access keys ui details improvement and edit (#3116)

This commit is contained in:
Prakash Senthil Vel
2023-11-22 09:38:23 +05:30
committed by GitHub
parent 04e9cb0ac8
commit e4d5f9610e
28 changed files with 1361 additions and 728 deletions

View File

@@ -28,7 +28,6 @@ import (
"github.com/go-openapi/swag" "github.com/go-openapi/swag"
iampolicy "github.com/minio/pkg/v2/policy"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
@@ -52,6 +51,21 @@ func TestAddServiceAccount(t *testing.T) {
requestDataAddServiceAccount := map[string]interface{}{ requestDataAddServiceAccount := map[string]interface{}{
"accessKey": "testuser1", "accessKey": "testuser1",
"secretKey": "password", "secretKey": "password",
"policy": `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::*"
]
}
]
}`,
} }
requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount) requestDataJSON, _ := json.Marshal(requestDataAddServiceAccount)
@@ -75,75 +89,6 @@ func TestAddServiceAccount(t *testing.T) {
assert.Equal(201, response.StatusCode, "Status Code is incorrect") assert.Equal(201, response.StatusCode, "Status Code is incorrect")
} }
requestDataPolicy := map[string]interface{}{
"policy": `
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::*"
]
}
]
}`,
}
requestDataJSON, _ = json.Marshal(requestDataPolicy)
requestDataBody = bytes.NewReader(requestDataJSON)
request, err = http.NewRequest(
"PUT", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", requestDataBody)
if err != nil {
log.Println(err)
return
}
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
request.Header.Add("Content-Type", "application/json")
response, err = client.Do(request)
if err != nil {
log.Println(err)
return
}
if response != nil {
fmt.Println("POST StatusCode:", response.StatusCode)
assert.Equal(200, response.StatusCode, "Status Code is incorrect")
}
// Test policy
request, err = http.NewRequest(
"GET", "http://localhost:9090/api/v1/service-accounts/"+base64.StdEncoding.EncodeToString([]byte("testuser1"))+"/policy", nil)
if err != nil {
log.Println(err)
return
}
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
request.Header.Add("Content-Type", "application/json")
response, err = client.Do(request)
if err != nil {
log.Println(err)
return
}
if response != nil {
fmt.Println("POST StatusCode:", response.StatusCode)
assert.Equal(200, response.StatusCode, "Status Code is incorrect")
buf := new(bytes.Buffer)
buf.ReadFrom(response.Body)
var actual *iampolicy.Policy
var expected *iampolicy.Policy
json.Unmarshal(buf.Bytes(), actual)
policy, err := json.Marshal(requestDataAddServiceAccount["policy"])
if err != nil {
log.Println(err)
return
}
json.Unmarshal(policy, expected)
assert.Equal(expected, actual)
}
// {{baseUrl}}/user?name=proident velit // {{baseUrl}}/user?name=proident velit
// Investiga como se borra en el browser. // Investiga como se borra en el browser.
request, err = http.NewRequest( request, err = http.NewRequest(

85
models/service_account.go Normal file
View File

@@ -0,0 +1,85 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// ServiceAccount service account
//
// swagger:model serviceAccount
type ServiceAccount struct {
// account status
AccountStatus string `json:"accountStatus,omitempty"`
// description
Description string `json:"description,omitempty"`
// expiration
Expiration string `json:"expiration,omitempty"`
// implied policy
ImpliedPolicy bool `json:"impliedPolicy,omitempty"`
// name
Name string `json:"name,omitempty"`
// parent user
ParentUser string `json:"parentUser,omitempty"`
// policy
Policy string `json:"policy,omitempty"`
}
// Validate validates this service account
func (m *ServiceAccount) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this service account based on context it is used
func (m *ServiceAccount) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *ServiceAccount) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *ServiceAccount) UnmarshalBinary(b []byte) error {
var res ServiceAccount
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

View File

@@ -34,6 +34,18 @@ import (
// swagger:model serviceAccountRequest // swagger:model serviceAccountRequest
type ServiceAccountRequest struct { type ServiceAccountRequest struct {
// comment
Comment string `json:"comment,omitempty"`
// description
Description string `json:"description,omitempty"`
// expiry
Expiry string `json:"expiry,omitempty"`
// name
Name string `json:"name,omitempty"`
// policy to be applied to the Service Account if any // policy to be applied to the Service Account if any
Policy string `json:"policy,omitempty"` Policy string `json:"policy,omitempty"`
} }

View File

@@ -37,6 +37,18 @@ type ServiceAccountRequestCreds struct {
// access key // access key
AccessKey string `json:"accessKey,omitempty"` AccessKey string `json:"accessKey,omitempty"`
// comment
Comment string `json:"comment,omitempty"`
// description
Description string `json:"description,omitempty"`
// expiry
Expiry string `json:"expiry,omitempty"`
// name
Name string `json:"name,omitempty"`
// policy to be applied to the Service Account if any // policy to be applied to the Service Account if any
Policy string `json:"policy,omitempty"` Policy string `json:"policy,omitempty"`

View File

@@ -31,18 +31,33 @@ import (
"github.com/go-openapi/validate" "github.com/go-openapi/validate"
) )
// AddServiceAccountPolicyRequest add service account policy request // UpdateServiceAccountRequest update service account request
// //
// swagger:model addServiceAccountPolicyRequest // swagger:model updateServiceAccountRequest
type AddServiceAccountPolicyRequest struct { type UpdateServiceAccountRequest struct {
// description
Description string `json:"description,omitempty"`
// expiry
Expiry string `json:"expiry,omitempty"`
// name
Name string `json:"name,omitempty"`
// policy // policy
// Required: true // Required: true
Policy *string `json:"policy"` Policy *string `json:"policy"`
// secret key
SecretKey string `json:"secretKey,omitempty"`
// status
Status string `json:"status,omitempty"`
} }
// Validate validates this add service account policy request // Validate validates this update service account request
func (m *AddServiceAccountPolicyRequest) Validate(formats strfmt.Registry) error { func (m *UpdateServiceAccountRequest) Validate(formats strfmt.Registry) error {
var res []error var res []error
if err := m.validatePolicy(formats); err != nil { if err := m.validatePolicy(formats); err != nil {
@@ -55,7 +70,7 @@ func (m *AddServiceAccountPolicyRequest) Validate(formats strfmt.Registry) error
return nil return nil
} }
func (m *AddServiceAccountPolicyRequest) validatePolicy(formats strfmt.Registry) error { func (m *UpdateServiceAccountRequest) validatePolicy(formats strfmt.Registry) error {
if err := validate.Required("policy", "body", m.Policy); err != nil { if err := validate.Required("policy", "body", m.Policy); err != nil {
return err return err
@@ -64,13 +79,13 @@ func (m *AddServiceAccountPolicyRequest) validatePolicy(formats strfmt.Registry)
return nil return nil
} }
// ContextValidate validates this add service account policy request based on context it is used // ContextValidate validates this update service account request based on context it is used
func (m *AddServiceAccountPolicyRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { func (m *UpdateServiceAccountRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil return nil
} }
// MarshalBinary interface implementation // MarshalBinary interface implementation
func (m *AddServiceAccountPolicyRequest) MarshalBinary() ([]byte, error) { func (m *UpdateServiceAccountRequest) MarshalBinary() ([]byte, error) {
if m == nil { if m == nil {
return nil, nil return nil, nil
} }
@@ -78,8 +93,8 @@ func (m *AddServiceAccountPolicyRequest) MarshalBinary() ([]byte, error) {
} }
// UnmarshalBinary interface implementation // UnmarshalBinary interface implementation
func (m *AddServiceAccountPolicyRequest) UnmarshalBinary(b []byte) error { func (m *UpdateServiceAccountRequest) UnmarshalBinary(b []byte) error {
var res AddServiceAccountPolicyRequest var res UpdateServiceAccountRequest
if err := swag.ReadJSON(b, &res); err != nil { if err := swag.ReadJSON(b, &res); err != nil {
return err return err
} }

View File

@@ -214,8 +214,13 @@ export interface AddPolicyRequest {
policy: string; policy: string;
} }
export interface AddServiceAccountPolicyRequest { export interface UpdateServiceAccountRequest {
policy: string; policy: string;
secretKey?: string;
name?: string;
description?: string;
expiry?: string;
status?: string;
} }
export interface ListPoliciesResponse { export interface ListPoliciesResponse {
@@ -727,6 +732,16 @@ export interface BulkUserGroups {
groups: string[]; groups: string[];
} }
export interface ServiceAccount {
parentUser?: string;
accountStatus?: string;
impliedPolicy?: boolean;
policy?: string;
name?: string;
description?: string;
expiration?: string;
}
export type ServiceAccounts = { export type ServiceAccounts = {
accountStatus?: string; accountStatus?: string;
name?: string; name?: string;
@@ -738,6 +753,10 @@ export type ServiceAccounts = {
export interface ServiceAccountRequest { export interface ServiceAccountRequest {
/** policy to be applied to the Service Account if any */ /** policy to be applied to the Service Account if any */
policy?: string; policy?: string;
name?: string;
description?: string;
expiry?: string;
comment?: string;
} }
export interface ServiceAccountRequestCreds { export interface ServiceAccountRequestCreds {
@@ -745,6 +764,10 @@ export interface ServiceAccountRequestCreds {
policy?: string; policy?: string;
accessKey?: string; accessKey?: string;
secretKey?: string; secretKey?: string;
name?: string;
description?: string;
expiry?: string;
comment?: string;
} }
export interface ServiceAccountCreds { export interface ServiceAccountCreds {
@@ -1720,9 +1743,10 @@ export class HttpClient<SecurityDataType = unknown> {
? { "Content-Type": type } ? { "Content-Type": type }
: {}), : {}),
}, },
signal: cancelToken signal:
(cancelToken
? this.createAbortSignal(cancelToken) ? this.createAbortSignal(cancelToken)
: requestParams.signal, : requestParams.signal) || null,
body: body:
typeof body === "undefined" || body === null typeof body === "undefined" || body === null
? null ? null
@@ -3052,23 +3076,6 @@ export class Api<
...params, ...params,
}), }),
/**
* No description
*
* @tags ServiceAccount
* @name DeleteServiceAccount
* @summary Delete Service Account
* @request DELETE:/service-accounts/{access_key}
* @secure
*/
deleteServiceAccount: (accessKey: string, params: RequestParams = {}) =>
this.request<void, ApiError>({
path: `/service-accounts/${accessKey}`,
method: "DELETE",
secure: true,
...params,
}),
/** /**
* No description * No description
* *
@@ -3094,14 +3101,14 @@ export class Api<
* No description * No description
* *
* @tags ServiceAccount * @tags ServiceAccount
* @name GetServiceAccountPolicy * @name GetServiceAccount
* @summary Get Service Account Policy * @summary Get Service Account
* @request GET:/service-accounts/{access_key}/policy * @request GET:/service-accounts/{access_key}
* @secure * @secure
*/ */
getServiceAccountPolicy: (accessKey: string, params: RequestParams = {}) => getServiceAccount: (accessKey: string, params: RequestParams = {}) =>
this.request<IamEntity, ApiError>({ this.request<ServiceAccount, ApiError>({
path: `/service-accounts/${accessKey}/policy`, path: `/service-accounts/${accessKey}`,
method: "GET", method: "GET",
secure: true, secure: true,
format: "json", format: "json",
@@ -3112,24 +3119,41 @@ export class Api<
* No description * No description
* *
* @tags ServiceAccount * @tags ServiceAccount
* @name SetServiceAccountPolicy * @name UpdateServiceAccount
* @summary Set Service Account Policy * @summary Set Service Account Policy
* @request PUT:/service-accounts/{access_key}/policy * @request PUT:/service-accounts/{access_key}
* @secure * @secure
*/ */
setServiceAccountPolicy: ( updateServiceAccount: (
accessKey: string, accessKey: string,
policy: AddServiceAccountPolicyRequest, body: UpdateServiceAccountRequest,
params: RequestParams = {}, params: RequestParams = {},
) => ) =>
this.request<void, ApiError>({ this.request<void, ApiError>({
path: `/service-accounts/${accessKey}/policy`, path: `/service-accounts/${accessKey}`,
method: "PUT", method: "PUT",
body: policy, body: body,
secure: true, secure: true,
type: ContentType.Json, type: ContentType.Json,
...params, ...params,
}), }),
/**
* No description
*
* @tags ServiceAccount
* @name DeleteServiceAccount
* @summary Delete Service Account
* @request DELETE:/service-accounts/{access_key}
* @secure
*/
deleteServiceAccount: (accessKey: string, params: RequestParams = {}) =>
this.request<void, ApiError>({
path: `/service-accounts/${accessKey}`,
method: "DELETE",
secure: true,
...params,
}),
}; };
serviceAccountCredentials = { serviceAccountCredentials = {
/** /**

