mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Warn if deleting user with associated Service Account (#2022)

Browse Source 
Created api to check if users have service accounts before deleting, UI to display warning and users with associated accounts
This commit is contained in:
jinapurapu
2022-05-22 22:14:24 -07:00
committed by GitHub
parent 795497a60d
commit 5fff9ebfd4
12 changed files with 947 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
models/user_service_account_item.go Normal file
View File

@@ -0,0 +1,70 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// UserServiceAccountItem user service account item
//
// swagger:model userServiceAccountItem
type UserServiceAccountItem struct {
// num s as
NumSAs int64 `json:"numSAs,omitempty"`
// user name
UserName string `json:"userName,omitempty"`
}
// Validate validates this user service account item
func (m *UserServiceAccountItem) Validate(formats strfmt.Registry) error {
return nil
}
// ContextValidate validates this user service account item based on context it is used
func (m *UserServiceAccountItem) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
return nil
}
// MarshalBinary interface implementation
func (m *UserServiceAccountItem) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *UserServiceAccountItem) UnmarshalBinary(b []byte) error {
var res UserServiceAccountItem
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

136
models/user_service_account_summary.go Normal file
View File

@@ -0,0 +1,136 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package models
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"strconv"
"github.com/go-openapi/errors"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/swag"
)
// UserServiceAccountSummary user service account summary
//
// swagger:model userServiceAccountSummary
type UserServiceAccountSummary struct {
// has s a
HasSA bool `json:"hasSA,omitempty"`
// list of users with number of service accounts
UserServiceAccountList []*UserServiceAccountItem `json:"userServiceAccountList"`
}
// Validate validates this user service account summary
func (m *UserServiceAccountSummary) Validate(formats strfmt.Registry) error {
var res []error
if err := m.validateUserServiceAccountList(formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *UserServiceAccountSummary) validateUserServiceAccountList(formats strfmt.Registry) error {
if swag.IsZero(m.UserServiceAccountList) { // not required
return nil
}
for i := 0; i < len(m.UserServiceAccountList); i++ {
if swag.IsZero(m.UserServiceAccountList[i]) { // not required
continue
}
if m.UserServiceAccountList[i] != nil {
if err := m.UserServiceAccountList[i].Validate(formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// ContextValidate validate this user service account summary based on the context it is used
func (m *UserServiceAccountSummary) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
var res []error
if err := m.contextValidateUserServiceAccountList(ctx, formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
func (m *UserServiceAccountSummary) contextValidateUserServiceAccountList(ctx context.Context, formats strfmt.Registry) error {
for i := 0; i < len(m.UserServiceAccountList); i++ {
if m.UserServiceAccountList[i] != nil {
if err := m.UserServiceAccountList[i].ContextValidate(ctx, formats); err != nil {
if ve, ok := err.(*errors.Validation); ok {
return ve.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
} else if ce, ok := err.(*errors.CompositeError); ok {
return ce.ValidateName("userServiceAccountList" + "." + strconv.Itoa(i))
}
return err
}
}
}
return nil
}
// MarshalBinary interface implementation
func (m *UserServiceAccountSummary) MarshalBinary() ([]byte, error) {
if m == nil {
return nil, nil
}
return swag.WriteJSON(m)
}
// UnmarshalBinary interface implementation
func (m *UserServiceAccountSummary) UnmarshalBinary(b []byte) error {
var res UserServiceAccountSummary
if err := swag.ReadJSON(b, &res); err != nil {
return err
}
*m = res
return nil
}

104
portal-ui/src/screens/Console/Users/DeleteUser.tsx
View File

@@ -14,36 +14,64 @@
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
import React from "react";
import { useDispatch } from "react-redux";
import React, { useEffect, useState, Fragment } from "react";
import { connect } from "react-redux";
import { DialogContentText } from "@mui/material";
import { setErrorSnackMessage } from "../../../systemSlice";
import useApi from "../Common/Hooks/useApi";
import ConfirmDialog from "../Common/ModalWrapper/ConfirmDialog";
import { ErrorResponseHandler } from "../../../common/types";
import { ConfirmDeleteIcon } from "../../../icons";
import { encodeURLString } from "../../../common/utils";
import { setErrorSnackMessage } from "../../../systemSlice";
import WarningMessage from "../Common/WarningMessage/WarningMessage";
import TableWrapper from "../Common/TableWrapper/TableWrapper";
import api from "../../../common/api";
import { IAM_PAGES } from "../../../common/SecureComponent/permissions";
import Loader from "../Common/Loader/Loader";
interface IDeleteUserProps {
closeDeleteModalAndRefresh: (refresh: boolean) => void;
deleteOpen: boolean;
selectedUsers: string[] | null;
setErrorSnackMessage: typeof setErrorSnackMessage;
history: any;
}
const DeleteUser = ({
closeDeleteModalAndRefresh,
deleteOpen,
selectedUsers,
setErrorSnackMessage,
history,
}: IDeleteUserProps) => {
const dispatch = useDispatch();
const onDelSuccess = () => closeDeleteModalAndRefresh(true);
const onDelError = (err: ErrorResponseHandler) =>
dispatch(setErrorSnackMessage(err));
const onDelError = (err: ErrorResponseHandler) => setErrorSnackMessage(err);
const onClose = () => closeDeleteModalAndRefresh(false);
const [deleteLoading, invokeDeleteApi] = useApi(onDelSuccess, onDelError);
const [loadingSA, setLoadingSA] = useState<boolean>(true);
const [hasSA, setHasSA] = useState<boolean>(false);
const [userSAList, setUserSAList] = useState<userSACount[]>([]);
const userLoggedIn = localStorage.getItem("userLoggedIn") || "";
useEffect(() => {
if(selectedUsers) {
api
.invoke("POST", `/api/v1/users/service-accounts`, selectedUsers)
.then((res) => {
setUserSAList(res.userServiceAccountList) ;
if (res.hasSA) {
setHasSA(true)
}
setLoadingSA(false);
})
.catch((err: ErrorResponseHandler) => {
setErrorSnackMessage(err);
setLoadingSA(false);
});
}
}, [selectedUsers, setErrorSnackMessage]);
if (!selectedUsers) {
return null;
@@ -52,7 +80,18 @@ const DeleteUser = ({
<div key={user}>
<b>{user}</b>
</div>
));
));
const viewAction = (selectionElement: any): void => {
history.push(
`${IAM_PAGES.USERS}/${encodeURLString(selectionElement.userName)}`
);
};
const tableActions = [
{
type: "view",
onClick: viewAction,
},
];
const onConfirmDelete = () => {
for (let user of selectedUsers) {
@@ -68,7 +107,18 @@ const DeleteUser = ({
}
};
interface userSACount {
userName: string;
numSAs: number;
}
const noSAtext = "Are you sure you want to delete the following " + selectedUsers.length+" "+
"user"+ (selectedUsers.length > 1 ? "s?" : "?")
return (
loadingSA ?
<Loader />
:
<ConfirmDialog
title={`Delete User${selectedUsers.length > 1 ? "s" : ""}`}
confirmText={"Delete"}
@@ -78,14 +128,42 @@ const DeleteUser = ({
onConfirm={onConfirmDelete}
onClose={onClose}
confirmationContent={
<DialogContentText>
Are you sure you want to delete the following {selectedUsers.length}{" "}
user{selectedUsers.length > 1 ? "s?" : "?"}
<b>{renderUsers}</b>
<DialogContentText>
{hasSA ?
<Fragment>
<WarningMessage
label = "Click on a user to view the full listing of asociated Service Accounts. All Service Accounts associated with a user will be deleted along with the user. Are you sure you want to continue?"
title = "Warning: One or more users selected has associated Service Accounts. "
/>
<TableWrapper
itemActions={tableActions}
columns={[
{ label: "Username", elementKey: "userName" },
{ label: "# Associated Service Accounts", elementKey: "numSAs" },
]}
isLoading={loadingSA}
records={userSAList}
entityName="User Service Accounts"
idField="userName"
customPaperHeight="250"
/>
</Fragment>
: <Fragment>
{noSAtext}
{renderUsers}
</Fragment>
}
</DialogContentText>
}
/>
);
};
export default DeleteUser;
const mapDispatchToProps = {
setErrorSnackMessage,
};
const connector = connect(null, mapDispatchToProps);
export default connector(DeleteUser);

