diff --git a/models/ldap_entities.go b/models/ldap_entities.go
new file mode 100644
index 000000000..83bafe382
--- /dev/null
+++ b/models/ldap_entities.go
@@ -0,0 +1,250 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "context"
+ "strconv"
+
+ "github.com/go-openapi/errors"
+ "github.com/go-openapi/strfmt"
+ "github.com/go-openapi/swag"
+)
+
+// LdapEntities ldap entities
+//
+// swagger:model ldapEntities
+type LdapEntities struct {
+
+ // groups
+ Groups []*LdapGroupPolicyEntity `json:"groups"`
+
+ // policies
+ Policies []*LdapPolicyEntity `json:"policies"`
+
+ // timestamp
+ Timestamp string `json:"timestamp,omitempty"`
+
+ // users
+ Users []*LdapUserPolicyEntity `json:"users"`
+}
+
+// Validate validates this ldap entities
+func (m *LdapEntities) Validate(formats strfmt.Registry) error {
+ var res []error
+
+ if err := m.validateGroups(formats); err != nil {
+ res = append(res, err)
+ }
+
+ if err := m.validatePolicies(formats); err != nil {
+ res = append(res, err)
+ }
+
+ if err := m.validateUsers(formats); err != nil {
+ res = append(res, err)
+ }
+
+ if len(res) > 0 {
+ return errors.CompositeValidationError(res...)
+ }
+ return nil
+}
+
+func (m *LdapEntities) validateGroups(formats strfmt.Registry) error {
+ if swag.IsZero(m.Groups) { // not required
+ return nil
+ }
+
+ for i := 0; i < len(m.Groups); i++ {
+ if swag.IsZero(m.Groups[i]) { // not required
+ continue
+ }
+
+ if m.Groups[i] != nil {
+ if err := m.Groups[i].Validate(formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("groups" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("groups" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+func (m *LdapEntities) validatePolicies(formats strfmt.Registry) error {
+ if swag.IsZero(m.Policies) { // not required
+ return nil
+ }
+
+ for i := 0; i < len(m.Policies); i++ {
+ if swag.IsZero(m.Policies[i]) { // not required
+ continue
+ }
+
+ if m.Policies[i] != nil {
+ if err := m.Policies[i].Validate(formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("policies" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("policies" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+func (m *LdapEntities) validateUsers(formats strfmt.Registry) error {
+ if swag.IsZero(m.Users) { // not required
+ return nil
+ }
+
+ for i := 0; i < len(m.Users); i++ {
+ if swag.IsZero(m.Users[i]) { // not required
+ continue
+ }
+
+ if m.Users[i] != nil {
+ if err := m.Users[i].Validate(formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("users" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("users" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+// ContextValidate validate this ldap entities based on the context it is used
+func (m *LdapEntities) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+ var res []error
+
+ if err := m.contextValidateGroups(ctx, formats); err != nil {
+ res = append(res, err)
+ }
+
+ if err := m.contextValidatePolicies(ctx, formats); err != nil {
+ res = append(res, err)
+ }
+
+ if err := m.contextValidateUsers(ctx, formats); err != nil {
+ res = append(res, err)
+ }
+
+ if len(res) > 0 {
+ return errors.CompositeValidationError(res...)
+ }
+ return nil
+}
+
+func (m *LdapEntities) contextValidateGroups(ctx context.Context, formats strfmt.Registry) error {
+
+ for i := 0; i < len(m.Groups); i++ {
+
+ if m.Groups[i] != nil {
+ if err := m.Groups[i].ContextValidate(ctx, formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("groups" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("groups" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+func (m *LdapEntities) contextValidatePolicies(ctx context.Context, formats strfmt.Registry) error {
+
+ for i := 0; i < len(m.Policies); i++ {
+
+ if m.Policies[i] != nil {
+ if err := m.Policies[i].ContextValidate(ctx, formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("policies" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("policies" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+func (m *LdapEntities) contextValidateUsers(ctx context.Context, formats strfmt.Registry) error {
+
+ for i := 0; i < len(m.Users); i++ {
+
+ if m.Users[i] != nil {
+ if err := m.Users[i].ContextValidate(ctx, formats); err != nil {
+ if ve, ok := err.(*errors.Validation); ok {
+ return ve.ValidateName("users" + "." + strconv.Itoa(i))
+ } else if ce, ok := err.(*errors.CompositeError); ok {
+ return ce.ValidateName("users" + "." + strconv.Itoa(i))
+ }
+ return err
+ }
+ }
+
+ }
+
+ return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LdapEntities) MarshalBinary() ([]byte, error) {
+ if m == nil {
