MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-03-13 21:12:55 -04:00
Code Issues Packages Projects Releases Wiki Activity

validate if iam store is initialized (#10719)

Browse Source 
Fixes panic - regression from d6d770c1b16670771640d606690f05d63c5dbea4
This commit is contained in:
Poorna Krishnamoorthy 2020-10-20 21:28:24 -07:00 committed by GitHub
parent 6fd088f448
commit 5cc23ae052
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
cmd/iam.go
View File

@ -386,7 +386,7 @@ func (sys *IAMSys) LoadUser(objAPI ObjectLayer, accessKey string, userType IAMUs
// LoadServiceAccount - reloads a specific service account from backend disks or etcd. // LoadServiceAccount - reloads a specific service account from backend disks or etcd.
func (sys *IAMSys) LoadServiceAccount(accessKey string) error { func (sys *IAMSys) LoadServiceAccount(accessKey string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -505,7 +505,7 @@ func (sys *IAMSys) Init(ctx context.Context, objAPI ObjectLayer) {
// DeletePolicy - deletes a canned policy from backend or etcd. // DeletePolicy - deletes a canned policy from backend or etcd.
func (sys *IAMSys) DeletePolicy(policyName string) error { func (sys *IAMSys) DeletePolicy(policyName string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -557,7 +557,7 @@ func (sys *IAMSys) DeletePolicy(policyName string) error {
// InfoPolicy - expands the canned policy into its JSON structure. // InfoPolicy - expands the canned policy into its JSON structure.
func (sys *IAMSys) InfoPolicy(policyName string) (iampolicy.Policy, error) { func (sys *IAMSys) InfoPolicy(policyName string) (iampolicy.Policy, error) {
if sys == nil { if sys == nil || sys.store == nil {
return iampolicy.Policy{}, errServerNotInitialized return iampolicy.Policy{}, errServerNotInitialized
} }
@ -574,7 +574,7 @@ func (sys *IAMSys) InfoPolicy(policyName string) (iampolicy.Policy, error) {
// ListPolicies - lists all canned policies. // ListPolicies - lists all canned policies.
func (sys *IAMSys) ListPolicies() (map[string]iampolicy.Policy, error) { func (sys *IAMSys) ListPolicies() (map[string]iampolicy.Policy, error) {
if sys == nil { if sys == nil || sys.store == nil {
return nil, errServerNotInitialized return nil, errServerNotInitialized
} }
@ -595,7 +595,7 @@ func (sys *IAMSys) ListPolicies() (map[string]iampolicy.Policy, error) {
// SetPolicy - sets a new name policy. // SetPolicy - sets a new name policy.
func (sys *IAMSys) SetPolicy(policyName string, p iampolicy.Policy) error { func (sys *IAMSys) SetPolicy(policyName string, p iampolicy.Policy) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -616,7 +616,7 @@ func (sys *IAMSys) SetPolicy(policyName string, p iampolicy.Policy) error {
// DeleteUser - delete user (only for long-term users not STS users). // DeleteUser - delete user (only for long-term users not STS users).
func (sys *IAMSys) DeleteUser(accessKey string) error { func (sys *IAMSys) DeleteUser(accessKey string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -669,6 +669,9 @@ func (sys *IAMSys) DeleteUser(accessKey string) error {
// after validating if there are any current policies which exist // after validating if there are any current policies which exist
// on MinIO corresponding to the input. // on MinIO corresponding to the input.
func (sys *IAMSys) currentPolicies(policyName string) string { func (sys *IAMSys) currentPolicies(policyName string) string {
if sys.store == nil {
return ""
}
sys.store.rlock() sys.store.rlock()
defer sys.store.runlock() defer sys.store.runlock()
@ -685,7 +688,7 @@ func (sys *IAMSys) currentPolicies(policyName string) string {
// SetTempUser - set temporary user credentials, these credentials have an expiry. // SetTempUser - set temporary user credentials, these credentials have an expiry.
func (sys *IAMSys) SetTempUser(accessKey string, cred auth.Credentials, policyName string) error { func (sys *IAMSys) SetTempUser(accessKey string, cred auth.Credentials, policyName string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -734,7 +737,7 @@ func (sys *IAMSys) SetTempUser(accessKey string, cred auth.Credentials, policyNa
// ListUsers - list all users. // ListUsers - list all users.
