mirror of
https://github.com/minio/minio.git
synced 2024-12-25 06:35:56 -05:00
iam: Use 'on' for enabled accounts for consistency (#11913)
This commit does not fix any bug, just ensure consistency.
This commit is contained in:
parent
d93c6cb9c7
commit
f5831174e6
12
cmd/iam.go
12
cmd/iam.go
@ -30,7 +30,6 @@ import (
|
|||||||
|
|
||||||
humanize "github.com/dustin/go-humanize"
|
humanize "github.com/dustin/go-humanize"
|
||||||
"github.com/minio/minio-go/v7/pkg/set"
|
"github.com/minio/minio-go/v7/pkg/set"
|
||||||
"github.com/minio/minio/cmd/config"
|
|
||||||
"github.com/minio/minio/cmd/logger"
|
"github.com/minio/minio/cmd/logger"
|
||||||
"github.com/minio/minio/pkg/auth"
|
"github.com/minio/minio/pkg/auth"
|
||||||
iampolicy "github.com/minio/minio/pkg/iam/policy"
|
iampolicy "github.com/minio/minio/pkg/iam/policy"
|
||||||
@ -1046,9 +1045,9 @@ func (sys *IAMSys) SetUserStatus(accessKey string, status madmin.AccountStatus)
|
|||||||
SecretKey: cred.SecretKey,
|
SecretKey: cred.SecretKey,
|
||||||
Status: func() string {
|
Status: func() string {
|
||||||
if status == madmin.AccountEnabled {
|
if status == madmin.AccountEnabled {
|
||||||
return config.EnableOn
|
return auth.AccountOn
|
||||||
}
|
}
|
||||||
return config.EnableOff
|
return auth.AccountOff
|
||||||
}(),
|
}(),
|
||||||
})
|
})
|
||||||
|
|
||||||
@ -1231,7 +1230,12 @@ func (sys *IAMSys) CreateUser(accessKey string, uinfo madmin.UserInfo) error {
|
|||||||
u := newUserIdentity(auth.Credentials{
|
u := newUserIdentity(auth.Credentials{
|
||||||
AccessKey: accessKey,
|
AccessKey: accessKey,
|
||||||
SecretKey: uinfo.SecretKey,
|
SecretKey: uinfo.SecretKey,
|
||||||
Status: string(uinfo.Status),
|
Status: func() string {
|
||||||
|
if uinfo.Status == madmin.AccountEnabled {
|
||||||
|
return auth.AccountOn
|
||||||
|
}
|
||||||
|
return auth.AccountOff
|
||||||
|
}(),
|
||||||
})
|
})
|
||||||
|
|
||||||
if err := sys.store.saveUserIdentity(context.Background(), accessKey, regularUser, u); err != nil {
|
if err := sys.store.saveUserIdentity(context.Background(), accessKey, regularUser, u); err != nil {
|
||||||
|
@ -83,6 +83,13 @@ var (
|
|||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// AccountOn indicates that credentials are enabled
|
||||||
|
AccountOn = "on"
|
||||||
|
// AccountOff indicates that credentials are disabled
|
||||||
|
AccountOff = "off"
|
||||||
|
)
|
||||||
|
|
||||||
// Credentials holds access and secret keys.
|
// Credentials holds access and secret keys.
|
||||||
type Credentials struct {
|
type Credentials struct {
|
||||||
AccessKey string `xml:"AccessKeyId" json:"accessKey,omitempty"`
|
AccessKey string `xml:"AccessKeyId" json:"accessKey,omitempty"`
|
||||||
@ -132,7 +139,7 @@ func (cred Credentials) IsServiceAccount() bool {
|
|||||||
// IsValid - returns whether credential is valid or not.
|
// IsValid - returns whether credential is valid or not.
|
||||||
func (cred Credentials) IsValid() bool {
|
func (cred Credentials) IsValid() bool {
|
||||||
// Verify credentials if its enabled or not set.
|
// Verify credentials if its enabled or not set.
|
||||||
if cred.Status == "off" {
|
if cred.Status == AccountOff {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return IsAccessKeyValid(cred.AccessKey) && IsSecretKeyValid(cred.SecretKey) && !cred.IsExpired()
|
return IsAccessKeyValid(cred.AccessKey) && IsSecretKeyValid(cred.SecretKey) && !cred.IsExpired()
|
||||||
@ -212,7 +219,8 @@ func GetNewCredentialsWithMetadata(m map[string]interface{}, tokenSecret string)
|
|||||||
}
|
}
|
||||||
cred.SecretKey = strings.Replace(string([]byte(base64.StdEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen]),
|
cred.SecretKey = strings.Replace(string([]byte(base64.StdEncoding.EncodeToString(keyBytes))[:secretKeyMaxLen]),
|
||||||
"/", "+", -1)
|
"/", "+", -1)
|
||||||
cred.Status = "on"
|
|
||||||
|
cred.Status = AccountOn
|
||||||
|
|
||||||
if tokenSecret == "" {
|
if tokenSecret == "" {
|
||||||
cred.Expiration = timeSentinel
|
cred.Expiration = timeSentinel
|
||||||
@ -253,6 +261,6 @@ func CreateCredentials(accessKey, secretKey string) (cred Credentials, err error
|
|||||||
cred.AccessKey = accessKey
|
cred.AccessKey = accessKey
|
||||||
cred.SecretKey = secretKey
|
cred.SecretKey = secretKey
|
||||||
cred.Expiration = timeSentinel
|
cred.Expiration = timeSentinel
|
||||||
cred.Status = "on"
|
cred.Status = AccountOn
|
||||||
return cred, nil
|
return cred, nil
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user