+ return nil, nil
+ }
+ return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LdapEntities) UnmarshalBinary(b []byte) error {
+ var res LdapEntities
+ if err := swag.ReadJSON(b, &res); err != nil {
+ return err
+ }
+ *m = res
+ return nil
+}
diff --git a/models/ldap_entities_request.go b/models/ldap_entities_request.go
new file mode 100644
index 000000000..678c4e421
--- /dev/null
+++ b/models/ldap_entities_request.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "context"
+
+ "github.com/go-openapi/strfmt"
+ "github.com/go-openapi/swag"
+)
+
+// LdapEntitiesRequest ldap entities request
+//
+// swagger:model ldapEntitiesRequest
+type LdapEntitiesRequest struct {
+
+ // groups
+ Groups []string `json:"groups"`
+
+ // policies
+ Policies []string `json:"policies"`
+
+ // users
+ Users []string `json:"users"`
+}
+
+// Validate validates this ldap entities request
+func (m *LdapEntitiesRequest) Validate(formats strfmt.Registry) error {
+ return nil
+}
+
+// ContextValidate validates this ldap entities request based on context it is used
+func (m *LdapEntitiesRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+ return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LdapEntitiesRequest) MarshalBinary() ([]byte, error) {
+ if m == nil {
+ return nil, nil
+ }
+ return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LdapEntitiesRequest) UnmarshalBinary(b []byte) error {
+ var res LdapEntitiesRequest
+ if err := swag.ReadJSON(b, &res); err != nil {
+ return err
+ }
+ *m = res
+ return nil
+}
diff --git a/models/ldap_group_policy_entity.go b/models/ldap_group_policy_entity.go
new file mode 100644
index 000000000..cf7c68a91
--- /dev/null
+++ b/models/ldap_group_policy_entity.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "context"
+
+ "github.com/go-openapi/strfmt"
+ "github.com/go-openapi/swag"
+)
+
+// LdapGroupPolicyEntity ldap group policy entity
+//
+// swagger:model ldapGroupPolicyEntity
+type LdapGroupPolicyEntity struct {
+
+ // group
+ Group string `json:"group,omitempty"`
+
+ // policies
+ Policies []string `json:"policies"`
+}
+
+// Validate validates this ldap group policy entity
+func (m *LdapGroupPolicyEntity) Validate(formats strfmt.Registry) error {
+ return nil
+}
+
+// ContextValidate validates this ldap group policy entity based on context it is used
+func (m *LdapGroupPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+ return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LdapGroupPolicyEntity) MarshalBinary() ([]byte, error) {
+ if m == nil {
+ return nil, nil
+ }
+ return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LdapGroupPolicyEntity) UnmarshalBinary(b []byte) error {
+ var res LdapGroupPolicyEntity
+ if err := swag.ReadJSON(b, &res); err != nil {
+ return err
+ }
+ *m = res
+ return nil
+}
diff --git a/models/ldap_policy_entity.go b/models/ldap_policy_entity.go
new file mode 100644
index 000000000..0b37916f1
--- /dev/null
+++ b/models/ldap_policy_entity.go
@@ -0,0 +1,73 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "context"
+
+ "github.com/go-openapi/strfmt"
+ "github.com/go-openapi/swag"
+)
+
+// LdapPolicyEntity ldap policy entity
+//
+// swagger:model ldapPolicyEntity
+type LdapPolicyEntity struct {
+
+ // groups
+ Groups []string `json:"groups"`
+
+ // policy
+ Policy string `json:"policy,omitempty"`
+
+ // users
+ Users []string `json:"users"`
+}
+
+// Validate validates this ldap policy entity
+func (m *LdapPolicyEntity) Validate(formats strfmt.Registry) error {
+ return nil
+}
+
+// ContextValidate validates this ldap policy entity based on context it is used
+func (m *LdapPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+ return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LdapPolicyEntity) MarshalBinary() ([]byte, error) {
+ if m == nil {
+ return nil, nil
+ }
+ return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LdapPolicyEntity) UnmarshalBinary(b []byte) error {
+ var res LdapPolicyEntity
+ if err := swag.ReadJSON(b, &res); err != nil {
+ return err
+ }
+ *m = res
+ return nil
+}
diff --git a/models/ldap_user_policy_entity.go b/models/ldap_user_policy_entity.go
new file mode 100644
index 000000000..2e65651b7
--- /dev/null
+++ b/models/ldap_user_policy_entity.go
@@ -0,0 +1,70 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package models
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "context"
+
+ "github.com/go-openapi/strfmt"
+ "github.com/go-openapi/swag"
+)
+
+// LdapUserPolicyEntity ldap user policy entity
+//
+// swagger:model ldapUserPolicyEntity
+type LdapUserPolicyEntity struct {
+
+ // policies
