mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added LDAP Entities API (#2700)

Browse Source
This commit is contained in:
Alex
2023-03-10 09:16:29 -06:00
committed by GitHub
parent 5262c02a28
commit 4cceee8936
16 changed files with 1508 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

250
models/ldap_entities.go Normal file
View File

@@ -0,0 +1,250 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"strconv"
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapEntities ldap entities
//
// swagger:model ldapEntities
type LdapEntities struct {
// groups
Groups []*LdapGroupPolicyEntity `json:"groups"`
// policies
Policies []*LdapPolicyEntity `json:"policies"`
// timestamp
Timestamp string `json:"timestamp,omitempty"`
// users
Users []*LdapUserPolicyEntity `json:"users"`
}
// Validate validates this ldap entities
func (m *LdapEntities) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateGroups(formats); err != nil {
res = append(res, err)
}
if err := m.validatePolicies(formats); err != nil {
res = append(res, err)
}
if err := m.validateUsers(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *LdapEntities) validateGroups(formats strfmt.Registry) error {
if swag.IsZero(m.Groups) { // not required
return nil
}
for i := 0; i < len(m.Groups); i++ {
if swag.IsZero(m.Groups[i]) { // not required
continue
}
if m.Groups[i] != nil {
if err := m.Groups[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("groups" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("groups" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) validatePolicies(formats strfmt.Registry) error {
if swag.IsZero(m.Policies) { // not required
return nil
}
for i := 0; i < len(m.Policies); i++ {
if swag.IsZero(m.Policies[i]) { // not required
continue
}
if m.Policies[i] != nil {
if err := m.Policies[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("policies" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("policies" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) validateUsers(formats strfmt.Registry) error {
if swag.IsZero(m.Users) { // not required
return nil
}
for i := 0; i < len(m.Users); i++ {
if swag.IsZero(m.Users[i]) { // not required
continue
}
if m.Users[i] != nil {
if err := m.Users[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("users" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("users" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// ContextValidate validate this ldap entities based on the context it is used
func (m *LdapEntities) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
var res []error
if err := m.contextValidateGroups(ctx, formats); err != nil {
res = append(res, err)
}
if err := m.contextValidatePolicies(ctx, formats); err != nil {
res = append(res, err)
}
if err := m.contextValidateUsers(ctx, formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *LdapEntities) contextValidateGroups(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Groups); i++ {
if m.Groups[i] != nil {
if err := m.Groups[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("groups" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("groups" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) contextValidatePolicies(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Policies); i++ {
if m.Policies[i] != nil {
if err := m.Policies[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("policies" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("policies" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
func (m *LdapEntities) contextValidateUsers(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.Users); i++ {
if m.Users[i] != nil {
if err := m.Users[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("users" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("users" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// MarshalBinary interface implementation
func (m *LdapEntities) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapEntities) UnmarshalBinary(b []byte) error {
var res LdapEntities
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

73
models/ldap_entities_request.go Normal file
View File

@@ -0,0 +1,73 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapEntitiesRequest ldap entities request
//
// swagger:model ldapEntitiesRequest
type LdapEntitiesRequest struct {
// groups
Groups []string `json:"groups"`
// policies
Policies []string `json:"policies"`
// users
Users []string `json:"users"`
}
// Validate validates this ldap entities request
func (m *LdapEntitiesRequest) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap entities request based on context it is used
func (m *LdapEntitiesRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapEntitiesRequest) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapEntitiesRequest) UnmarshalBinary(b []byte) error {
var res LdapEntitiesRequest
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

70
models/ldap_group_policy_entity.go Normal file
View File

@@ -0,0 +1,70 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapGroupPolicyEntity ldap group policy entity
//
// swagger:model ldapGroupPolicyEntity
type LdapGroupPolicyEntity struct {
// group
Group string `json:"group,omitempty"`
// policies
Policies []string `json:"policies"`
}
// Validate validates this ldap group policy entity
func (m *LdapGroupPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap group policy entity based on context it is used
func (m *LdapGroupPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapGroupPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapGroupPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapGroupPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

73
models/ldap_policy_entity.go Normal file
View File

@@ -0,0 +1,73 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapPolicyEntity ldap policy entity
//
// swagger:model ldapPolicyEntity
type LdapPolicyEntity struct {
// groups
Groups []string `json:"groups"`
// policy
Policy string `json:"policy,omitempty"`
// users
Users []string `json:"users"`
}
// Validate validates this ldap policy entity
func (m *LdapPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap policy entity based on context it is used
func (m *LdapPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

