mirror of
https://github.com/minio/minio.git
synced 2025-11-21 18:26:04 -05:00
Migrate config to KV data format (#8392)
- adding oauth support to MinIO browser (#8400) by @kanagaraj - supports multi-line get/set/del for all config fields - add support for comments, allow toggle - add extensive validation of config before saving - support MinIO browser to support proper claims, using STS tokens - env support for all config parameters, legacy envs are also supported with all documentation now pointing to latest ENVs - preserve accessKey/secretKey from FS mode setups - add history support implements three APIs - ClearHistory - RestoreHistory - ListHistory - add help command support for each config parameters - all the bug fixes after migration to KV, and other bug fixes encountered during testing.
This commit is contained in:
Harshavardhana
committed by
kannappanr
kannappanr
parent
8836d57e3c
commit
ee4a6a823d
@@ -36,7 +36,9 @@ import (
|
||||
jwtgo "github.com/dgrijalva/jwt-go"
|
||||
humanize "github.com/dustin/go-humanize"
|
||||
miniogopolicy "github.com/minio/minio-go/v6/pkg/policy"
|
||||
"github.com/minio/minio/pkg/auth"
|
||||
"github.com/minio/minio/pkg/hash"
|
||||
"github.com/minio/minio/pkg/madmin"
|
||||
"github.com/minio/minio/pkg/policy"
|
||||
"github.com/minio/minio/pkg/policy/condition"
|
||||
)
|
||||
@@ -140,7 +142,7 @@ func TestWebHandlerLogin(t *testing.T) {
|
||||
func testLoginWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
// test cases with sample input and expected output.
|
||||
testCases := []struct {
|
||||
@@ -180,7 +182,7 @@ func testStorageInfoWebHandler(obj ObjectLayer, instanceType string, t TestErrHa
|
||||
// get random bucket name.
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -213,7 +215,7 @@ func TestWebHandlerServerInfo(t *testing.T) {
|
||||
func testServerInfoWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -254,7 +256,7 @@ func TestWebHandlerMakeBucket(t *testing.T) {
|
||||
func testMakeBucketWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -307,7 +309,7 @@ func TestWebHandlerDeleteBucket(t *testing.T) {
|
||||
func testDeleteBucketWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
token, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
t.Fatalf("could not get RPC token, %s", err.Error())
|
||||
@@ -411,7 +413,7 @@ func TestWebHandlerListBuckets(t *testing.T) {
|
||||
func testListBucketsWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -459,7 +461,7 @@ func TestWebHandlerListObjects(t *testing.T) {
|
||||
func testListObjectsWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
rec := httptest.NewRecorder()
|
||||
|
||||
@@ -564,7 +566,7 @@ func TestWebHandlerRemoveObject(t *testing.T) {
|
||||
func testRemoveObjectWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
rec := httptest.NewRecorder()
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
@@ -655,7 +657,7 @@ func TestWebHandlerGenerateAuth(t *testing.T) {
|
||||
func testGenerateAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
rec := httptest.NewRecorder()
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
@@ -692,7 +694,15 @@ func TestWebHandlerSetAuth(t *testing.T) {
|
||||
func testSetAuthWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials, err := auth.GetNewCredentials()
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
globalIAMSys.SetUser(credentials.AccessKey, madmin.UserInfo{
|
||||
SecretKey: credentials.SecretKey,
|
||||
Status: madmin.AccountEnabled,
|
||||
})
|
||||
|
||||
rec := httptest.NewRecorder()
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
@@ -744,17 +754,17 @@ func TestWebCreateURLToken(t *testing.T) {
|
||||
|
||||
func getTokenString(accessKey, secretKey string) (string, error) {
|
||||
utcNow := UTCNow()
|
||||
token := jwtgo.NewWithClaims(jwtgo.SigningMethodHS512, jwtgo.StandardClaims{
|
||||
ExpiresAt: utcNow.Add(defaultJWTExpiry).Unix(),
|
||||
IssuedAt: utcNow.Unix(),
|
||||
Subject: accessKey,
|
||||
})
|
||||
mapClaims := jwtgo.MapClaims{}
|
||||
mapClaims["exp"] = utcNow.Add(defaultJWTExpiry).Unix()
|
||||
mapClaims["sub"] = accessKey
|
||||
mapClaims["accessKey"] = accessKey
|
||||
token := jwtgo.NewWithClaims(jwtgo.SigningMethodHS512, mapClaims)
|
||||
return token.SignedString([]byte(secretKey))
|
||||
}
|
||||
|
||||
func testCreateURLToken(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -811,7 +821,7 @@ func TestWebHandlerUpload(t *testing.T) {
|
||||
func testUploadWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
content := []byte("temporary file's content")
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
@@ -915,7 +925,7 @@ func TestWebHandlerDownload(t *testing.T) {
|
||||
func testDownloadWebHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -1036,7 +1046,7 @@ func TestWebHandlerDownloadZip(t *testing.T) {
|
||||
|
||||
func testWebHandlerDownloadZip(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
var opts ObjectOptions
|
||||
|
||||
authorization, err := authenticateURL(credentials.AccessKey, credentials.SecretKey)
|
||||
@@ -1123,7 +1133,7 @@ func TestWebHandlerPresignedGetHandler(t *testing.T) {
|
||||
func testWebPresignedGetHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -1228,7 +1238,7 @@ func TestWebHandlerGetBucketPolicyHandler(t *testing.T) {
|
||||
func testWebGetBucketPolicyHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -1303,7 +1313,7 @@ func TestWebHandlerListAllBucketPoliciesHandler(t *testing.T) {
|
||||
func testWebListAllBucketPoliciesHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -1407,7 +1417,7 @@ func TestWebHandlerSetBucketPolicyHandler(t *testing.T) {
|
||||
func testWebSetBucketPolicyHandler(obj ObjectLayer, instanceType string, t TestErrHandler) {
|
||||
// Register the API end points with XL/FS object layer.
|
||||
apiRouter := initTestWebRPCEndPoint(obj)
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
@@ -1587,7 +1597,7 @@ func TestWebObjectLayerFaultyDisks(t *testing.T) {
|
||||
|
||||
rec := httptest.NewRecorder()
|
||||
|
||||
credentials := globalServerConfig.GetCredential()
|
||||
credentials := globalActiveCred
|
||||
authorization, err := getWebRPCToken(apiRouter, credentials.AccessKey, credentials.SecretKey)
|
||||
if err != nil {
|
||||
t.Fatal("Cannot authenticate", err)
|
||||
|
||||
Reference in New Issue
Block a user