View File

@@ -37,7 +37,7 @@ import withSuspense from "../Common/Components/withSuspense";
import { selectSAs } from "../Configurations/utils"; import { selectSAs } from "../Configurations/utils";
import DeleteMultipleServiceAccounts from "../Users/DeleteMultipleServiceAccounts"; import DeleteMultipleServiceAccounts from "../Users/DeleteMultipleServiceAccounts";
import ServiceAccountPolicy from "./ServiceAccountPolicy"; import EditServiceAccount from "./EditServiceAccount";
import { selFeatures } from "../consoleSlice"; import { selFeatures } from "../consoleSlice";
import TooltipWrapper from "../Common/TooltipWrapper/TooltipWrapper"; import TooltipWrapper from "../Common/TooltipWrapper/TooltipWrapper";
@@ -82,7 +82,7 @@ const Account = () => {
useState<boolean>(false); useState<boolean>(false);
const [selectedSAs, setSelectedSAs] = useState<string[]>([]); const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false); const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
const [policyOpen, setPolicyOpen] = useState<boolean>(false); const [isEditOpen, setIsEditOpen] = useState<boolean>(false);
const userIDP = (features && features.includes("external-idp")) || false; const userIDP = (features && features.includes("external-idp")) || false;
@@ -137,13 +137,13 @@ const Account = () => {
} }
}; };
const policyModalOpen = (selectedServiceAccount: string) => { const editModalOpen = (selectedServiceAccount: string) => {
setSelectedServiceAccount(selectedServiceAccount); setSelectedServiceAccount(selectedServiceAccount);
setPolicyOpen(true); setIsEditOpen(true);
}; };
const closePolicyModal = () => { const closePolicyModal = () => {
setPolicyOpen(false); setIsEditOpen(false);
setLoading(true); setLoading(true);
}; };
@@ -157,7 +157,7 @@ const Account = () => {
type: "view", type: "view",
onClick: (value: any) => { onClick: (value: any) => {
if (value) { if (value) {
policyModalOpen(value.accessKey); editModalOpen(value.accessKey);
} }
}, },
}, },
@@ -169,6 +169,14 @@ const Account = () => {
} }
}, },
}, },
{
type: "edit",
onClick: (value: any) => {
if (value) {
editModalOpen(value.accessKey);
}
},
},
]; ];
const filteredRecords = records.filter( const filteredRecords = records.filter(
@@ -195,9 +203,9 @@ const Account = () => {
/> />
)} )}
{policyOpen && ( {isEditOpen && (
<ServiceAccountPolicy <EditServiceAccount
open={policyOpen} open={isEditOpen}
selectedAccessKey={selectedServiceAccount} selectedAccessKey={selectedServiceAccount}
closeModalAndRefresh={closePolicyModal} closeModalAndRefresh={closePolicyModal}
/> />

View File

@@ -29,6 +29,7 @@ import {
Switch, Switch,
ServiceAccountIcon, ServiceAccountIcon,
HelpTip, HelpTip,
DateTimeInput,
} from "mds"; } from "mds";
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary"; import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
import { NewServiceAccount } from "../Common/CredentialsPrompt/types"; import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
@@ -59,6 +60,11 @@ const AddServiceAccount = () => {
useState<NewServiceAccount | null>(null); useState<NewServiceAccount | null>(null);
const [policyJSON, setPolicyJSON] = useState<string>(""); const [policyJSON, setPolicyJSON] = useState<string>("");
const [name, setName] = useState<string>("");
const [description, setDescription] = useState<string>("");
const [comments, setComments] = useState<string>("");
const [expiry, setExpiry] = useState<any>();
useEffect(() => { useEffect(() => {
dispatch(setHelpName("add_service_account")); dispatch(setHelpName("add_service_account"));
// eslint-disable-next-line react-hooks/exhaustive-deps // eslint-disable-next-line react-hooks/exhaustive-deps
@@ -66,12 +72,17 @@ const AddServiceAccount = () => {
useEffect(() => { useEffect(() => {
if (addSending) { if (addSending) {
const expiryDt = expiry ? expiry.toJSDate().toISOString() : null;
api.serviceAccountCredentials api.serviceAccountCredentials
.createServiceAccountCreds( .createServiceAccountCreds(
{ {
policy: policyJSON, policy: policyJSON,
accessKey: accessKey, accessKey: accessKey,
secretKey: secretKey, secretKey: secretKey,
description: description,
comment: comments,
name: name,
expiry: expiryDt,
}, },
{ type: ContentType.Json }, { type: ContentType.Json },
) )
@@ -89,7 +100,18 @@ const AddServiceAccount = () => {
dispatch(setErrorSnackMessage(errorToHandler(res.error))); dispatch(setErrorSnackMessage(errorToHandler(res.error)));
}); });
} }
}, [addSending, setAddSending, dispatch, policyJSON, accessKey, secretKey]); }, [
addSending,
setAddSending,
dispatch,
policyJSON,
accessKey,
secretKey,
name,
description,
expiry,
comments,
]);
useEffect(() => { useEffect(() => {
if (isRestrictedByPolicy) { if (isRestrictedByPolicy) {
@@ -221,6 +243,73 @@ const AddServiceAccount = () => {
</Grid> </Grid>
</Grid> </Grid>
)} )}
<Grid
xs={12}
sx={{
display: "flex",
alignItems: "center",
justifyContent: "start",
fontWeight: 600,
color: "rgb(7, 25, 62)",
gap: 2,
marginBottom: "15px",
marginTop: "15px",
}}
>
<Box
sx={{
marginTop: "15px",
width: "100%",
"& label": { width: "180px" },
}}
>
<DateTimeInput
noLabelMinWidth
value={expiry}
onChange={(e) => {
setExpiry(e);
}}
id="expiryTime"
label={"Expiry"}
timeFormat={"24h"}
secondsSelector={false}
/>
</Box>
</Grid>
<InputBox
value={name}
label={"Name"}
id={"name"}
name={"name"}
type={"text"}
placeholder={"Enter a name"}
onChange={(e) => {
setName(e.target.value);
}}
/>
<InputBox
value={description}
label={"Description"}
id={"description"}
name={"description"}
type={"text"}
placeholder={"Enter a description"}
onChange={(e) => {
setDescription(e.target.value);
}}
/>
<InputBox
value={comments}
label={"Comments"}
id={"comment"}
name={"comment"}
type={"text"}
placeholder={"Enter a comment"}
onChange={(e) => {
setComments(e.target.value);
}}
/>
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}> <Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
<Button <Button
id={"clear"} id={"clear"}

View File

@@ -15,7 +15,15 @@
// along with this program. If not, see <http://www.gnu.org/licenses/>. // along with this program. If not, see <http://www.gnu.org/licenses/>.
import React, { useEffect, useState, Fragment } from "react"; import React, { useEffect, useState, Fragment } from "react";
import { Button, ChangeAccessPolicyIcon, Grid } from "mds"; import {
Box,
Button,
ChangeAccessPolicyIcon,
DateTimeInput,
Grid,
InputBox,
Switch,
} from "mds";
import { api } from "api"; import { api } from "api";
import { errorToHandler } from "api/errors"; import { errorToHandler } from "api/errors";
import CodeMirrorWrapper from "../Common/FormComponents/CodeMirrorWrapper/CodeMirrorWrapper"; import CodeMirrorWrapper from "../Common/FormComponents/CodeMirrorWrapper/CodeMirrorWrapper";
@@ -25,6 +33,7 @@ import { encodeURLString } from "common/utils";
import { setErrorSnackMessage, setModalErrorSnackMessage } from "systemSlice"; import { setErrorSnackMessage, setModalErrorSnackMessage } from "systemSlice";
import ModalWrapper from "../Common/ModalWrapper/ModalWrapper"; import ModalWrapper from "../Common/ModalWrapper/ModalWrapper";
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary"; import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
import { DateTime } from "luxon";
interface IServiceAccountPolicyProps { interface IServiceAccountPolicyProps {
open: boolean; open: boolean;
@@ -32,23 +41,40 @@ interface IServiceAccountPolicyProps {
closeModalAndRefresh: () => void; closeModalAndRefresh: () => void;
} }
const ServiceAccountPolicy = ({ const EditServiceAccount = ({
open, open,
selectedAccessKey, selectedAccessKey,
closeModalAndRefresh, closeModalAndRefresh,
}: IServiceAccountPolicyProps) => { }: IServiceAccountPolicyProps) => {
const dispatch = useAppDispatch(); const dispatch = useAppDispatch();
const [loading, setLoading] = useState<boolean>(false); const [loading, setLoading] = useState<boolean>(false);
const [policyDefinition, setPolicyDefinition] = useState<string>(""); const [policyDefinition, setPolicyDefinition] = useState<any>("");
const [name, setName] = useState<string>("");
const [description, setDescription] = useState<string>("");
const [expiry, setExpiry] = useState<any>();
const [status, setStatus] = useState<string | undefined>("enabled");
useEffect(() => { useEffect(() => {
if (!loading && selectedAccessKey !== "") { if (!loading && selectedAccessKey !== "") {
const sourceAccKey = encodeURLString(selectedAccessKey); const sourceAccKey = encodeURLString(selectedAccessKey);
setLoading(true); setLoading(true);
api.serviceAccounts api.serviceAccounts
.getServiceAccountPolicy(sourceAccKey) .getServiceAccount(sourceAccKey)
.then((res) => { .then((res) => {
setLoading(false); setLoading(false);
setPolicyDefinition(res.data); const saInfo = res.data;
setName(saInfo?.name || "");
if (saInfo?.expiration) {
setExpiry(DateTime.fromISO(saInfo?.expiration));
}
setDescription(saInfo?.description || "");
setStatus(saInfo.accountStatus);
setPolicyDefinition(saInfo.policy || "");
}) })
.catch((err) => { .catch((err) => {
setLoading(false); setLoading(false);
@@ -61,8 +87,12 @@ const ServiceAccountPolicy = ({
const setPolicy = (event: React.FormEvent, newPolicy: string) => { const setPolicy = (event: React.FormEvent, newPolicy: string) => {
event.preventDefault(); event.preventDefault();
api.serviceAccounts api.serviceAccounts
.setServiceAccountPolicy(encodeURLString(selectedAccessKey), { .updateServiceAccount(encodeURLString(selectedAccessKey), {
policy: newPolicy, policy: newPolicy,
description: description,
expiry: expiry,
name: name,
status: status,
}) })
.then(() => { .then(() => {
closeModalAndRefresh(); closeModalAndRefresh();
@@ -75,7 +105,7 @@ const ServiceAccountPolicy = ({
return ( return (
<ModalWrapper <ModalWrapper
title="Access Key Policy" title={`Edit details of - ${selectedAccessKey}`}
modalOpen={open} modalOpen={open}
onClose={() => { onClose={() => {
closeModalAndRefresh(); closeModalAndRefresh();
@@ -110,6 +140,99 @@ const ServiceAccountPolicy = ({
} }
/> />
</Grid> </Grid>
<Box
sx={{
marginBottom: "15px",
marginTop: "15px",
display: "flex",
width: "100%",
"& label": { width: "195px" },
}}
>
<DateTimeInput
noLabelMinWidth
value={expiry}
onChange={(e) => {
setExpiry(e);
}}
id="expiryTime"
label={"Expiry"}
timeFormat={"24h"}
secondsSelector={false}
/>
</Box>
<Grid
xs={12}
sx={{
marginBottom: "15px",
}}
>
<InputBox
value={name}
size={120}
label={"Name"}
id={"name"}
name={"name"}
type={"text"}
placeholder={"Enter a name"}
onChange={(e) => {
setName(e.target.value);
}}
/>
</Grid>
<Grid
xs={12}
sx={{
marginBottom: "15px",
}}
>
<InputBox
size={120}
value={description}
label={"Description"}
id={"description"}
name={"description"}
type={"text"}
placeholder={"Enter a description"}
onChange={(e) => {
setDescription(e.target.value);
}}
/>
</Grid>
<Grid
xs={12}
sx={{
display: "flex",
alignItems: "center",
justifyContent: "start",
fontWeight: 600,
color: "rgb(7, 25, 62)",
gap: 2,
marginBottom: "15px",
}}
>
<label style={{ width: "150px" }}>Status</label>
<Box
sx={{
padding: "2px",
}}
>
<Switch
style={{
gap: "115px",
}}
indicatorLabels={["Enabled", "Disabled"]}
checked={status === "on"}
id="saStatus"
name="saStatus"
label=""
onChange={(e) => {
setStatus(e.target.checked ? "on" : "off");
}}
value="yes"
/>
</Box>
</Grid>
<Grid item xs={12} sx={modalStyleUtils.modalButtonBar}> <Grid item xs={12} sx={modalStyleUtils.modalButtonBar}>
<Button <Button
id={"cancel-sa-policy"} id={"cancel-sa-policy"}
@@ -127,7 +250,7 @@ const ServiceAccountPolicy = ({
variant="callAction" variant="callAction"
color="primary" color="primary"
disabled={loading} disabled={loading}
label={"Set"} label={"Update"}
/> />
</Grid> </Grid>
</Grid> </Grid>
@@ -136,4 +259,4 @@ const ServiceAccountPolicy = ({
); );
}; };
export default ServiceAccountPolicy; export default EditServiceAccount;