70
models/ldap_user_policy_entity.go Normal file
View File

@@ -0,0 +1,70 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// LdapUserPolicyEntity ldap user policy entity
//
// swagger:model ldapUserPolicyEntity
type LdapUserPolicyEntity struct {
// policies
Policies []string `json:"policies"`
// user
User string `json:"user,omitempty"`
}
// Validate validates this ldap user policy entity
func (m *LdapUserPolicyEntity) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this ldap user policy entity based on context it is used
func (m *LdapUserPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *LdapUserPolicyEntity) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *LdapUserPolicyEntity) UnmarshalBinary(b []byte) error {
var res LdapUserPolicyEntity
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

17
restapi/admin_client_mock.go
View File

@@ -79,12 +79,13 @@ var (
minioGetUserInfoMock func(accessKey string) (madmin.UserInfo, error)
minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error
minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
minioUpdateServiceAccountMock func(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error
minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
minioUpdateServiceAccountMock func(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error
minioGetLDAPPolicyEntitiesMock func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
)
func (ac AdminClientMock) serverInfo(ctx context.Context) (madmin.InfoMessage, error) {
@@ -391,3 +392,7 @@ func (ac AdminClientMock) infoServiceAccount(ctx context.Context, serviceAccount
func (ac AdminClientMock) updateServiceAccount(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error {
return minioUpdateServiceAccountMock(ctx, serviceAccount, opts)
}
func (ac AdminClientMock) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return minioGetLDAPPolicyEntitiesMock(ctx, query)
}

78
restapi/admin_idp.go
View File

@@ -20,6 +20,7 @@ package restapi
import (
"context"
"fmt"
"time"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
@@ -66,6 +67,13 @@ func registerIDPHandlers(api *operations.ConsoleAPI) {
}
return idp.NewGetConfigurationOK().WithPayload(response)
})
api.IdpGetLDAPEntitiesHandler = idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, session *models.Principal) middleware.Responder {
response, err := getLDAPEntitiesResponse(session, params)
if err != nil {
return idp.NewGetLDAPEntitiesDefault(int(err.Code)).WithPayload(err)
}
return idp.NewGetLDAPEntitiesOK().WithPayload(response)
})
}
func createIDPConfigurationResponse(session *models.Principal, params idp.CreateConfigurationParams) (*models.SetIDPResponse, *models.Error) {
@@ -208,3 +216,73 @@ func parseIDPConfigurationsInfo(infoList []madmin.IDPCfgInfo) (results []*models
}
return results
}
func getLDAPEntitiesResponse(session *models.Principal, params idp.GetLDAPEntitiesParams) (*models.LdapEntities, *models.Error) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel()
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
result, err := getEntitiesResult(ctx, AdminClient{Client: mAdmin}, params.Body.Users, params.Body.Groups, params.Body.Policies)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
return result, nil
}
func getEntitiesResult(ctx context.Context, client MinioAdmin, users, groups, policies []string) (*models.LdapEntities, error) {
entities, err := client.getLDAPPolicyEntities(ctx, madmin.PolicyEntitiesQuery{
Users: users,
Groups: groups,
Policy: policies,
})
if err != nil {
return nil, err
}
var result models.LdapEntities
var usersEntity []*models.LdapUserPolicyEntity
var groupsEntity []*models.LdapGroupPolicyEntity
var policiesEntity []*models.LdapPolicyEntity
result.Timestamp = entities.Timestamp.Format(time.RFC3339)
for _, userMapping := range entities.UserMappings {
mapItem := models.LdapUserPolicyEntity{
User: userMapping.User,
Policies: userMapping.Policies,
}
usersEntity = append(usersEntity, &mapItem)
}
result.Users = usersEntity
for _, groupsMapping := range entities.GroupMappings {
mapItem := models.LdapGroupPolicyEntity{
Group: groupsMapping.Group,
Policies: groupsMapping.Policies,
}
groupsEntity = append(groupsEntity, &mapItem)
}
result.Groups = groupsEntity
for _, policyMapping := range entities.PolicyMappings {
mapItem := models.LdapPolicyEntity{
Policy: policyMapping.Policy,
Users: policyMapping.Users,
Groups: policyMapping.Groups,
}
policiesEntity = append(policiesEntity, &mapItem)
}
result.Policies = policiesEntity
return &result, nil
}