func (sys *IAMSys) ListUsers() (map[string]madmin.UserInfo, error) { func (sys *IAMSys) ListUsers() (map[string]madmin.UserInfo, error) {
if sys == nil { if sys == nil || sys.store == nil {
return nil, errServerNotInitialized return nil, errServerNotInitialized
} }
@ -770,7 +773,7 @@ func (sys *IAMSys) ListUsers() (map[string]madmin.UserInfo, error) {
// IsTempUser - returns if given key is a temporary user. // IsTempUser - returns if given key is a temporary user.
func (sys *IAMSys) IsTempUser(name string) (bool, error) { func (sys *IAMSys) IsTempUser(name string) (bool, error) {
if sys == nil { if sys == nil || sys.store == nil {
return false, errServerNotInitialized return false, errServerNotInitialized
} }
@ -787,7 +790,7 @@ func (sys *IAMSys) IsTempUser(name string) (bool, error) {
// IsServiceAccount - returns if given key is a service account // IsServiceAccount - returns if given key is a service account
func (sys *IAMSys) IsServiceAccount(name string) (bool, string, error) { func (sys *IAMSys) IsServiceAccount(name string) (bool, string, error) {
if sys == nil { if sys == nil || sys.store == nil {
return false, "", errServerNotInitialized return false, "", errServerNotInitialized
} }
@ -808,7 +811,7 @@ func (sys *IAMSys) IsServiceAccount(name string) (bool, string, error) {
// GetUserInfo - get info on a user. // GetUserInfo - get info on a user.
func (sys *IAMSys) GetUserInfo(name string) (u madmin.UserInfo, err error) { func (sys *IAMSys) GetUserInfo(name string) (u madmin.UserInfo, err error) {
if sys == nil { if sys == nil || sys.store == nil {
return u, errServerNotInitialized return u, errServerNotInitialized
} }
@ -854,7 +857,7 @@ func (sys *IAMSys) GetUserInfo(name string) (u madmin.UserInfo, err error) {
// SetUserStatus - sets current user status, supports disabled or enabled. // SetUserStatus - sets current user status, supports disabled or enabled.
func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus) error { func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -900,7 +903,7 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
// NewServiceAccount - create a new service account // NewServiceAccount - create a new service account
func (sys *IAMSys) NewServiceAccount(ctx context.Context, parentUser string, sessionPolicy *iampolicy.Policy) (auth.Credentials, error) { func (sys *IAMSys) NewServiceAccount(ctx context.Context, parentUser string, sessionPolicy *iampolicy.Policy) (auth.Credentials, error) {
if sys == nil { if sys == nil || sys.store == nil {
return auth.Credentials{}, errServerNotInitialized return auth.Credentials{}, errServerNotInitialized
} }
@ -967,7 +970,7 @@ func (sys *IAMSys) NewServiceAccount(ctx context.Context, parentUser string, ses
// ListServiceAccounts - lists all services accounts associated to a specific user // ListServiceAccounts - lists all services accounts associated to a specific user
func (sys *IAMSys) ListServiceAccounts(ctx context.Context, accessKey string) ([]string, error) { func (sys *IAMSys) ListServiceAccounts(ctx context.Context, accessKey string) ([]string, error) {
if sys == nil { if sys == nil || sys.store == nil {
return nil, errServerNotInitialized return nil, errServerNotInitialized
} }
@ -992,7 +995,7 @@ func (sys *IAMSys) ListServiceAccounts(ctx context.Context, accessKey string) ([
// GetServiceAccountParent - gets information about a service account // GetServiceAccountParent - gets information about a service account
func (sys *IAMSys) GetServiceAccountParent(ctx context.Context, accessKey string) (string, error) { func (sys *IAMSys) GetServiceAccountParent(ctx context.Context, accessKey string) (string, error) {
if sys == nil { if sys == nil || sys.store == nil {
return "", errServerNotInitialized return "", errServerNotInitialized
} }
@ -1009,7 +1012,7 @@ func (sys *IAMSys) GetServiceAccountParent(ctx context.Context, accessKey string
// DeleteServiceAccount - delete a service account // DeleteServiceAccount - delete a service account
func (sys *IAMSys) DeleteServiceAccount(ctx context.Context, accessKey string) error { func (sys *IAMSys) DeleteServiceAccount(ctx context.Context, accessKey string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1038,7 +1041,7 @@ func (sys *IAMSys) DeleteServiceAccount(ctx context.Context, accessKey string) e
// SetUser - set user credentials and policy. // SetUser - set user credentials and policy.
func (sys *IAMSys) SetUser(accessKey string, uinfo madmin.UserInfo) error { func (sys *IAMSys) SetUser(accessKey string, uinfo madmin.UserInfo) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1076,7 +1079,7 @@ func (sys *IAMSys) SetUser(accessKey string, uinfo madmin.UserInfo) error {
// SetUserSecretKey - sets user secret key // SetUserSecretKey - sets user secret key
func (sys *IAMSys) SetUserSecretKey(accessKey string, secretKey string) error { func (sys *IAMSys) SetUserSecretKey(accessKey string, secretKey string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1104,7 +1107,7 @@ func (sys *IAMSys) SetUserSecretKey(accessKey string, secretKey string) error {
// GetUser - get user credentials // GetUser - get user credentials
func (sys *IAMSys) GetUser(accessKey string) (cred auth.Credentials, ok bool) { func (sys *IAMSys) GetUser(accessKey string) (cred auth.Credentials, ok bool) {
if sys == nil { if sys == nil || sys.store == nil {
return cred, false return cred, false
} }
@ -1170,7 +1173,7 @@ func (sys *IAMSys) GetUser(accessKey string) (cred auth.Credentials, ok bool) {
// AddUsersToGroup - adds users to a group, creating the group if // AddUsersToGroup - adds users to a group, creating the group if
// needed. No error if user(s) already are in the group. // needed. No error if user(s) already are in the group.
func (sys *IAMSys) AddUsersToGroup(group string, members []string) error { func (sys *IAMSys) AddUsersToGroup(group string, members []string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1230,7 +1233,7 @@ func (sys *IAMSys) AddUsersToGroup(group string, members []string) error {
// RemoveUsersFromGroup - remove users from group. If no users are // RemoveUsersFromGroup - remove users from group. If no users are
// given, and the group is empty, deletes the group as well. // given, and the group is empty, deletes the group as well.
func (sys *IAMSys) RemoveUsersFromGroup(group string, members []string) error { func (sys *IAMSys) RemoveUsersFromGroup(group string, members []string) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1310,7 +1313,7 @@ func (sys *IAMSys) RemoveUsersFromGroup(group string, members []string) error {
// SetGroupStatus - enable/disabled a group // SetGroupStatus - enable/disabled a group
func (sys *IAMSys) SetGroupStatus(group string, enabled bool) error { func (sys *IAMSys) SetGroupStatus(group string, enabled bool) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1345,7 +1348,7 @@ func (sys *IAMSys) SetGroupStatus(group string, enabled bool) error {
// GetGroupDescription - builds up group description // GetGroupDescription - builds up group description
func (sys *IAMSys) GetGroupDescription(group string) (gd madmin.GroupDesc, err error) { func (sys *IAMSys) GetGroupDescription(group string) (gd madmin.GroupDesc, err error) {
if sys == nil { if sys == nil || sys.store == nil {
return gd, errServerNotInitialized return gd, errServerNotInitialized
} }
@ -1385,7 +1388,7 @@ func (sys *IAMSys) GetGroupDescription(group string) (gd madmin.GroupDesc, err e
// ListGroups - lists groups. // ListGroups - lists groups.
func (sys *IAMSys) ListGroups() (r []string, err error) { func (sys *IAMSys) ListGroups() (r []string, err error) {
if sys == nil { if sys == nil || sys.store == nil {
return r, errServerNotInitialized return r, errServerNotInitialized
} }
@ -1408,7 +1411,7 @@ func (sys *IAMSys) ListGroups() (r []string, err error) {
// PolicyDBSet - sets a policy for a user or group in the PolicyDB. // PolicyDBSet - sets a policy for a user or group in the PolicyDB.
func (sys *IAMSys) PolicyDBSet(name, policy string, isGroup bool) error { func (sys *IAMSys) PolicyDBSet(name, policy string, isGroup bool) error {
if sys == nil { if sys == nil || sys.store == nil {
return errServerNotInitialized return errServerNotInitialized
} }
@ -1474,7 +1477,7 @@ func (sys *IAMSys) policyDBSet(name, policyName string, userType IAMUserType, is
// be a member of multiple groups, this function returns an array of // be a member of multiple groups, this function returns an array of
// applicable policies (each group is mapped to at most one policy). // applicable policies (each group is mapped to at most one policy).
func (sys *IAMSys) PolicyDBGet(name string, isGroup bool) ([]string, error) { func (sys *IAMSys) PolicyDBGet(name string, isGroup bool) ([]string, error) {
if sys == nil { if sys == nil || sys.store == nil {
return nil, errServerNotInitialized return nil, errServerNotInitialized
} }