MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-12 15:33:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

svcacct: Fix updating service account and add missing check (#12251)

Browse Source 
UpdateServiceAccount ignores updating fields when not passed from upper
layer, such as empty policy, empty account status, and empty secret key.

This PR will check for a secret key only if it is empty and add more
check on the value of the account status.

Signed-off-by: Anis Elleuch <anis@min.io>
This commit is contained in:
Anis Elleuch 2021-05-07 17:13:30 +01:00 committed by GitHub
parent 254698f126
commit cb0b36f8c2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
cmd/iam.go
View File

@ -1203,16 +1203,21 @@ func (sys *IAMSys) UpdateServiceAccount(ctx context.Context, accessKey string, o
return errNoSuchServiceAccount return errNoSuchServiceAccount
} }
if !auth.IsSecretKeyValid(opts.secretKey) {
return auth.ErrInvalidSecretKeyLength
}
if opts.secretKey != "" { if opts.secretKey != "" {
if !auth.IsSecretKeyValid(opts.secretKey) {
return auth.ErrInvalidSecretKeyLength
}
cr.SecretKey = opts.secretKey cr.SecretKey = opts.secretKey
} }
if opts.status != "" { switch opts.status {
// The caller did not ask to update status account, do nothing
case "":
// Update account status
case auth.AccountOn, auth.AccountOff:
cr.Status = opts.status cr.Status = opts.status
default:
return errors.New("unknown account status value")
} }
if opts.sessionPolicy != nil { if opts.sessionPolicy != nil {