From 829833f2429b4c8c59cb70e89f6139093477990b Mon Sep 17 00:00:00 2001 From: Cesar N Date: Mon, 30 Nov 2020 15:23:14 -0800 Subject: [PATCH] Add set policy to multiple user/groups (#382) --- models/iam_entity.go | 48 +++++++ models/set_policy_multiple_request.go | 119 +++++++++++++++++ restapi/admin_policies.go | 38 ++++++ restapi/admin_policies_test.go | 67 ++++++++++ restapi/embedded_spec.go | 114 +++++++++++++++++ .../admin_api/set_policy_multiple.go | 90 +++++++++++++ .../set_policy_multiple_parameters.go | 120 ++++++++++++++++++ .../set_policy_multiple_responses.go | 113 +++++++++++++++++ .../set_policy_multiple_urlbuilder.go | 116 +++++++++++++++++ restapi/operations/console_api.go | 12 ++ swagger.yml | 41 ++++++ 11 files changed, 878 insertions(+) create mode 100644 models/iam_entity.go create mode 100644 models/set_policy_multiple_request.go create mode 100644 restapi/operations/admin_api/set_policy_multiple.go create mode 100644 restapi/operations/admin_api/set_policy_multiple_parameters.go create mode 100644 restapi/operations/admin_api/set_policy_multiple_responses.go create mode 100644 restapi/operations/admin_api/set_policy_multiple_urlbuilder.go diff --git a/models/iam_entity.go b/models/iam_entity.go new file mode 100644 index 000000000..f2565a5e3 --- /dev/null +++ b/models/iam_entity.go @@ -0,0 +1,48 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/validate" +) + +// IamEntity iam entity +// +// swagger:model iamEntity +type IamEntity string + +// Validate validates this iam entity +func (m IamEntity) Validate(formats strfmt.Registry) error { + var res []error + + if err := validate.Pattern("", "body", string(m), `^[\w+=,.@-]{1,64}$`); err != nil { + return err + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/models/set_policy_multiple_request.go b/models/set_policy_multiple_request.go new file mode 100644 index 000000000..c21953287 --- /dev/null +++ b/models/set_policy_multiple_request.go @@ -0,0 +1,119 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "strconv" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// SetPolicyMultipleRequest set policy multiple request +// +// swagger:model setPolicyMultipleRequest +type SetPolicyMultipleRequest struct { + + // groups + Groups []IamEntity `json:"groups"` + + // users + Users []IamEntity `json:"users"` +} + +// Validate validates this set policy multiple request +func (m *SetPolicyMultipleRequest) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateGroups(formats); err != nil { + res = append(res, err) + } + + if err := m.validateUsers(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *SetPolicyMultipleRequest) validateGroups(formats strfmt.Registry) error { + + if swag.IsZero(m.Groups) { // not required + return nil + } + + for i := 0; i < len(m.Groups); i++ { + + if err := m.Groups[i].Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("groups" + "." + strconv.Itoa(i)) + } + return err + } + + } + + return nil +} + +func (m *SetPolicyMultipleRequest) validateUsers(formats strfmt.Registry) error { + + if swag.IsZero(m.Users) { // not required + return nil + } + + for i := 0; i < len(m.Users); i++ { + + if err := m.Users[i].Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("users" + "." + strconv.Itoa(i)) + } + return err + } + + } + + return nil +} + +// MarshalBinary interface implementation +func (m *SetPolicyMultipleRequest) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *SetPolicyMultipleRequest) UnmarshalBinary(b []byte) error { + var res SetPolicyMultipleRequest + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/restapi/admin_policies.go b/restapi/admin_policies.go index 0346f921c..7260773e1 100644 --- a/restapi/admin_policies.go +++ b/restapi/admin_policies.go @@ -68,6 +68,13 @@ func registersPoliciesHandler(api *operations.ConsoleAPI) { } return admin_api.NewSetPolicyNoContent() }) + // Set Policy Multiple User/Groups + api.AdminAPISetPolicyMultipleHandler = admin_api.SetPolicyMultipleHandlerFunc(func(params admin_api.SetPolicyMultipleParams, session *models.Principal) middleware.Responder { + if err := getSetPolicyMultipleResponse(session, params.Name, params.Body); err != nil { + return admin_api.NewSetPolicyMultipleDefault(int(err.Code)).WithPayload(err) + } + return admin_api.NewSetPolicyMultipleNoContent() + }) } // listPolicies calls MinIO server to list all policy names present on the server. @@ -248,6 +255,37 @@ func getSetPolicyResponse(session *models.Principal, name string, params *models return nil } +func getSetPolicyMultipleResponse(session *models.Principal, name string, params *models.SetPolicyMultipleRequest) *models.Error { + ctx := context.Background() + mAdmin, err := newMAdminClient(session) + if err != nil { + return prepareError(err) + } + // create a MinIO Admin Client interface implementation + // defining the client to be used + adminClient := adminClient{client: mAdmin} + + if err := setPolicyMultipleEntities(ctx, adminClient, name, params.Users, params.Groups); err != nil { + return prepareError(err) + } + return nil +} + +// setPolicyMultipleEntities sets a policy to multiple users/groups +func setPolicyMultipleEntities(ctx context.Context, client MinioAdmin, policyName string, users, groups []models.IamEntity) error { + for _, user := range users { + if err := client.setPolicy(ctx, policyName, string(user), false); err != nil { + return err + } + } + for _, group := range groups { + if err := client.setPolicy(ctx, policyName, string(group), true); err != nil { + return err + } + } + return nil +} + // parsePolicy() converts from *rawPolicy to *models.Policy func parsePolicy(name string, rawPolicy *iampolicy.Policy) (*models.Policy, error) { stringPolicy, err := json.Marshal(rawPolicy) diff --git a/restapi/admin_policies_test.go b/restapi/admin_policies_test.go index 73c55b4aa..d928be479 100644 --- a/restapi/admin_policies_test.go +++ b/restapi/admin_policies_test.go @@ -21,6 +21,7 @@ import ( "context" "encoding/json" "fmt" + "reflect" "testing" "errors" @@ -209,3 +210,69 @@ func TestSetPolicy(t *testing.T) { funcAssert.Equal("error", err.Error()) } } + +func Test_SetPolicyMultiple(t *testing.T) { + ctx := context.Background() + adminClient := adminClientMock{} + + type args struct { + policyName string + users []models.IamEntity + groups []models.IamEntity + setPolicyFunc func(policyName, entityName string, isGroup bool) error + } + tests := []struct { + name string + args args + errorExpected error + }{ + { + name: "Set policy to multiple users and groups", + args: args{ + policyName: "readonly", + users: []models.IamEntity{"user1", "user2"}, + groups: []models.IamEntity{"group1", "group2"}, + setPolicyFunc: func(policyName, entityName string, isGroup bool) error { + return nil + }, + }, + errorExpected: nil, + }, + { + name: "Return error on set policy function", + args: args{ + policyName: "readonly", + users: []models.IamEntity{"user1", "user2"}, + groups: []models.IamEntity{"group1", "group2"}, + setPolicyFunc: func(policyName, entityName string, isGroup bool) error { + return errors.New("error set") + }, + }, + errorExpected: errors.New("error set"), + }, + { + // Description: Empty lists of users and groups are acceptable + name: "Empty lists of users and groups", + args: args{ + policyName: "readonly", + users: []models.IamEntity{}, + groups: []models.IamEntity{}, + setPolicyFunc: func(policyName, entityName string, isGroup bool) error { + return nil + }, + }, + errorExpected: nil, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + minioSetPolicyMock = tt.args.setPolicyFunc + got := setPolicyMultipleEntities(ctx, adminClient, tt.args.policyName, tt.args.users, tt.args.groups) + if !reflect.DeepEqual(got, tt.errorExpected) { + ji, _ := json.Marshal(got) + vi, _ := json.Marshal(tt.errorExpected) + t.Errorf("got %s want %s", ji, vi) + } + }) + } +} diff --git a/restapi/embedded_spec.go b/restapi/embedded_spec.go index 9229e7d43..46c0a8b28 100644 --- a/restapi/embedded_spec.go +++ b/restapi/embedded_spec.go @@ -2458,6 +2458,42 @@ func init() { } } }, + "/set-policy-multi/{name}": { + "put": { + "tags": [ + "AdminAPI" + ], + "summary": "Set policy to multiple users/groups", + "operationId": "SetPolicyMultiple", + "parameters": [ + { + "type": "string", + "name": "name", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/setPolicyMultipleRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, "/set-policy/{name}": { "put": { "tags": [ @@ -3463,6 +3499,10 @@ func init() { } } }, + "iamEntity": { + "type": "string", + "pattern": "^[\\w+=,.