+ Policies []string `json:"policies"`
+
+ // user
+ User string `json:"user,omitempty"`
+}
+
+// Validate validates this ldap user policy entity
+func (m *LdapUserPolicyEntity) Validate(formats strfmt.Registry) error {
+ return nil
+}
+
+// ContextValidate validates this ldap user policy entity based on context it is used
+func (m *LdapUserPolicyEntity) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+ return nil
+}
+
+// MarshalBinary interface implementation
+func (m *LdapUserPolicyEntity) MarshalBinary() ([]byte, error) {
+ if m == nil {
+ return nil, nil
+ }
+ return swag.WriteJSON(m)
+}
+
+// UnmarshalBinary interface implementation
+func (m *LdapUserPolicyEntity) UnmarshalBinary(b []byte) error {
+ var res LdapUserPolicyEntity
+ if err := swag.ReadJSON(b, &res); err != nil {
+ return err
+ }
+ *m = res
+ return nil
+}
diff --git a/restapi/admin_client_mock.go b/restapi/admin_client_mock.go
index 93f11cb80..bc5f2dbe2 100644
--- a/restapi/admin_client_mock.go
+++ b/restapi/admin_client_mock.go
@@ -79,12 +79,13 @@ var (
minioGetUserInfoMock func(accessKey string) (madmin.UserInfo, error)
minioSetUserStatusMock func(accessKey string, status madmin.AccountStatus) error
- minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
- minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
- minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
- minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
- minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
- minioUpdateServiceAccountMock func(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error
+ minioAccountInfoMock func(ctx context.Context) (madmin.AccountInfo, error)
+ minioAddServiceAccountMock func(ctx context.Context, policy *iampolicy.Policy, user string, accessKey string, secretKey string) (madmin.Credentials, error)
+ minioListServiceAccountsMock func(ctx context.Context, user string) (madmin.ListServiceAccountsResp, error)
+ minioDeleteServiceAccountMock func(ctx context.Context, serviceAccount string) error
+ minioInfoServiceAccountMock func(ctx context.Context, serviceAccount string) (madmin.InfoServiceAccountResp, error)
+ minioUpdateServiceAccountMock func(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error
+ minioGetLDAPPolicyEntitiesMock func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
)
func (ac AdminClientMock) serverInfo(ctx context.Context) (madmin.InfoMessage, error) {
@@ -391,3 +392,7 @@ func (ac AdminClientMock) infoServiceAccount(ctx context.Context, serviceAccount
func (ac AdminClientMock) updateServiceAccount(ctx context.Context, serviceAccount string, opts madmin.UpdateServiceAccountReq) error {
return minioUpdateServiceAccountMock(ctx, serviceAccount, opts)
}
+
+func (ac AdminClientMock) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
+ return minioGetLDAPPolicyEntitiesMock(ctx, query)
+}
diff --git a/restapi/admin_idp.go b/restapi/admin_idp.go
index bef2f8cd5..b6498faf3 100644
--- a/restapi/admin_idp.go
+++ b/restapi/admin_idp.go
@@ -20,6 +20,7 @@ package restapi
import (
"context"
"fmt"
+ "time"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
@@ -66,6 +67,13 @@ func registerIDPHandlers(api *operations.ConsoleAPI) {
}
return idp.NewGetConfigurationOK().WithPayload(response)
})
+ api.IdpGetLDAPEntitiesHandler = idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, session *models.Principal) middleware.Responder {
+ response, err := getLDAPEntitiesResponse(session, params)
+ if err != nil {
+ return idp.NewGetLDAPEntitiesDefault(int(err.Code)).WithPayload(err)
+ }
+ return idp.NewGetLDAPEntitiesOK().WithPayload(response)
+ })
}
func createIDPConfigurationResponse(session *models.Principal, params idp.CreateConfigurationParams) (*models.SetIDPResponse, *models.Error) {
@@ -208,3 +216,73 @@ func parseIDPConfigurationsInfo(infoList []madmin.IDPCfgInfo) (results []*models
}
return results
}
+
+func getLDAPEntitiesResponse(session *models.Principal, params idp.GetLDAPEntitiesParams) (*models.LdapEntities, *models.Error) {
+ ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
+ defer cancel()
+ mAdmin, err := NewMinioAdminClient(session)
+ if err != nil {
+ return nil, ErrorWithContext(ctx, err)
+ }
+
+ result, err := getEntitiesResult(ctx, AdminClient{Client: mAdmin}, params.Body.Users, params.Body.Groups, params.Body.Policies)
+ if err != nil {
+ return nil, ErrorWithContext(ctx, err)
+ }
+
+ return result, nil
+}
+
+func getEntitiesResult(ctx context.Context, client MinioAdmin, users, groups, policies []string) (*models.LdapEntities, error) {
+ entities, err := client.getLDAPPolicyEntities(ctx, madmin.PolicyEntitiesQuery{
