MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-10-29 15:55:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

iam: Use 'on' for enabled accounts for consistency (#11913)

Browse Source 
This commit does not fix any bug, just ensure consistency.
This commit is contained in:
Anis Elleuch 2021-03-29 17:32:36 +01:00 committed by GitHub
parent d93c6cb9c7
commit f5831174e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cmd/iam.go
View File

@ -30,7 +30,6 @@ import (
humanize "github.com/dustin/go-humanize"
"github.com/minio/minio-go/v7/pkg/set"
"github.com/minio/minio/cmd/config"
"github.com/minio/minio/cmd/logger"
"github.com/minio/minio/pkg/auth"
iampolicy "github.com/minio/minio/pkg/iam/policy"
@ -1046,9 +1045,9 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
SecretKey: cred.SecretKey,
Status: func() string {
if status == madmin.AccountEnabled {
return config.EnableOn
return auth.AccountOn
}
return config.EnableOff
return auth.AccountOff
}(),
})
@ -1231,7 +1230,12 @@ func (sys *IAMSys) CreateUser(accessKey string, uinfo madmin.UserInfo) error {
u := newUserIdentity(auth.Credentials{
AccessKey: accessKey,
SecretKey: uinfo.SecretKey,
Status: string(uinfo.Status),
Status: func() string {
if uinfo.Status == madmin.AccountEnabled {
return auth.AccountOn
}
return auth.AccountOff
}(),
})
if err := sys.store.saveUserIdentity(context.Background(), accessKey, regularUser, u); err != nil {

14
pkg/auth/credentials.go
View File

@ -83,6 +83,13 @@ var (
}
)
const (
// AccountOn indicates that credentials are enabled
AccountOn = "on"
// AccountOff indicates that credentials are disabled
AccountOff = "off"
)
// Credentials holds access and secret keys.
type Credentials struct {
AccessKey string `xml:"AccessKeyId" json:"accessKey,omitempty"`
@ -132,7 +139,7 @@ func (cred Credentials) IsServiceAccount() bool {
// IsValid - returns whether credential is valid or not.
func (cred Credentials) IsValid() bool {
// Verify credentials if its enabled or not set.
if cred.Status == "off" {
if cred.Status == AccountOff {
return false
}
return IsAccessKeyValid(cred.AccessKey) && IsSecretKeyValid(cred.SecretKey) && !cred.IsExpired()
@ -212,7 +219,8 @@ func GetNewCredentialsWithMetadata(m map[string]interface{}, tokenSecret string)
}
cred.SecretKey = strings.Replace(string([]byte(base64.StdEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen]),
"/", "+", -1)
cred.Status = "on"
cred.Status = AccountOn
if tokenSecret == "" {
cred.Expiration = timeSentinel
@ -253,6 +261,6 @@ func CreateCredentials(accessKey, secretKey string) (cred Credentials, err error
cred.AccessKey = accessKey
cred.SecretKey = secretKey
cred.Expiration = timeSentinel
cred.Status = "on"
cred.Status = AccountOn
return cred, nil
}