MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-04-25 04:33:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

Allow OpenID ARN resource ID to start with a - (#18255)

Browse Source
This commit is contained in:
Aditya Manthramurthy 2023-10-16 13:50:51 -07:00 committed by GitHub
parent a0ae1489e5
commit 28a2d1eb3d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 78 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/arn/arn.go
View File

@ -1,4 +1,4 @@
// Copyright (c) 2015-2021 MinIO, Inc. // Copyright (c) 2015-2023 MinIO, Inc.
// //
// This file is part of MinIO Object Storage stack // This file is part of MinIO Object Storage stack
// //
@ -60,7 +60,7 @@ type ARN struct {
// Allows english letters, numbers, '.', '-', '_' and '/'. Starts with a // Allows english letters, numbers, '.', '-', '_' and '/'. Starts with a
// letter or digit. At least 1 character long. // letter or digit. At least 1 character long.
var validResourceIDRegex = regexp.MustCompile(`^[A-Za-z0-9][A-Za-z0-9_/\.-]*$`) var validResourceIDRegex = regexp.MustCompile(`[A-Za-z0-9_/\.-]+$`)
// NewIAMRoleARN - returns an ARN for a role in MinIO. // NewIAMRoleARN - returns an ARN for a role in MinIO.
func NewIAMRoleARN(resourceID, serverRegion string) (ARN, error) { func NewIAMRoleARN(resourceID, serverRegion string) (ARN, error) {

76
internal/arn/arn_test.go Normal file
View File

@ -0,0 +1,76 @@
// Copyright (c) 2015-2023 MinIO, Inc.
//
// # This file is part of MinIO Object Storage stack
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package arn
import (
"fmt"
"testing"
)
func TestNewIAMRoleARN(t *testing.T) {
testCases := []struct {
resourceID string
serverRegion string
expectedARN string
isErrExpected bool
}{
{
resourceID: "myrole",
serverRegion: "us-east-1",
expectedARN: "arn:minio:iam:us-east-1::role/myrole",
isErrExpected: false,
},
{
resourceID: "myrole",
serverRegion: "",
expectedARN: "arn:minio:iam:::role/myrole",
isErrExpected: false,
},
{
// Resource ID can start with a hyphen
resourceID: "-myrole",
serverRegion: "",
expectedARN: "arn:minio:iam:::role/-myrole",
isErrExpected: false,
},
{
resourceID: "",
serverRegion: "",
expectedARN: "",
isErrExpected: true,
},
}
for i, testCase := range testCases {
arn, err := NewIAMRoleARN(testCase.resourceID, testCase.serverRegion)
fmt.Println(arn, err)
if err != nil {
if !testCase.isErrExpected {
t.Errorf("Test %d: Unexpected error: %v", i+1, err)
}
continue
}
if testCase.isErrExpected {
t.Errorf("Test %d: Expected error but got none", i+1)
}
if arn.String() != testCase.expectedARN {
t.Errorf("Test %d: Expected ARN %s but got %s", i+1, testCase.expectedARN, arn.String())
}
}
}