mirror of
https://github.com/minio/minio.git
synced 2024-12-24 22:25:54 -05:00
svcacct: Fix updating service account and add missing check (#12251)
UpdateServiceAccount ignores updating fields when not passed from upper layer, such as empty policy, empty account status, and empty secret key. This PR will check for a secret key only if it is empty and add more check on the value of the account status. Signed-off-by: Anis Elleuch <anis@min.io>
This commit is contained in:
parent
254698f126
commit
cb0b36f8c2
15
cmd/iam.go
15
cmd/iam.go
@ -1203,16 +1203,21 @@ func (sys *IAMSys) UpdateServiceAccount(ctx context.Context, accessKey string, o
|
||||
return errNoSuchServiceAccount
|
||||
}
|
||||
|
||||
if !auth.IsSecretKeyValid(opts.secretKey) {
|
||||
return auth.ErrInvalidSecretKeyLength
|
||||
}
|
||||
|
||||
if opts.secretKey != "" {
|
||||
if !auth.IsSecretKeyValid(opts.secretKey) {
|
||||
return auth.ErrInvalidSecretKeyLength
|
||||
}
|
||||
cr.SecretKey = opts.secretKey
|
||||
}
|
||||
|
||||
if opts.status != "" {
|
||||
switch opts.status {
|
||||
// The caller did not ask to update status account, do nothing
|
||||
case "":
|
||||
// Update account status
|
||||
case auth.AccountOn, auth.AccountOff:
|
||||
cr.Status = opts.status
|
||||
default:
|
||||
return errors.New("unknown account status value")
|
||||
}
|
||||
|
||||
if opts.sessionPolicy != nil {
|
||||
|
Loading…
Reference in New Issue
Block a user