mirror of
https://github.com/minio/minio.git
synced 2025-01-25 21:53:16 -05:00
Check key length before adding a new user. (#6790)
User's key should satisfy the requirement of `mc config host add`. Check access key and secret key length before adding a new user, avoid creating a useless user which cannot be added into config host or log into the browser.
This commit is contained in:
parent
df2d75a2a3
commit
aa2d8583ad
@ -61,8 +61,8 @@ func IsAccessKeyValid(accessKey string) bool {
|
||||
return len(accessKey) >= accessKeyMinLen
|
||||
}
|
||||
|
||||
// isSecretKeyValid - validate secret key for right length.
|
||||
func isSecretKeyValid(secretKey string) bool {
|
||||
// IsSecretKeyValid - validate secret key for right length.
|
||||
func IsSecretKeyValid(secretKey string) bool {
|
||||
return len(secretKey) >= secretKeyMinLen
|
||||
}
|
||||
|
||||
@ -88,7 +88,7 @@ func (cred Credentials) IsExpired() bool {
|
||||
func (cred Credentials) IsValid() bool {
|
||||
// Verify credentials if its enabled or not set.
|
||||
if cred.Status == "enabled" || cred.Status == "" {
|
||||
return IsAccessKeyValid(cred.AccessKey) && isSecretKeyValid(cred.SecretKey) && !cred.IsExpired()
|
||||
return IsAccessKeyValid(cred.AccessKey) && IsSecretKeyValid(cred.SecretKey) && !cred.IsExpired()
|
||||
}
|
||||
return false
|
||||
}
|
||||
@ -164,7 +164,7 @@ func CreateCredentials(accessKey, secretKey string) (cred Credentials, err error
|
||||
if !IsAccessKeyValid(accessKey) {
|
||||
return cred, ErrInvalidAccessKeyLength
|
||||
}
|
||||
if !isSecretKeyValid(secretKey) {
|
||||
if !IsSecretKeyValid(secretKey) {
|
||||
return cred, ErrInvalidSecretKeyLength
|
||||
}
|
||||
cred.AccessKey = accessKey
|
||||
|
@ -47,7 +47,7 @@ func TestIsSecretKeyValid(t *testing.T) {
|
||||
}
|
||||
|
||||
for i, testCase := range testCases {
|
||||
result := isSecretKeyValid(testCase.secretKey)
|
||||
result := IsSecretKeyValid(testCase.secretKey)
|
||||
if result != testCase.expectedResult {
|
||||
t.Fatalf("test %v: expected: %v, got: %v", i+1, testCase.expectedResult, result)
|
||||
}
|
||||
|
@ -21,6 +21,8 @@ import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
||||
"github.com/minio/minio/pkg/auth"
|
||||
)
|
||||
|
||||
// AccountStatus - account status.
|
||||
@ -97,6 +99,15 @@ func (adm *AdminClient) ListUsers() (map[string]UserInfo, error) {
|
||||
|
||||
// SetUser - sets a user info.
|
||||
func (adm *AdminClient) SetUser(accessKey, secretKey string, status AccountStatus) error {
|
||||
|
||||
if !auth.IsAccessKeyValid(accessKey) {
|
||||
return auth.ErrInvalidAccessKeyLength
|
||||
}
|
||||
|
||||
if !auth.IsSecretKeyValid(secretKey) {
|
||||
return auth.ErrInvalidSecretKeyLength
|
||||
}
|
||||
|
||||
data, err := json.Marshal(UserInfo{
|
||||
SecretKey: secretKey,
|
||||
Status: status,
|
||||
|
Loading…
x
Reference in New Issue
Block a user