MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

svc: Display the correct policy of a particular service account (#12064)

Browse Source 
For InfoServiceAccount API, calculating the policy before showing it to
the user was not correctly done (only UX issue, not a security issue)

This commit fixes it.
This commit is contained in:
Anis Elleuch
2021-04-15 22:47:58 +01:00
committed by GitHub
parent 39dd9b6483
commit b6f5785a6d
2 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/admin-handlers-users.go
View File

@@ -727,14 +727,14 @@ func (a adminAPIHandlers) InfoServiceAccount(w http.ResponseWriter, r *http.Requ
// If policy is empty, check for policy of the parent user
if !impliedPolicy {
svcAccountPolicy.Merge(*policy)
svcAccountPolicy = svcAccountPolicy.Merge(*policy)
} else {
policiesNames, err := globalIAMSys.PolicyDBGet(svcAccount.AccessKey, false)
if err != nil {
writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
return
}
svcAccountPolicy.Merge(globalIAMSys.GetCombinedPolicy(policiesNames...))
svcAccountPolicy = svcAccountPolicy.Merge(globalIAMSys.GetCombinedPolicy(policiesNames...))
}
policyJSON, err := json.Marshal(svcAccountPolicy)