@-]{1,64}$" + }, "idpConfiguration": { "type": "object", "properties": { @@ -4358,6 +4398,23 @@ func init() { } } }, + "setPolicyMultipleRequest": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + }, + "users": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + } + } + }, "setPolicyRequest": { "type": "object", "required": [ @@ -7361,6 +7418,42 @@ func init() { } } }, + "/set-policy-multi/{name}": { + "put": { + "tags": [ + "AdminAPI" + ], + "summary": "Set policy to multiple users/groups", + "operationId": "SetPolicyMultiple", + "parameters": [ + { + "type": "string", + "name": "name", + "in": "path", + "required": true + }, + { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/setPolicyMultipleRequest" + } + } + ], + "responses": { + "204": { + "description": "A successful response." + }, + "default": { + "description": "Generic error response.", + "schema": { + "$ref": "#/definitions/error" + } + } + } + } + }, "/set-policy/{name}": { "put": { "tags": [ @@ -8889,6 +8982,10 @@ func init() { } } }, + "iamEntity": { + "type": "string", + "pattern": "^[\\w+=,.@-]{1,64}$" + }, "idpConfiguration": { "type": "object", "properties": { @@ -9718,6 +9815,23 @@ func init() { } } }, + "setPolicyMultipleRequest": { + "type": "object", + "properties": { + "groups": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + }, + "users": { + "type": "array", + "items": { + "$ref": "#/definitions/iamEntity" + } + } + } + }, "setPolicyRequest": { "type": "object", "required": [ diff --git a/restapi/operations/admin_api/set_policy_multiple.go b/restapi/operations/admin_api/set_policy_multiple.go new file mode 100644 index 000000000..bea2754be --- /dev/null +++ b/restapi/operations/admin_api/set_policy_multiple.go @@ -0,0 +1,90 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package admin_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime/middleware" + + "github.com/minio/console/models" +) + +// SetPolicyMultipleHandlerFunc turns a function with the right signature into a set policy multiple handler +type SetPolicyMultipleHandlerFunc func(SetPolicyMultipleParams, *models.Principal) middleware.Responder + +// Handle executing the request and returning a response +func (fn SetPolicyMultipleHandlerFunc) Handle(params SetPolicyMultipleParams, principal *models.Principal) middleware.Responder { + return fn(params, principal) +} + +// SetPolicyMultipleHandler interface for that can handle valid set policy multiple params +type SetPolicyMultipleHandler interface { + Handle(SetPolicyMultipleParams, *models.Principal) middleware.Responder +} + +// NewSetPolicyMultiple creates a new http.Handler for the set policy multiple operation +func NewSetPolicyMultiple(ctx *middleware.Context, handler SetPolicyMultipleHandler) *SetPolicyMultiple { + return &SetPolicyMultiple{Context: ctx, Handler: handler} +} + +/*SetPolicyMultiple swagger:route PUT /set-policy-multi/{name} AdminAPI setPolicyMultiple + +Set policy to multiple users/groups + +*/ +type SetPolicyMultiple struct { + Context *middleware.Context + Handler SetPolicyMultipleHandler +} + +func (o *SetPolicyMultiple) ServeHTTP(rw http.ResponseWriter, r *http.Request) { + route, rCtx, _ := o.Context.RouteInfo(r) + if rCtx != nil { + r = rCtx + } + var Params = NewSetPolicyMultipleParams() + + uprinc, aCtx, err := o.Context.Authorize(r, route) + if err != nil { + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + if aCtx != nil { + r = aCtx + } + var principal *models.Principal + if uprinc != nil { + principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise + } + + if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params + o.Context.Respond(rw, r, route.Produces, route, err) + return + } + + res := o.Handler.Handle(Params, principal) // actually handle the request + + o.Context.Respond(rw, r, route.Produces, route, res) + +} diff --git a/restapi/operations/admin_api/set_policy_multiple_parameters.go b/restapi/operations/admin_api/set_policy_multiple_parameters.go new file mode 100644 index 000000000..d01b11dd0 --- /dev/null +++ b/restapi/operations/admin_api/set_policy_multiple_parameters.go @@ -0,0 +1,120 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package admin_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "io" + "net/http" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + "github.com/go-openapi/runtime/middleware" + "github.com/go-openapi/strfmt" + + "github.com/minio/console/models" +) + +// NewSetPolicyMultipleParams creates a new SetPolicyMultipleParams object +// no default values defined in spec. +func NewSetPolicyMultipleParams() SetPolicyMultipleParams { + + return SetPolicyMultipleParams{} +} + +// SetPolicyMultipleParams contains all the bound params for the set policy multiple operation +// typically these are obtained from a http.Request +// +// swagger:parameters SetPolicyMultiple +type SetPolicyMultipleParams struct { + + // HTTP Request Object + HTTPRequest *http.Request `json:"-"` + + /* + Required: true + In: body + */ + Body *models.SetPolicyMultipleRequest + /* + Required: true + In: path + */ + Name string +} + +// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface +// for simple values it will use straight method calls. +// +// To ensure default values, the struct must have been initialized with NewSetPolicyMultipleParams() beforehand. +func (o *SetPolicyMultipleParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error { + var res []error + + o.HTTPRequest = r + + if runtime.HasBody(r) { + defer r.Body.Close() + var body models.SetPolicyMultipleRequest + if err := route.Consumer.Consume(r.Body, &body); err != nil { + if err == io.EOF { + res = append(res, errors.Required("body", "body", "")) + } else { + res = append(res, errors.NewParseError("body", "body", "", err)) + } + } else { + // validate body object + if err := body.Validate(route.Formats); err != nil { + res = append(res, err) + } + + if len(res) == 0 { + o.Body = &body + } + } + } else { + res = append(res, errors.Required("body", "body", "")) + } + rName, rhkName, _ := route.Params.GetOK("name") + if err := o.bindName(rName, rhkName, route.Formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +// bindName binds and validates parameter Name from path. +func (o *SetPolicyMultipleParams) bindName(rawData []string, hasKey bool, formats strfmt.Registry) error { + var raw string + if len(rawData) > 0 { + raw = rawData[len(rawData)-1] + } + + // Required: true + // Parameter is provided by construction from the route + + o.Name = raw + + return nil +} diff --git a/restapi/operations/admin_api/set_policy_multiple_responses.go b/restapi/operations/admin_api/set_policy_multiple_responses.go new file mode 100644 index 000000000..9b037a91d --- /dev/null +++ b/restapi/operations/admin_api/set_policy_multiple_responses.go @@ -0,0 +1,113 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package admin_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "net/http" + + "github.com/go-openapi/runtime" + + "github.com/minio/console/models" +) + +// SetPolicyMultipleNoContentCode is the HTTP code returned for type SetPolicyMultipleNoContent +const SetPolicyMultipleNoContentCode int = 204 + +/*SetPolicyMultipleNoContent A successful response. + +swagger:response setPolicyMultipleNoContent +*/ +type SetPolicyMultipleNoContent struct { +} + +// NewSetPolicyMultipleNoContent creates SetPolicyMultipleNoContent with default headers values +func NewSetPolicyMultipleNoContent() *SetPolicyMultipleNoContent { + + return &SetPolicyMultipleNoContent{} +} + +// WriteResponse to the client +func (o *SetPolicyMultipleNoContent) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses + + rw.WriteHeader(204) +} + +/*SetPolicyMultipleDefault Generic error response. + +swagger:response setPolicyMultipleDefault +*/ +type SetPolicyMultipleDefault struct { + _statusCode int + + /* + In: Body + */ + Payload *models.Error `json:"body,omitempty"` +} + +// NewSetPolicyMultipleDefault creates SetPolicyMultipleDefault with default headers values +func NewSetPolicyMultipleDefault(code int) *SetPolicyMultipleDefault { + if code <= 0 { + code = 500 + } + + return &SetPolicyMultipleDefault{ + _statusCode: code, + } +} + +// WithStatusCode adds the status to the set policy multiple default response +func (o *SetPolicyMultipleDefault) WithStatusCode(code int) *SetPolicyMultipleDefault { + o._statusCode = code + return o +} + +// SetStatusCode sets the status to the set policy multiple default response +func (o *SetPolicyMultipleDefault) SetStatusCode(code int) { + o._statusCode = code +} + +// WithPayload adds the payload to the set policy multiple default response +func (o *SetPolicyMultipleDefault) WithPayload(payload *models.Error) *SetPolicyMultipleDefault { + o.Payload = payload + return o +} + +// SetPayload sets the payload to the set policy multiple default response +func (o *SetPolicyMultipleDefault) SetPayload(payload *models.Error) { + o.Payload = payload +} + +// WriteResponse to the client +func (o *SetPolicyMultipleDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) { + + rw.WriteHeader(o._statusCode) + if o.Payload != nil { + payload := o.Payload + if err := producer.Produce(rw, payload); err != nil { + panic(err) // let the recovery middleware deal with this + } + } +} diff --git a/restapi/operations/admin_api/set_policy_multiple_urlbuilder.go b/restapi/operations/admin_api/set_policy_multiple_urlbuilder.go new file mode 100644 index 000000000..67856a7c9 --- /dev/null +++ b/restapi/operations/admin_api/set_policy_multiple_urlbuilder.go @@ -0,0 +1,116 @@ +// Code generated by go-swagger; DO NOT EDIT. + +// This file is part of MinIO Console Server +// Copyright (c) 2020 MinIO, Inc. +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU Affero General Public License as published by +// the Free Software Foundation, either version 3 of the License, or +// (at your option) any later version. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU Affero General Public License for more details. +// +// You should have received a copy of the GNU Affero General Public License +// along with this program. If not, see . +// + +package admin_api + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the generate command + +import ( + "errors" + "net/url" + golangswaggerpaths "path" + "strings" +) + +// SetPolicyMultipleURL generates an URL for the set policy multiple operation +type SetPolicyMultipleURL struct { + Name string + + _basePath string + // avoid unkeyed usage + _ struct{} +} + +// WithBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SetPolicyMultipleURL) WithBasePath(bp string) *SetPolicyMultipleURL { + o.SetBasePath(bp) + return o +} + +// SetBasePath sets the base path for this url builder, only required when it's different from the +// base path specified in the swagger spec. +// When the value of the base path is an empty string +func (o *SetPolicyMultipleURL) SetBasePath(bp string) { + o._basePath = bp +} + +// Build a url path and query string +func (o *SetPolicyMultipleURL) Build() (*url.URL, error) { + var _result url.URL + + var _path = "/set-policy-multi/{name}" + + name := o.Name + if name != "" { + _path = strings.Replace(_path, "{name}", name, -1) + } else { + return nil, errors.New("name is required on SetPolicyMultipleURL") + } + + _basePath := o._basePath + if _basePath == "" { + _basePath = "/api/v1" + } + _result.Path = golangswaggerpaths.Join(_basePath, _path) + + return &_result, nil +} + +// Must is a helper function to panic when the url builder returns an error +func (o *SetPolicyMultipleURL) Must(u *url.URL, err error) *url.URL { + if err != nil { + panic(err) + } + if u == nil { + panic("url can't be nil") + } + return u +} + +// String returns the string representation of the path with query string +func (o *SetPolicyMultipleURL) String() string { + return o.Must(o.Build()).String() +} + +// BuildFull builds a full url with scheme, host, path and query string +func (o *SetPolicyMultipleURL) BuildFull(scheme, host string) (*url.URL, error) { + if scheme == "" { + return nil, errors.New("scheme is required for a full url on SetPolicyMultipleURL") + } + if host == "" { + return nil, errors.New("host is required for a full url on SetPolicyMultipleURL") + } + + base, err := o.Build() + if err != nil { + return nil, err + } + + base.Scheme = scheme + base.Host = host + return base, nil +} + +// StringFull returns the string representation of a complete url +func (o *SetPolicyMultipleURL) StringFull(scheme, host string) string { + return o.Must(o.BuildFull(scheme, host)).String() +} diff --git a/restapi/operations/console_api.go b/restapi/operations/console_api.go index 75e2a54b3..1ce58c13c 100644 --- a/restapi/operations/console_api.go +++ b/restapi/operations/console_api.go @@ -275,6 +275,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI { AdminAPISetPolicyHandler: admin_api.SetPolicyHandlerFunc(func(params admin_api.SetPolicyParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation admin_api.SetPolicy has not yet been implemented") }), + AdminAPISetPolicyMultipleHandler: admin_api.SetPolicyMultipleHandlerFunc(func(params admin_api.SetPolicyMultipleParams, principal *models.Principal) middleware.Responder { + return middleware.NotImplemented("operation admin_api.SetPolicyMultiple has not yet been implemented") + }), UserAPIShareObjectHandler: user_api.ShareObjectHandlerFunc(func(params user_api.ShareObjectParams, principal *models.Principal) middleware.Responder { return middleware.NotImplemented("operation user_api.ShareObject has not yet been implemented") }), @@ -497,6 +500,8 @@ type ConsoleAPI struct { AdminAPISetConfigHandler admin_api.SetConfigHandler // AdminAPISetPolicyHandler sets the operation handler for the set policy operation AdminAPISetPolicyHandler admin_api.SetPolicyHandler + // AdminAPISetPolicyMultipleHandler sets the operation handler for the set policy multiple operation + AdminAPISetPolicyMultipleHandler admin_api.SetPolicyMultipleHandler // UserAPIShareObjectHandler sets the operation handler for the share object operation UserAPIShareObjectHandler user_api.ShareObjectHandler // AdminAPITenantAddZoneHandler sets the operation handler for the tenant add zone operation @@ -803,6 +808,9 @@ func (o *ConsoleAPI) Validate() error { if o.AdminAPISetPolicyHandler == nil { unregistered = append(unregistered, "admin_api.SetPolicyHandler") } + if o.AdminAPISetPolicyMultipleHandler == nil { + unregistered = append(unregistered, "admin_api.SetPolicyMultipleHandler") + } if o.UserAPIShareObjectHandler == nil { unregistered = append(unregistered, "user_api.ShareObjectHandler") } @@ -1215,6 +1223,10 @@ func (o *ConsoleAPI) initHandlerCache() { o.handlers["PUT"] = make(map[string]http.Handler) } o.handlers["PUT"]["/set-policy/{name}"] = admin_api.NewSetPolicy(o.context, o.AdminAPISetPolicyHandler) + if o.handlers["PUT"] == nil { + o.handlers["PUT"] = make(map[string]http.Handler) + } + o.handlers["PUT"]["/set-policy-multi/{name}"] = admin_api.NewSetPolicyMultiple(o.context, o.AdminAPISetPolicyMultipleHandler) if o.handlers["GET"] == nil { o.handlers["GET"] = make(map[string]http.Handler) } diff --git a/swagger.yml b/swagger.yml index 84fec89b5..248bedb4b 100644 --- a/swagger.yml +++ b/swagger.yml @@ -1238,6 +1238,30 @@ paths: tags: - AdminAPI + /set-policy-multi/{name}: + put: + summary: Set policy to multiple users/groups + operationId: SetPolicyMultiple + parameters: + - name: name + in: path + required: true + type: string + - name: body + in: body + required: true + schema: + $ref: "#/definitions/setPolicyMultipleRequest" + responses: + 204: + description: A successful response. + default: + description: Generic error response. + schema: + $ref: "#/definitions/error" + tags: + - AdminAPI + /configs/{name}: get: summary: Configuration info @@ -2107,6 +2131,23 @@ definitions: $ref: "#/definitions/policyEntity" entityName: type: string + + setPolicyMultipleRequest: + type: object + properties: + users: + type: array + items: + $ref: "#/definitions/iamEntity" + groups: + type: array + items: + $ref: "#/definitions/iamEntity" + + iamEntity: + type: string + pattern: '^[\w+=,.@-]{1,64}$' + addPolicyRequest: type: object required: