models"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewSetServiceAccountPolicyParams creates a new SetServiceAccountPolicyParams object
|
// NewUpdateServiceAccountParams creates a new UpdateServiceAccountParams object
|
||||||
//
|
//
|
||||||
// There are no default values defined in the spec.
|
// There are no default values defined in the spec.
|
||||||
func NewSetServiceAccountPolicyParams() SetServiceAccountPolicyParams {
|
func NewUpdateServiceAccountParams() UpdateServiceAccountParams {
|
||||||
|
|
||||||
return SetServiceAccountPolicyParams{}
|
return UpdateServiceAccountParams{}
|
||||||
}
|
}
|
||||||
|
|
||||||
// SetServiceAccountPolicyParams contains all the bound params for the set service account policy operation
|
// UpdateServiceAccountParams contains all the bound params for the update service account operation
|
||||||
// typically these are obtained from a http.Request
|
// typically these are obtained from a http.Request
|
||||||
//
|
//
|
||||||
// swagger:parameters SetServiceAccountPolicy
|
// swagger:parameters UpdateServiceAccount
|
||||||
type SetServiceAccountPolicyParams struct {
|
type UpdateServiceAccountParams struct {
|
||||||
|
|
||||||
// HTTP Request Object
|
// HTTP Request Object
|
||||||
HTTPRequest *http.Request `json:"-"`
|
HTTPRequest *http.Request `json:"-"`
|
||||||
@@ -61,14 +61,14 @@ type SetServiceAccountPolicyParams struct {
|
|||||||
Required: true
|
Required: true
|
||||||
In: body
|
In: body
|
||||||
*/
|
*/
|
||||||
Policy *models.AddServiceAccountPolicyRequest
|
Body *models.UpdateServiceAccountRequest
|
||||||
}
|
}
|
||||||
|
|
||||||
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
|
||||||
// for simple values it will use straight method calls.
|
// for simple values it will use straight method calls.
|
||||||
//
|
//
|
||||||
// To ensure default values, the struct must have been initialized with NewSetServiceAccountPolicyParams() beforehand.
|
// To ensure default values, the struct must have been initialized with NewUpdateServiceAccountParams() beforehand.
|
||||||
func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
func (o *UpdateServiceAccountParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
|
||||||
var res []error
|
var res []error
|
||||||
|
|
||||||
o.HTTPRequest = r
|
o.HTTPRequest = r
|
||||||
@@ -80,12 +80,12 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
|
|||||||
|
|
||||||
if runtime.HasBody(r) {
|
if runtime.HasBody(r) {
|
||||||
defer r.Body.Close()
|
defer r.Body.Close()
|
||||||
var body models.AddServiceAccountPolicyRequest
|
var body models.UpdateServiceAccountRequest
|
||||||
if err := route.Consumer.Consume(r.Body, &body); err != nil {
|
if err := route.Consumer.Consume(r.Body, &body); err != nil {
|
||||||
if err == io.EOF {
|
if err == io.EOF {
|
||||||
res = append(res, errors.Required("policy", "body", ""))
|
res = append(res, errors.Required("body", "body", ""))
|
||||||
} else {
|
} else {
|
||||||
res = append(res, errors.NewParseError("policy", "body", "", err))
|
res = append(res, errors.NewParseError("body", "body", "", err))
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
// validate body object
|
// validate body object
|
||||||
@@ -99,11 +99,11 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
|
|||||||
}
|
}
|
||||||
|
|
||||||
if len(res) == 0 {
|
if len(res) == 0 {
|
||||||
o.Policy = &body
|
o.Body = &body
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
res = append(res, errors.Required("policy", "body", ""))
|
res = append(res, errors.Required("body", "body", ""))
|
||||||
}
|
}
|
||||||
if len(res) > 0 {
|
if len(res) > 0 {
|
||||||
return errors.CompositeValidationError(res...)
|
return errors.CompositeValidationError(res...)
|
||||||
@@ -112,7 +112,7 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
|
|||||||
}
|
}
|
||||||
|
|
||||||
// bindAccessKey binds and validates parameter AccessKey from path.
|
// bindAccessKey binds and validates parameter AccessKey from path.
|
||||||
func (o *SetServiceAccountPolicyParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
func (o *UpdateServiceAccountParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
|
||||||
var raw string
|
var raw string
|
||||||
if len(rawData) > 0 {
|
if len(rawData) > 0 {
|
||||||
raw = rawData[len(rawData)-1]
|
raw = rawData[len(rawData)-1]
|
||||||
@@ -0,0 +1,115 @@
|
|||||||
|
// Code generated by go-swagger; DO NOT EDIT.
|
||||||
|
|
||||||
|
// This file is part of MinIO Console Server
|
||||||
|
// Copyright (c) 2023 MinIO, Inc.
|
||||||
|
//
|
||||||
|
// This program is free software: you can redistribute it and/or modify
|
||||||
|
// it under the terms of the GNU Affero General Public License as published by
|
||||||
|
// the Free Software Foundation, either version 3 of the License, or
|
||||||
|
// (at your option) any later version.
