From 1f481c09671285b530425452efc2e9d7ae1866d0 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Tue, 29 Oct 2019 19:50:26 -0700 Subject: [PATCH] Return appropriate error if user,group,policy doesn't exist (#8465) Fixes https://github.com/minio/mc/issues/2944 --- cmd/iam-etcd-store.go | 33 +++++++++++++++++++++++++++++---- cmd/iam-object-store.go | 36 ++++++++++++++++++++++++++++++++---- 2 files changed, 61 insertions(+), 8 deletions(-) diff --git a/cmd/iam-etcd-store.go b/cmd/iam-etcd-store.go index 9deadd2ac..cb259cfa6 100644 --- a/cmd/iam-etcd-store.go +++ b/cmd/iam-etcd-store.go @@ -288,6 +288,9 @@ func (ies *IAMEtcdStore) loadUser(user string, isSTS bool, m map[string]auth.Cre var u UserIdentity err := ies.loadIAMConfig(&u, getUserIdentityPath(user, isSTS)) if err != nil { + if err == errConfigNotFound { + return errNoSuchUser + } return err } @@ -337,6 +340,9 @@ func (ies *IAMEtcdStore) loadGroup(group string, m map[string]GroupInfo) error { var gi GroupInfo err := ies.loadIAMConfig(&gi, getGroupInfoPath(group)) if err != nil { + if err == errConfigNotFound { + return errNoSuchGroup + } return err } m[group] = gi @@ -370,6 +376,9 @@ func (ies *IAMEtcdStore) loadMappedPolicy(name string, isSTS, isGroup bool, m ma var p MappedPolicy err := ies.loadIAMConfig(&p, getMappedPolicyPath(name, isSTS, isGroup)) if err != nil { + if err == errConfigNotFound { + return errNoSuchPolicy + } return err } m[name] = p @@ -486,19 +495,35 @@ func (ies *IAMEtcdStore) saveGroupInfo(name string, gi GroupInfo) error { } func (ies *IAMEtcdStore) deletePolicyDoc(name string) error { - return ies.deleteIAMConfig(getPolicyDocPath(name)) + err := ies.deleteIAMConfig(getPolicyDocPath(name)) + if err == errConfigNotFound { + err = errNoSuchPolicy + } + return err } func (ies *IAMEtcdStore) deleteMappedPolicy(name string, isSTS, isGroup bool) error { - return ies.deleteIAMConfig(getMappedPolicyPath(name, isSTS, isGroup)) + err := ies.deleteIAMConfig(getMappedPolicyPath(name, isSTS, isGroup)) + if err == errConfigNotFound { + err = errNoSuchPolicy + } + return err } func (ies *IAMEtcdStore) deleteUserIdentity(name string, isSTS bool) error { - return ies.deleteIAMConfig(getUserIdentityPath(name, isSTS)) + err := ies.deleteIAMConfig(getUserIdentityPath(name, isSTS)) + if err == errConfigNotFound { + err = errNoSuchUser + } + return err } func (ies *IAMEtcdStore) deleteGroupInfo(name string) error { - return ies.deleteIAMConfig(getGroupInfoPath(name)) + err := ies.deleteIAMConfig(getGroupInfoPath(name)) + if err == errConfigNotFound { + err = errNoSuchGroup + } + return err } func (ies *IAMEtcdStore) watch(sys *IAMSys) { diff --git a/cmd/iam-object-store.go b/cmd/iam-object-store.go index 926c8e2d0..3d8abebd6 100644 --- a/cmd/iam-object-store.go +++ b/cmd/iam-object-store.go @@ -244,6 +244,9 @@ func (iamOS *IAMObjectStore) loadPolicyDoc(policy string, m map[string]iampolicy var p iampolicy.Policy err := iamOS.loadIAMConfig(&p, getPolicyDocPath(policy)) if err != nil { + if err == errConfigNotFound { + return errNoSuchPolicy + } return err } m[policy] = p @@ -281,6 +284,9 @@ func (iamOS *IAMObjectStore) loadUser(user string, isSTS bool, m map[string]auth var u UserIdentity err := iamOS.loadIAMConfig(&u, getUserIdentityPath(user, isSTS)) if err != nil { + if err == errConfigNotFound { + return errNoSuchUser + } return err } @@ -333,6 +339,9 @@ func (iamOS *IAMObjectStore) loadGroup(group string, m map[string]GroupInfo) err var g GroupInfo err := iamOS.loadIAMConfig(&g, getGroupInfoPath(group)) if err != nil { + if err == errConfigNotFound { + return errNoSuchGroup + } return err } m[group] = g @@ -372,6 +381,9 @@ func (iamOS *IAMObjectStore) loadMappedPolicy(name string, isSTS, isGroup bool, var p MappedPolicy err := iamOS.loadIAMConfig(&p, getMappedPolicyPath(name, isSTS, isGroup)) if err != nil { + if err == errConfigNotFound { + return errNoSuchPolicy + } return err } m[name] = p @@ -497,19 +509,35 @@ func (iamOS *IAMObjectStore) saveGroupInfo(name string, gi GroupInfo) error { } func (iamOS *IAMObjectStore) deletePolicyDoc(name string) error { - return iamOS.deleteIAMConfig(getPolicyDocPath(name)) + err := iamOS.deleteIAMConfig(getPolicyDocPath(name)) + if err == errConfigNotFound { + err = errNoSuchPolicy + } + return err } func (iamOS *IAMObjectStore) deleteMappedPolicy(name string, isSTS, isGroup bool) error { - return iamOS.deleteIAMConfig(getMappedPolicyPath(name, isSTS, isGroup)) + err := iamOS.deleteIAMConfig(getMappedPolicyPath(name, isSTS, isGroup)) + if err == errConfigNotFound { + err = errNoSuchPolicy + } + return err } func (iamOS *IAMObjectStore) deleteUserIdentity(name string, isSTS bool) error { - return iamOS.deleteIAMConfig(getUserIdentityPath(name, isSTS)) + err := iamOS.deleteIAMConfig(getUserIdentityPath(name, isSTS)) + if err == errConfigNotFound { + err = errNoSuchUser + } + return err } func (iamOS *IAMObjectStore) deleteGroupInfo(name string) error { - return iamOS.deleteIAMConfig(getGroupInfoPath(name)) + err := iamOS.deleteIAMConfig(getGroupInfoPath(name)) + if err == errConfigNotFound { + err = errNoSuchGroup + } + return err } // helper type for listIAMConfigItems