1
portal-ui/src/screens/Console/Users/ListUsers.tsx
View File

@@ -186,6 +186,7 @@ const ListUsers = ({ classes, history }: IUsersProps) => {
closeDeleteModalAndRefresh={(refresh: boolean) => {
closeDeleteModalAndRefresh(refresh);
}}
history={history}
/>
)}
{addGroupOpen && (

45
restapi/admin_users.go
View File

@@ -120,6 +120,14 @@ func registerUsersHandlers(api *operations.ConsoleAPI) {
}
return accountApi.NewChangeUserPasswordCreated()
})
// Check number of Service Accounts for listed users
api.UserCheckUserServiceAccountsHandler = userApi.CheckUserServiceAccountsHandlerFunc(func(params userApi.CheckUserServiceAccountsParams, session *models.Principal) middleware.Responder {
userSAList, err := getCheckUserSAResponse(session, params)
if err != nil {
return userApi.NewCheckUserServiceAccountsDefault(int(err.Code)).WithPayload(err)
}
return userApi.NewCheckUserServiceAccountsOK().WithPayload(userSAList)
})
}
func listUsers(ctx context.Context, client MinioAdmin) ([]*models.User, error) {
@@ -697,3 +705,40 @@ func getChangeUserPasswordResponse(session *models.Principal, params accountApi.
}
return nil
}
func getCheckUserSAResponse(session *models.Principal, params userApi.CheckUserServiceAccountsParams) (*models.UserServiceAccountSummary, *models.Error) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel()
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
// create a minioClient interface implementation
// defining the client to be used
adminClient := AdminClient{Client: mAdmin}
var userServiceAccountList []*models.UserServiceAccountItem
hasSA := false
for _, user := range params.SelectedUsers {
listServAccs, err := adminClient.listServiceAccounts(ctx, user)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
numSAs := int64(len(listServAccs.Accounts))
if numSAs > 0 {
hasSA = true
}
userAccountItem := &models.UserServiceAccountItem{
UserName: user,
NumSAs: numSAs,
}
userServiceAccountList = append(userServiceAccountList, userAccountItem)
}
userAccountList := &models.UserServiceAccountSummary{
UserServiceAccountList: userServiceAccountList,
HasSA: hasSA,
}
return userAccountList, nil
}

126
restapi/embedded_spec.go
View File

@@ -4203,6 +4203,42 @@ func init() {
}
}
}
},
"/users/service-accounts": {
"post": {
"tags": [
"User"
],
"summary": "Check number of service accounts for each user specified",
"operationId": "CheckUserServiceAccounts",
"parameters": [
{
"name": "selectedUsers",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/userServiceAccountSummary"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
}
},
"definitions": {
@@ -6901,6 +6937,33 @@ func init() {
}
}
},
"userServiceAccountItem": {
"type": "object",
"properties": {
"numSAs": {
"type": "integer",
"format": "int64"
},
"userName": {
"type": "string"
}
}
},
"userServiceAccountSummary": {
"type": "object",
"properties": {
"hasSA": {
"type": "boolean"
},
"userServiceAccountList": {
"type": "array",
"title": "list of users with number of service accounts",
"items": {
"$ref": "#/definitions/userServiceAccountItem"
}
}
}
},
"widget": {
"type": "object",
"properties": {
@@ -11174,6 +11237,42 @@ func init() {
}
}
}
},
"/users/service-accounts": {
"post": {
"tags": [
"User"
],
"summary": "Check number of service accounts for each user specified",
"operationId": "CheckUserServiceAccounts",
"parameters": [
{
"name": "selectedUsers",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/userServiceAccountSummary"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
}
},
"definitions": {
@@ -13998,6 +14097,33 @@ func init() {
}
}
},
"userServiceAccountItem": {
"type": "object",
"properties": {
"numSAs": {
"type": "integer",
"format": "int64"
},
"userName": {
"type": "string"
}
}
},
"userServiceAccountSummary": {
"type": "object",
"properties": {
"hasSA": {
"type": "boolean"
},
"userServiceAccountList": {
"type": "array",
"title": "list of users with number of service accounts",
"items": {
"$ref": "#/definitions/userServiceAccountItem"
}
}
}
},
"widget": {
"type": "object",
"properties": {

12
restapi/operations/console_api.go
View File

@@ -132,6 +132,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
SystemCheckMinIOVersionHandler: system.CheckMinIOVersionHandlerFunc(func(params system.CheckMinIOVersionParams) middleware.Responder {
return middleware.NotImplemented("operation system.CheckMinIOVersion has not yet been implemented")
}),
UserCheckUserServiceAccountsHandler: user.CheckUserServiceAccountsHandlerFunc(func(params user.CheckUserServiceAccountsParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation user.CheckUserServiceAccounts has not yet been implemented")
}),
ConfigurationConfigInfoHandler: configuration.ConfigInfoHandlerFunc(func(params configuration.ConfigInfoParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation configuration.ConfigInfo has not yet been implemented")
}),
@@ -540,6 +543,8 @@ type ConsoleAPI struct {
AccountChangeUserPasswordHandler account.ChangeUserPasswordHandler
// SystemCheckMinIOVersionHandler sets the operation handler for the check min i o version operation
SystemCheckMinIOVersionHandler system.CheckMinIOVersionHandler
// UserCheckUserServiceAccountsHandler sets the operation handler for the check user service accounts operation
UserCheckUserServiceAccountsHandler user.CheckUserServiceAccountsHandler
// ConfigurationConfigInfoHandler sets the operation handler for the config info operation
ConfigurationConfigInfoHandler configuration.ConfigInfoHandler
// UserCreateAUserServiceAccountHandler sets the operation handler for the create a user service account operation
@@ -890,6 +895,9 @@ func (o *ConsoleAPI) Validate() error {
if o.SystemCheckMinIOVersionHandler == nil {
unregistered = append(unregistered, "system.CheckMinIOVersionHandler")
}
if o.UserCheckUserServiceAccountsHandler == nil {
unregistered = append(unregistered, "user.CheckUserServiceAccountsHandler")
}
if o.ConfigurationConfigInfoHandler == nil {
unregistered = append(unregistered, "configuration.ConfigInfoHandler")
}
@@ -1376,6 +1384,10 @@ func (o *ConsoleAPI) initHandlerCache() {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/check-version"] = system.NewCheckMinIOVersion(o.context, o.SystemCheckMinIOVersionHandler)
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/users/service-accounts"] = user.NewCheckUserServiceAccounts(o.context, o.UserCheckUserServiceAccountsHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}

88
restapi/operations/user/check_user_service_accounts.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package user
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// CheckUserServiceAccountsHandlerFunc turns a function with the right signature into a check user service accounts handler
type CheckUserServiceAccountsHandlerFunc func(CheckUserServiceAccountsParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn CheckUserServiceAccountsHandlerFunc) Handle(params CheckUserServiceAccountsParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// CheckUserServiceAccountsHandler interface for that can handle valid check user service accounts params
type CheckUserServiceAccountsHandler interface {
Handle(CheckUserServiceAccountsParams, *models.Principal) middleware.Responder
}
// NewCheckUserServiceAccounts creates a new http.Handler for the check user service accounts operation
func NewCheckUserServiceAccounts(ctx *middleware.Context, handler CheckUserServiceAccountsHandler) *CheckUserServiceAccounts {
return &CheckUserServiceAccounts{Context: ctx, Handler: handler}
}
/* CheckUserServiceAccounts swagger:route POST /users/service-accounts User checkUserServiceAccounts
Check number of service accounts for each user specified
*/
type CheckUserServiceAccounts struct {
Context *middleware.Context
Handler CheckUserServiceAccountsHandler
}
func (o *CheckUserServiceAccounts) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewCheckUserServiceAccountsParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

87
restapi/operations/user/check_user_service_accounts_parameters.go Normal file
View File

@@ -0,0 +1,87 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package user
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"io"
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
)
// NewCheckUserServiceAccountsParams creates a new CheckUserServiceAccountsParams object
//
// There are no default values defined in the spec.
func NewCheckUserServiceAccountsParams() CheckUserServiceAccountsParams {
return CheckUserServiceAccountsParams{}
}
// CheckUserServiceAccountsParams contains all the bound params for the check user service accounts operation
// typically these are obtained from a http.Request
//
// swagger:parameters CheckUserServiceAccounts
type CheckUserServiceAccountsParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: body
*/
SelectedUsers []string
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewCheckUserServiceAccountsParams() beforehand.
func (o *CheckUserServiceAccountsParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if runtime.HasBody(r) {
defer r.Body.Close()
var body []string
if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF {
res = append(res, errors.Required("selectedUsers", "body", ""))
} else {
res = append(res, errors.NewParseError("selectedUsers", "body", "", err))
}
} else {
// no validation required on inline body
o.SelectedUsers = body
}
} else {
res = append(res, errors.Required("selectedUsers", "body", ""))
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

133
restapi/operations/user/check_user_service_accounts_responses.go Normal file
View File

@@ -0,0 +1,133 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package user
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// CheckUserServiceAccountsOKCode is the HTTP code returned for type CheckUserServiceAccountsOK
const CheckUserServiceAccountsOKCode int = 200
/*CheckUserServiceAccountsOK A successful response.
swagger:response checkUserServiceAccountsOK
*/
type CheckUserServiceAccountsOK struct {
/*
In: Body
*/
Payload *models.UserServiceAccountSummary `json:"body,omitempty"`
}
// NewCheckUserServiceAccountsOK creates CheckUserServiceAccountsOK with default headers values
func NewCheckUserServiceAccountsOK() *CheckUserServiceAccountsOK {
return &CheckUserServiceAccountsOK{}
}
// WithPayload adds the payload to the check user service accounts o k response
func (o *CheckUserServiceAccountsOK) WithPayload(payload *models.UserServiceAccountSummary) *CheckUserServiceAccountsOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the check user service accounts o k response
func (o *CheckUserServiceAccountsOK) SetPayload(payload *models.UserServiceAccountSummary) {
o.Payload = payload
}
// WriteResponse to the client
func (o *CheckUserServiceAccountsOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*CheckUserServiceAccountsDefault Generic error response.
swagger:response checkUserServiceAccountsDefault
*/
type CheckUserServiceAccountsDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewCheckUserServiceAccountsDefault creates CheckUserServiceAccountsDefault with default headers values
func NewCheckUserServiceAccountsDefault(code int) *CheckUserServiceAccountsDefault {
if code <= 0 {
code = 500
}
return &CheckUserServiceAccountsDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the check user service accounts default response
func (o *CheckUserServiceAccountsDefault) WithStatusCode(code int) *CheckUserServiceAccountsDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the check user service accounts default response
func (o *CheckUserServiceAccountsDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the check user service accounts default response
func (o *CheckUserServiceAccountsDefault) WithPayload(payload *models.Error) *CheckUserServiceAccountsDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the check user service accounts default response
func (o *CheckUserServiceAccountsDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *CheckUserServiceAccountsDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/user/check_user_service_accounts_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package user
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// CheckUserServiceAccountsURL generates an URL for the check user service accounts operation
type CheckUserServiceAccountsURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *CheckUserServiceAccountsURL) WithBasePath(bp string) *CheckUserServiceAccountsURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *CheckUserServiceAccountsURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *CheckUserServiceAccountsURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/users/service-accounts"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *CheckUserServiceAccountsURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *CheckUserServiceAccountsURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *CheckUserServiceAccountsURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on CheckUserServiceAccountsURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on CheckUserServiceAccountsURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *CheckUserServiceAccountsURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

54
swagger-console.yml
View File

@@ -1481,6 +1481,30 @@ paths:
tags:
- User
/users/service-accounts:
post:
summary: Check number of service accounts for each user specified
operationId: CheckUserServiceAccounts
parameters:
- name: selectedUsers
in: body
required: true
schema:
type: array
items:
type: string
responses:
200:
description: A successful response.
schema:
$ref: "#/definitions/userServiceAccountSummary"
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- User
/user/{name}:
get:
summary: Get User Info
@@ -2866,6 +2890,15 @@ definitions:
- CUSTOM
default: PRIVATE
userServiceAccountItem:
type: object
properties:
userName:
type: string
numSAs:
type: integer
format: int64
bucket:
type: object
required:
@@ -2948,6 +2981,17 @@ definitions:
format: int64
title: number of buckets accessible to the user
userServiceAccountSummary:
type: object
properties:
userServiceAccountList:
type: array
items:
$ref: "#/definitions/userServiceAccountItem"
title: list of users with number of service accounts
hasSA:
type: boolean
listObjectsResponse:
type: object
properties:
@@ -4598,6 +4642,16 @@ definitions:
deleteFile:
type: object
properties:
path:
type: string
versionID:
type: string
recursive:
type: boolean
userSAs:
type: object
properties:
path:
type: string