85
restapi/admin_idp_test.go
View File

@@ -18,11 +18,15 @@ package restapi
import (
"context"
"errors"
"fmt"
"net/http"
"net/http/httptest"
"os"
"testing"
"github.com/minio/madmin-go/v2"
"github.com/minio/console/models"
"github.com/minio/console/restapi/operations"
"github.com/minio/console/restapi/operations/idp"
@@ -232,3 +236,84 @@ func (suite *IDPTestSuite) TestGetIDPConfigurationWithWrongType() {
func TestIDP(t *testing.T) {
suite.Run(t, new(IDPTestSuite))
}
func TestGetEntitiesResult(t *testing.T) {
assert := assert.New(t)
// mock minIO client
client := AdminClientMock{}
function := "getEntitiesResult()"
usersList := []string{"user1", "user2", "user3"}
policiesList := []string{"policy1", "policy2", "policy3"}
groupsList := []string{"group1", "group3", "group5"}
policyMap := []madmin.PolicyEntities{
{Policy: "testPolicy0", Groups: groupsList, Users: usersList},
{Policy: "testPolicy1", Groups: groupsList, Users: usersList},
}
usersMap := []madmin.UserPolicyEntities{
{User: "testUser0", Policies: policiesList},
{User: "testUser1", Policies: policiesList},
}
groupsMap := []madmin.GroupPolicyEntities{
{Group: "group0", Policies: policiesList},
{Group: "group1", Policies: policiesList},
}
// Test-1: getEntitiesResult list all information provided
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
mockResponse := madmin.PolicyEntitiesResult{
PolicyMappings: policyMap,
GroupMappings: groupsMap,
UserMappings: usersMap,
}
minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return mockResponse, nil
}
entities, err := getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
if err != nil {
t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
}
for i, groupIt := range entities.Groups {
assert.Equal(fmt.Sprintf("group%d", i), groupIt.Group)
for i, polItm := range groupIt.Policies {
assert.Equal(policiesList[i], polItm)
}
}
for i, usrIt := range entities.Users {
assert.Equal(fmt.Sprintf("testUser%d", i), usrIt.User)
for i, polItm := range usrIt.Policies {
assert.Equal(policiesList[i], polItm)
}
}
for i, policyIt := range entities.Policies {
assert.Equal(fmt.Sprintf("testPolicy%d", i), policyIt.Policy)
for i, userItm := range policyIt.Users {
assert.Equal(usersList[i], userItm)
}
for i, grItm := range policyIt.Groups {
assert.Equal(groupsList[i], grItm)
}
}
// Test-2: getEntitiesResult error is returned from getLDAPPolicyEntities()
minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return madmin.PolicyEntitiesResult{}, errors.New("error")
}
_, err = getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
if assert.Error(err) {
assert.Equal("error", err.Error())
}
}

7
restapi/client-admin.go
View File

@@ -157,6 +157,9 @@ type MinioAdmin interface {
listIDPConfig(ctx context.Context, idpType string) ([]madmin.IDPListItem, error)
deleteIDPConfig(ctx context.Context, idpType, cfgName string) (restart bool, err error)
getIDPConfig(ctx context.Context, cfgType, cfgName string) (c madmin.IDPConfig, err error)
// LDAP
getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
}
// Interface implementation
@@ -725,3 +728,7 @@ func (ac AdminClient) deleteIDPConfig(ctx context.Context, idpType, cfgName stri
func (ac AdminClient) getIDPConfig(ctx context.Context, idpType, cfgName string) (c madmin.IDPConfig, err error) {
return ac.Client.GetIDPConfig(ctx, idpType, cfgName)
}
func (ac AdminClient) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
return ac.Client.GetLDAPPolicyEntities(ctx, query)
}

260
restapi/embedded_spec.go
View File

@@ -3620,6 +3620,39 @@ func init() {
}
}
},
"/ldap-entities": {
"post": {
"tags": [
"idp"
],
"summary": "Get LDAP Entities",
"operationId": "GetLDAPEntities",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ldapEntitiesRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/ldapEntities"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/list-external-buckets": {
"post": {
"tags": [
@@ -6668,6 +6701,103 @@ func init() {
}
}
},
"ldapEntities": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapGroupPolicyEntity"
}
},
"policies": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapPolicyEntity"
}
},
"timestamp": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapUserPolicyEntity"
}
}
}
},
"ldapEntitiesRequest": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapGroupPolicyEntity": {
"type": "object",
"properties": {
"group": {
"type": "string"
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapPolicyEntity": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policy": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapUserPolicyEntity": {
"type": "object",
"properties": {
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"user": {
"type": "string"
}
}
},
"license": {
"type": "object",
"properties": {
@@ -12475,6 +12605,39 @@ func init() {
}
}
},
"/ldap-entities": {
"post": {
"tags": [
"idp"
],
"summary": "Get LDAP Entities",
"operationId": "GetLDAPEntities",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/ldapEntitiesRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/ldapEntities"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/list-external-buckets": {
"post": {
"tags": [
@@ -15652,6 +15815,103 @@ func init() {
}
}
},
"ldapEntities": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapGroupPolicyEntity"
}
},
"policies": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapPolicyEntity"
}
},
"timestamp": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"$ref": "#/definitions/ldapUserPolicyEntity"
}
}
}
},
"ldapEntitiesRequest": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapGroupPolicyEntity": {
"type": "object",
"properties": {
"group": {
"type": "string"
},
"policies": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapPolicyEntity": {
"type": "object",
"properties": {
"groups": {
"type": "array",
"items": {
"type": "string"
}
},
"policy": {
"type": "string"
},
"users": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"ldapUserPolicyEntity": {
"type": "object",
"properties": {
"policies": {
"type": "array",
"items": {
"type": "string"
}
},
"user": {
"type": "string"
}
}
},
"license": {
"type": "object",
"properties": {