|
||||||
|
//
|
||||||
|
// This program is distributed in the hope that it will be useful,
|
||||||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
// GNU Affero General Public License for more details.
|
||||||
|
//
|
||||||
|
// You should have received a copy of the GNU Affero General Public License
|
||||||
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
//
|
||||||
|
|
||||||
|
package service_account
|
||||||
|
|
||||||
|
// This file was generated by the swagger tool.
|
||||||
|
// Editing this file might prove futile when you re-run the swagger generate command
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/go-openapi/runtime"
|
||||||
|
|
||||||
|
"github.com/minio/console/models"
|
||||||
|
)
|
||||||
|
|
||||||
|
// UpdateServiceAccountOKCode is the HTTP code returned for type UpdateServiceAccountOK
|
||||||
|
const UpdateServiceAccountOKCode int = 200
|
||||||
|
|
||||||
|
/*
|
||||||
|
UpdateServiceAccountOK A successful response.
|
||||||
|
|
||||||
|
swagger:response updateServiceAccountOK
|
||||||
|
*/
|
||||||
|
type UpdateServiceAccountOK struct {
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewUpdateServiceAccountOK creates UpdateServiceAccountOK with default headers values
|
||||||
|
func NewUpdateServiceAccountOK() *UpdateServiceAccountOK {
|
||||||
|
|
||||||
|
return &UpdateServiceAccountOK{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *UpdateServiceAccountOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
|
||||||
|
|
||||||
|
rw.WriteHeader(200)
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
UpdateServiceAccountDefault Generic error response.
|
||||||
|
|
||||||
|
swagger:response updateServiceAccountDefault
|
||||||
|
*/
|
||||||
|
type UpdateServiceAccountDefault struct {
|
||||||
|
_statusCode int
|
||||||
|
|
||||||
|
/*
|
||||||
|
In: Body
|
||||||
|
*/
|
||||||
|
Payload *models.APIError `json:"body,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewUpdateServiceAccountDefault creates UpdateServiceAccountDefault with default headers values
|
||||||
|
func NewUpdateServiceAccountDefault(code int) *UpdateServiceAccountDefault {
|
||||||
|
if code <= 0 {
|
||||||
|
code = 500
|
||||||
|
}
|
||||||
|
|
||||||
|
return &UpdateServiceAccountDefault{
|
||||||
|
_statusCode: code,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithStatusCode adds the status to the update service account default response
|
||||||
|
func (o *UpdateServiceAccountDefault) WithStatusCode(code int) *UpdateServiceAccountDefault {
|
||||||
|
o._statusCode = code
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetStatusCode sets the status to the update service account default response
|
||||||
|
func (o *UpdateServiceAccountDefault) SetStatusCode(code int) {
|
||||||
|
o._statusCode = code
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithPayload adds the payload to the update service account default response
|
||||||
|
func (o *UpdateServiceAccountDefault) WithPayload(payload *models.APIError) *UpdateServiceAccountDefault {
|
||||||
|
o.Payload = payload
|
||||||
|
return o
|
||||||
|
}
|
||||||
|
|
||||||
|
// SetPayload sets the payload to the update service account default response
|
||||||
|
func (o *UpdateServiceAccountDefault) SetPayload(payload *models.APIError) {
|
||||||
|
o.Payload = payload
|
||||||
|
}
|
||||||
|
|
||||||
|
// WriteResponse to the client
|
||||||
|
func (o *UpdateServiceAccountDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
|
||||||
|
|
||||||
|
rw.WriteHeader(o._statusCode)
|
||||||
|
if o.Payload != nil {
|
||||||
|
payload := o.Payload
|
||||||
|
if err := producer.Produce(rw, payload); err != nil {
|
||||||
|
panic(err) // let the recovery middleware deal with this
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -29,8 +29,8 @@ import (
|
|||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SetServiceAccountPolicyURL generates an URL for the set service account policy operation
|
// UpdateServiceAccountURL generates an URL for the update service account operation
|
||||||
type SetServiceAccountPolicyURL struct {
|
type UpdateServiceAccountURL struct {
|
||||||
AccessKey string
|
AccessKey string
|
||||||
|
|
||||||
_basePath string
|
_basePath string
|
||||||
@@ -41,7 +41,7 @@ type SetServiceAccountPolicyURL struct {
|
|||||||
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
// WithBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
// base path specified in the swagger spec.
|
// base path specified in the swagger spec.
|
||||||
// When the value of the base path is an empty string
|
// When the value of the base path is an empty string
|
||||||
func (o *SetServiceAccountPolicyURL) WithBasePath(bp string) *SetServiceAccountPolicyURL {
|
func (o *UpdateServiceAccountURL) WithBasePath(bp string) *UpdateServiceAccountURL {
|
||||||
o.SetBasePath(bp)
|
o.SetBasePath(bp)
|
||||||
return o
|
return o
|
||||||
}
|
}
|
||||||
@@ -49,21 +49,21 @@ func (o *SetServiceAccountPolicyURL) WithBasePath(bp string) *SetServiceAccountP
|
|||||||
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
// SetBasePath sets the base path for this url builder, only required when it's different from the
|
||||||
// base path specified in the swagger spec.
|
// base path specified in the swagger spec.
|
||||||
// When the value of the base path is an empty string
|
// When the value of the base path is an empty string
|
||||||
func (o *SetServiceAccountPolicyURL) SetBasePath(bp string) {
|
func (o *UpdateServiceAccountURL) SetBasePath(bp string) {
|
||||||
o._basePath = bp
|
o._basePath = bp
|
||||||
}
|
}
|
||||||
|
|
||||||
// Build a url path and query string
|
// Build a url path and query string
|
||||||
func (o *SetServiceAccountPolicyURL) Build() (*url.URL, error) {
|
func (o *UpdateServiceAccountURL) Build() (*url.URL, error) {
|
||||||
var _result url.URL
|
var _result url.URL
|
||||||
|
|
||||||
var _path = "/service-accounts/{access_key}/policy"
|
var _path = "/service-accounts/{access_key}"
|
||||||
|
|
||||||
accessKey := o.AccessKey
|
accessKey := o.AccessKey
|
||||||
if accessKey != "" {
|
if accessKey != "" {
|
||||||
_path = strings.Replace(_path, "{access_key}", accessKey, -1)
|
_path = strings.Replace(_path, "{access_key}", accessKey, -1)
|
||||||
} else {
|
} else {
|
||||||
return nil, errors.New("accessKey is required on SetServiceAccountPolicyURL")
|
return nil, errors.New("accessKey is required on UpdateServiceAccountURL")
|
||||||
}
|
}
|
||||||
|
|
||||||
_basePath := o._basePath
|
_basePath := o._basePath
|
||||||
@@ -76,7 +76,7 @@ func (o *SetServiceAccountPolicyURL) Build() (*url.URL, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must is a helper function to panic when the url builder returns an error
|
// Must is a helper function to panic when the url builder returns an error
|
||||||
func (o *SetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
|
func (o *UpdateServiceAccountURL) Must(u *url.URL, err error) *url.URL {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
@@ -87,17 +87,17 @@ func (o *SetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// String returns the string representation of the path with query string
|
// String returns the string representation of the path with query string
|
||||||
func (o *SetServiceAccountPolicyURL) String() string {
|
func (o *UpdateServiceAccountURL) String() string {
|
||||||
return o.Must(o.Build()).String()
|
return o.Must(o.Build()).String()
|
||||||
}
|
}
|
||||||
|
|
||||||
// BuildFull builds a full url with scheme, host, path and query string
|
// BuildFull builds a full url with scheme, host, path and query string
|
||||||
func (o *SetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, error) {
|
func (o *UpdateServiceAccountURL) BuildFull(scheme, host string) (*url.URL, error) {
|
||||||
if scheme == "" {
|
if scheme == "" {
|
||||||
return nil, errors.New("scheme is required for a full url on SetServiceAccountPolicyURL")
|
return nil, errors.New("scheme is required for a full url on UpdateServiceAccountURL")
|
||||||
}
|
}
|
||||||
if host == "" {
|
if host == "" {
|
||||||
return nil, errors.New("host is required for a full url on SetServiceAccountPolicyURL")
|
return nil, errors.New("host is required for a full url on UpdateServiceAccountURL")
|
||||||
}
|
}
|
||||||
|
|
||||||
base, err := o.Build()
|
base, err := o.Build()
|
||||||
@@ -111,6 +111,6 @@ func (o *SetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, e
|
|||||||
}
|
}
|
||||||
|
|
||||||
// StringFull returns the string representation of a complete url
|
// StringFull returns the string representation of a complete url
|
||||||
func (o *SetServiceAccountPolicyURL) StringFull(scheme, host string) string {
|
func (o *UpdateServiceAccountURL) StringFull(scheme, host string) string {
|
||||||
return o.Must(o.BuildFull(scheme, host)).String()
|
return o.Must(o.BuildFull(scheme, host)).String()
|
||||||
}
|
}
|
||||||
@@ -96,20 +96,20 @@ func registerServiceAccountsHandlers(api *operations.ConsoleAPI) {
|
|||||||
return saApi.NewListUserServiceAccountsOK().WithPayload(serviceAccounts)
|
return saApi.NewListUserServiceAccountsOK().WithPayload(serviceAccounts)
|
||||||
})
|
})
|
||||||
|
|
||||||
api.ServiceAccountGetServiceAccountPolicyHandler = saApi.GetServiceAccountPolicyHandlerFunc(func(params saApi.GetServiceAccountPolicyParams, session *models.Principal) middleware.Responder {
|
api.ServiceAccountGetServiceAccountHandler = saApi.GetServiceAccountHandlerFunc(func(params saApi.GetServiceAccountParams, session *models.Principal) middleware.Responder {
|
||||||
serviceAccounts, err := getServiceAccountPolicyResponse(session, params)
|
serviceAccounts, err := getServiceAccountInfo(session, params)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return saApi.NewGetServiceAccountPolicyDefault(err.Code).WithPayload(err.APIError)
|
return saApi.NewGetServiceAccountDefault(err.Code).WithPayload(err.APIError)
|
||||||
}
|
}
|
||||||
return saApi.NewGetServiceAccountPolicyOK().WithPayload(serviceAccounts)
|
return saApi.NewGetServiceAccountOK().WithPayload(serviceAccounts)
|
||||||
})
|
})
|
||||||
|
|
||||||
api.ServiceAccountSetServiceAccountPolicyHandler = saApi.SetServiceAccountPolicyHandlerFunc(func(params saApi.SetServiceAccountPolicyParams, session *models.Principal) middleware.Responder {
|
api.ServiceAccountUpdateServiceAccountHandler = saApi.UpdateServiceAccountHandlerFunc(func(params saApi.UpdateServiceAccountParams, session *models.Principal) middleware.Responder {
|
||||||
err := getSetServiceAccountPolicyResponse(session, params)
|
err := updateSetServiceAccountResponse(session, params)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return saApi.NewSetServiceAccountPolicyDefault(err.Code).WithPayload(err.APIError)
|
return saApi.NewUpdateServiceAccountDefault(err.Code).WithPayload(err.APIError)
|
||||||
}
|
}
|
||||||
return saApi.NewSetServiceAccountPolicyOK()
|
return saApi.NewUpdateServiceAccountOK()
|
||||||
})
|
})
|
||||||
|
|
||||||
// Delete multiple service accounts
|
// Delete multiple service accounts
|
||||||
@@ -122,7 +122,7 @@ func registerServiceAccountsHandlers(api *operations.ConsoleAPI) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// createServiceAccount adds a service account to the userClient and assigns a policy to him if defined.
|
// createServiceAccount adds a service account to the userClient and assigns a policy to him if defined.
|
||||||
func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy string) (*models.ServiceAccountCreds, error) {
|
func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
|
||||||
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
||||||
// we override with the user provided iam policy
|
// we override with the user provided iam policy
|
||||||
var iamPolicy *iampolicy.Policy
|
var iamPolicy *iampolicy.Policy
|
||||||
@@ -133,7 +133,7 @@ func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy str
|
|||||||
}
|
}
|
||||||
iamPolicy = iamp
|
iamPolicy = iamp
|
||||||
}
|
}
|
||||||
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", "", "")
|
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", "", "", name, description, expiry, comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@@ -141,7 +141,7 @@ func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy str
|
|||||||
}
|
}
|
||||||
|
|
||||||
// createServiceAccount adds a service account with the given credentials to the userClient and assigns a policy to him if defined.
|
// createServiceAccount adds a service account with the given credentials to the userClient and assigns a policy to him if defined.
|
||||||
func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, accessKey string, secretKey string) (*models.ServiceAccountCreds, error) {
|
func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
|
||||||
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
||||||
// we override with the user provided iam policy
|
// we override with the user provided iam policy
|
||||||
var iamPolicy *iampolicy.Policy
|
var iamPolicy *iampolicy.Policy
|
||||||
@@ -152,7 +152,7 @@ func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, polic
|
|||||||
}
|
}
|
||||||
iamPolicy = iamp
|
iamPolicy = iamp
|
||||||
}
|
}
|
||||||
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", accessKey, secretKey)
|
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", accessKey, secretKey, name, description, expiry, comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@@ -174,7 +174,14 @@ func getCreateServiceAccountResponse(session *models.Principal, params saApi.Cre
|
|||||||
// defining the client to be used
|
// defining the client to be used
|
||||||
userAdminClient := AdminClient{Client: userAdmin}
|
userAdminClient := AdminClient{Client: userAdmin}
|
||||||
|
|
||||||
saCreds, err := createServiceAccount(ctx, userAdminClient, params.Body.Policy)
|
var parsedExpiry time.Time
|
||||||
|
if params.Body.Expiry != "" {
|
||||||
|
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrorWithContext(ctx, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
saCreds, err := createServiceAccount(ctx, userAdminClient, params.Body.Policy, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
@@ -182,7 +189,7 @@ func getCreateServiceAccountResponse(session *models.Principal, params saApi.Cre
|
|||||||
}
|
}
|
||||||
|
|
||||||
// createServiceAccount adds a service account to a given user and assigns a policy to him if defined.
|
// createServiceAccount adds a service account to a given user and assigns a policy to him if defined.