+ Users: users,
+ Groups: groups,
+ Policy: policies,
+ })
+ if err != nil {
+ return nil, err
+ }
+
+ var result models.LdapEntities
+ var usersEntity []*models.LdapUserPolicyEntity
+ var groupsEntity []*models.LdapGroupPolicyEntity
+ var policiesEntity []*models.LdapPolicyEntity
+
+ result.Timestamp = entities.Timestamp.Format(time.RFC3339)
+
+ for _, userMapping := range entities.UserMappings {
+ mapItem := models.LdapUserPolicyEntity{
+ User: userMapping.User,
+ Policies: userMapping.Policies,
+ }
+
+ usersEntity = append(usersEntity, &mapItem)
+ }
+
+ result.Users = usersEntity
+
+ for _, groupsMapping := range entities.GroupMappings {
+ mapItem := models.LdapGroupPolicyEntity{
+ Group: groupsMapping.Group,
+ Policies: groupsMapping.Policies,
+ }
+
+ groupsEntity = append(groupsEntity, &mapItem)
+ }
+
+ result.Groups = groupsEntity
+
+ for _, policyMapping := range entities.PolicyMappings {
+ mapItem := models.LdapPolicyEntity{
+ Policy: policyMapping.Policy,
+ Users: policyMapping.Users,
+ Groups: policyMapping.Groups,
+ }
+
+ policiesEntity = append(policiesEntity, &mapItem)
+ }
+
+ result.Policies = policiesEntity
+
+ return &result, nil
+}
diff --git a/restapi/admin_idp_test.go b/restapi/admin_idp_test.go
index fc3a14814..1eed6f4e5 100644
--- a/restapi/admin_idp_test.go
+++ b/restapi/admin_idp_test.go
@@ -18,11 +18,15 @@ package restapi
import (
"context"
+ "errors"
+ "fmt"
"net/http"
"net/http/httptest"
"os"
"testing"
+ "github.com/minio/madmin-go/v2"
+
"github.com/minio/console/models"
"github.com/minio/console/restapi/operations"
"github.com/minio/console/restapi/operations/idp"
@@ -232,3 +236,84 @@ func (suite *IDPTestSuite) TestGetIDPConfigurationWithWrongType() {
func TestIDP(t *testing.T) {
suite.Run(t, new(IDPTestSuite))
}
+
+func TestGetEntitiesResult(t *testing.T) {
+ assert := assert.New(t)
+ // mock minIO client
+ client := AdminClientMock{}
+ function := "getEntitiesResult()"
+
+ usersList := []string{"user1", "user2", "user3"}
+ policiesList := []string{"policy1", "policy2", "policy3"}
+ groupsList := []string{"group1", "group3", "group5"}
+
+ policyMap := []madmin.PolicyEntities{
+ {Policy: "testPolicy0", Groups: groupsList, Users: usersList},
+ {Policy: "testPolicy1", Groups: groupsList, Users: usersList},
+ }
+
+ usersMap := []madmin.UserPolicyEntities{
+ {User: "testUser0", Policies: policiesList},
+ {User: "testUser1", Policies: policiesList},
+ }
+
+ groupsMap := []madmin.GroupPolicyEntities{
+ {Group: "group0", Policies: policiesList},
+ {Group: "group1", Policies: policiesList},
+ }
+
+ // Test-1: getEntitiesResult list all information provided
+ ctx, cancel := context.WithCancel(context.Background())
+ defer cancel()
+ mockResponse := madmin.PolicyEntitiesResult{
+ PolicyMappings: policyMap,
+ GroupMappings: groupsMap,
+ UserMappings: usersMap,
+ }
+ minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
+ return mockResponse, nil
+ }
+
+ entities, err := getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
+ if err != nil {
+ t.Errorf("Failed on %s:, error occurred: %s", function, err.Error())
+ }
+
+ for i, groupIt := range entities.Groups {
+ assert.Equal(fmt.Sprintf("group%d", i), groupIt.Group)
+
+ for i, polItm := range groupIt.Policies {
+ assert.Equal(policiesList[i], polItm)
+ }
+ }
+
+ for i, usrIt := range entities.Users {
+ assert.Equal(fmt.Sprintf("testUser%d", i), usrIt.User)
+
+ for i, polItm := range usrIt.Policies {
+ assert.Equal(policiesList[i], polItm)
+ }
+ }
+
+ for i, policyIt := range entities.Policies {
+ assert.Equal(fmt.Sprintf("testPolicy%d", i), policyIt.Policy)
+
+ for i, userItm := range policyIt.Users {
+ assert.Equal(usersList[i], userItm)
+ }
+
+ for i, grItm := range policyIt.Groups {
+ assert.Equal(groupsList[i], grItm)
+ }
+ }
+
+ // Test-2: getEntitiesResult error is returned from getLDAPPolicyEntities()
+ minioGetLDAPPolicyEntitiesMock = func(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
+ return madmin.PolicyEntitiesResult{}, errors.New("error")
+ }
+
+ _, err = getEntitiesResult(ctx, client, usersList, groupsList, policiesList)
+ if assert.Error(err) {
+ assert.Equal("error", err.Error())
+ }
+}
diff --git a/restapi/client-admin.go b/restapi/client-admin.go
index d12053dcd..46565e7e4 100644
--- a/restapi/client-admin.go
+++ b/restapi/client-admin.go
@@ -157,6 +157,9 @@ type MinioAdmin interface {
listIDPConfig(ctx context.Context, idpType string) ([]madmin.IDPListItem, error)
deleteIDPConfig(ctx context.Context, idpType, cfgName string) (restart bool, err error)