12
restapi/operations/console_api.go
View File

@@ -253,6 +253,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
IdpGetConfigurationHandler: idp.GetConfigurationHandlerFunc(func(params idp.GetConfigurationParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation idp.GetConfiguration has not yet been implemented")
}),
IdpGetLDAPEntitiesHandler: idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation idp.GetLDAPEntities has not yet been implemented")
}),
ObjectGetObjectMetadataHandler: object.GetObjectMetadataHandlerFunc(func(params object.GetObjectMetadataParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation object.GetObjectMetadata has not yet been implemented")
}),
@@ -726,6 +729,8 @@ type ConsoleAPI struct {
SupportGetCallHomeOptionValueHandler support.GetCallHomeOptionValueHandler
// IdpGetConfigurationHandler sets the operation handler for the get configuration operation
IdpGetConfigurationHandler idp.GetConfigurationHandler
// IdpGetLDAPEntitiesHandler sets the operation handler for the get l d a p entities operation
IdpGetLDAPEntitiesHandler idp.GetLDAPEntitiesHandler
// ObjectGetObjectMetadataHandler sets the operation handler for the get object metadata operation
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
@@ -1182,6 +1187,9 @@ func (o *ConsoleAPI) Validate() error {
if o.IdpGetConfigurationHandler == nil {
unregistered = append(unregistered, "idp.GetConfigurationHandler")
}
if o.IdpGetLDAPEntitiesHandler == nil {
unregistered = append(unregistered, "idp.GetLDAPEntitiesHandler")
}
if o.ObjectGetObjectMetadataHandler == nil {
unregistered = append(unregistered, "object.GetObjectMetadataHandler")
}
@@ -1809,6 +1817,10 @@ func (o *ConsoleAPI) initHandlerCache() {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/idp/{type}/{name}"] = idp.NewGetConfiguration(o.context, o.IdpGetConfigurationHandler)
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/ldap-entities"] = idp.NewGetLDAPEntities(o.context, o.IdpGetLDAPEntitiesHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}

88
restapi/operations/idp/get_l_d_a_p_entities.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// GetLDAPEntitiesHandlerFunc turns a function with the right signature into a get l d a p entities handler
type GetLDAPEntitiesHandlerFunc func(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn GetLDAPEntitiesHandlerFunc) Handle(params GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// GetLDAPEntitiesHandler interface for that can handle valid get l d a p entities params
type GetLDAPEntitiesHandler interface {
Handle(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
}
// NewGetLDAPEntities creates a new http.Handler for the get l d a p entities operation
func NewGetLDAPEntities(ctx *middleware.Context, handler GetLDAPEntitiesHandler) *GetLDAPEntities {
return &GetLDAPEntities{Context: ctx, Handler: handler}
}
/*
GetLDAPEntities swagger:route POST /ldap-entities idp getLDAPEntities
Get LDAP Entities
*/
type GetLDAPEntities struct {
Context *middleware.Context
Handler GetLDAPEntitiesHandler
}
func (o *GetLDAPEntities) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewGetLDAPEntitiesParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

101
restapi/operations/idp/get_l_d_a_p_entities_parameters.go Normal file
View File