View File

@@ -29,6 +29,7 @@ import {
ServiceAccountIcon, ServiceAccountIcon,
Switch, Switch,
HelpTip, HelpTip,
DateTimeInput,
} from "mds"; } from "mds";
import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary"; import { modalStyleUtils } from "../Common/FormComponents/common/styleLibrary";
import { NewServiceAccount } from "../Common/CredentialsPrompt/types"; import { NewServiceAccount } from "../Common/CredentialsPrompt/types";
@@ -65,8 +66,14 @@ const AddServiceAccount = () => {
const userName = decodeURLString(params.userName || ""); const userName = decodeURLString(params.userName || "");
const [name, setName] = useState<string>("");
const [description, setDescription] = useState<string>("");
const [comments, setComments] = useState<string>("");
const [expiry, setExpiry] = useState<any>();
useEffect(() => { useEffect(() => {
if (addSending) { if (addSending) {
const expiryDt = expiry ? expiry.toJSDate().toISOString() : null;
api api
.invoke( .invoke(
"POST", "POST",
@@ -77,6 +84,10 @@ const AddServiceAccount = () => {
policy: policyJSON, policy: policyJSON,
accessKey: accessKey, accessKey: accessKey,
secretKey: secretKey, secretKey: secretKey,
description: description,
comment: comments,
name: name,
expiry: expiryDt,
}, },
) )
.then((res) => { .then((res) => {
@@ -100,6 +111,10 @@ const AddServiceAccount = () => {
userName, userName,
accessKey, accessKey,
secretKey, secretKey,
name,
description,
expiry,
comments,
]); ]);
useEffect(() => { useEffect(() => {
@@ -198,6 +213,7 @@ const AddServiceAccount = () => {
}} }}
startIcon={<PasswordKeyIcon />} startIcon={<PasswordKeyIcon />}
/> />
<Switch <Switch
value="serviceAccountPolicy" value="serviceAccountPolicy"
id="serviceAccountPolicy" id="serviceAccountPolicy"
@@ -254,6 +270,61 @@ const AddServiceAccount = () => {
</Grid> </Grid>
</Grid> </Grid>
)} )}
<Box
sx={{
marginBottom: "15px",
marginTop: "15px",
width: "100%",
"& label": { width: "180px" },
}}
>
<DateTimeInput
noLabelMinWidth
value={expiry}
onChange={(e) => {
setExpiry(e);
}}
id="expiryTime"
label={"Expiry"}
timeFormat={"24h"}
secondsSelector={false}
/>
</Box>
<InputBox
value={name}
label={"Name"}
id={"name"}
name={"name"}
type={"text"}
placeholder={"Enter a name"}
onChange={(e) => {
setName(e.target.value);
}}
/>
<InputBox
value={description}
label={"Description"}
id={"description"}
name={"description"}
type={"text"}
placeholder={"Enter a description"}
onChange={(e) => {
setDescription(e.target.value);
}}
/>
<InputBox
value={comments}
label={"Comments"}
id={"comment"}
name={"comment"}
type={"text"}
placeholder={"Enter a comment"}
onChange={(e) => {
setComments(e.target.value);
}}
/>
<Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}> <Grid item xs={12} sx={{ ...modalStyleUtils.modalButtonBar }}>
<Button <Button
id={"clear"} id={"clear"}

View File

@@ -25,7 +25,7 @@ import CredentialsPrompt from "../Common/CredentialsPrompt/CredentialsPrompt";
import DeleteMultipleServiceAccounts from "./DeleteMultipleServiceAccounts"; import DeleteMultipleServiceAccounts from "./DeleteMultipleServiceAccounts";
import { selectSAs } from "../Configurations/utils"; import { selectSAs } from "../Configurations/utils";
import ServiceAccountPolicy from "../Account/ServiceAccountPolicy"; import EditServiceAccount from "../Account/EditServiceAccount";
import { import {
CONSOLE_UI_RESOURCE, CONSOLE_UI_RESOURCE,
IAM_SCOPES, IAM_SCOPES,
@@ -66,7 +66,7 @@ const UserServiceAccountsPanel = ({
useState<NewServiceAccount | null>(null); useState<NewServiceAccount | null>(null);
const [selectedSAs, setSelectedSAs] = useState<string[]>([]); const [selectedSAs, setSelectedSAs] = useState<string[]>([]);
const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false); const [deleteMultipleOpen, setDeleteMultipleOpen] = useState<boolean>(false);
const [policyOpen, setPolicyOpen] = useState<boolean>(false); const [editOpen, setEditOpen] = useState<boolean>(false);
useEffect(() => { useEffect(() => {
fetchRecords(); fetchRecords();
@@ -114,9 +114,9 @@ const UserServiceAccountsPanel = ({
setNewServiceAccount(null); setNewServiceAccount(null);
}; };
const policyModalOpen = (selectedServiceAccount: string) => { const editModalOpen = (selectedServiceAccount: string) => {
setSelectedServiceAccount(selectedServiceAccount); setSelectedServiceAccount(selectedServiceAccount);
setPolicyOpen(true); setEditOpen(true);
}; };
const confirmDeleteServiceAccount = (selectedServiceAccount: string) => { const confirmDeleteServiceAccount = (selectedServiceAccount: string) => {
@@ -125,7 +125,7 @@ const UserServiceAccountsPanel = ({
}; };
const closePolicyModal = () => { const closePolicyModal = () => {
setPolicyOpen(false); setEditOpen(false);
setLoading(true); setLoading(true);
}; };
@@ -134,7 +134,7 @@ const UserServiceAccountsPanel = ({
type: "view", type: "view",
onClick: (value: any) => { onClick: (value: any) => {
if (value) { if (value) {
policyModalOpen(value.accessKey); editModalOpen(value.accessKey);
} }
}, },
}, },
@@ -146,6 +146,14 @@ const UserServiceAccountsPanel = ({
} }
}, },
}, },
{
type: "edit",
onClick: (value: any) => {
if (value) {
editModalOpen(value.accessKey);
}
},
},
]; ];
useEffect(() => { useEffect(() => {
@@ -181,9 +189,9 @@ const UserServiceAccountsPanel = ({
entity="Access Key" entity="Access Key"
/> />
)} )}
{policyOpen && ( {editOpen && (
<ServiceAccountPolicy <EditServiceAccount
open={policyOpen} open={editOpen}
selectedAccessKey={selectedServiceAccount} selectedAccessKey={selectedServiceAccount}
closeModalAndRefresh={closePolicyModal} closeModalAndRefresh={closePolicyModal}
/> />

View File

@@ -80,7 +80,7 @@ var (
minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error
minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error) minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, description string, name string, expiry *time.Time, status string) (madmin.Credentials, error)
minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error) minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
@@ -377,8 +377,8 @@ func (ac AdminClientMock) AccountInfo(ctx context.Context) (madmin.AccountInfo,
return minioAccountInfoMock(ctx) return minioAccountInfoMock(ctx)
} }
func (ac AdminClientMock) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) { func (ac AdminClientMock) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, description string, name string, expiry *time.Time, status string) (madmin.Credentials, error) {
return minioAddServiceAccountMock(ctx, policy, user, accessKey, secretKey) return minioAddServiceAccountMock(ctx, policy, user, accessKey, secretKey, description, name, expiry, status)
} }
func (ac AdminClientMock) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) { func (ac AdminClientMock) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) {

View File

@@ -70,7 +70,7 @@ type MinioAdmin interface {
heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string, heal(ctx context.Context, bucket, prefix string, healOpts madmin.HealOpts, clientToken string,
forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error) forceStart, forceStop bool) (healStart madmin.HealStartSuccess, healTaskStatus madmin.HealTaskStatus, err error)
// Service Accounts // Service Accounts
addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error)
listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error) listServiceAccounts(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
deleteServiceAccount(ctx context.Context, serviceAccount string) error deleteServiceAccount(ctx context.Context, serviceAccount string) error
infoServiceAccount(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error) infoServiceAccount(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
@@ -305,7 +305,7 @@ func (ac AdminClient) getLogs(ctx context.Context, node string, lineCnt int, log
} }
// implements madmin.AddServiceAccount() // implements madmin.AddServiceAccount()
func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) { func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
buf, err := json.Marshal(policy) buf, err := json.Marshal(policy)
if err != nil { if err != nil {
return madmin.Credentials{}, err return madmin.Credentials{}, err
@@ -315,6 +315,10 @@ func (ac AdminClient) addServiceAccount(ctx context.Context, policy *iampolicy.P
TargetUser: user, TargetUser: user,
AccessKey: accessKey, AccessKey: accessKey,
SecretKey: secretKey, SecretKey: secretKey,
Name: name,
Description: description,
Expiration: expiry,
Comment: comment,
}) })
} }

View File

@@ -4452,6 +4452,69 @@ func init() {
} }
}, },
"/service-accounts/{access_key}": { "/service-accounts/{access_key}": {
"get": {
"tags": [
"ServiceAccount"
],
"summary": "Get Service Account",
"operationId": "GetServiceAccount",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/serviceAccount"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"put": {
"tags": [
"ServiceAccount"
],
"summary": "Set Service Account Policy",
"operationId": "UpdateServiceAccount",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/updateServiceAccountRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"delete": { "delete": {
"tags": [ "tags": [
"ServiceAccount" "ServiceAccount"
@@ -4479,71 +4542,6 @@ func init() {
} }
} }
}, },
"/service-accounts/{access_key}/policy": {
"get": {
"tags": [
"ServiceAccount"
],
"summary": "Get Service Account Policy",
"operationId": "GetServiceAccountPolicy",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "string"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"put": {
"tags": [
"ServiceAccount"
],
"summary": "Set Service Account Policy",
"operationId": "SetServiceAccountPolicy",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
},
{
"name": "policy",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/addServiceAccountPolicyRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
}
},
"/service/restart": { "/service/restart": {
"post": { "post": {
"tags": [ "tags": [
@@ -5546,17 +5544,6 @@ func init() {
} }
} }
}, },
"addServiceAccountPolicyRequest": {
"type": "object",
"required": [
"policy"
],
"properties": {
"policy": {
"type": "string"
}
}
},
"addUserRequest": { "addUserRequest": {
"type": "object", "type": "object",
"required": [ "required": [
@@ -8071,6 +8058,32 @@ func init() {
} }
} }
}, },
"serviceAccount": {
"type": "object",
"properties": {
"accountStatus": {
"type": "string"
},
"description": {
"type": "string"
},
"expiration": {
"type": "string"
},
"impliedPolicy": {
"type": "boolean"
},
"name": {
"type": "string"
},
"parentUser": {
"type": "string"
},
"policy": {
"type": "string"
}
}
},
"serviceAccountCreds": { "serviceAccountCreds": {
"type": "object", "type": "object",
"properties": { "properties": {
@@ -8088,6 +8101,18 @@ func init() {
"serviceAccountRequest": { "serviceAccountRequest": {
"type": "object", "type": "object",
"properties": { "properties": {
"comment": {
"type": "string"
},
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": { "policy": {
"type": "string", "type": "string",
"title": "policy to be applied to the Service Account if any" "title": "policy to be applied to the Service Account if any"
@@ -8100,6 +8125,18 @@ func init() {
"accessKey": { "accessKey": {
"type": "string" "type": "string"
}, },
"comment": {
"type": "string"
},
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": { "policy": {
"type": "string", "type": "string",
"title": "policy to be applied to the Service Account if any" "title": "policy to be applied to the Service Account if any"
@@ -8861,6 +8898,32 @@ func init() {
} }
} }
}, },
"updateServiceAccountRequest": {
"type": "object",
"required": [
"policy"
],
"properties": {
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": {
"type": "string"
},
"secretKey": {
"type": "string"
},
"status": {
"type": "string"
}
}
},
"updateUser": { "updateUser": {
"type": "object", "type": "object",
"required": [ "required": [
@@ -13571,6 +13634,69 @@ func init() {
} }
}, },
"/service-accounts/{access_key}": { "/service-accounts/{access_key}": {
"get": {
"tags": [
"ServiceAccount"
],
"summary": "Get Service Account",
"operationId": "GetServiceAccount",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/serviceAccount"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"put": {
"tags": [
"ServiceAccount"
],
"summary": "Set Service Account Policy",
"operationId": "UpdateServiceAccount",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/updateServiceAccountRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"delete": { "delete": {
"tags": [ "tags": [
"ServiceAccount" "ServiceAccount"
@@ -13598,71 +13724,6 @@ func init() {
} }
} }
}, },
"/service-accounts/{access_key}/policy": {
"get": {
"tags": [
"ServiceAccount"
],
"summary": "Get Service Account Policy",
"operationId": "GetServiceAccountPolicy",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "string"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
},
"put": {
"tags": [
"ServiceAccount"
],
"summary": "Set Service Account Policy",
"operationId": "SetServiceAccountPolicy",
"parameters": [
{
"type": "string",
"name": "access_key",
"in": "path",
"required": true
},
{
"name": "policy",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/addServiceAccountPolicyRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/ApiError"
}
}
}
}
},
"/service/restart": { "/service/restart": {
"post": { "post": {
"tags": [ "tags": [
@@ -14827,17 +14888,6 @@ func init() {
} }
} }
}, },
"addServiceAccountPolicyRequest": {
"type": "object",
"required": [
"policy"
],
"properties": {
"policy": {
"type": "string"
}
}
},
"addUserRequest": { "addUserRequest": {
"type": "object", "type": "object",
"required": [ "required": [
@@ -17347,6 +17397,32 @@ func init() {
} }
} }
}, },
"serviceAccount": {
"type": "object",
"properties": {
"accountStatus": {
"type": "string"
},
"description": {
"type": "string"
},
"expiration": {
"type": "string"
},
"impliedPolicy": {
"type": "boolean"
},
"name": {
"type": "string"
},
"parentUser": {
"type": "string"
},
"policy": {
"type": "string"
}
}
},
"serviceAccountCreds": { "serviceAccountCreds": {
"type": "object", "type": "object",
"properties": { "properties": {
@@ -17364,6 +17440,18 @@ func init() {
"serviceAccountRequest": { "serviceAccountRequest": {
"type": "object", "type": "object",
"properties": { "properties": {
"comment": {
"type": "string"
},
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": { "policy": {
"type": "string", "type": "string",
"title": "policy to be applied to the Service Account if any" "title": "policy to be applied to the Service Account if any"
@@ -17376,6 +17464,18 @@ func init() {
"accessKey": { "accessKey": {
"type": "string" "type": "string"
}, },
"comment": {
"type": "string"
},
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": { "policy": {
"type": "string", "type": "string",
"title": "policy to be applied to the Service Account if any" "title": "policy to be applied to the Service Account if any"
@@ -18120,6 +18220,32 @@ func init() {
} }
} }
}, },
"updateServiceAccountRequest": {
"type": "object",
"required": [
"policy"
],
"properties": {
"description": {
"type": "string"
},
"expiry": {
"type": "string"
},
"name": {
"type": "string"
},
"policy": {
"type": "string"
},
"secretKey": {
"type": "string"
},
"status": {
"type": "string"
}
}
},
"updateUser": { "updateUser": {
"type": "object", "type": "object",
"required": [ "required": [

