MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: use errors.Is for wrapped returns (#16062)

This commit is contained in:
jiuker 2022-11-14 23:15:46 +08:00 committed by GitHub
parent 14e52f29b0
commit 7ac64ad24a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/iam-etcd-store.go
View File

@ -20,6 +20,7 @@ package cmd
import ( import (
"context" "context"
"encoding/json" "encoding/json"
"errors"
"path" "path"
"strings" "strings"
"sync" "sync"
@ -214,7 +215,7 @@ func (ies *IAMEtcdStore) loadPolicyDocs(ctx context.Context, m map[string]Policy
// Parse all values to construct the policies data model. // Parse all values to construct the policies data model.
for _, kvs := range r.Kvs { for _, kvs := range r.Kvs {
if err = ies.getPolicyDocKV(ctx, kvs, m); err != nil && err != errNoSuchPolicy { if err = ies.getPolicyDocKV(ctx, kvs, m); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -375,7 +376,7 @@ func (ies *IAMEtcdStore) loadMappedPolicies(ctx context.Context, userType IAMUse
// Parse all policies mapping to create the proper data model // Parse all policies mapping to create the proper data model
for _, kv := range r.Kvs { for _, kv := range r.Kvs {
if err = getMappedPolicy(ctx, kv, userType, isGroup, m, basePrefix); err != nil && err != errNoSuchPolicy { if err = getMappedPolicy(ctx, kv, userType, isGroup, m, basePrefix); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }

13
cmd/iam-object-store.go
View File

@ -19,6 +19,7 @@ package cmd
import ( import (
"context" "context"
"errors"
"fmt" "fmt"
"path" "path"
"strings" "strings"
@ -155,7 +156,7 @@ func (iamOS *IAMObjectStore) loadPolicyDocs(ctx context.Context, m map[string]Po
} }
policyName := path.Dir(item.Item) policyName := path.Dir(item.Item)
if err := iamOS.loadPolicyDoc(ctx, policyName, m); err != nil && err != errNoSuchPolicy { if err := iamOS.loadPolicyDoc(ctx, policyName, m); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -280,7 +281,7 @@ func (iamOS *IAMObjectStore) loadMappedPolicies(ctx context.Context, userType IA
policyFile := item.Item policyFile := item.Item
userOrGroupName := strings.TrimSuffix(policyFile, ".json") userOrGroupName := strings.TrimSuffix(policyFile, ".json")
if err := iamOS.loadMappedPolicy(ctx, userOrGroupName, userType, isGroup, m); err != nil && err != errNoSuchPolicy { if err := iamOS.loadMappedPolicy(ctx, userOrGroupName, userType, isGroup, m); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -349,7 +350,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam
policiesList := listedConfigItems[policiesListKey] policiesList := listedConfigItems[policiesListKey]
for _, item := range policiesList { for _, item := range policiesList {
policyName := path.Dir(item) policyName := path.Dir(item)
if err := iamOS.loadPolicyDoc(ctx, policyName, cache.iamPolicyDocsMap); err != nil && err != errNoSuchPolicy { if err := iamOS.loadPolicyDoc(ctx, policyName, cache.iamPolicyDocsMap); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -377,7 +378,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam
userPolicyMappingsList := listedConfigItems[policyDBUsersListKey] userPolicyMappingsList := listedConfigItems[policyDBUsersListKey]
for _, item := range userPolicyMappingsList { for _, item := range userPolicyMappingsList {
userName := strings.TrimSuffix(item, ".json") userName := strings.TrimSuffix(item, ".json")
if err := iamOS.loadMappedPolicy(ctx, userName, regUser, false, cache.iamUserPolicyMap); err != nil && err != errNoSuchPolicy { if err := iamOS.loadMappedPolicy(ctx, userName, regUser, false, cache.iamUserPolicyMap); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -385,7 +386,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam
groupPolicyMappingsList := listedConfigItems[policyDBGroupsListKey] groupPolicyMappingsList := listedConfigItems[policyDBGroupsListKey]
for _, item := range groupPolicyMappingsList { for _, item := range groupPolicyMappingsList {
groupName := strings.TrimSuffix(item, ".json") groupName := strings.TrimSuffix(item, ".json")
if err := iamOS.loadMappedPolicy(ctx, groupName, regUser, true, cache.iamGroupPolicyMap); err != nil && err != errNoSuchPolicy { if err := iamOS.loadMappedPolicy(ctx, groupName, regUser, true, cache.iamGroupPolicyMap); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }
@ -409,7 +410,7 @@ func (iamOS *IAMObjectStore) loadAllFromObjStore(ctx context.Context, cache *iam
stsPolicyMappingsList := listedConfigItems[policyDBSTSUsersListKey] stsPolicyMappingsList := listedConfigItems[policyDBSTSUsersListKey]
for _, item := range stsPolicyMappingsList { for _, item := range stsPolicyMappingsList {
stsName := strings.TrimSuffix(item, ".json") stsName := strings.TrimSuffix(item, ".json")
if err := iamOS.loadMappedPolicy(ctx, stsName, stsUser, false, cache.iamUserPolicyMap); err != nil && err != errNoSuchPolicy { if err := iamOS.loadMappedPolicy(ctx, stsName, stsUser, false, cache.iamUserPolicyMap); err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }

12
cmd/iam-store.go
View File

@ -746,7 +746,7 @@ func (store *IAMStoreSys) RemoveUsersFromGroup(ctx context.Context, group string
// Remove the group from storage. First delete the // Remove the group from storage. First delete the
// mapped policy. No-mapped-policy case is ignored. // mapped policy. No-mapped-policy case is ignored.
if err := store.deleteMappedPolicy(ctx, group, regUser, true); err != nil && err != errNoSuchPolicy { if err := store.deleteMappedPolicy(ctx, group, regUser, true); err != nil && !errors.Is(err, errNoSuchPolicy) {
return updatedAt, err return updatedAt, err
} }
if err := store.deleteGroupInfo(ctx, group); err != nil && err != errNoSuchGroup { if err := store.deleteGroupInfo(ctx, group); err != nil && err != errNoSuchGroup {
@ -884,7 +884,7 @@ func (store *IAMStoreSys) PolicyDBSet(ctx context.Context, name, policy string,
store.deleteMappedPolicy(ctx, name, regUser, false) store.deleteMappedPolicy(ctx, name, regUser, false)
} }
err := store.deleteMappedPolicy(ctx, name, userType, isGroup) err := store.deleteMappedPolicy(ctx, name, userType, isGroup)
if err != nil && err != errNoSuchPolicy { if err != nil && !errors.Is(err, errNoSuchPolicy) {
return updatedAt, err return updatedAt, err
} }
if !isGroup { if !isGroup {
@ -929,7 +929,7 @@ func (store *IAMStoreSys) PolicyNotificationHandler(ctx context.Context, policy
defer store.unlock() defer store.unlock()
err := store.loadPolicyDoc(ctx, policy, cache.iamPolicyDocsMap) err := store.loadPolicyDoc(ctx, policy, cache.iamPolicyDocsMap)
if err == errNoSuchPolicy { if errors.Is(err, errNoSuchPolicy) {
// policy was deleted, update cache. // policy was deleted, update cache.
delete(cache.iamPolicyDocsMap, policy) delete(cache.iamPolicyDocsMap, policy)
@ -1005,7 +1005,7 @@ func (store *IAMStoreSys) DeletePolicy(ctx context.Context, policy string) error
} }
err := store.deletePolicyDoc(ctx, policy) err := store.deletePolicyDoc(ctx, policy)
if err == errNoSuchPolicy { if errors.Is(err, errNoSuchPolicy) {
// Ignore error if policy is already deleted. // Ignore error if policy is already deleted.
err = nil err = nil
} }
@ -1494,7 +1494,7 @@ func (store *IAMStoreSys) PolicyMappingNotificationHandler(ctx context.Context,
m = cache.iamUserPolicyMap m = cache.iamUserPolicyMap
} }
err := store.loadMappedPolicy(ctx, userOrGroup, userType, isGroup, m) err := store.loadMappedPolicy(ctx, userOrGroup, userType, isGroup, m)
if err == errNoSuchPolicy { if errors.Is(err, errNoSuchPolicy) {
// This means that the policy mapping was deleted, so we update // This means that the policy mapping was deleted, so we update
// the cache. // the cache.
delete(m, userOrGroup) delete(m, userOrGroup)
@ -1560,7 +1560,7 @@ func (store *IAMStoreSys) UserNotificationHandler(ctx context.Context, accessKey
if userType != svcUser { if userType != svcUser {
err = store.loadMappedPolicy(ctx, accessKey, userType, false, cache.iamUserPolicyMap) err = store.loadMappedPolicy(ctx, accessKey, userType, false, cache.iamUserPolicyMap)
// Ignore policy not mapped error // Ignore policy not mapped error
if err != nil && err != errNoSuchPolicy { if err != nil && !errors.Is(err, errNoSuchPolicy) {
return err return err
} }
} }

4
cmd/iam.go
View File

@ -1666,10 +1666,10 @@ func (sys *IAMSys) IsAllowedSTS(args iampolicy.Args, parentUser string) bool {
if !isOwnerDerived { if !isOwnerDerived {
var err error var err error
combinedPolicy, err = sys.store.GetPolicy(strings.Join(policies, ",")) combinedPolicy, err = sys.store.GetPolicy(strings.Join(policies, ","))
if err == errNoSuchPolicy { if errors.Is(err, errNoSuchPolicy) {
for _, pname := range policies { for _, pname := range policies {
_, err := sys.store.GetPolicy(pname) _, err := sys.store.GetPolicy(pname)
if err == errNoSuchPolicy { if errors.Is(err, errNoSuchPolicy) {
// all policies presented in the claim should exist // all policies presented in the claim should exist
logger.LogIf(GlobalContext, fmt.Errorf("expected policy (%s) missing from the JWT claim %s, rejecting the request", pname, iamPolicyClaimNameOpenID())) logger.LogIf(GlobalContext, fmt.Errorf("expected policy (%s) missing from the JWT claim %s, rejecting the request", pname, iamPolicyClaimNameOpenID()))
return false return false