|
||||||
func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, user string) (*models.ServiceAccountCreds, error) {
|
func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, user string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
|
||||||
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
||||||
// we override with the user provided iam policy
|
// we override with the user provided iam policy
|
||||||
var iamPolicy *iampolicy.Policy
|
var iamPolicy *iampolicy.Policy
|
||||||
@@ -194,14 +201,14 @@ func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, polic
|
|||||||
iamPolicy = iamp
|
iamPolicy = iamp
|
||||||
}
|
}
|
||||||
|
|
||||||
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, "", "")
|
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, "", "", name, description, expiry, comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &models.ServiceAccountCreds{AccessKey: creds.AccessKey, SecretKey: creds.SecretKey, URL: getMinIOServer()}, nil
|
return &models.ServiceAccountCreds{AccessKey: creds.AccessKey, SecretKey: creds.SecretKey, URL: getMinIOServer()}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, user string, accessKey string, secretKey string) (*models.ServiceAccountCreds, error) {
|
func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
|
||||||
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise
|
||||||
// we override with the user provided iam policy
|
// we override with the user provided iam policy
|
||||||
var iamPolicy *iampolicy.Policy
|
var iamPolicy *iampolicy.Policy
|
||||||
@@ -213,7 +220,7 @@ func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin,
|
|||||||
iamPolicy = iamp
|
iamPolicy = iamp
|
||||||
}
|
}
|
||||||
|
|
||||||
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, accessKey, secretKey)
|
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, accessKey, secretKey, name, description, expiry, comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@@ -238,7 +245,15 @@ func getCreateAUserServiceAccountResponse(session *models.Principal, params user
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
saCreds, err := createAUserServiceAccount(ctx, userAdminClient, params.Body.Policy, name)
|
|
||||||
|
var parsedExpiry time.Time
|
||||||
|
if params.Body.Expiry != "" {
|
||||||
|
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrorWithContext(ctx, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
saCreds, err := createAUserServiceAccount(ctx, userAdminClient, params.Body.Policy, name, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
@@ -275,7 +290,15 @@ func getCreateAUserServiceAccountCredsResponse(session *models.Principal, params
|
|||||||
return nil, ErrorWithContext(ctx, errors.New("Access Key already in use"))
|
return nil, ErrorWithContext(ctx, errors.New("Access Key already in use"))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
saCreds, err := createAUserServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, user, serviceAccount.AccessKey, serviceAccount.SecretKey)
|
|
||||||
|
var parsedExpiry time.Time
|
||||||
|
if serviceAccount.Expiry != "" {
|
||||||
|
parsedExpiry, err = time.Parse(time.RFC3339, serviceAccount.Expiry)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrorWithContext(ctx, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
saCreds, err := createAUserServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, user, serviceAccount.AccessKey, serviceAccount.SecretKey, serviceAccount.Name, serviceAccount.Description, &parsedExpiry, serviceAccount.Comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
@@ -309,7 +332,15 @@ func getCreateServiceAccountCredsResponse(session *models.Principal, params saAp
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
saCreds, err := createServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, serviceAccount.AccessKey, serviceAccount.SecretKey)
|
var parsedExpiry time.Time
|
||||||
|
if params.Body.Expiry != "" {
|
||||||
|
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrorWithContext(ctx, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
saCreds, err := createServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, serviceAccount.AccessKey, serviceAccount.SecretKey, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
@@ -392,60 +423,89 @@ func getDeleteServiceAccountResponse(session *models.Principal, params saApi.Del
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// getServiceAccountPolicy gets policy for a service account
|
// getServiceAccountDetails gets policy for a service account
|
||||||
func getServiceAccountPolicy(ctx context.Context, userClient MinioAdmin, accessKey string) (string, error) {
|
func getServiceAccountDetails(ctx context.Context, userClient MinioAdmin, accessKey string) (*models.ServiceAccount, error) {
|
||||||
serviceAccountInfo, err := userClient.infoServiceAccount(ctx, accessKey)
|
saInfo, err := userClient.infoServiceAccount(ctx, accessKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return nil, err
|
||||||
}
|
|
||||||
var policy iampolicy.Policy
|
|
||||||
json.Unmarshal([]byte(serviceAccountInfo.Policy), &policy)
|
|
||||||
if policy.Statements == nil {
|
|
||||||
return "", nil
|
|
||||||
}
|
|
||||||
return serviceAccountInfo.Policy, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// getServiceAccountPolicyResponse authenticates the user and calls
|
var policyJSON string
|
||||||
// getServiceAccountPolicy to get the policy for a service account
|
var policy iampolicy.Policy
|
||||||
func getServiceAccountPolicyResponse(session *models.Principal, params saApi.GetServiceAccountPolicyParams) (string, *CodedAPIError) {
|
json.Unmarshal([]byte(saInfo.Policy), &policy)
|
||||||
|
if policy.Statements == nil {
|
||||||
|
policyJSON = ""
|
||||||
|
} else {
|
||||||
|
policyJSON = saInfo.Policy
|
||||||
|
}
|
||||||
|
|
||||||
|
expiry := ""
|
||||||
|
if saInfo.Expiration != nil {
|
||||||
|
expiry = saInfo.Expiration.Format(time.RFC3339)
|
||||||
|
}
|
||||||
|
|
||||||
|
sa := models.ServiceAccount{
|
||||||
|
AccountStatus: saInfo.AccountStatus,
|
||||||
|
Description: saInfo.Description,
|
||||||
|
Expiration: expiry,
|
||||||
|
ImpliedPolicy: saInfo.ImpliedPolicy,
|
||||||
|
Name: saInfo.Name,
|
||||||
|
ParentUser: saInfo.ParentUser,
|
||||||
|
Policy: policyJSON,
|
||||||
|
}
|
||||||
|
return &sa, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// getServiceAccountInfo authenticates the user and calls
|
||||||
|
// getServiceAccountInfo to get the policy for a service account
|
||||||
|
func getServiceAccountInfo(session *models.Principal, params saApi.GetServiceAccountParams) (*models.ServiceAccount, *CodedAPIError) {
|
||||||
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
|
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
accessKey, err := utils.DecodeBase64(params.AccessKey)
|
accessKey, err := utils.DecodeBase64(params.AccessKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
|
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
// create a MinIO user Admin Client interface implementation
|
// create a MinIO user Admin Client interface implementation
|
||||||
// defining the client to be used
|
// defining the client to be used
|
||||||
userAdminClient := AdminClient{Client: userAdmin}
|
userAdminClient := AdminClient{Client: userAdmin}
|
||||||
|
|
||||||
serviceAccounts, err := getServiceAccountPolicy(ctx, userAdminClient, accessKey)
|
serviceAccount, err := getServiceAccountDetails(ctx, userAdminClient, accessKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", ErrorWithContext(ctx, err)
|
return nil, ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
return serviceAccounts, nil
|
|
||||||
|
return serviceAccount, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// setServiceAccountPolicy sets policy for a service account
|
// setServiceAccountPolicy sets policy for a service account
|
||||||
func setServiceAccountPolicy(ctx context.Context, userClient MinioAdmin, accessKey string, policy string) error {
|
func updateServiceAccountDetails(ctx context.Context, userClient MinioAdmin, accessKey string, policy string, expiry time.Time, name string, description string, status string, secretKey string) error {
|
||||||
err := userClient.updateServiceAccount(ctx, accessKey, madmin.UpdateServiceAccountReq{NewPolicy: json.RawMessage(policy)})
|
req := madmin.UpdateServiceAccountReq{
|
||||||
|
NewPolicy: json.RawMessage(policy),
|
||||||
|
NewSecretKey: secretKey,
|
||||||
|
NewStatus: status,
|
||||||
|
NewName: name,
|
||||||
|
NewDescription: description,
|
||||||
|
NewExpiration: &expiry,
|
||||||
|
}
|
||||||
|
|
||||||
|
err := userClient.updateServiceAccount(ctx, accessKey, req)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
// getSetServiceAccountPolicyResponse authenticates the user and calls
|
// updateSetServiceAccountResponse authenticates the user and calls
|
||||||
// getSetServiceAccountPolicy to set the policy for a service account
|
// getSetServiceAccountPolicy to set the policy for a service account
|
||||||
func getSetServiceAccountPolicyResponse(session *models.Principal, params saApi.SetServiceAccountPolicyParams) *CodedAPIError {
|
func updateSetServiceAccountResponse(session *models.Principal, params saApi.UpdateServiceAccountParams) *CodedAPIError {
|
||||||
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
|
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
accessKey, err := utils.DecodeBase64(params.AccessKey)
|
accessKey, err := utils.DecodeBase64(params.AccessKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ErrorWithContext(ctx, err)
|
return ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
policy := *params.Policy.Policy
|
policy := *params.Body.Policy
|
||||||
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
|
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ErrorWithContext(ctx, err)
|
return ErrorWithContext(ctx, err)
|
||||||
@@ -454,7 +514,14 @@ func getSetServiceAccountPolicyResponse(session *models.Principal, params saApi.
|
|||||||
// defining the client to be used
|
// defining the client to be used
|
||||||
userAdminClient := AdminClient{Client: userAdmin}
|
userAdminClient := AdminClient{Client: userAdmin}
|
||||||
|
|
||||||
err = setServiceAccountPolicy(ctx, userAdminClient, accessKey, policy)
|
var parsedExpiry time.Time
|
||||||
|
if params.Body.Expiry != "" {
|
||||||
|
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
|
||||||
|
if err != nil {
|
||||||
|
return ErrorWithContext(ctx, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
err = updateServiceAccountDetails(ctx, userAdminClient, accessKey, policy, parsedExpiry, params.Body.Name, params.Body.Description, params.Body.Status, params.Body.SecretKey)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ErrorWithContext(ctx, err)
|
return ErrorWithContext(ctx, err)
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -21,6 +21,7 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"testing"
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/minio/madmin-go/v3"
|
"github.com/minio/madmin-go/v3"
|
||||||
iampolicy "github.com/minio/pkg/v2/policy"
|
iampolicy "github.com/minio/pkg/v2/policy"
|
||||||
@@ -40,10 +41,10 @@ func TestAddServiceAccount(t *testing.T) {
|
|||||||
AccessKey: "minio",
|
AccessKey: "minio",
|
||||||
SecretKey: "minio123",
|
SecretKey: "minio123",
|
||||||
}
|
}
|
||||||
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) {
|
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
|
||||||
return mockResponse, nil
|
return mockResponse, nil
|
||||||
}
|
}
|
||||||
saCreds, err := createServiceAccount(ctx, client, policyDefinition)
|
saCreds, err := createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
|
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
|
||||||
}
|
}
|
||||||
@@ -56,10 +57,10 @@ func TestAddServiceAccount(t *testing.T) {
|
|||||||
AccessKey: "minio",
|
AccessKey: "minio",
|
||||||
SecretKey: "minio123",
|
SecretKey: "minio123",
|
||||||
}
|
}
|
||||||
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) {
|
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
|
||||||
return mockResponse, nil
|
return mockResponse, nil
|
||||||
}
|
}
|
||||||
_, err = createServiceAccount(ctx, client, policyDefinition)
|
_, err = createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
|
||||||
assert.Error(err)
|
assert.Error(err)
|
||||||
|
|
||||||
// Test-3: if an error occurs on server while creating service account (valid policy), handle it
|
// Test-3: if an error occurs on server while creating service account (valid policy), handle it
|
||||||
@@ -68,10 +69,10 @@ func TestAddServiceAccount(t *testing.T) {
|
|||||||
AccessKey: "minio",
|
AccessKey: "minio",
|
||||||
SecretKey: "minio123",
|
SecretKey: "minio123",
|
||||||
}
|
}
|
||||||
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) {
|
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
|
||||||
return madmin.Credentials{}, errors.New("error")
|
return madmin.Credentials{}, errors.New("error")
|
||||||
}
|
}
|
||||||
_, err = createServiceAccount(ctx, client, policyDefinition)
|
_, err = createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
|
||||||
if assert.Error(err) {
|
if assert.Error(err) {
|
||||||
assert.Equal("error", err.Error())
|
assert.Equal("error", err.Error())
|
||||||
}
|
}
|
||||||
@@ -153,11 +154,11 @@ func TestDeleteServiceAccount(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestGetServiceAccountPolicy(t *testing.T) {
|
func TestGetServiceAccountDetails(t *testing.T) {
|
||||||
assert := assert.New(t)
|
assert := assert.New(t)
|
||||||
// mock minIO client
|
// mock minIO client
|
||||||
client := AdminClientMock{}
|
client := AdminClientMock{}
|
||||||
function := "getServiceAccountPolicy()"
|
function := "getServiceAccountDetails()"
|
||||||
|
|
||||||
// Test-1: getServiceAccountPolicy list serviceaccounts for a user
|
// Test-1: getServiceAccountPolicy list serviceaccounts for a user
|
||||||
ctx, cancel := context.WithCancel(context.Background())
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
@@ -183,17 +184,17 @@ func TestGetServiceAccountPolicy(t *testing.T) {
|
|||||||
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
|
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
|
||||||
return mockResponse, nil
|
return mockResponse, nil
|
||||||
}
|
}
|
||||||
serviceAccount, err := getServiceAccountPolicy(ctx, client, "")
|
serviceAccount, err := getServiceAccountDetails(ctx, client, "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
|
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
|
||||||
}
|
}
|
||||||
assert.Equal(mockResponse.Policy, serviceAccount)
|
assert.Equal(mockResponse.Policy, serviceAccount.Policy)
|
||||||
|
|
||||||
// Test-2: getServiceAccountPolicy returns an error, handle it properly
|
// Test-2: getServiceAccountPolicy returns an error, handle it properly
|
||||||
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
|
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
|
||||||
return madmin.InfoServiceAccountResp{}, errors.New("error")
|
return madmin.InfoServiceAccountResp{}, errors.New("error")
|
||||||
}
|
}
|
||||||
_, err = getServiceAccountPolicy(ctx, client, "")
|
_, err = getServiceAccountDetails(ctx, client, "")
|
||||||
if assert.Error(err) {
|
if assert.Error(err) {
|
||||||
assert.Equal("error", err.Error())
|
assert.Equal("error", err.Error())
|
||||||
}
|
}
|
||||||
|
|||||||
95
swagger.yml
95
swagger.yml
@@ -1416,25 +1416,6 @@ paths:
|
|||||||
tags:
|
tags:
|
||||||
- ServiceAccount
|
- ServiceAccount
|
||||||
|
|
||||||
/service-accounts/{access_key}:
|
|
||||||
delete:
|
|
||||||
summary: Delete Service Account
|
|
||||||
operationId: DeleteServiceAccount
|
|
||||||
parameters:
|
|
||||||
- name: access_key
|
|
||||||
in: path
|
|
||||||
required: true
|
|
||||||
type: string
|
|
||||||
responses:
|
|
||||||
204:
|
|
||||||
description: A successful response.
|
|
||||||
default:
|
|
||||||
description: Generic error response.
|
|
||||||
schema:
|
|
||||||
$ref: "#/definitions/ApiError"
|
|
||||||
tags:
|
|
||||||
- ServiceAccount
|
|
||||||
|
|
||||||
/service-accounts/delete-multi:
|
/service-accounts/delete-multi:
|
||||||
delete:
|
delete:
|
||||||
summary: Delete Multiple Service Accounts
|
summary: Delete Multiple Service Accounts
|
||||||
@@ -1457,10 +1438,10 @@ paths:
|
|||||||
tags:
|
tags:
|
||||||
- ServiceAccount
|
- ServiceAccount
|
||||||
|
|
||||||
/service-accounts/{access_key}/policy:
|
/service-accounts/{access_key}:
|
||||||
get:
|
get:
|
||||||
summary: Get Service Account Policy
|
summary: Get Service Account
|
||||||
operationId: GetServiceAccountPolicy
|
operationId: GetServiceAccount
|
||||||
parameters:
|
parameters:
|
||||||
- name: access_key
|
- name: access_key
|
||||||
in: path
|
in: path
|
||||||
@@ -1470,7 +1451,7 @@ paths:
|
|||||||
200:
|
200:
|
||||||
description: A successful response.
