svcacct: Fix updating service account and add missing check (#12251)

UpdateServiceAccount ignores updating fields when not passed from upper
layer, such as empty policy, empty account status, and empty secret key.

This PR will check for a secret key only if it is empty and add more
check on the value of the account status.

Signed-off-by: Anis Elleuch <anis@min.io>
This commit is contained in:
Anis Elleuch 2021-05-07 17:13:30 +01:00 committed by GitHub
parent 254698f126
commit cb0b36f8c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1203,16 +1203,21 @@ func (sys *IAMSys) UpdateServiceAccount(ctx context.Context, accessKey string, o
return errNoSuchServiceAccount
}
if !auth.IsSecretKeyValid(opts.secretKey) {
return auth.ErrInvalidSecretKeyLength
}
if opts.secretKey != "" {
if !auth.IsSecretKeyValid(opts.secretKey) {
return auth.ErrInvalidSecretKeyLength
}
cr.SecretKey = opts.secretKey
}
if opts.status != "" {
switch opts.status {
// The caller did not ask to update status account, do nothing
case "":
// Update account status
case auth.AccountOn, auth.AccountOff:
cr.Status = opts.status
default:
return errors.New("unknown account status value")
}
if opts.sessionPolicy != nil {