From 8af1f0cc7bbef38cdc54429da06c7a3403271bef Mon Sep 17 00:00:00 2001
From: Praveen raj Mani <praveen@minio.io>
Date: Fri, 8 Feb 2019 06:55:58 +0530
Subject: [PATCH] Improved error message for user and access key conflict
 (#7190)

---
 cmd/admin-handlers.go | 2 +-
 cmd/api-errors.go     | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/cmd/admin-handlers.go b/cmd/admin-handlers.go
index 532bd01b4..ff7e291f7 100644
--- a/cmd/admin-handlers.go
+++ b/cmd/admin-handlers.go
@@ -1136,7 +1136,7 @@ func (a adminAPIHandlers) AddUser(w http.ResponseWriter, r *http.Request) {
 
 	// Custom IAM policies not allowed for admin user.
 	if accessKey == globalServerConfig.GetCredential().AccessKey {
-		writeErrorResponseJSON(w, ErrInvalidRequest, r.URL)
+		writeErrorResponseJSON(w, ErrAddUserInvalidArgument, r.URL)
 		return
 	}
 
diff --git a/cmd/api-errors.go b/cmd/api-errors.go
index 174a22fdc..d1161e36e 100644
--- a/cmd/api-errors.go
+++ b/cmd/api-errors.go
@@ -301,6 +301,7 @@ const (
 	ErrAdminConfigNotificationTargetsFailed
 	ErrAdminProfilerNotEnabled
 	ErrInvalidDecompressedSize
+	ErrAddUserInvalidArgument
 )
 
 // error code to APIError structure, these fields carry respective
@@ -1447,6 +1448,11 @@ var errorCodeResponse = map[APIErrorCode]APIError{
 		Description:    "The data provided is unfit for decompression",
 		HTTPStatusCode: http.StatusBadRequest,
 	},
+	ErrAddUserInvalidArgument: {
+		Code:           "XMinioInvalidIAMCredentials",
+		Description:    "User is not allowed to be same as admin access key",
+		HTTPStatusCode: http.StatusConflict,
+	},
 	// Add your error structure here.
 }