Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ListAccessKeysBulk #303

Merged
merged 5 commits into from
Sep 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 80 additions & 0 deletions idp-commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -437,3 +437,83 @@ func (adm *AdminClient) attachOrDetachPolicyLDAP(ctx context.Context, isAttach b
err = json.Unmarshal(content, &r)
return r, err
}

// ListAccessKeysLDAPResp is the response body of the list service accounts call
type ListAccessKeysLDAPResp ListAccessKeysResp

// ListAccessKeysLDAP - list service accounts belonging to the specified user
//
// Deprecated: Use ListAccessKeysLDAP instead.
func (adm *AdminClient) ListAccessKeysLDAP(ctx context.Context, userDN string, listType string) (ListAccessKeysLDAPResp, error) {
queryValues := url.Values{}
queryValues.Set("listType", listType)
queryValues.Set("userDN", userDN)

reqData := requestData{
relPath: adminAPIPrefix + "/idp/ldap/list-access-keys",
queryValues: queryValues,
}

// Execute GET on /minio/admin/v3/idp/ldap/list-access-keys
resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
defer closeResponse(resp)
if err != nil {
return ListAccessKeysLDAPResp{}, err
}

if resp.StatusCode != http.StatusOK {
return ListAccessKeysLDAPResp{}, httpRespToErrorResponse(resp)
}

data, err := DecryptData(adm.getSecretKey(), resp.Body)
if err != nil {
return ListAccessKeysLDAPResp{}, err
}

var listResp ListAccessKeysLDAPResp
if err = json.Unmarshal(data, &listResp); err != nil {
return ListAccessKeysLDAPResp{}, err
}
return listResp, nil
}

// ListAccessKeysLDAPBulk - list access keys belonging to the given users or all users
func (adm *AdminClient) ListAccessKeysLDAPBulk(ctx context.Context, users []string, opts ListAccessKeysOpts) (map[string]ListAccessKeysLDAPResp, error) {
if len(users) > 0 && opts.All {
return nil, errors.New("either specify userDNs or all, not both")
}

queryValues := url.Values{}
queryValues.Set("listType", opts.ListType)
queryValues["userDNs"] = users
if opts.All {
queryValues.Set("all", "true")
}

reqData := requestData{
relPath: adminAPIPrefix + "/idp/ldap/list-access-keys-bulk",
queryValues: queryValues,
}

// Execute GET on /minio/admin/v3/idp/ldap/list-access-keys-bulk
resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
defer closeResponse(resp)
if err != nil {
return nil, err
}

if resp.StatusCode != http.StatusOK {
return nil, httpRespToErrorResponse(resp)
}

data, err := DecryptData(adm.getSecretKey(), resp.Body)
if err != nil {
return nil, err
}

listResp := make(map[string]ListAccessKeysLDAPResp)
if err = json.Unmarshal(data, &listResp); err != nil {
return nil, err
}
return listResp, nil
}
63 changes: 17 additions & 46 deletions user-commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -597,72 +597,43 @@ func (adm *AdminClient) ListServiceAccounts(ctx context.Context, user string) (L
return listResp, nil
}

// ListAccessKeysLDAPResp is the response body of the list service accounts call
type ListAccessKeysLDAPResp struct {
type ListAccessKeysResp struct {
ServiceAccounts []ServiceAccountInfo `json:"serviceAccounts"`
STSKeys []ServiceAccountInfo `json:"stsKeys"`
}

// ListAccessKeysLDAP - list service accounts belonging to the specified user
func (adm *AdminClient) ListAccessKeysLDAP(ctx context.Context, userDN string, listType string) (ListAccessKeysLDAPResp, error) {
queryValues := url.Values{}
queryValues.Set("listType", listType)
queryValues.Set("userDN", userDN)

reqData := requestData{
relPath: adminAPIPrefix + "/idp/ldap/list-access-keys",
queryValues: queryValues,
}

// Execute GET on /minio/admin/v3/list-service-accounts
resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
defer closeResponse(resp)
if err != nil {
return ListAccessKeysLDAPResp{}, err
}

if resp.StatusCode != http.StatusOK {
return ListAccessKeysLDAPResp{}, httpRespToErrorResponse(resp)
}

data, err := DecryptData(adm.getSecretKey(), resp.Body)
if err != nil {
return ListAccessKeysLDAPResp{}, err
}

var listResp ListAccessKeysLDAPResp
if err = json.Unmarshal(data, &listResp); err != nil {
return ListAccessKeysLDAPResp{}, err
}
return listResp, nil
}

const (
AccessKeyListUsersOnly = "users-only"
AccessKeyListSTSOnly = "sts-only"
AccessKeyListSvcaccOnly = "svcacc-only"
AccessKeyListAll = "all"
)

// ListAccessKeysLDAPBulk - list service accounts belonging to the given users or all users
func (adm *AdminClient) ListAccessKeysLDAPBulk(ctx context.Context, users []string, listType string, all bool) (map[string]ListAccessKeysLDAPResp, error) {
if len(users) > 0 && all {
return nil, errors.New("either specify userDNs or all, not both")
// ListAccessKeysOpts - options for listing access keys
type ListAccessKeysOpts struct {
ListType string
All bool
}

// ListAccessKeysBulk - list access keys belonging to the given users or all users
func (adm *AdminClient) ListAccessKeysBulk(ctx context.Context, users []string, opts ListAccessKeysOpts) (map[string]ListAccessKeysResp, error) {
if len(users) > 0 && opts.All {
return nil, errors.New("either specify users or all, not both")
}

queryValues := url.Values{}
queryValues.Set("listType", listType)
queryValues["userDNs"] = users
if all {
queryValues.Set("listType", opts.ListType)
queryValues["users"] = users
if opts.All {
queryValues.Set("all", "true")
}

reqData := requestData{
relPath: adminAPIPrefix + "/idp/ldap/list-access-keys-bulk",
relPath: adminAPIPrefix + "/list-access-keys-bulk",
queryValues: queryValues,
}

// Execute GET on /minio/admin/v3/idp/ldap/list-access-keys-bulk
// Execute GET on /minio/admin/v3/list-access-keys-bulk
resp, err := adm.executeMethod(ctx, http.MethodGet, reqData)
defer closeResponse(resp)
if err != nil {
Expand All @@ -678,7 +649,7 @@ func (adm *AdminClient) ListAccessKeysLDAPBulk(ctx context.Context, users []stri
return nil, err
}

listResp := make(map[string]ListAccessKeysLDAPResp)
listResp := make(map[string]ListAccessKeysResp)
if err = json.Unmarshal(data, &listResp); err != nil {
return nil, err
}
Expand Down
Loading