MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-24 05:03:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

ldap-import: Add additional logs (#19691)

Browse Source 
These logs are being added to provide better debugging of LDAP
normalization on IAM import.
This commit is contained in:
Aditya Manthramurthy 2024-05-09 10:52:53 -07:00 committed by GitHub
parent 3549e583a6
commit e00de1c302
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/iam.go
View File

@ -1672,6 +1672,11 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
normKey, origKeys)
}
if len(origKeys[1:]) > 0 {
// Log that extra DN mappings will not be imported.
iamLogEvent(ctx, "import-ldap-normalize: extraneous DN mappings found for LDAP DN[%s]: %v will not be imported", origKeys[0], origKeys[1:])
}
// Policies mapped to the DN's are the same, so we remove the extra
// ones from the map.
for i := 1; i < len(origKeys); i++ {
@ -1680,7 +1685,11 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
// Remove the mapping from storage by setting the policy to "".
if entityKeysInStorage.Contains(origKeys[i]) {
// Ignore any deletion error.
_, _ = sys.PolicyDBSet(ctx, origKeys[i], "", stsUser, isGroup)
_, delErr := sys.PolicyDBSet(ctx, origKeys[i], "", stsUser, isGroup)
if delErr != nil {
logErr := fmt.Errorf("failed to delete extraneous LDAP DN mapping for `%s`: %w", origKeys[i], delErr)
iamLogIf(ctx, logErr)
}
}
}
}
@ -1691,10 +1700,16 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
mappingValue := policyMap[origKeys[0]]
delete(policyMap, origKeys[0])
policyMap[normKey] = mappingValue
iamLogEvent(ctx, "import-ldap-normalize: normalized LDAP DN mapping from `%s` to `%s`", origKeys[0], normKey)
// Remove the mapping from storage by setting the policy to "".
if entityKeysInStorage.Contains(origKeys[0]) {
// Ignore any deletion error.
_, _ = sys.PolicyDBSet(ctx, origKeys[0], "", stsUser, isGroup)
_, delErr := sys.PolicyDBSet(ctx, origKeys[0], "", stsUser, isGroup)
if delErr != nil {
logErr := fmt.Errorf("failed to delete extraneous LDAP DN mapping for `%s`: %w", origKeys[0], delErr)
iamLogIf(ctx, logErr)
}
}
}
return nil

4
cmd/logging.go
View File

@ -18,6 +18,10 @@ func iamLogIf(ctx context.Context, err error, errKind ...interface{}) {
logger.LogIf(ctx, "iam", err, errKind...)
}
func iamLogEvent(ctx context.Context, msg string, args ...interface{}) {
logger.Event(ctx, "iam", msg, args...)
}
func rebalanceLogIf(ctx context.Context, err error, errKind ...interface{}) {
logger.LogIf(ctx, "rebalance", err, errKind...)
}