getIDPConfig(ctx context.Context, cfgType, cfgName string) (c madmin.IDPConfig, err error)
+
+ // LDAP
+ getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error)
}
// Interface implementation
@@ -725,3 +728,7 @@ func (ac AdminClient) deleteIDPConfig(ctx context.Context, idpType, cfgName stri
func (ac AdminClient) getIDPConfig(ctx context.Context, idpType, cfgName string) (c madmin.IDPConfig, err error) {
return ac.Client.GetIDPConfig(ctx, idpType, cfgName)
}
+
+func (ac AdminClient) getLDAPPolicyEntities(ctx context.Context, query madmin.PolicyEntitiesQuery) (madmin.PolicyEntitiesResult, error) {
+ return ac.Client.GetLDAPPolicyEntities(ctx, query)
+}
diff --git a/restapi/embedded_spec.go b/restapi/embedded_spec.go
index 2cdbe0687..c3df7481b 100644
--- a/restapi/embedded_spec.go
+++ b/restapi/embedded_spec.go
@@ -3620,6 +3620,39 @@ func init() {
}
}
},
+ "/ldap-entities": {
+ "post": {
+ "tags": [
+ "idp"
+ ],
+ "summary": "Get LDAP Entities",
+ "operationId": "GetLDAPEntities",
+ "parameters": [
+ {
+ "name": "body",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/ldapEntitiesRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "A successful response.",
+ "schema": {
+ "$ref": "#/definitions/ldapEntities"
+ }
+ },
+ "default": {
+ "description": "Generic error response.",
+ "schema": {
+ "$ref": "#/definitions/error"
+ }
+ }
+ }
+ }
+ },
"/list-external-buckets": {
"post": {
"tags": [
@@ -6668,6 +6701,103 @@ func init() {
}
}
},
+ "ldapEntities": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapGroupPolicyEntity"
+ }
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapPolicyEntity"
+ }
+ },
+ "timestamp": {
+ "type": "string"
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapUserPolicyEntity"
+ }
+ }
+ }
+ },
+ "ldapEntitiesRequest": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapGroupPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "group": {
+ "type": "string"
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "policy": {
+ "type": "string"
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapUserPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "user": {
+ "type": "string"
+ }
+ }
+ },
"license": {
"type": "object",
"properties": {
@@ -12475,6 +12605,39 @@ func init() {
}
}
},
+ "/ldap-entities": {
+ "post": {
+ "tags": [
+ "idp"
+ ],
+ "summary": "Get LDAP Entities",
+ "operationId": "GetLDAPEntities",
+ "parameters": [
+ {
+ "name": "body",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/ldapEntitiesRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "A successful response.",
+ "schema": {
+ "$ref": "#/definitions/ldapEntities"
+ }
+ },
+ "default": {
+ "description": "Generic error response.",
+ "schema": {
+ "$ref": "#/definitions/error"
+ }
+ }
+ }
+ }
+ },
"/list-external-buckets": {
"post": {
"tags": [
@@ -15652,6 +15815,103 @@ func init() {
}
}
},
+ "ldapEntities": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapGroupPolicyEntity"
+ }
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapPolicyEntity"
+ }
+ },
+ "timestamp": {
+ "type": "string"
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ldapUserPolicyEntity"
+ }
+ }
+ }
+ },
+ "ldapEntitiesRequest": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapGroupPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "group": {
+ "type": "string"
+ },
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "groups": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "policy": {
+ "type": "string"
+ },
+ "users": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "ldapUserPolicyEntity": {
+ "type": "object",
+ "properties": {
+ "policies": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "user": {
+ "type": "string"
+ }
+ }
+ },
"license": {
"type": "object",
"properties": {
diff --git a/restapi/operations/console_api.go b/restapi/operations/console_api.go
index b4ce990be..e3cf2d745 100644
--- a/restapi/operations/console_api.go
+++ b/restapi/operations/console_api.go
@@ -253,6 +253,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
IdpGetConfigurationHandler: idp.GetConfigurationHandlerFunc(func(params idp.GetConfigurationParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation idp.GetConfiguration has not yet been implemented")
}),
+ IdpGetLDAPEntitiesHandler: idp.GetLDAPEntitiesHandlerFunc(func(params idp.GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
+ return middleware.NotImplemented("operation idp.GetLDAPEntities has not yet been implemented")
+ }),
ObjectGetObjectMetadataHandler: object.GetObjectMetadataHandlerFunc(func(params object.GetObjectMetadataParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation object.GetObjectMetadata has not yet been implemented")
}),
@@ -726,6 +729,8 @@ type ConsoleAPI struct {
SupportGetCallHomeOptionValueHandler support.GetCallHomeOptionValueHandler
// IdpGetConfigurationHandler sets the operation handler for the get configuration operation
IdpGetConfigurationHandler idp.GetConfigurationHandler
+ // IdpGetLDAPEntitiesHandler sets the operation handler for the get l d a p entities operation
+ IdpGetLDAPEntitiesHandler idp.GetLDAPEntitiesHandler
// ObjectGetObjectMetadataHandler sets the operation handler for the get object metadata operation
ObjectGetObjectMetadataHandler object.GetObjectMetadataHandler
// PolicyGetSAUserPolicyHandler sets the operation handler for the get s a user policy operation
@@ -1182,6 +1187,9 @@ func (o *ConsoleAPI) Validate() error {
if o.IdpGetConfigurationHandler == nil {
unregistered = append(unregistered, "idp.GetConfigurationHandler")
}
+ if o.IdpGetLDAPEntitiesHandler == nil {
+ unregistered = append(unregistered, "idp.GetLDAPEntitiesHandler")
+ }
if o.ObjectGetObjectMetadataHandler == nil {
unregistered = append(unregistered, "object.GetObjectMetadataHandler")
}
@@ -1809,6 +1817,10 @@ func (o *ConsoleAPI) initHandlerCache() {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/idp/{type}/{name}"] = idp.NewGetConfiguration(o.context, o.IdpGetConfigurationHandler)
+ if o.handlers["POST"] == nil {
+ o.handlers["POST"] = make(map[string]http.Handler)
+ }
+ o.handlers["POST"]["/ldap-entities"] = idp.NewGetLDAPEntities(o.context, o.IdpGetLDAPEntitiesHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
diff --git a/restapi/operations/idp/get_l_d_a_p_entities.go b/restapi/operations/idp/get_l_d_a_p_entities.go
new file mode 100644
index 000000000..0c3d97ce5
--- /dev/null
+++ b/restapi/operations/idp/get_l_d_a_p_entities.go
@@ -0,0 +1,88 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package idp
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+ "net/http"
+
+ "github.com/go-openapi/runtime/middleware"
+
+ "github.com/minio/console/models"
+)
+
+// GetLDAPEntitiesHandlerFunc turns a function with the right signature into a get l d a p entities handler
+type GetLDAPEntitiesHandlerFunc func(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn GetLDAPEntitiesHandlerFunc) Handle(params GetLDAPEntitiesParams, principal *models.Principal) middleware.Responder {
+ return fn(params, principal)
+}
+
+// GetLDAPEntitiesHandler interface for that can handle valid get l d a p entities params
+type GetLDAPEntitiesHandler interface {
+ Handle(GetLDAPEntitiesParams, *models.Principal) middleware.Responder
+}
+
+// NewGetLDAPEntities creates a new http.Handler for the get l d a p entities operation
+func NewGetLDAPEntities(ctx *middleware.Context, handler GetLDAPEntitiesHandler) *GetLDAPEntities {
+ return &GetLDAPEntities{Context: ctx, Handler: handler}
+}
+
+/*
+ GetLDAPEntities swagger:route POST /ldap-entities idp getLDAPEntities
+
+Get LDAP Entities
+*/
+type GetLDAPEntities struct {
+ Context *middleware.Context
+ Handler GetLDAPEntitiesHandler
+}
+
+func (o *GetLDAPEntities) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+ route, rCtx, _ := o.Context.RouteInfo(r)
+ if rCtx != nil {
+ *r = *rCtx
+ }
+ var Params = NewGetLDAPEntitiesParams()
+ uprinc, aCtx, err := o.Context.Authorize(r, route)
+ if err != nil {
+ o.Context.Respond(rw, r, route.Produces, route, err)
+ return
+ }
+ if aCtx != nil {
+ *r = *aCtx
+ }
+ var principal *models.Principal
+ if uprinc != nil {
+ principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
+ }
+
+ if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+ o.Context.Respond(rw, r, route.Produces, route, err)
+ return
+ }
+
+ res := o.Handler.Handle(Params, principal) // actually handle the request
+ o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
diff --git a/restapi/operations/idp/get_l_d_a_p_entities_parameters.go b/restapi/operations/idp/get_l_d_a_p_entities_parameters.go
new file mode 100644
index 000000000..83bdfed1b
--- /dev/null
+++ b/restapi/operations/idp/get_l_d_a_p_entities_parameters.go
@@ -0,0 +1,101 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package idp
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "io"
+ "net/http"
+
+ "github.com/go-openapi/errors"
+ "github.com/go-openapi/runtime"
+ "github.com/go-openapi/runtime/middleware"
+ "github.com/go-openapi/validate"
+
+ "github.com/minio/console/models"
+)
+
+// NewGetLDAPEntitiesParams creates a new GetLDAPEntitiesParams object
+//
+// There are no default values defined in the spec.
+func NewGetLDAPEntitiesParams() GetLDAPEntitiesParams {
+
+ return GetLDAPEntitiesParams{}
+}
+
+// GetLDAPEntitiesParams contains all the bound params for the get l d a p entities operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters GetLDAPEntities
+type GetLDAPEntitiesParams struct {
+
+ // HTTP Request Object
+ HTTPRequest *http.Request `json:"-"`
+
+ /*
+ Required: true
+ In: body
+ */
+ Body *models.LdapEntitiesRequest
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewGetLDAPEntitiesParams() beforehand.
+func (o *GetLDAPEntitiesParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+ var res []error
+
+ o.HTTPRequest = r
+
+ if runtime.HasBody(r) {
+ defer r.Body.Close()
+ var body models.LdapEntitiesRequest
+ if err := route.Consumer.Consume(r.Body, &body); err != nil {
+ if err == io.EOF {
+ res = append(res, errors.Required("body", "body", ""))
+ } else {
+ res = append(res, errors.NewParseError("body", "body", "", err))
+ }
+ } else {
+ // validate body object
+ if err := body.Validate(route.Formats); err != nil {
+ res = append(res, err)
+ }
+
+ ctx := validate.WithOperationRequest(r.Context())
+ if err := body.ContextValidate(ctx, route.Formats); err != nil {
+ res = append(res, err)
+ }
+
+ if len(res) == 0 {
+ o.Body = &body
+ }
+ }
+ } else {
+ res = append(res, errors.Required("body", "body", ""))
+ }
+ if len(res) > 0 {
+ return errors.CompositeValidationError(res...)
+ }
+ return nil
+}
diff --git a/restapi/operations/idp/get_l_d_a_p_entities_responses.go b/restapi/operations/idp/get_l_d_a_p_entities_responses.go
new file mode 100644
index 000000000..9e47c64aa
--- /dev/null
+++ b/restapi/operations/idp/get_l_d_a_p_entities_responses.go
@@ -0,0 +1,135 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package idp
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+ "net/http"
+
+ "github.com/go-openapi/runtime"
+
+ "github.com/minio/console/models"
+)
+
+// GetLDAPEntitiesOKCode is the HTTP code returned for type GetLDAPEntitiesOK
+const GetLDAPEntitiesOKCode int = 200
+
+/*
+GetLDAPEntitiesOK A successful response.
+
+swagger:response getLDAPEntitiesOK
+*/
+type GetLDAPEntitiesOK struct {
+
+ /*
+ In: Body
+ */
+ Payload *models.LdapEntities `json:"body,omitempty"`
+}
+
+// NewGetLDAPEntitiesOK creates GetLDAPEntitiesOK with default headers values
+func NewGetLDAPEntitiesOK() *GetLDAPEntitiesOK {
+
+ return &GetLDAPEntitiesOK{}
+}
+
+// WithPayload adds the payload to the get l d a p entities o k response
+func (o *GetLDAPEntitiesOK) WithPayload(payload *models.LdapEntities) *GetLDAPEntitiesOK {
+ o.Payload = payload
+ return o
+}
+
+// SetPayload sets the payload to the get l d a p entities o k response
+func (o *GetLDAPEntitiesOK) SetPayload(payload *models.LdapEntities) {
+ o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetLDAPEntitiesOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+ rw.WriteHeader(200)
+ if o.Payload != nil {
+ payload := o.Payload
+ if err := producer.Produce(rw, payload); err != nil {
+ panic(err) // let the recovery middleware deal with this
+ }
+ }
+}
+
+/*
+GetLDAPEntitiesDefault Generic error response.
+
+swagger:response getLDAPEntitiesDefault
+*/
+type GetLDAPEntitiesDefault struct {
+ _statusCode int
+
+ /*
+ In: Body
+ */
+ Payload *models.Error `json:"body,omitempty"`
+}
+
+// NewGetLDAPEntitiesDefault creates GetLDAPEntitiesDefault with default headers values
+func NewGetLDAPEntitiesDefault(code int) *GetLDAPEntitiesDefault {
+ if code <= 0 {
+ code = 500
+ }
+
+ return &GetLDAPEntitiesDefault{
+ _statusCode: code,
+ }
+}
+
+// WithStatusCode adds the status to the get l d a p entities default response
+func (o *GetLDAPEntitiesDefault) WithStatusCode(code int) *GetLDAPEntitiesDefault {
+ o._statusCode = code
+ return o
+}
+
+// SetStatusCode sets the status to the get l d a p entities default response
+func (o *GetLDAPEntitiesDefault) SetStatusCode(code int) {
+ o._statusCode = code
+}
+
+// WithPayload adds the payload to the get l d a p entities default response
+func (o *GetLDAPEntitiesDefault) WithPayload(payload *models.Error) *GetLDAPEntitiesDefault {
+ o.Payload = payload
+ return o
+}
+
+// SetPayload sets the payload to the get l d a p entities default response
+func (o *GetLDAPEntitiesDefault) SetPayload(payload *models.Error) {
+ o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *GetLDAPEntitiesDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+ rw.WriteHeader(o._statusCode)
+ if o.Payload != nil {
+ payload := o.Payload
+ if err := producer.Produce(rw, payload); err != nil {
+ panic(err) // let the recovery middleware deal with this
+ }
+ }
+}
diff --git a/restapi/operations/idp/get_l_d_a_p_entities_urlbuilder.go b/restapi/operations/idp/get_l_d_a_p_entities_urlbuilder.go
new file mode 100644
index 000000000..22e6fae57
--- /dev/null
+++ b/restapi/operations/idp/get_l_d_a_p_entities_urlbuilder.go
@@ -0,0 +1,104 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+// This file is part of MinIO Console Server
+// Copyright (c) 2023 MinIO, Inc.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with this program. If not, see .
+//
+
+package idp
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+ "errors"
+ "net/url"
+ golangswaggerpaths "path"
+)
+
+// GetLDAPEntitiesURL generates an URL for the get l d a p entities operation
+type GetLDAPEntitiesURL struct {
+ _basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetLDAPEntitiesURL) WithBasePath(bp string) *GetLDAPEntitiesURL {
+ o.SetBasePath(bp)
+ return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *GetLDAPEntitiesURL) SetBasePath(bp string) {
+ o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *GetLDAPEntitiesURL) Build() (*url.URL, error) {
+ var _result url.URL
+
+ var _path = "/ldap-entities"
+
+ _basePath := o._basePath
+ if _basePath == "" {
+ _basePath = "/api/v1"
+ }
+ _result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+ return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *GetLDAPEntitiesURL) Must(u *url.URL, err error) *url.URL {
+ if err != nil {
+ panic(err)
+ }
+ if u == nil {
+ panic("url can't be nil")
+ }
+ return u
+}
+
+// String returns the string representation of the path with query string
+func (o *GetLDAPEntitiesURL) String() string {
+ return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *GetLDAPEntitiesURL) BuildFull(scheme, host string) (*url.URL, error) {
+ if scheme == "" {
+ return nil, errors.New("scheme is required for a full url on GetLDAPEntitiesURL")
+ }
+ if host == "" {
+ return nil, errors.New("host is required for a full url on GetLDAPEntitiesURL")
+ }
+
+ base, err := o.Build()
+ if err != nil {
+ return nil, err
+ }
+
+ base.Scheme = scheme
+ base.Host = host
+ return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *GetLDAPEntitiesURL) StringFull(scheme, host string) string {
+ return o.Must(o.BuildFull(scheme, host)).String()
+}
diff --git a/swagger.yml b/swagger.yml
index e405b8f38..145a88a90 100644
--- a/swagger.yml
+++ b/swagger.yml
@@ -3452,6 +3452,29 @@ paths:
$ref: "#/definitions/error"
tags:
- idp
+
+ /ldap-entities:
+ post:
+ summary: Get LDAP Entities
+ operationId: GetLDAPEntities
+ parameters:
+ - name: body
+ in: body
+ required: true
+ schema:
+ $ref: "#/definitions/ldapEntitiesRequest"
+ responses:
+ 200:
+ description: A successful response.
+ schema:
+ $ref: "#/definitions/ldapEntities"
+ default:
+ description: Generic error response.
+ schema:
+ $ref: "#/definitions/error"
+ tags:
+ - idp
+
/releases:
get:
summary: Get repo releases for a given version
@@ -6049,3 +6072,71 @@ definitions:
type: boolean
logsState:
type: boolean
+
+ ldapEntitiesRequest:
+ type: object
+ properties:
+ users:
+ type: array
+ items:
+ type: string
+ groups:
+ type: array
+ items:
+ type: string
+ policies:
+ type: array
+ items:
+ type: string
+
+ ldapEntities:
+ type: object
+ properties:
+ timestamp:
+ type: string
+ users:
+ type: array
+ items:
+ $ref: "#/definitions/ldapUserPolicyEntity"
+ groups:
+ type: array
+ items:
+ $ref: "#/definitions/ldapGroupPolicyEntity"
+ policies:
+ type: array
+ items:
+ $ref: "#/definitions/ldapPolicyEntity"
+
+ ldapUserPolicyEntity:
+ type: object
+ properties:
+ user:
+ type: string
+ policies:
+ type: array
+ items:
+ type: string
+
+ ldapGroupPolicyEntity:
+ type: object
+ properties:
+ group:
+ type: string
+ policies:
+ type: array
+ items:
+ type: string
+
+ ldapPolicyEntity:
+ type: object
+ properties:
+ policy:
+ type: string
+ users:
+ type: array
+ items:
+ type: string
+ groups:
+ type: array
+ items:
+ type: string
\ No newline at end of file