@@ -0,0 +1,101 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"io"
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/validate"
"github.com/minio/console/models"
)
// NewGetLDAPEntitiesParams creates a new GetLDAPEntitiesParams object
//
// There are no default values defined in the spec.
func NewGetLDAPEntitiesParams() GetLDAPEntitiesParams {
return GetLDAPEntitiesParams{}
}
// GetLDAPEntitiesParams contains all the bound params for the get l d a p entities operation
// typically these are obtained from a http.Request
//
// swagger:parameters GetLDAPEntities
type GetLDAPEntitiesParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: body
*/
Body *models.LdapEntitiesRequest
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewGetLDAPEntitiesParams() beforehand.
func (o *GetLDAPEntitiesParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if runtime.HasBody(r) {
defer r.Body.Close()
var body models.LdapEntitiesRequest
if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF {
res = append(res, errors.Required("body", "body", ""))
} else {
res = append(res, errors.NewParseError("body", "body", "", err))
}
} else {
// validate body object
if err := body.Validate(route.Formats); err != nil {
res = append(res, err)
}
ctx := validate.WithOperationRequest(r.Context())
if err := body.ContextValidate(ctx, route.Formats); err != nil {
res = append(res, err)
}
if len(res) == 0 {
o.Body = &body
}
}
} else {
res = append(res, errors.Required("body", "body", ""))
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

135
restapi/operations/idp/get_l_d_a_p_entities_responses.go Normal file
View File

@@ -0,0 +1,135 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetLDAPEntitiesOKCode is the HTTP code returned for type GetLDAPEntitiesOK
const GetLDAPEntitiesOKCode int = 200
/*
GetLDAPEntitiesOK A successful response.
swagger:response getLDAPEntitiesOK
*/
type GetLDAPEntitiesOK struct {
/*
In: Body
*/
Payload *models.LdapEntities `json:"body,omitempty"`
}
// NewGetLDAPEntitiesOK creates GetLDAPEntitiesOK with default headers values
func NewGetLDAPEntitiesOK() *GetLDAPEntitiesOK {
return &GetLDAPEntitiesOK{}
}
// WithPayload adds the payload to the get l d a p entities o k response
func (o *GetLDAPEntitiesOK) WithPayload(payload *models.LdapEntities) *GetLDAPEntitiesOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get l d a p entities o k response
func (o *GetLDAPEntitiesOK) SetPayload(payload *models.LdapEntities) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetLDAPEntitiesOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*
GetLDAPEntitiesDefault Generic error response.
swagger:response getLDAPEntitiesDefault
*/
type GetLDAPEntitiesDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewGetLDAPEntitiesDefault creates GetLDAPEntitiesDefault with default headers values
func NewGetLDAPEntitiesDefault(code int) *GetLDAPEntitiesDefault {
if code <= 0 {
code = 500
}
return &GetLDAPEntitiesDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) WithStatusCode(code int) *GetLDAPEntitiesDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) WithPayload(payload *models.Error) *GetLDAPEntitiesDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get l d a p entities default response
func (o *GetLDAPEntitiesDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetLDAPEntitiesDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/idp/get_l_d_a_p_entities_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2023 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package idp
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// GetLDAPEntitiesURL generates an URL for the get l d a p entities operation
type GetLDAPEntitiesURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetLDAPEntitiesURL) WithBasePath(bp string) *GetLDAPEntitiesURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetLDAPEntitiesURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *GetLDAPEntitiesURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/ldap-entities"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *GetLDAPEntitiesURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *GetLDAPEntitiesURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *GetLDAPEntitiesURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on GetLDAPEntitiesURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on GetLDAPEntitiesURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *GetLDAPEntitiesURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

91
swagger.yml
View File

@@ -3452,6 +3452,29 @@ paths:
$ref: "#/definitions/error"
tags:
- idp
/ldap-entities:
post:
summary: Get LDAP Entities
operationId: GetLDAPEntities
parameters:
- name: body
in: body
required: true
schema:
$ref: "#/definitions/ldapEntitiesRequest"
responses:
200:
description: A successful response.
schema:
$ref: "#/definitions/ldapEntities"
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- idp
/releases:
get:
summary: Get repo releases for a given version
@@ -6049,3 +6072,71 @@ definitions:
type: boolean
logsState:
type: boolean
ldapEntitiesRequest:
type: object
properties:
users:
type: array
items:
type: string
groups:
type: array
items:
type: string
policies:
type: array
items:
type: string
ldapEntities:
type: object
properties:
timestamp:
type: string
users:
type: array
items:
$ref: "#/definitions/ldapUserPolicyEntity"
groups:
type: array
items:
$ref: "#/definitions/ldapGroupPolicyEntity"
policies:
type: array
items:
$ref: "#/definitions/ldapPolicyEntity"
ldapUserPolicyEntity:
type: object
properties:
user:
type: string
policies:
type: array
items:
type: string
ldapGroupPolicyEntity:
type: object
properties:
group:
type: string
policies:
type: array
items:
type: string
ldapPolicyEntity:
type: object
properties:
policy:
type: string
users:
type: array
items:
type: string
groups:
type: array
items:
type: string