|
description: A successful response.
|
||||||
schema:
|
schema:
|
||||||
type: string
|
$ref: "#/definitions/serviceAccount"
|
||||||
default:
|
default:
|
||||||
description: Generic error response.
|
description: Generic error response.
|
||||||
schema:
|
schema:
|
||||||
@@ -1479,17 +1460,17 @@ paths:
|
|||||||
- ServiceAccount
|
- ServiceAccount
|
||||||
put:
|
put:
|
||||||
summary: Set Service Account Policy
|
summary: Set Service Account Policy
|
||||||
operationId: SetServiceAccountPolicy
|
operationId: UpdateServiceAccount
|
||||||
parameters:
|
parameters:
|
||||||
- name: access_key
|
- name: access_key
|
||||||
in: path
|
in: path
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
- name: policy
|
- name: body
|
||||||
in: body
|
in: body
|
||||||
required: true
|
required: true
|
||||||
schema:
|
schema:
|
||||||
$ref: "#/definitions/addServiceAccountPolicyRequest"
|
$ref: "#/definitions/updateServiceAccountRequest"
|
||||||
responses:
|
responses:
|
||||||
200:
|
200:
|
||||||
description: A successful response.
|
description: A successful response.
|
||||||
@@ -1499,6 +1480,23 @@ paths:
|
|||||||
$ref: "#/definitions/ApiError"
|
$ref: "#/definitions/ApiError"
|
||||||
tags:
|
tags:
|
||||||
- ServiceAccount
|
- ServiceAccount
|
||||||
|
delete:
|
||||||
|
summary: Delete Service Account
|
||||||
|
operationId: DeleteServiceAccount
|
||||||
|
parameters:
|
||||||
|
- name: access_key
|
||||||
|
in: path
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
|
responses:
|
||||||
|
204:
|
||||||
|
description: A successful response.
|
||||||
|
default:
|
||||||
|
description: Generic error response.
|
||||||
|
schema:
|
||||||
|
$ref: "#/definitions/ApiError"
|
||||||
|
tags:
|
||||||
|
- ServiceAccount
|
||||||
|
|
||||||
/users:
|
/users:
|
||||||
get:
|
get:
|
||||||
@@ -3896,13 +3894,23 @@ definitions:
|
|||||||
policy:
|
policy:
|
||||||
type: string
|
type: string
|
||||||
|
|
||||||
addServiceAccountPolicyRequest:
|
updateServiceAccountRequest:
|
||||||
type: object
|
type: object
|
||||||
required:
|
required:
|
||||||
- policy
|
- policy
|
||||||
properties:
|
properties:
|
||||||
policy:
|
policy:
|
||||||
type: string
|
type: string
|
||||||
|
secretKey:
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
description:
|
||||||
|
type: string
|
||||||
|
expiry:
|
||||||
|
type: string
|
||||||
|
status:
|
||||||
|
type: string
|
||||||
|
|
||||||
listPoliciesResponse:
|
listPoliciesResponse:
|
||||||
type: object
|
type: object
|
||||||
@@ -4804,6 +4812,23 @@ definitions:
|
|||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
type: string
|
type: string
|
||||||
|
serviceAccount:
|
||||||
|
type: object
|
||||||
|
properties:
|
||||||
|
parentUser:
|
||||||
|
type: string
|
||||||
|
accountStatus:
|
||||||
|
type: string
|
||||||
|
impliedPolicy:
|
||||||
|
type: boolean
|
||||||
|
policy:
|
||||||
|
type: string
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
description:
|
||||||
|
type: string
|
||||||
|
expiration:
|
||||||
|
type: string
|
||||||
serviceAccounts:
|
serviceAccounts:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
@@ -4826,6 +4851,14 @@ definitions:
|
|||||||
policy:
|
policy:
|
||||||
type: string
|
type: string
|
||||||
title: "policy to be applied to the Service Account if any"
|
title: "policy to be applied to the Service Account if any"
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
description:
|
||||||
|
type: string
|
||||||
|
expiry:
|
||||||
|
type: string
|
||||||
|
comment:
|
||||||
|
type: string
|
||||||
serviceAccountRequestCreds:
|
serviceAccountRequestCreds:
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
@@ -4836,6 +4869,14 @@ definitions:
|
|||||||
type: string
|
type: string
|
||||||
secretKey:
|
secretKey:
|
||||||
type: string
|
type: string
|
||||||
|
name:
|
||||||
|
type: string
|
||||||
|
description:
|
||||||
|
type: string
|
||||||
|
expiry:
|
||||||
|
type: string
|
||||||
|
comment:
|
||||||
|
type: string
|
||||||
serviceAccountCreds:
|
serviceAccountCreds:
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
|||||||
Reference in New Issue
Block a user