gitlab-com-seaweedfs/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2024-01-19 02:48:24 +00:00
Code Issues Projects Releases Wiki Activity

s3: keep auth enabled in case identities are set to empty

Browse source 
fix https://github.com/chrislusf/seaweedfs/issues/3084
This commit is contained in:
chrislu 2022-05-29 19:00:03 -07:00
parent 81d6159290
commit b8f3db0d46
1 changed files with 7 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
weed/s3api/auth_credentials.go
View file

@ -26,8 +26,9 @@ type Iam interface {
type IdentityAccessManagement struct {
m sync.RWMutex
identities []*Identity
domain string
identities []*Identity
isAuthEnabled bool
domain string
}
type Identity struct {
@ -137,14 +138,15 @@ func (iam *IdentityAccessManagement) loadS3ApiConfiguration(config *iam_pb.S3Api
iam.m.Lock()
// atomically switch
iam.identities = identities
if !iam.isAuthEnabled { // one-directional, no toggling
iam.isAuthEnabled = len(identities) > 0
}
iam.m.Unlock()
return nil
}
func (iam *IdentityAccessManagement) isEnabled() bool {
iam.m.RLock()
defer iam.m.RUnlock()
return len(iam.identities) > 0
return iam.isAuthEnabled
}
func (iam *IdentityAccessManagement) lookupByAccessKey(accessKey string) (identity *Identity, cred *Credential, found bool) {