View File

@@ -265,8 +265,8 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
PolicyGetSAUserPolicyHandler: policy.GetSAUserPolicyHandlerFunc(func(params policy.GetSAUserPolicyParams, principal *models.Principal) middleware.Responder { PolicyGetSAUserPolicyHandler: policy.GetSAUserPolicyHandlerFunc(func(params policy.GetSAUserPolicyParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation policy.GetSAUserPolicy has not yet been implemented") return middleware.NotImplemented("operation policy.GetSAUserPolicy has not yet been implemented")
}), }),
ServiceAccountGetServiceAccountPolicyHandler: service_account.GetServiceAccountPolicyHandlerFunc(func(params service_account.GetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder { ServiceAccountGetServiceAccountHandler: service_account.GetServiceAccountHandlerFunc(func(params service_account.GetServiceAccountParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation service_account.GetServiceAccountPolicy has not yet been implemented") return middleware.NotImplemented("operation service_account.GetServiceAccount has not yet been implemented")
}), }),
SiteReplicationGetSiteReplicationInfoHandler: site_replication.GetSiteReplicationInfoHandlerFunc(func(params site_replication.GetSiteReplicationInfoParams, principal *models.Principal) middleware.Responder { SiteReplicationGetSiteReplicationInfoHandler: site_replication.GetSiteReplicationInfoHandlerFunc(func(params site_replication.GetSiteReplicationInfoParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation site_replication.GetSiteReplicationInfo has not yet been implemented") return middleware.NotImplemented("operation site_replication.GetSiteReplicationInfo has not yet been implemented")
@@ -502,9 +502,6 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
PolicySetPolicyMultipleHandler: policy.SetPolicyMultipleHandlerFunc(func(params policy.SetPolicyMultipleParams, principal *models.Principal) middleware.Responder { PolicySetPolicyMultipleHandler: policy.SetPolicyMultipleHandlerFunc(func(params policy.SetPolicyMultipleParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation policy.SetPolicyMultiple has not yet been implemented") return middleware.NotImplemented("operation policy.SetPolicyMultiple has not yet been implemented")
}), }),
ServiceAccountSetServiceAccountPolicyHandler: service_account.SetServiceAccountPolicyHandlerFunc(func(params service_account.SetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation service_account.SetServiceAccountPolicy has not yet been implemented")
}),
ObjectShareObjectHandler: object.ShareObjectHandlerFunc(func(params object.ShareObjectParams, principal *models.Principal) middleware.Responder { ObjectShareObjectHandler: object.ShareObjectHandlerFunc(func(params object.ShareObjectParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation object.ShareObject has not yet been implemented") return middleware.NotImplemented("operation object.ShareObject has not yet been implemented")
}), }),
@@ -550,6 +547,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
BucketUpdateMultiBucketReplicationHandler: bucket.UpdateMultiBucketReplicationHandlerFunc(func(params bucket.UpdateMultiBucketReplicationParams, principal *models.Principal) middleware.Responder { BucketUpdateMultiBucketReplicationHandler: bucket.UpdateMultiBucketReplicationHandlerFunc(func(params bucket.UpdateMultiBucketReplicationParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation bucket.UpdateMultiBucketReplication has not yet been implemented") return middleware.NotImplemented("operation bucket.UpdateMultiBucketReplication has not yet been implemented")
}), }),
ServiceAccountUpdateServiceAccountHandler: service_account.UpdateServiceAccountHandlerFunc(func(params service_account.UpdateServiceAccountParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation service_account.UpdateServiceAccount has not yet been implemented")
}),
UserUpdateUserGroupsHandler: user.UpdateUserGroupsHandlerFunc(func(params user.UpdateUserGroupsParams, principal *models.Principal) middleware.Responder { UserUpdateUserGroupsHandler: user.UpdateUserGroupsHandlerFunc(func(params user.UpdateUserGroupsParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation user.UpdateUserGroups has not yet been implemented") return middleware.NotImplemented("operation user.UpdateUserGroups has not yet been implemented")
}), }),
@@ -740,8 +740,8 @@ type ConsoleAPI struct {
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation // PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
PolicyGetSAUserPolicyHandler policy.GetSAUserPolicyHandler PolicyGetSAUserPolicyHandler policy.GetSAUserPolicyHandler
// ServiceAccountGetServiceAccountPolicyHandler sets the operation handler for the get service account policy operation // ServiceAccountGetServiceAccountHandler sets the operation handler for the get service account operation
ServiceAccountGetServiceAccountPolicyHandler service_account.GetServiceAccountPolicyHandler ServiceAccountGetServiceAccountHandler service_account.GetServiceAccountHandler
// SiteReplicationGetSiteReplicationInfoHandler sets the operation handler for the get site replication info operation // SiteReplicationGetSiteReplicationInfoHandler sets the operation handler for the get site replication info operation
SiteReplicationGetSiteReplicationInfoHandler site_replication.GetSiteReplicationInfoHandler SiteReplicationGetSiteReplicationInfoHandler site_replication.GetSiteReplicationInfoHandler
// SiteReplicationGetSiteReplicationStatusHandler sets the operation handler for the get site replication status operation // SiteReplicationGetSiteReplicationStatusHandler sets the operation handler for the get site replication status operation
@@ -898,8 +898,6 @@ type ConsoleAPI struct {
PolicySetPolicyHandler policy.SetPolicyHandler PolicySetPolicyHandler policy.SetPolicyHandler
// PolicySetPolicyMultipleHandler sets the operation handler for the set policy multiple operation // PolicySetPolicyMultipleHandler sets the operation handler for the set policy multiple operation
PolicySetPolicyMultipleHandler policy.SetPolicyMultipleHandler PolicySetPolicyMultipleHandler policy.SetPolicyMultipleHandler
// ServiceAccountSetServiceAccountPolicyHandler sets the operation handler for the set service account policy operation
ServiceAccountSetServiceAccountPolicyHandler service_account.SetServiceAccountPolicyHandler
// ObjectShareObjectHandler sets the operation handler for the share object operation // ObjectShareObjectHandler sets the operation handler for the share object operation
ObjectShareObjectHandler object.ShareObjectHandler ObjectShareObjectHandler object.ShareObjectHandler
// SiteReplicationSiteReplicationEditHandler sets the operation handler for the site replication edit operation // SiteReplicationSiteReplicationEditHandler sets the operation handler for the site replication edit operation
@@ -930,6 +928,8 @@ type ConsoleAPI struct {
GroupUpdateGroupHandler group.UpdateGroupHandler GroupUpdateGroupHandler group.UpdateGroupHandler
// BucketUpdateMultiBucketReplicationHandler sets the operation handler for the update multi bucket replication operation // BucketUpdateMultiBucketReplicationHandler sets the operation handler for the update multi bucket replication operation
BucketUpdateMultiBucketReplicationHandler bucket.UpdateMultiBucketReplicationHandler BucketUpdateMultiBucketReplicationHandler bucket.UpdateMultiBucketReplicationHandler
// ServiceAccountUpdateServiceAccountHandler sets the operation handler for the update service account operation
ServiceAccountUpdateServiceAccountHandler service_account.UpdateServiceAccountHandler
// UserUpdateUserGroupsHandler sets the operation handler for the update user groups operation // UserUpdateUserGroupsHandler sets the operation handler for the update user groups operation
UserUpdateUserGroupsHandler user.UpdateUserGroupsHandler UserUpdateUserGroupsHandler user.UpdateUserGroupsHandler
// UserUpdateUserInfoHandler sets the operation handler for the update user info operation // UserUpdateUserInfoHandler sets the operation handler for the update user info operation
@@ -1204,8 +1204,8 @@ func (o *ConsoleAPI) Validate() error {
if o.PolicyGetSAUserPolicyHandler == nil { if o.PolicyGetSAUserPolicyHandler == nil {
unregistered = append(unregistered, "policy.GetSAUserPolicyHandler") unregistered = append(unregistered, "policy.GetSAUserPolicyHandler")
} }
if o.ServiceAccountGetServiceAccountPolicyHandler == nil { if o.ServiceAccountGetServiceAccountHandler == nil {
unregistered = append(unregistered, "service_account.GetServiceAccountPolicyHandler") unregistered = append(unregistered, "service_account.GetServiceAccountHandler")
} }
if o.SiteReplicationGetSiteReplicationInfoHandler == nil { if o.SiteReplicationGetSiteReplicationInfoHandler == nil {
unregistered = append(unregistered, "site_replication.GetSiteReplicationInfoHandler") unregistered = append(unregistered, "site_replication.GetSiteReplicationInfoHandler")
@@ -1441,9 +1441,6 @@ func (o *ConsoleAPI) Validate() error {
if o.PolicySetPolicyMultipleHandler == nil { if o.PolicySetPolicyMultipleHandler == nil {
unregistered = append(unregistered, "policy.SetPolicyMultipleHandler") unregistered = append(unregistered, "policy.SetPolicyMultipleHandler")
} }
if o.ServiceAccountSetServiceAccountPolicyHandler == nil {
unregistered = append(unregistered, "service_account.SetServiceAccountPolicyHandler")
}
if o.ObjectShareObjectHandler == nil { if o.ObjectShareObjectHandler == nil {
unregistered = append(unregistered, "object.ShareObjectHandler") unregistered = append(unregistered, "object.ShareObjectHandler")
} }
@@ -1489,6 +1486,9 @@ func (o *ConsoleAPI) Validate() error {
if o.BucketUpdateMultiBucketReplicationHandler == nil { if o.BucketUpdateMultiBucketReplicationHandler == nil {
unregistered = append(unregistered, "bucket.UpdateMultiBucketReplicationHandler") unregistered = append(unregistered, "bucket.UpdateMultiBucketReplicationHandler")
} }
if o.ServiceAccountUpdateServiceAccountHandler == nil {
unregistered = append(unregistered, "service_account.UpdateServiceAccountHandler")
}
if o.UserUpdateUserGroupsHandler == nil { if o.UserUpdateUserGroupsHandler == nil {
unregistered = append(unregistered, "user.UpdateUserGroupsHandler") unregistered = append(unregistered, "user.UpdateUserGroupsHandler")
} }
@@ -1844,7 +1844,7 @@ func (o *ConsoleAPI) initHandlerCache() {
if o.handlers["GET"] == nil { if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler) o.handlers["GET"] = make(map[string]http.Handler)
} }
o.handlers["GET"]["/service-accounts/{access_key}/policy"] = service_account.NewGetServiceAccountPolicy(o.context, o.ServiceAccountGetServiceAccountPolicyHandler) o.handlers["GET"]["/service-accounts/{access_key}"] = service_account.NewGetServiceAccount(o.context, o.ServiceAccountGetServiceAccountHandler)
if o.handlers["GET"] == nil { if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler) o.handlers["GET"] = make(map[string]http.Handler)
} }
@@ -2157,10 +2157,6 @@ func (o *ConsoleAPI) initHandlerCache() {
o.handlers["PUT"] = make(map[string]http.Handler) o.handlers["PUT"] = make(map[string]http.Handler)
} }
o.handlers["PUT"]["/set-policy-multi"] = policy.NewSetPolicyMultiple(o.context, o.PolicySetPolicyMultipleHandler) o.handlers["PUT"]["/set-policy-multi"] = policy.NewSetPolicyMultiple(o.context, o.PolicySetPolicyMultipleHandler)
if o.handlers["PUT"] == nil {
o.handlers["PUT"] = make(map[string]http.Handler)
}
o.handlers["PUT"]["/service-accounts/{access_key}/policy"] = service_account.NewSetServiceAccountPolicy(o.context, o.ServiceAccountSetServiceAccountPolicyHandler)
if o.handlers["GET"] == nil { if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler) o.handlers["GET"] = make(map[string]http.Handler)
} }
@@ -2224,6 +2220,10 @@ func (o *ConsoleAPI) initHandlerCache() {
if o.handlers["PUT"] == nil { if o.handlers["PUT"] == nil {
o.handlers["PUT"] = make(map[string]http.Handler) o.handlers["PUT"] = make(map[string]http.Handler)
} }
o.handlers["PUT"]["/service-accounts/{access_key}"] = service_account.NewUpdateServiceAccount(o.context, o.ServiceAccountUpdateServiceAccountHandler)
if o.handlers["PUT"] == nil {
o.handlers["PUT"] = make(map[string]http.Handler)
}
o.handlers["PUT"]["/user/{name}/groups"] = user.NewUpdateUserGroups(o.context, o.UserUpdateUserGroupsHandler) o.handlers["PUT"]["/user/{name}/groups"] = user.NewUpdateUserGroups(o.context, o.UserUpdateUserGroupsHandler)
if o.handlers["PUT"] == nil { if o.handlers["PUT"] == nil {
o.handlers["PUT"] = make(map[string]http.Handler) o.handlers["PUT"] = make(map[string]http.Handler)

