mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2024-01-19 02:48:24 +00:00
s3: fix configuring IAM for the same user
hi, how can I add bucket permission to a user now? Previously, if I needed to add permission to an existing credential, I simply repeated the s3.configure command with a different bucket name. Now I am getting error: duplicate accessKey[ХХХХ], already configured in user[YYYY] s3.configure -access_key key -actions Read,Write,List -buckets bucket1 -secret_key secr -user user1 s3.configure -access_key key -actions Read,Write,List -buckets bucket2 -secret_key secr -user user1
This commit is contained in:
parent
ade94b0d0a
commit
d81db3c703
|
@ -43,7 +43,7 @@ func CheckDuplicateAccessKey(s3cfg *iam_pb.S3ApiConfiguration) error {
|
||||||
for _, cred := range ident.Credentials {
|
for _, cred := range ident.Credentials {
|
||||||
if userName, found := accessKeySet[cred.AccessKey]; !found {
|
if userName, found := accessKeySet[cred.AccessKey]; !found {
|
||||||
accessKeySet[cred.AccessKey] = ident.Name
|
accessKeySet[cred.AccessKey] = ident.Name
|
||||||
} else {
|
} else if userName != ident.Name {
|
||||||
return fmt.Errorf("duplicate accessKey[%s], already configured in user[%s]", cred.AccessKey, userName)
|
return fmt.Errorf("duplicate accessKey[%s], already configured in user[%s]", cred.AccessKey, userName)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -97,6 +97,41 @@ func TestCheckDuplicateAccessKey(t *testing.T) {
|
||||||
},
|
},
|
||||||
"",
|
"",
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
&iam_pb.S3ApiConfiguration{
|
||||||
|
Identities: []*iam_pb.Identity{
|
||||||
|
{
|
||||||
|
Name: "some_name",
|
||||||
|
Credentials: []*iam_pb.Credential{
|
||||||
|
{
|
||||||
|
AccessKey: "some_access_key1",
|
||||||
|
SecretKey: "some_secret_key1",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Actions: []string{
|
||||||
|
ACTION_ADMIN,
|
||||||
|
ACTION_READ,
|
||||||
|
ACTION_WRITE,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Name: "some_name",
|
||||||
|
Credentials: []*iam_pb.Credential{
|
||||||
|
{
|
||||||
|
AccessKey: "some_access_key1",
|
||||||
|
SecretKey: "some_secret_key1",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Actions: []string{
|
||||||
|
ACTION_READ,
|
||||||
|
ACTION_TAGGING,
|
||||||
|
ACTION_LIST,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
"",
|
||||||
|
},
|
||||||
{
|
{
|
||||||
&iam_pb.S3ApiConfiguration{
|
&iam_pb.S3ApiConfiguration{
|
||||||
Identities: []*iam_pb.Identity{
|
Identities: []*iam_pb.Identity{
|
||||||
|
|
Loading…
Reference in a new issue