View File

@@ -30,40 +30,40 @@ import (
"github.com/minio/console/models" "github.com/minio/console/models"
) )
// GetServiceAccountPolicyHandlerFunc turns a function with the right signature into a get service account policy handler // GetServiceAccountHandlerFunc turns a function with the right signature into a get service account handler
type GetServiceAccountPolicyHandlerFunc func(GetServiceAccountPolicyParams, *models.Principal) middleware.Responder type GetServiceAccountHandlerFunc func(GetServiceAccountParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response // Handle executing the request and returning a response
func (fn GetServiceAccountPolicyHandlerFunc) Handle(params GetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder { func (fn GetServiceAccountHandlerFunc) Handle(params GetServiceAccountParams, principal *models.Principal) middleware.Responder {
return fn(params, principal) return fn(params, principal)
} }
// GetServiceAccountPolicyHandler interface for that can handle valid get service account policy params // GetServiceAccountHandler interface for that can handle valid get service account params
type GetServiceAccountPolicyHandler interface { type GetServiceAccountHandler interface {
Handle(GetServiceAccountPolicyParams, *models.Principal) middleware.Responder Handle(GetServiceAccountParams, *models.Principal) middleware.Responder
} }
// NewGetServiceAccountPolicy creates a new http.Handler for the get service account policy operation // NewGetServiceAccount creates a new http.Handler for the get service account operation
func NewGetServiceAccountPolicy(ctx *middleware.Context, handler GetServiceAccountPolicyHandler) *GetServiceAccountPolicy { func NewGetServiceAccount(ctx *middleware.Context, handler GetServiceAccountHandler) *GetServiceAccount {
return &GetServiceAccountPolicy{Context: ctx, Handler: handler} return &GetServiceAccount{Context: ctx, Handler: handler}
} }
/* /*
GetServiceAccountPolicy swagger:route GET /service-accounts/{access_key}/policy ServiceAccount getServiceAccountPolicy GetServiceAccount swagger:route GET /service-accounts/{access_key} ServiceAccount getServiceAccount
Get Service Account Policy Get Service Account
*/ */
type GetServiceAccountPolicy struct { type GetServiceAccount struct {
Context *middleware.Context Context *middleware.Context
Handler GetServiceAccountPolicyHandler Handler GetServiceAccountHandler
} }
func (o *GetServiceAccountPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) { func (o *GetServiceAccount) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r) route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil { if rCtx != nil {
*r = *rCtx *r = *rCtx
} }
var Params = NewGetServiceAccountPolicyParams() var Params = NewGetServiceAccountParams()
uprinc, aCtx, err := o.Context.Authorize(r, route) uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil { if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err) o.Context.Respond(rw, r, route.Produces, route, err)

View File

@@ -30,19 +30,19 @@ import (
"github.com/go-openapi/strfmt" "github.com/go-openapi/strfmt"
) )
// NewGetServiceAccountPolicyParams creates a new GetServiceAccountPolicyParams object // NewGetServiceAccountParams creates a new GetServiceAccountParams object
// //
// There are no default values defined in the spec. // There are no default values defined in the spec.
func NewGetServiceAccountPolicyParams() GetServiceAccountPolicyParams { func NewGetServiceAccountParams() GetServiceAccountParams {
return GetServiceAccountPolicyParams{} return GetServiceAccountParams{}
} }
// GetServiceAccountPolicyParams contains all the bound params for the get service account policy operation // GetServiceAccountParams contains all the bound params for the get service account operation
// typically these are obtained from a http.Request // typically these are obtained from a http.Request
// //
// swagger:parameters GetServiceAccountPolicy // swagger:parameters GetServiceAccount
type GetServiceAccountPolicyParams struct { type GetServiceAccountParams struct {
// HTTP Request Object // HTTP Request Object
HTTPRequest *http.Request `json:"-"` HTTPRequest *http.Request `json:"-"`
@@ -57,8 +57,8 @@ type GetServiceAccountPolicyParams struct {
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls. // for simple values it will use straight method calls.
// //
// To ensure default values, the struct must have been initialized with NewGetServiceAccountPolicyParams() beforehand. // To ensure default values, the struct must have been initialized with NewGetServiceAccountParams() beforehand.
func (o *GetServiceAccountPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { func (o *GetServiceAccountParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error var res []error
o.HTTPRequest = r o.HTTPRequest = r
@@ -74,7 +74,7 @@ func (o *GetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
} }
// bindAccessKey binds and validates parameter AccessKey from path. // bindAccessKey binds and validates parameter AccessKey from path.
func (o *GetServiceAccountPolicyParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error { func (o *GetServiceAccountParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string var raw string
if len(rawData) > 0 { if len(rawData) > 0 {
raw = rawData[len(rawData)-1] raw = rawData[len(rawData)-1]

View File

@@ -1,133 +0,0 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package service_account
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetServiceAccountPolicyOKCode is the HTTP code returned for type GetServiceAccountPolicyOK
const GetServiceAccountPolicyOKCode int = 200
/*
GetServiceAccountPolicyOK A successful response.
swagger:response getServiceAccountPolicyOK
*/
type GetServiceAccountPolicyOK struct {
/*
In: Body
*/
Payload string `json:"body,omitempty"`
}
// NewGetServiceAccountPolicyOK creates GetServiceAccountPolicyOK with default headers values
func NewGetServiceAccountPolicyOK() *GetServiceAccountPolicyOK {
return &GetServiceAccountPolicyOK{}
}
// WithPayload adds the payload to the get service account policy o k response
func (o *GetServiceAccountPolicyOK) WithPayload(payload string) *GetServiceAccountPolicyOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get service account policy o k response
func (o *GetServiceAccountPolicyOK) SetPayload(payload string) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetServiceAccountPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
/*
GetServiceAccountPolicyDefault Generic error response.
swagger:response getServiceAccountPolicyDefault
*/
type GetServiceAccountPolicyDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.APIError `json:"body,omitempty"`
}
// NewGetServiceAccountPolicyDefault creates GetServiceAccountPolicyDefault with default headers values
func NewGetServiceAccountPolicyDefault(code int) *GetServiceAccountPolicyDefault {
if code <= 0 {
code = 500
}
return &GetServiceAccountPolicyDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get service account policy default response
func (o *GetServiceAccountPolicyDefault) WithStatusCode(code int) *GetServiceAccountPolicyDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get service account policy default response
func (o *GetServiceAccountPolicyDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get service account policy default response
func (o *GetServiceAccountPolicyDefault) WithPayload(payload *models.APIError) *GetServiceAccountPolicyDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get service account policy default response
func (o *GetServiceAccountPolicyDefault) SetPayload(payload *models.APIError) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetServiceAccountPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

View File

@@ -0,0 +1,135 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package service_account
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetServiceAccountOKCode is the HTTP code returned for type GetServiceAccountOK
const GetServiceAccountOKCode int = 200
/*
GetServiceAccountOK A successful response.
swagger:response getServiceAccountOK
*/
type GetServiceAccountOK struct {
/*
In: Body
*/
Payload *models.ServiceAccount `json:"body,omitempty"`
}
// NewGetServiceAccountOK creates GetServiceAccountOK with default headers values
func NewGetServiceAccountOK() *GetServiceAccountOK {
return &GetServiceAccountOK{}
}
// WithPayload adds the payload to the get service account o k response
func (o *GetServiceAccountOK) WithPayload(payload *models.ServiceAccount) *GetServiceAccountOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get service account o k response
func (o *GetServiceAccountOK) SetPayload(payload *models.ServiceAccount) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetServiceAccountOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*
GetServiceAccountDefault Generic error response.
swagger:response getServiceAccountDefault
*/
type GetServiceAccountDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.APIError `json:"body,omitempty"`
}
// NewGetServiceAccountDefault creates GetServiceAccountDefault with default headers values
func NewGetServiceAccountDefault(code int) *GetServiceAccountDefault {
if code <= 0 {
code = 500
}
return &GetServiceAccountDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get service account default response
func (o *GetServiceAccountDefault) WithStatusCode(code int) *GetServiceAccountDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get service account default response
func (o *GetServiceAccountDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get service account default response
func (o *GetServiceAccountDefault) WithPayload(payload *models.APIError) *GetServiceAccountDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get service account default response
func (o *GetServiceAccountDefault) SetPayload(payload *models.APIError) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetServiceAccountDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

View File

@@ -29,8 +29,8 @@ import (
"strings" "strings"
) )
// GetServiceAccountPolicyURL generates an URL for the get service account policy operation // GetServiceAccountURL generates an URL for the get service account operation
type GetServiceAccountPolicyURL struct { type GetServiceAccountURL struct {
AccessKey string AccessKey string
_basePath string _basePath string
@@ -41,7 +41,7 @@ type GetServiceAccountPolicyURL struct {
// WithBasePath sets the base path for this url builder, only required when it's different from the // WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec. // base path specified in the swagger spec.
// When the value of the base path is an empty string // When the value of the base path is an empty string
func (o *GetServiceAccountPolicyURL) WithBasePath(bp string) *GetServiceAccountPolicyURL { func (o *GetServiceAccountURL) WithBasePath(bp string) *GetServiceAccountURL {
o.SetBasePath(bp) o.SetBasePath(bp)
return o return o
} }
@@ -49,21 +49,21 @@ func (o *GetServiceAccountPolicyURL) WithBasePath(bp string) *GetServiceAccountP
// SetBasePath sets the base path for this url builder, only required when it's different from the // SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec. // base path specified in the swagger spec.
// When the value of the base path is an empty string // When the value of the base path is an empty string
func (o *GetServiceAccountPolicyURL) SetBasePath(bp string) { func (o *GetServiceAccountURL) SetBasePath(bp string) {
o._basePath = bp o._basePath = bp
} }
// Build a url path and query string // Build a url path and query string
func (o *GetServiceAccountPolicyURL) Build() (*url.URL, error) { func (o *GetServiceAccountURL) Build() (*url.URL, error) {
var _result url.URL var _result url.URL
var _path = "/service-accounts/{access_key}/policy" var _path = "/service-accounts/{access_key}"
accessKey := o.AccessKey accessKey := o.AccessKey
if accessKey != "" { if accessKey != "" {
_path = strings.Replace(_path, "{access_key}", accessKey, -1) _path = strings.Replace(_path, "{access_key}", accessKey, -1)
} else { } else {
return nil, errors.New("accessKey is required on GetServiceAccountPolicyURL") return nil, errors.New("accessKey is required on GetServiceAccountURL")
} }
_basePath := o._basePath _basePath := o._basePath
@@ -76,7 +76,7 @@ func (o *GetServiceAccountPolicyURL) Build() (*url.URL, error) {
} }
// Must is a helper function to panic when the url builder returns an error // Must is a helper function to panic when the url builder returns an error
func (o *GetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL { func (o *GetServiceAccountURL) Must(u *url.URL, err error) *url.URL {
if err != nil { if err != nil {
panic(err) panic(err)
} }
@@ -87,17 +87,17 @@ func (o *GetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
} }
// String returns the string representation of the path with query string // String returns the string representation of the path with query string
func (o *GetServiceAccountPolicyURL) String() string { func (o *GetServiceAccountURL) String() string {
return o.Must(o.Build()).String() return o.Must(o.Build()).String()
} }
// BuildFull builds a full url with scheme, host, path and query string // BuildFull builds a full url with scheme, host, path and query string
func (o *GetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, error) { func (o *GetServiceAccountURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" { if scheme == "" {
return nil, errors.New("scheme is required for a full url on GetServiceAccountPolicyURL") return nil, errors.New("scheme is required for a full url on GetServiceAccountURL")
} }
if host == "" { if host == "" {
return nil, errors.New("host is required for a full url on GetServiceAccountPolicyURL") return nil, errors.New("host is required for a full url on GetServiceAccountURL")
} }
base, err := o.Build() base, err := o.Build()
@@ -111,6 +111,6 @@ func (o *GetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, e
} }
// StringFull returns the string representation of a complete url // StringFull returns the string representation of a complete url
func (o *GetServiceAccountPolicyURL) StringFull(scheme, host string) string { func (o *GetServiceAccountURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String() return o.Must(o.BuildFull(scheme, host)).String()
} }

View File

@@ -1,115 +0,0 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package service_account
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// SetServiceAccountPolicyOKCode is the HTTP code returned for type SetServiceAccountPolicyOK
const SetServiceAccountPolicyOKCode int = 200
/*
SetServiceAccountPolicyOK A successful response.
swagger:response setServiceAccountPolicyOK
*/
type SetServiceAccountPolicyOK struct {
}
// NewSetServiceAccountPolicyOK creates SetServiceAccountPolicyOK with default headers values
func NewSetServiceAccountPolicyOK() *SetServiceAccountPolicyOK {
return &SetServiceAccountPolicyOK{}
}
// WriteResponse to the client
func (o *SetServiceAccountPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
rw.WriteHeader(200)
}
/*
SetServiceAccountPolicyDefault Generic error response.
swagger:response setServiceAccountPolicyDefault
*/
type SetServiceAccountPolicyDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.APIError `json:"body,omitempty"`
}
// NewSetServiceAccountPolicyDefault creates SetServiceAccountPolicyDefault with default headers values
func NewSetServiceAccountPolicyDefault(code int) *SetServiceAccountPolicyDefault {
if code <= 0 {
code = 500
}
return &SetServiceAccountPolicyDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the set service account policy default response
func (o *SetServiceAccountPolicyDefault) WithStatusCode(code int) *SetServiceAccountPolicyDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the set service account policy default response
func (o *SetServiceAccountPolicyDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the set service account policy default response
func (o *SetServiceAccountPolicyDefault) WithPayload(payload *models.APIError) *SetServiceAccountPolicyDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the set service account policy default response
func (o *SetServiceAccountPolicyDefault) SetPayload(payload *models.APIError) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SetServiceAccountPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

View File

@@ -30,40 +30,40 @@ import (
"github.com/minio/console/models" "github.com/minio/console/models"
) )
// SetServiceAccountPolicyHandlerFunc turns a function with the right signature into a set service account policy handler // UpdateServiceAccountHandlerFunc turns a function with the right signature into a update service account handler
type SetServiceAccountPolicyHandlerFunc func(SetServiceAccountPolicyParams, *models.Principal) middleware.Responder type UpdateServiceAccountHandlerFunc func(UpdateServiceAccountParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response // Handle executing the request and returning a response
func (fn SetServiceAccountPolicyHandlerFunc) Handle(params SetServiceAccountPolicyParams, principal *models.Principal) middleware.Responder { func (fn UpdateServiceAccountHandlerFunc) Handle(params UpdateServiceAccountParams, principal *models.Principal) middleware.Responder {
return fn(params, principal) return fn(params, principal)
} }
// SetServiceAccountPolicyHandler interface for that can handle valid set service account policy params // UpdateServiceAccountHandler interface for that can handle valid update service account params
type SetServiceAccountPolicyHandler interface { type UpdateServiceAccountHandler interface {
Handle(SetServiceAccountPolicyParams, *models.Principal) middleware.Responder Handle(UpdateServiceAccountParams, *models.Principal) middleware.Responder
} }
// NewSetServiceAccountPolicy creates a new http.Handler for the set service account policy operation // NewUpdateServiceAccount creates a new http.Handler for the update service account operation
func NewSetServiceAccountPolicy(ctx *middleware.Context, handler SetServiceAccountPolicyHandler) *SetServiceAccountPolicy { func NewUpdateServiceAccount(ctx *middleware.Context, handler UpdateServiceAccountHandler) *UpdateServiceAccount {
return &SetServiceAccountPolicy{Context: ctx, Handler: handler} return &UpdateServiceAccount{Context: ctx, Handler: handler}
} }
/* /*
SetServiceAccountPolicy swagger:route PUT /service-accounts/{access_key}/policy ServiceAccount setServiceAccountPolicy UpdateServiceAccount swagger:route PUT /service-accounts/{access_key} ServiceAccount updateServiceAccount
Set Service Account Policy Set Service Account Policy
*/ */
type SetServiceAccountPolicy struct { type UpdateServiceAccount struct {
Context *middleware.Context Context *middleware.Context
Handler SetServiceAccountPolicyHandler Handler UpdateServiceAccountHandler
} }
func (o *SetServiceAccountPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) { func (o *UpdateServiceAccount) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r) route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil { if rCtx != nil {
*r = *rCtx *r = *rCtx
} }
var Params = NewSetServiceAccountPolicyParams() var Params = NewUpdateServiceAccountParams()
uprinc, aCtx, err := o.Context.Authorize(r, route) uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil { if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err) o.Context.Respond(rw, r, route.Produces, route, err)

View File

@@ -35,19 +35,19 @@ import (
"github.com/minio/console/models" "github.com/minio/console/models"
) )
// NewSetServiceAccountPolicyParams creates a new SetServiceAccountPolicyParams object // NewUpdateServiceAccountParams creates a new UpdateServiceAccountParams object
// //
// There are no default values defined in the spec. // There are no default values defined in the spec.
func NewSetServiceAccountPolicyParams() SetServiceAccountPolicyParams { func NewUpdateServiceAccountParams() UpdateServiceAccountParams {
return SetServiceAccountPolicyParams{} return UpdateServiceAccountParams{}
} }
// SetServiceAccountPolicyParams contains all the bound params for the set service account policy operation // UpdateServiceAccountParams contains all the bound params for the update service account operation
// typically these are obtained from a http.Request // typically these are obtained from a http.Request
// //
// swagger:parameters SetServiceAccountPolicy // swagger:parameters UpdateServiceAccount
type SetServiceAccountPolicyParams struct { type UpdateServiceAccountParams struct {
// HTTP Request Object // HTTP Request Object
HTTPRequest *http.Request `json:"-"` HTTPRequest *http.Request `json:"-"`
@@ -61,14 +61,14 @@ type SetServiceAccountPolicyParams struct {
Required: true Required: true
In: body In: body
*/ */
Policy *models.AddServiceAccountPolicyRequest Body *models.UpdateServiceAccountRequest
} }
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface // BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls. // for simple values it will use straight method calls.
// //
// To ensure default values, the struct must have been initialized with NewSetServiceAccountPolicyParams() beforehand. // To ensure default values, the struct must have been initialized with NewUpdateServiceAccountParams() beforehand.
func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { func (o *UpdateServiceAccountParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error var res []error
o.HTTPRequest = r o.HTTPRequest = r
@@ -80,12 +80,12 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
if runtime.HasBody(r) { if runtime.HasBody(r) {
defer r.Body.Close() defer r.Body.Close()
var body models.AddServiceAccountPolicyRequest var body models.UpdateServiceAccountRequest
if err := route.Consumer.Consume(r.Body, &body); err != nil { if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF { if err == io.EOF {
res = append(res, errors.Required("policy", "body", "")) res = append(res, errors.Required("body", "body", ""))
} else { } else {
res = append(res, errors.NewParseError("policy", "body", "", err)) res = append(res, errors.NewParseError("body", "body", "", err))
} }
} else { } else {
// validate body object // validate body object
@@ -99,11 +99,11 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
} }
if len(res) == 0 { if len(res) == 0 {
o.Policy = &body o.Body = &body
} }
} }
} else { } else {
res = append(res, errors.Required("policy", "body", "")) res = append(res, errors.Required("body", "body", ""))
} }
if len(res) > 0 { if len(res) > 0 {
return errors.CompositeValidationError(res...) return errors.CompositeValidationError(res...)
@@ -112,7 +112,7 @@ func (o *SetServiceAccountPolicyParams) BindRequest(r *http.Request, route *midd
} }
// bindAccessKey binds and validates parameter AccessKey from path. // bindAccessKey binds and validates parameter AccessKey from path.
func (o *SetServiceAccountPolicyParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error { func (o *UpdateServiceAccountParams) bindAccessKey(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string var raw string
if len(rawData) > 0 { if len(rawData) > 0 {
raw = rawData[len(rawData)-1] raw = rawData[len(rawData)-1]

View File

@@ -0,0 +1,115 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package service_account
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// UpdateServiceAccountOKCode is the HTTP code returned for type UpdateServiceAccountOK
const UpdateServiceAccountOKCode int = 200
/*
UpdateServiceAccountOK A successful response.
swagger:response updateServiceAccountOK
*/
type UpdateServiceAccountOK struct {
}
// NewUpdateServiceAccountOK creates UpdateServiceAccountOK with default headers values
func NewUpdateServiceAccountOK() *UpdateServiceAccountOK {
return &UpdateServiceAccountOK{}
}
// WriteResponse to the client
func (o *UpdateServiceAccountOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
rw.WriteHeader(200)
}
/*
UpdateServiceAccountDefault Generic error response.
swagger:response updateServiceAccountDefault
*/
type UpdateServiceAccountDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.APIError `json:"body,omitempty"`
}
// NewUpdateServiceAccountDefault creates UpdateServiceAccountDefault with default headers values
func NewUpdateServiceAccountDefault(code int) *UpdateServiceAccountDefault {
if code <= 0 {
code = 500
}
return &UpdateServiceAccountDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the update service account default response
func (o *UpdateServiceAccountDefault) WithStatusCode(code int) *UpdateServiceAccountDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the update service account default response
func (o *UpdateServiceAccountDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the update service account default response
func (o *UpdateServiceAccountDefault) WithPayload(payload *models.APIError) *UpdateServiceAccountDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the update service account default response
func (o *UpdateServiceAccountDefault) SetPayload(payload *models.APIError) {
o.Payload = payload
}
// WriteResponse to the client
func (o *UpdateServiceAccountDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

View File

@@ -29,8 +29,8 @@ import (
"strings" "strings"
) )
// SetServiceAccountPolicyURL generates an URL for the set service account policy operation // UpdateServiceAccountURL generates an URL for the update service account operation
type SetServiceAccountPolicyURL struct { type UpdateServiceAccountURL struct {
AccessKey string AccessKey string
_basePath string _basePath string
@@ -41,7 +41,7 @@ type SetServiceAccountPolicyURL struct {
// WithBasePath sets the base path for this url builder, only required when it's different from the // WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec. // base path specified in the swagger spec.
// When the value of the base path is an empty string // When the value of the base path is an empty string
func (o *SetServiceAccountPolicyURL) WithBasePath(bp string) *SetServiceAccountPolicyURL { func (o *UpdateServiceAccountURL) WithBasePath(bp string) *UpdateServiceAccountURL {
o.SetBasePath(bp) o.SetBasePath(bp)
return o return o
} }
@@ -49,21 +49,21 @@ func (o *SetServiceAccountPolicyURL) WithBasePath(bp string) *SetServiceAccountP
// SetBasePath sets the base path for this url builder, only required when it's different from the // SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec. // base path specified in the swagger spec.
// When the value of the base path is an empty string // When the value of the base path is an empty string
func (o *SetServiceAccountPolicyURL) SetBasePath(bp string) { func (o *UpdateServiceAccountURL) SetBasePath(bp string) {
o._basePath = bp o._basePath = bp
} }
// Build a url path and query string // Build a url path and query string
func (o *SetServiceAccountPolicyURL) Build() (*url.URL, error) { func (o *UpdateServiceAccountURL) Build() (*url.URL, error) {
var _result url.URL var _result url.URL
var _path = "/service-accounts/{access_key}/policy" var _path = "/service-accounts/{access_key}"
accessKey := o.AccessKey accessKey := o.AccessKey
if accessKey != "" { if accessKey != "" {
_path = strings.Replace(_path, "{access_key}", accessKey, -1) _path = strings.Replace(_path, "{access_key}", accessKey, -1)
} else { } else {
return nil, errors.New("accessKey is required on SetServiceAccountPolicyURL") return nil, errors.New("accessKey is required on UpdateServiceAccountURL")
} }
_basePath := o._basePath _basePath := o._basePath
@@ -76,7 +76,7 @@ func (o *SetServiceAccountPolicyURL) Build() (*url.URL, error) {
} }
// Must is a helper function to panic when the url builder returns an error // Must is a helper function to panic when the url builder returns an error
func (o *SetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL { func (o *UpdateServiceAccountURL) Must(u *url.URL, err error) *url.URL {
if err != nil { if err != nil {
panic(err) panic(err)
} }
@@ -87,17 +87,17 @@ func (o *SetServiceAccountPolicyURL) Must(u *url.URL, err error) *url.URL {
} }
// String returns the string representation of the path with query string // String returns the string representation of the path with query string
func (o *SetServiceAccountPolicyURL) String() string { func (o *UpdateServiceAccountURL) String() string {
return o.Must(o.Build()).String() return o.Must(o.Build()).String()
} }
// BuildFull builds a full url with scheme, host, path and query string // BuildFull builds a full url with scheme, host, path and query string
func (o *SetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, error) { func (o *UpdateServiceAccountURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" { if scheme == "" {
return nil, errors.New("scheme is required for a full url on SetServiceAccountPolicyURL") return nil, errors.New("scheme is required for a full url on UpdateServiceAccountURL")
} }
if host == "" { if host == "" {
return nil, errors.New("host is required for a full url on SetServiceAccountPolicyURL") return nil, errors.New("host is required for a full url on UpdateServiceAccountURL")
} }
base, err := o.Build() base, err := o.Build()
@@ -111,6 +111,6 @@ func (o *SetServiceAccountPolicyURL) BuildFull(scheme, host string) (*url.URL, e
} }
// StringFull returns the string representation of a complete url // StringFull returns the string representation of a complete url
func (o *SetServiceAccountPolicyURL) StringFull(scheme, host string) string { func (o *UpdateServiceAccountURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String() return o.Must(o.BuildFull(scheme, host)).String()
} }

View File

@@ -96,20 +96,20 @@ func registerServiceAccountsHandlers(api *operations.ConsoleAPI) {
return saApi.NewListUserServiceAccountsOK().WithPayload(serviceAccounts) return saApi.NewListUserServiceAccountsOK().WithPayload(serviceAccounts)
}) })
api.ServiceAccountGetServiceAccountPolicyHandler = saApi.GetServiceAccountPolicyHandlerFunc(func(params saApi.GetServiceAccountPolicyParams, session *models.Principal) middleware.Responder { api.ServiceAccountGetServiceAccountHandler = saApi.GetServiceAccountHandlerFunc(func(params saApi.GetServiceAccountParams, session *models.Principal) middleware.Responder {
serviceAccounts, err := getServiceAccountPolicyResponse(session, params) serviceAccounts, err := getServiceAccountInfo(session, params)
if err != nil { if err != nil {
return saApi.NewGetServiceAccountPolicyDefault(err.Code).WithPayload(err.APIError) return saApi.NewGetServiceAccountDefault(err.Code).WithPayload(err.APIError)
} }
return saApi.NewGetServiceAccountPolicyOK().WithPayload(serviceAccounts) return saApi.NewGetServiceAccountOK().WithPayload(serviceAccounts)
}) })
api.ServiceAccountSetServiceAccountPolicyHandler = saApi.SetServiceAccountPolicyHandlerFunc(func(params saApi.SetServiceAccountPolicyParams, session *models.Principal) middleware.Responder { api.ServiceAccountUpdateServiceAccountHandler = saApi.UpdateServiceAccountHandlerFunc(func(params saApi.UpdateServiceAccountParams, session *models.Principal) middleware.Responder {
err := getSetServiceAccountPolicyResponse(session, params) err := updateSetServiceAccountResponse(session, params)
if err != nil { if err != nil {
return saApi.NewSetServiceAccountPolicyDefault(err.Code).WithPayload(err.APIError) return saApi.NewUpdateServiceAccountDefault(err.Code).WithPayload(err.APIError)
} }
return saApi.NewSetServiceAccountPolicyOK() return saApi.NewUpdateServiceAccountOK()
}) })
// Delete multiple service accounts // Delete multiple service accounts
@@ -122,7 +122,7 @@ func registerServiceAccountsHandlers(api *operations.ConsoleAPI) {
} }
// createServiceAccount adds a service account to the userClient and assigns a policy to him if defined. // createServiceAccount adds a service account to the userClient and assigns a policy to him if defined.
func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy string) (*models.ServiceAccountCreds, error) { func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise // By default a nil policy will be used so the service account inherit the parent account policy, otherwise
// we override with the user provided iam policy // we override with the user provided iam policy
var iamPolicy *iampolicy.Policy var iamPolicy *iampolicy.Policy
@@ -133,7 +133,7 @@ func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy str
} }
iamPolicy = iamp iamPolicy = iamp
} }
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", "", "") creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", "", "", name, description, expiry, comment)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -141,7 +141,7 @@ func createServiceAccount(ctx context.Context, userClient MinioAdmin, policy str
} }
// createServiceAccount adds a service account with the given credentials to the userClient and assigns a policy to him if defined. // createServiceAccount adds a service account with the given credentials to the userClient and assigns a policy to him if defined.
func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, accessKey string, secretKey string) (*models.ServiceAccountCreds, error) { func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise // By default a nil policy will be used so the service account inherit the parent account policy, otherwise
// we override with the user provided iam policy // we override with the user provided iam policy
var iamPolicy *iampolicy.Policy var iamPolicy *iampolicy.Policy
@@ -152,7 +152,7 @@ func createServiceAccountCreds(ctx context.Context, userClient MinioAdmin, polic
} }
iamPolicy = iamp iamPolicy = iamp
} }
creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", accessKey, secretKey) creds, err := userClient.addServiceAccount(ctx, iamPolicy, "", accessKey, secretKey, name, description, expiry, comment)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -174,7 +174,14 @@ func getCreateServiceAccountResponse(session *models.Principal, params saApi.Cre
// defining the client to be used // defining the client to be used
userAdminClient := AdminClient{Client: userAdmin} userAdminClient := AdminClient{Client: userAdmin}
saCreds, err := createServiceAccount(ctx, userAdminClient, params.Body.Policy) var parsedExpiry time.Time
if params.Body.Expiry != "" {
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
}
saCreds, err := createServiceAccount(ctx, userAdminClient, params.Body.Policy, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
if err != nil { if err != nil {
return nil, ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
@@ -182,7 +189,7 @@ func getCreateServiceAccountResponse(session *models.Principal, params saApi.Cre
} }
// createServiceAccount adds a service account to a given user and assigns a policy to him if defined. // createServiceAccount adds a service account to a given user and assigns a policy to him if defined.
func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, user string) (*models.ServiceAccountCreds, error) { func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, policy string, user string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise // By default a nil policy will be used so the service account inherit the parent account policy, otherwise
// we override with the user provided iam policy // we override with the user provided iam policy
var iamPolicy *iampolicy.Policy var iamPolicy *iampolicy.Policy
@@ -194,14 +201,14 @@ func createAUserServiceAccount(ctx context.Context, userClient MinioAdmin, polic
iamPolicy = iamp iamPolicy = iamp
} }
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, "", "") creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, "", "", name, description, expiry, comment)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return &models.ServiceAccountCreds{AccessKey: creds.AccessKey, SecretKey: creds.SecretKey, URL: getMinIOServer()}, nil return &models.ServiceAccountCreds{AccessKey: creds.AccessKey, SecretKey: creds.SecretKey, URL: getMinIOServer()}, nil
} }
func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, user string, accessKey string, secretKey string) (*models.ServiceAccountCreds, error) { func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin, policy string, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (*models.ServiceAccountCreds, error) {
// By default a nil policy will be used so the service account inherit the parent account policy, otherwise // By default a nil policy will be used so the service account inherit the parent account policy, otherwise
// we override with the user provided iam policy // we override with the user provided iam policy
var iamPolicy *iampolicy.Policy var iamPolicy *iampolicy.Policy
@@ -213,7 +220,7 @@ func createAUserServiceAccountCreds(ctx context.Context, userClient MinioAdmin,
iamPolicy = iamp iamPolicy = iamp
} }
creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, accessKey, secretKey) creds, err := userClient.addServiceAccount(ctx, iamPolicy, user, accessKey, secretKey, name, description, expiry, comment)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -238,7 +245,15 @@ func getCreateAUserServiceAccountResponse(session *models.Principal, params user
if err != nil { if err != nil {
return nil, ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
saCreds, err := createAUserServiceAccount(ctx, userAdminClient, params.Body.Policy, name)
var parsedExpiry time.Time
if params.Body.Expiry != "" {
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
}
saCreds, err := createAUserServiceAccount(ctx, userAdminClient, params.Body.Policy, name, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
if err != nil { if err != nil {
return nil, ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
@@ -275,7 +290,15 @@ func getCreateAUserServiceAccountCredsResponse(session *models.Principal, params
return nil, ErrorWithContext(ctx, errors.New("Access Key already in use")) return nil, ErrorWithContext(ctx, errors.New("Access Key already in use"))
} }
} }
saCreds, err := createAUserServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, user, serviceAccount.AccessKey, serviceAccount.SecretKey)
var parsedExpiry time.Time
if serviceAccount.Expiry != "" {
parsedExpiry, err = time.Parse(time.RFC3339, serviceAccount.Expiry)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
}
saCreds, err := createAUserServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, user, serviceAccount.AccessKey, serviceAccount.SecretKey, serviceAccount.Name, serviceAccount.Description, &parsedExpiry, serviceAccount.Comment)
if err != nil { if err != nil {
return nil, ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
@@ -309,7 +332,15 @@ func getCreateServiceAccountCredsResponse(session *models.Principal, params saAp
} }
} }
saCreds, err := createServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, serviceAccount.AccessKey, serviceAccount.SecretKey) var parsedExpiry time.Time
if params.Body.Expiry != "" {
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
}
saCreds, err := createServiceAccountCreds(ctx, userAdminClient, serviceAccount.Policy, serviceAccount.AccessKey, serviceAccount.SecretKey, params.Body.Name, params.Body.Description, &parsedExpiry, params.Body.Comment)
if err != nil { if err != nil {
return nil, ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
@@ -392,60 +423,89 @@ func getDeleteServiceAccountResponse(session *models.Principal, params saApi.Del
return nil return nil
} }
// getServiceAccountPolicy gets policy for a service account // getServiceAccountDetails gets policy for a service account
func getServiceAccountPolicy(ctx context.Context, userClient MinioAdmin, accessKey string) (string, error) { func getServiceAccountDetails(ctx context.Context, userClient MinioAdmin, accessKey string) (*models.ServiceAccount, error) {
serviceAccountInfo, err := userClient.infoServiceAccount(ctx, accessKey) saInfo, err := userClient.infoServiceAccount(ctx, accessKey)
if err != nil { if err != nil {
return "", err return nil, err
}
var policy iampolicy.Policy
json.Unmarshal([]byte(serviceAccountInfo.Policy), &policy)
if policy.Statements == nil {
return "", nil
}
return serviceAccountInfo.Policy, nil
} }
// getServiceAccountPolicyResponse authenticates the user and calls var policyJSON string
// getServiceAccountPolicy to get the policy for a service account var policy iampolicy.Policy
func getServiceAccountPolicyResponse(session *models.Principal, params saApi.GetServiceAccountPolicyParams) (string, *CodedAPIError) { json.Unmarshal([]byte(saInfo.Policy), &policy)
if policy.Statements == nil {
policyJSON = ""
} else {
policyJSON = saInfo.Policy
}
expiry := ""
if saInfo.Expiration != nil {
expiry = saInfo.Expiration.Format(time.RFC3339)
}
sa := models.ServiceAccount{
AccountStatus: saInfo.AccountStatus,
Description: saInfo.Description,
Expiration: expiry,
ImpliedPolicy: saInfo.ImpliedPolicy,
Name: saInfo.Name,
ParentUser: saInfo.ParentUser,
Policy: policyJSON,
}
return &sa, nil
}
// getServiceAccountInfo authenticates the user and calls
// getServiceAccountInfo to get the policy for a service account
func getServiceAccountInfo(session *models.Principal, params saApi.GetServiceAccountParams) (*models.ServiceAccount, *CodedAPIError) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel() defer cancel()
accessKey, err := utils.DecodeBase64(params.AccessKey) accessKey, err := utils.DecodeBase64(params.AccessKey)
if err != nil { if err != nil {
return "", ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
if err != nil { if err != nil {
return "", ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
// create a MinIO user Admin Client interface implementation // create a MinIO user Admin Client interface implementation
// defining the client to be used // defining the client to be used
userAdminClient := AdminClient{Client: userAdmin} userAdminClient := AdminClient{Client: userAdmin}
serviceAccounts, err := getServiceAccountPolicy(ctx, userAdminClient, accessKey) serviceAccount, err := getServiceAccountDetails(ctx, userAdminClient, accessKey)
if err != nil { if err != nil {
return "", ErrorWithContext(ctx, err) return nil, ErrorWithContext(ctx, err)
} }
return serviceAccounts, nil
return serviceAccount, nil
} }
// setServiceAccountPolicy sets policy for a service account // setServiceAccountPolicy sets policy for a service account
func setServiceAccountPolicy(ctx context.Context, userClient MinioAdmin, accessKey string, policy string) error { func updateServiceAccountDetails(ctx context.Context, userClient MinioAdmin, accessKey string, policy string, expiry time.Time, name string, description string, status string, secretKey string) error {
err := userClient.updateServiceAccount(ctx, accessKey, madmin.UpdateServiceAccountReq{NewPolicy: json.RawMessage(policy)}) req := madmin.UpdateServiceAccountReq{
NewPolicy: json.RawMessage(policy),
NewSecretKey: secretKey,
NewStatus: status,
NewName: name,
NewDescription: description,
NewExpiration: &expiry,
}
err := userClient.updateServiceAccount(ctx, accessKey, req)
return err return err
} }
// getSetServiceAccountPolicyResponse authenticates the user and calls // updateSetServiceAccountResponse authenticates the user and calls
// getSetServiceAccountPolicy to set the policy for a service account // getSetServiceAccountPolicy to set the policy for a service account
func getSetServiceAccountPolicyResponse(session *models.Principal, params saApi.SetServiceAccountPolicyParams) *CodedAPIError { func updateSetServiceAccountResponse(session *models.Principal, params saApi.UpdateServiceAccountParams) *CodedAPIError {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel() defer cancel()
accessKey, err := utils.DecodeBase64(params.AccessKey) accessKey, err := utils.DecodeBase64(params.AccessKey)
if err != nil { if err != nil {
return ErrorWithContext(ctx, err) return ErrorWithContext(ctx, err)
} }
policy := *params.Policy.Policy policy := *params.Body.Policy
userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) userAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session)
if err != nil { if err != nil {
return ErrorWithContext(ctx, err) return ErrorWithContext(ctx, err)
@@ -454,7 +514,14 @@ func getSetServiceAccountPolicyResponse(session *models.Principal, params saApi.
// defining the client to be used // defining the client to be used
userAdminClient := AdminClient{Client: userAdmin} userAdminClient := AdminClient{Client: userAdmin}
err = setServiceAccountPolicy(ctx, userAdminClient, accessKey, policy) var parsedExpiry time.Time
if params.Body.Expiry != "" {
parsedExpiry, err = time.Parse(time.RFC3339, params.Body.Expiry)
if err != nil {
return ErrorWithContext(ctx, err)
}
}
err = updateServiceAccountDetails(ctx, userAdminClient, accessKey, policy, parsedExpiry, params.Body.Name, params.Body.Description, params.Body.Status, params.Body.SecretKey)
if err != nil { if err != nil {
return ErrorWithContext(ctx, err) return ErrorWithContext(ctx, err)
} }

View File

@@ -21,6 +21,7 @@ import (
"errors" "errors"
"fmt" "fmt"
"testing" "testing"
"time"
"github.com/minio/madmin-go/v3" "github.com/minio/madmin-go/v3"
iampolicy "github.com/minio/pkg/v2/policy" iampolicy "github.com/minio/pkg/v2/policy"
@@ -40,10 +41,10 @@ func TestAddServiceAccount(t *testing.T) {
AccessKey: "minio", AccessKey: "minio",
SecretKey: "minio123", SecretKey: "minio123",
} }
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) { minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
return mockResponse, nil return mockResponse, nil
} }
saCreds, err := createServiceAccount(ctx, client, policyDefinition) saCreds, err := createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
if err != nil { if err != nil {
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error()) t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
} }
@@ -56,10 +57,10 @@ func TestAddServiceAccount(t *testing.T) {
AccessKey: "minio", AccessKey: "minio",
SecretKey: "minio123", SecretKey: "minio123",
} }
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) { minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
return mockResponse, nil return mockResponse, nil
} }
_, err = createServiceAccount(ctx, client, policyDefinition) _, err = createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
assert.Error(err) assert.Error(err)
// Test-3: if an error occurs on server while creating service account (valid policy), handle it // Test-3: if an error occurs on server while creating service account (valid policy), handle it
@@ -68,10 +69,10 @@ func TestAddServiceAccount(t *testing.T) {
AccessKey: "minio", AccessKey: "minio",
SecretKey: "minio123", SecretKey: "minio123",
} }
minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error) { minioAddServiceAccountMock = func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string, name string, description string, expiry *time.Time, comment string) (madmin.Credentials, error) {
return madmin.Credentials{}, errors.New("error") return madmin.Credentials{}, errors.New("error")
} }
_, err = createServiceAccount(ctx, client, policyDefinition) _, err = createServiceAccount(ctx, client, policyDefinition, "", "", nil, "")
if assert.Error(err) { if assert.Error(err) {
assert.Equal("error", err.Error()) assert.Equal("error", err.Error())
} }
@@ -153,11 +154,11 @@ func TestDeleteServiceAccount(t *testing.T) {
} }
} }
func TestGetServiceAccountPolicy(t *testing.T) { func TestGetServiceAccountDetails(t *testing.T) {
assert := assert.New(t) assert := assert.New(t)
// mock minIO client // mock minIO client
client := AdminClientMock{} client := AdminClientMock{}
function := "getServiceAccountPolicy()" function := "getServiceAccountDetails()"
// Test-1: getServiceAccountPolicy list serviceaccounts for a user // Test-1: getServiceAccountPolicy list serviceaccounts for a user
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
@@ -183,17 +184,17 @@ func TestGetServiceAccountPolicy(t *testing.T) {
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) { minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
return mockResponse, nil return mockResponse, nil
} }
serviceAccount, err := getServiceAccountPolicy(ctx, client, "") serviceAccount, err := getServiceAccountDetails(ctx, client, "")
if err != nil { if err != nil {
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error()) t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
} }
assert.Equal(mockResponse.Policy, serviceAccount) assert.Equal(mockResponse.Policy, serviceAccount.Policy)
// Test-2: getServiceAccountPolicy returns an error, handle it properly // Test-2: getServiceAccountPolicy returns an error, handle it properly
minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) { minioInfoServiceAccountMock = func(ctx context.Context, user string) (madmin.InfoServiceAccountResp, error) {
return madmin.InfoServiceAccountResp{}, errors.New("error") return madmin.InfoServiceAccountResp{}, errors.New("error")
} }
_, err = getServiceAccountPolicy(ctx, client, "") _, err = getServiceAccountDetails(ctx, client, "")
if assert.Error(err) { if assert.Error(err) {
assert.Equal("error", err.Error()) assert.Equal("error", err.Error())
} }

View File

@@ -1416,25 +1416,6 @@ paths:
tags: tags:
- ServiceAccount - ServiceAccount
/service-accounts/{access_key}:
delete:
summary: Delete Service Account
operationId: DeleteServiceAccount
parameters:
- name: access_key
in: path
required: true
type: string
responses:
204:
description: A successful response.
default:
description: Generic error response.
schema:
$ref: "#/definitions/ApiError"
tags:
- ServiceAccount
/service-accounts/delete-multi: /service-accounts/delete-multi:
delete: delete:
summary: Delete Multiple Service Accounts summary: Delete Multiple Service Accounts
@@ -1457,10 +1438,10 @@ paths:
tags: tags:
- ServiceAccount - ServiceAccount
/service-accounts/{access_key}/policy: /service-accounts/{access_key}:
get: get:
summary: Get Service Account Policy summary: Get Service Account
operationId: GetServiceAccountPolicy operationId: GetServiceAccount
parameters: parameters:
- name: access_key - name: access_key
in: path in: path
@@ -1470,7 +1451,7 @@ paths:
200: 200:
description: A successful response. description: A successful response.
schema: schema:
type: string $ref: "#/definitions/serviceAccount"
default: default:
description: Generic error response. description: Generic error response.
schema: schema:
@@ -1479,17 +1460,17 @@ paths:
- ServiceAccount - ServiceAccount
put: put:
summary: Set Service Account Policy summary: Set Service Account Policy
operationId: SetServiceAccountPolicy operationId: UpdateServiceAccount
parameters: parameters:
- name: access_key - name: access_key
in: path in: path
required: true required: true
type: string type: string
- name: policy - name: body
in: body in: body
required: true required: true
schema: schema:
$ref: "#/definitions/addServiceAccountPolicyRequest" $ref: "#/definitions/updateServiceAccountRequest"
responses: responses:
200: 200:
description: A successful response. description: A successful response.
@@ -1499,6 +1480,23 @@ paths:
$ref: "#/definitions/ApiError" $ref: "#/definitions/ApiError"
tags: tags:
- ServiceAccount - ServiceAccount
delete:
summary: Delete Service Account
operationId: DeleteServiceAccount
parameters:
- name: access_key
in: path
required: true
type: string
responses:
204:
description: A successful response.
default:
description: Generic error response.
schema:
$ref: "#/definitions/ApiError"
tags:
- ServiceAccount
/users: /users:
get: get:
@@ -3896,13 +3894,23 @@ definitions:
policy: policy:
type: string type: string
addServiceAccountPolicyRequest: updateServiceAccountRequest:
type: object type: object
required: required:
- policy - policy
properties: properties:
policy: policy:
type: string type: string
secretKey:
type: string
name:
type: string
description:
type: string
expiry:
type: string
status:
type: string
listPoliciesResponse: listPoliciesResponse:
type: object type: object
@@ -4804,6 +4812,23 @@ definitions:
type: array type: array
items: items:
type: string type: string
serviceAccount:
type: object
properties:
parentUser:
type: string
accountStatus:
type: string
impliedPolicy:
type: boolean
policy:
type: string
name:
type: string
description:
type: string
expiration:
type: string
serviceAccounts: serviceAccounts:
type: array type: array
items: items:
@@ -4826,6 +4851,14 @@ definitions:
policy: policy:
type: string type: string
title: "policy to be applied to the Service Account if any" title: "policy to be applied to the Service Account if any"
name:
type: string
description:
type: string
expiry:
type: string
comment:
type: string
serviceAccountRequestCreds: serviceAccountRequestCreds:
type: object type: object
properties: properties:
@@ -4836,6 +4869,14 @@ definitions:
type: string type: string
secretKey: secretKey:
type: string type: string
name:
type: string
description:
type: string
expiry:
type: string
comment:
type: string
serviceAccountCreds: serviceAccountCreds:
type: object type: object
properties: properties: