mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Service Account Policy restriction improvement (#1921)

Browse Source
This commit is contained in:
jinapurapu
2022-05-03 11:03:57 -07:00
committed by GitHub
parent 6485718a97
commit ab835286b0
18 changed files with 1479 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
integration/users_test.go
View File

@@ -854,3 +854,68 @@ func TestUsersGroupsBulk(t *testing.T) {
}
}
func Test_GetUserPolicyAPI(t *testing.T) {
assert := assert.New(t)
// 1. Create an active user with valid policy
var groups = []string{}
var policies = []string{"readwrite"}
addUserResponse, addUserError := AddUser(
"getpolicyuser", "secretKey", groups, policies)
if addUserError != nil {
log.Println(addUserError)
return
}
if addUserResponse != nil {
fmt.Println("StatusCode:", addUserResponse.StatusCode)
assert.Equal(
201, addUserResponse.StatusCode, "Status Code is incorrect")
}
type args struct {
api string
}
tests := []struct {
name string
args args
expectedStatus int
expectedError error
}{
{
name: "Get User Policies",
args: args{
api: "/user/policy",
},
expectedStatus: 200,
expectedError: nil,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
client := &http.Client{
Timeout: 3 * time.Second,
}
request, err := http.NewRequest(
"GET", fmt.Sprintf("http://localhost:9090/api/v1%s", tt.args.api), nil)
if err != nil {
log.Println(err)
return
}
request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
request.Header.Add("Content-Type", "application/json")
response, err := client.Do(request)
if err != nil {
log.Println(err)
return
}
if response != nil {
assert.Equal(tt.expectedStatus, response.StatusCode, tt.name+" Failed")
}
})
}
}

66
portal-ui/src/screens/Console/Account/AddServiceAccountScreen.tsx
View File

@@ -44,7 +44,8 @@ import api from "../../../../src/common/api";
import CredentialsPrompt from "../Common/CredentialsPrompt/CredentialsPrompt";
import { setErrorSnackMessage } from "../../../../src/actions";
import SectionTitle from "../Common/SectionTitle";
import { getRandomString } from "../../../screens/Console/Tenants/utils";
import { getRandomString } from "../../../screens/Console/Tenants/utils";
import PanelTitle from "../Common/PanelTitle/PanelTitle";
interface IAddServiceAccountProps {
classes: any;
@@ -74,32 +75,33 @@ const AddServiceAccount = ({
classes,
setErrorSnackMessage,
}: IAddServiceAccountProps) => {
const [addSending, setAddSending] = useState<boolean>(false);
const [policyDefinition, setPolicyDefinition] = useState<string>("");
const [addSending, setAddSending] = useState<boolean>(false);
const [accessKey, setAccessKey] = useState<string>(getRandomString(16));
const [secretKey, setSecretKey] = useState<string>(getRandomString(32));
const [isRestrictedByPolicy, setIsRestrictedByPolicy] =
useState<boolean>(false);
const [newServiceAccount, setNewServiceAccount] =
useState<NewServiceAccount | null>(null);
const [showPassword, setShowPassword] = useState<boolean>(false);
const [showPassword, setShowPassword] = useState<boolean>(false);
const [policyJSON, setPolicyJSON] = useState<string>("");
useEffect(() => {
if (addSending) {
api
.invoke("POST", `/api/v1/service-account-credentials`, {
policy: policyDefinition,
accessKey: accessKey,
secretKey: secretKey,
})
.then((res) => {
setAddSending(false);
setNewServiceAccount({
accessKey: res.accessKey || "",
secretKey: res.secretKey || "",
url: res.url || "",
});
})
api
.invoke("POST", `/api/v1/service-account-credentials`, {
policy: policyJSON,
accessKey: accessKey,
secretKey: secretKey,
})
.then((res) => {
setAddSending(false);
setNewServiceAccount({
accessKey: res.accessKey || "",
secretKey: res.secretKey || "",
url: res.url || "",
});
})
.catch((err: ErrorResponseHandler) => {
setAddSending(false);
setErrorSnackMessage(err);
@@ -109,18 +111,30 @@ const AddServiceAccount = ({
addSending,
setAddSending,
setErrorSnackMessage,
policyDefinition,
policyJSON,
accessKey,
secretKey,
]);
useEffect(() => {
if(isRestrictedByPolicy){
api
.invoke("GET", `/api/v1/user/policy`)
.then((res: string) => {
setPolicyJSON(JSON.stringify(JSON.parse(res), null, 4));
})
}
}, [isRestrictedByPolicy]);
const addServiceAccount = (e: React.FormEvent) => {
e.preventDefault();
setAddSending(true);
};
const resetForm = () => {
setPolicyDefinition("");
setPolicyJSON("");
setNewServiceAccount(null);
setAccessKey("");
setSecretKey("");
@@ -260,13 +274,19 @@ const AddServiceAccount = ({
xs={12}
className={classes.codeMirrorContainer}
>
<div >
<PanelTitle>Current User Policy - edit the JSON to remove permissions for this service account</PanelTitle>
</div>
<Grid item xs={12} className={classes.formScrollable}>
<CodeMirrorWrapper
label={"Policy "}
value={policyDefinition}
value={policyJSON}
onBeforeChange={(editor, data, value) => {
setPolicyDefinition(value);
setPolicyJSON(value);
}}
editorHeight={"350px"}
/>
</Grid>
</Grid>
)}
</Grid>

43
restapi/admin_policies.go
View File

@@ -31,6 +31,8 @@ import (
"github.com/minio/console/models"
"github.com/minio/console/restapi/operations"
iampolicy "github.com/minio/pkg/iam/policy"
policies "github.com/minio/console/restapi/policy"
)
func registersPoliciesHandler(api *operations.ConsoleAPI) {
@@ -121,6 +123,14 @@ func registersPoliciesHandler(api *operations.ConsoleAPI) {
}
return policyApi.NewListGroupsForPolicyOK().WithPayload(policyGroupsResponse)
})
// Gets policies for currently logged in user
api.PolicyGetUserPolicyHandler = policyApi.GetUserPolicyHandlerFunc(func(params policyApi.GetUserPolicyParams, session *models.Principal) middleware.Responder {
userPolicyResponse, err := getUserPolicyResponse(session)
if err != nil {
return policyApi.NewGetUserPolicyDefault(int(err.Code)).WithPayload(err)
}
return policyApi.NewGetUserPolicyOK().WithPayload(userPolicyResponse)
})
}
func getListAccessRulesWithBucketResponse(session *models.Principal, params bucketApi.ListAccessRulesWithBucketParams) (*models.ListAccessRulesResponse, *models.Error) {
@@ -322,16 +332,47 @@ func getListUsersForPolicyResponse(session *models.Principal, params policyApi.L
return filteredUsers, nil
}
func getUserPolicyResponse(session *models.Principal) (string, *models.Error) {
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
// serialize output
if session == nil {
return "nil", ErrorWithContext(ctx, ErrPolicyNotFound)
}
tokenClaims, _ := getClaimsFromToken(session.STSSessionToken)
// initialize admin client
mAdminClient, err := NewMinioAdminClient(&models.Principal{
STSAccessKeyID: session.STSAccessKeyID,
STSSecretAccessKey: session.STSSecretAccessKey,
STSSessionToken: session.STSSessionToken,
})
if err != nil {
return "nil", ErrorWithContext(ctx, err)
}
userAdminClient := AdminClient{Client: mAdminClient}
// Obtain the current policy assigned to this user
// necessary for generating the list of allowed endpoints
accountInfo, err := getAccountInfo(ctx, userAdminClient)
if err != nil {
return "nil", ErrorWithContext(ctx, err)
}
rawPolicy := policies.ReplacePolicyVariables(tokenClaims, accountInfo)
return string(rawPolicy), nil
}
func getListGroupsForPolicyResponse(session *models.Principal, params policyApi.ListGroupsForPolicyParams) ([]string, *models.Error) {
ctx, cancel := context.WithCancel(params.HTTPRequest.Context())
defer cancel()
policy := params.Policy
mAdmin, err := NewMinioAdminClient(session)
if err != nil {
return nil, ErrorWithContext(ctx, err)
}
// create a minioClient interface implementation
// defining the client to be used
policy := params.Policy
adminClient := AdminClient{Client: mAdmin}
policies, err := listPolicies(ctx, adminClient)
if err != nil {

46
restapi/embedded_spec.go
View File

@@ -3976,6 +3976,29 @@ func init() {
}
}
},
"/user/policy": {
"get": {
"tags": [
"Policy"
],
"summary": "returns policies for logged in user",
"operationId": "GetUserPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "string"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/user/{name}/service-account-credentials": {
"post": {
"tags": [
@@ -10901,6 +10924,29 @@ func init() {
}
}
},
"/user/policy": {
"get": {
"tags": [
"Policy"
],
"summary": "returns policies for logged in user",
"operationId": "GetUserPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"type": "string"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/user/{name}/service-account-credentials": {
"post": {
"tags": [

88
restapi/operations/admin_api/get_user_policy.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// GetUserPolicyHandlerFunc turns a function with the right signature into a get user policy handler
type GetUserPolicyHandlerFunc func(GetUserPolicyParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn GetUserPolicyHandlerFunc) Handle(params GetUserPolicyParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// GetUserPolicyHandler interface for that can handle valid get user policy params
type GetUserPolicyHandler interface {
Handle(GetUserPolicyParams, *models.Principal) middleware.Responder
}
// NewGetUserPolicy creates a new http.Handler for the get user policy operation
func NewGetUserPolicy(ctx *middleware.Context, handler GetUserPolicyHandler) *GetUserPolicy {
return &GetUserPolicy{Context: ctx, Handler: handler}
}
/* GetUserPolicy swagger:route GET /user/policy AdminAPI getUserPolicy
returns policies for logged in user
*/
type GetUserPolicy struct {
Context *middleware.Context
Handler GetUserPolicyHandler
}
func (o *GetUserPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewGetUserPolicyParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

63
restapi/operations/admin_api/get_user_policy_parameters.go Normal file
View File

@@ -0,0 +1,63 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
)
// NewGetUserPolicyParams creates a new GetUserPolicyParams object
//
// There are no default values defined in the spec.
func NewGetUserPolicyParams() GetUserPolicyParams {
return GetUserPolicyParams{}
}
// GetUserPolicyParams contains all the bound params for the get user policy operation
// typically these are obtained from a http.Request
//
// swagger:parameters GetUserPolicy
type GetUserPolicyParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewGetUserPolicyParams() beforehand.
func (o *GetUserPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

131
restapi/operations/admin_api/get_user_policy_responses.go Normal file
View File

@@ -0,0 +1,131 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetUserPolicyOKCode is the HTTP code returned for type GetUserPolicyOK
const GetUserPolicyOKCode int = 200
/*GetUserPolicyOK A successful response.
swagger:response getUserPolicyOK
*/
type GetUserPolicyOK struct {
/*
In: Body
*/
Payload string `json:"body,omitempty"`
}
// NewGetUserPolicyOK creates GetUserPolicyOK with default headers values
func NewGetUserPolicyOK() *GetUserPolicyOK {
return &GetUserPolicyOK{}
}
// WithPayload adds the payload to the get user policy o k response
func (o *GetUserPolicyOK) WithPayload(payload string) *GetUserPolicyOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get user policy o k response
func (o *GetUserPolicyOK) SetPayload(payload string) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetUserPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
/*GetUserPolicyDefault Generic error response.
swagger:response getUserPolicyDefault
*/
type GetUserPolicyDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewGetUserPolicyDefault creates GetUserPolicyDefault with default headers values
func NewGetUserPolicyDefault(code int) *GetUserPolicyDefault {
if code <= 0 {
code = 500
}
return &GetUserPolicyDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get user policy default response
func (o *GetUserPolicyDefault) WithStatusCode(code int) *GetUserPolicyDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get user policy default response
func (o *GetUserPolicyDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get user policy default response
func (o *GetUserPolicyDefault) WithPayload(payload *models.Error) *GetUserPolicyDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get user policy default response
func (o *GetUserPolicyDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetUserPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/admin_api/get_user_policy_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// GetUserPolicyURL generates an URL for the get user policy operation
type GetUserPolicyURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetUserPolicyURL) WithBasePath(bp string) *GetUserPolicyURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetUserPolicyURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *GetUserPolicyURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/user/policy"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *GetUserPolicyURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *GetUserPolicyURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *GetUserPolicyURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on GetUserPolicyURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on GetUserPolicyURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *GetUserPolicyURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

88
restapi/operations/admin_api/update_user_groups.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// UpdateUserGroupsHandlerFunc turns a function with the right signature into a update user groups handler
type UpdateUserGroupsHandlerFunc func(UpdateUserGroupsParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn UpdateUserGroupsHandlerFunc) Handle(params UpdateUserGroupsParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// UpdateUserGroupsHandler interface for that can handle valid update user groups params
type UpdateUserGroupsHandler interface {
Handle(UpdateUserGroupsParams, *models.Principal) middleware.Responder
}
// NewUpdateUserGroups creates a new http.Handler for the update user groups operation
func NewUpdateUserGroups(ctx *middleware.Context, handler UpdateUserGroupsHandler) *UpdateUserGroups {
return &UpdateUserGroups{Context: ctx, Handler: handler}
}
/* UpdateUserGroups swagger:route PUT /user/groups AdminAPI updateUserGroups
Update Groups for a user
*/
type UpdateUserGroups struct {
Context *middleware.Context
Handler UpdateUserGroupsHandler
}
func (o *UpdateUserGroups) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewUpdateUserGroupsParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

136
restapi/operations/admin_api/update_user_groups_parameters.go Normal file
View File

@@ -0,0 +1,136 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"context"
"io"
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/strfmt"
"github.com/go-openapi/validate"
"github.com/minio/console/models"
)
// NewUpdateUserGroupsParams creates a new UpdateUserGroupsParams object
//
// There are no default values defined in the spec.
func NewUpdateUserGroupsParams() UpdateUserGroupsParams {
return UpdateUserGroupsParams{}
}
// UpdateUserGroupsParams contains all the bound params for the update user groups operation
// typically these are obtained from a http.Request
//
// swagger:parameters UpdateUserGroups
type UpdateUserGroupsParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: body
*/
Body *models.UpdateUserGroups
/*
Required: true
In: query
*/
Name string
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewUpdateUserGroupsParams() beforehand.
func (o *UpdateUserGroupsParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
qs := runtime.Values(r.URL.Query())
if runtime.HasBody(r) {
defer r.Body.Close()
var body models.UpdateUserGroups
if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF {
res = append(res, errors.Required("body", "body", ""))
} else {
res = append(res, errors.NewParseError("body", "body", "", err))
}
} else {
// validate body object
if err := body.Validate(route.Formats); err != nil {
res = append(res, err)
}
ctx := validate.WithOperationRequest(context.Background())
if err := body.ContextValidate(ctx, route.Formats); err != nil {
res = append(res, err)
}
if len(res) == 0 {
o.Body = &body
}
}
} else {
res = append(res, errors.Required("body", "body", ""))
}
qName, qhkName, _ := qs.GetOK("name")
if err := o.bindName(qName, qhkName, route.Formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
// bindName binds and validates parameter Name from query.
func (o *UpdateUserGroupsParams) bindName(rawData []string, hasKey bool, formats strfmt.Registry) error {
if !hasKey {
return errors.Required("name", "query", rawData)
}
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// AllowEmptyValue: false
if err := validate.RequiredString("name", "query", raw); err != nil {
return err
}
o.Name = raw
return nil
}

133
restapi/operations/admin_api/update_user_groups_responses.go Normal file
View File

@@ -0,0 +1,133 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// UpdateUserGroupsOKCode is the HTTP code returned for type UpdateUserGroupsOK
const UpdateUserGroupsOKCode int = 200
/*UpdateUserGroupsOK A successful response.
swagger:response updateUserGroupsOK
*/
type UpdateUserGroupsOK struct {
/*
In: Body
*/
Payload *models.User `json:"body,omitempty"`
}
// NewUpdateUserGroupsOK creates UpdateUserGroupsOK with default headers values
func NewUpdateUserGroupsOK() *UpdateUserGroupsOK {
return &UpdateUserGroupsOK{}
}
// WithPayload adds the payload to the update user groups o k response
func (o *UpdateUserGroupsOK) WithPayload(payload *models.User) *UpdateUserGroupsOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the update user groups o k response
func (o *UpdateUserGroupsOK) SetPayload(payload *models.User) {
o.Payload = payload
}
// WriteResponse to the client
func (o *UpdateUserGroupsOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*UpdateUserGroupsDefault Generic error response.
swagger:response updateUserGroupsDefault
*/
type UpdateUserGroupsDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewUpdateUserGroupsDefault creates UpdateUserGroupsDefault with default headers values
func NewUpdateUserGroupsDefault(code int) *UpdateUserGroupsDefault {
if code <= 0 {
code = 500
}
return &UpdateUserGroupsDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the update user groups default response
func (o *UpdateUserGroupsDefault) WithStatusCode(code int) *UpdateUserGroupsDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the update user groups default response
func (o *UpdateUserGroupsDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the update user groups default response
func (o *UpdateUserGroupsDefault) WithPayload(payload *models.Error) *UpdateUserGroupsDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the update user groups default response
func (o *UpdateUserGroupsDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *UpdateUserGroupsDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

117
restapi/operations/admin_api/update_user_groups_urlbuilder.go Normal file
View File

@@ -0,0 +1,117 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// UpdateUserGroupsURL generates an URL for the update user groups operation
type UpdateUserGroupsURL struct {
Name string
_basePath string
// avoid unkeyed usage
_ struct{}
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *UpdateUserGroupsURL) WithBasePath(bp string) *UpdateUserGroupsURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *UpdateUserGroupsURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *UpdateUserGroupsURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/user/groups"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
qs := make(url.Values)
nameQ := o.Name
if nameQ != "" {
qs.Set("name", nameQ)
}
_result.RawQuery = qs.Encode()
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *UpdateUserGroupsURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *UpdateUserGroupsURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *UpdateUserGroupsURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on UpdateUserGroupsURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on UpdateUserGroupsURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *UpdateUserGroupsURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

12
restapi/operations/console_api.go
View File

@@ -249,6 +249,9 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
UserGetUserInfoHandler: user.GetUserInfoHandlerFunc(func(params user.GetUserInfoParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation user.GetUserInfo has not yet been implemented")
}),
PolicyGetUserPolicyHandler: policy.GetUserPolicyHandlerFunc(func(params policy.GetUserPolicyParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation policy.GetUserPolicy has not yet been implemented")
}),
GroupGroupInfoHandler: group.GroupInfoHandlerFunc(func(params group.GroupInfoParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation group.GroupInfo has not yet been implemented")
}),
@@ -615,6 +618,8 @@ type ConsoleAPI struct {
TieringGetTierHandler tiering.GetTierHandler
// UserGetUserInfoHandler sets the operation handler for the get user info operation
UserGetUserInfoHandler user.GetUserInfoHandler
// PolicyGetUserPolicyHandler sets the operation handler for the get user policy operation
PolicyGetUserPolicyHandler policy.GetUserPolicyHandler
// GroupGroupInfoHandler sets the operation handler for the group info operation
GroupGroupInfoHandler group.GroupInfoHandler
// InspectInspectHandler sets the operation handler for the inspect operation
@@ -1002,6 +1007,9 @@ func (o *ConsoleAPI) Validate() error {
if o.UserGetUserInfoHandler == nil {
unregistered = append(unregistered, "user.GetUserInfoHandler")
}
if o.PolicyGetUserPolicyHandler == nil {
unregistered = append(unregistered, "policy.GetUserPolicyHandler")
}
if o.GroupGroupInfoHandler == nil {
unregistered = append(unregistered, "group.GroupInfoHandler")
}
@@ -1527,6 +1535,10 @@ func (o *ConsoleAPI) initHandlerCache() {
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/user/policy"] = policy.NewGetUserPolicy(o.context, o.PolicyGetUserPolicyHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/group"] = group.NewGroupInfo(o.context, o.GroupGroupInfoHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)

88
restapi/operations/policy/get_user_policy.go Normal file
View File

@@ -0,0 +1,88 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package policy
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// GetUserPolicyHandlerFunc turns a function with the right signature into a get user policy handler
type GetUserPolicyHandlerFunc func(GetUserPolicyParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn GetUserPolicyHandlerFunc) Handle(params GetUserPolicyParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// GetUserPolicyHandler interface for that can handle valid get user policy params
type GetUserPolicyHandler interface {
Handle(GetUserPolicyParams, *models.Principal) middleware.Responder
}
// NewGetUserPolicy creates a new http.Handler for the get user policy operation
func NewGetUserPolicy(ctx *middleware.Context, handler GetUserPolicyHandler) *GetUserPolicy {
return &GetUserPolicy{Context: ctx, Handler: handler}
}
/* GetUserPolicy swagger:route GET /user/policy Policy getUserPolicy
returns policies for logged in user
*/
type GetUserPolicy struct {
Context *middleware.Context
Handler GetUserPolicyHandler
}
func (o *GetUserPolicy) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
*r = *rCtx
}
var Params = NewGetUserPolicyParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
*r = *aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

63
restapi/operations/policy/get_user_policy_parameters.go Normal file
View File

@@ -0,0 +1,63 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package policy
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
)
// NewGetUserPolicyParams creates a new GetUserPolicyParams object
//
// There are no default values defined in the spec.
func NewGetUserPolicyParams() GetUserPolicyParams {
return GetUserPolicyParams{}
}
// GetUserPolicyParams contains all the bound params for the get user policy operation
// typically these are obtained from a http.Request
//
// swagger:parameters GetUserPolicy
type GetUserPolicyParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewGetUserPolicyParams() beforehand.
func (o *GetUserPolicyParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

131
restapi/operations/policy/get_user_policy_responses.go Normal file
View File

@@ -0,0 +1,131 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package policy
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// GetUserPolicyOKCode is the HTTP code returned for type GetUserPolicyOK
const GetUserPolicyOKCode int = 200
/*GetUserPolicyOK A successful response.
swagger:response getUserPolicyOK
*/
type GetUserPolicyOK struct {
/*
In: Body
*/
Payload string `json:"body,omitempty"`
}
// NewGetUserPolicyOK creates GetUserPolicyOK with default headers values
func NewGetUserPolicyOK() *GetUserPolicyOK {
return &GetUserPolicyOK{}
}
// WithPayload adds the payload to the get user policy o k response
func (o *GetUserPolicyOK) WithPayload(payload string) *GetUserPolicyOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get user policy o k response
func (o *GetUserPolicyOK) SetPayload(payload string) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetUserPolicyOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
/*GetUserPolicyDefault Generic error response.
swagger:response getUserPolicyDefault
*/
type GetUserPolicyDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewGetUserPolicyDefault creates GetUserPolicyDefault with default headers values
func NewGetUserPolicyDefault(code int) *GetUserPolicyDefault {
if code <= 0 {
code = 500
}
return &GetUserPolicyDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the get user policy default response
func (o *GetUserPolicyDefault) WithStatusCode(code int) *GetUserPolicyDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the get user policy default response
func (o *GetUserPolicyDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the get user policy default response
func (o *GetUserPolicyDefault) WithPayload(payload *models.Error) *GetUserPolicyDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the get user policy default response
func (o *GetUserPolicyDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *GetUserPolicyDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/policy/get_user_policy_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2022 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package policy
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// GetUserPolicyURL generates an URL for the get user policy operation
type GetUserPolicyURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetUserPolicyURL) WithBasePath(bp string) *GetUserPolicyURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *GetUserPolicyURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *GetUserPolicyURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/user/policy"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *GetUserPolicyURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *GetUserPolicyURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *GetUserPolicyURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on GetUserPolicyURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on GetUserPolicyURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *GetUserPolicyURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

37
swagger-console.yml
View File

@@ -19,7 +19,7 @@ securityDefinitions:
tokenUrl: http://min.io
# Apply the key security definition to all APIs
security:
- key: [ ]
- key: []
paths:
/login:
get:
@@ -35,7 +35,7 @@ paths:
schema:
$ref: "#/definitions/error"
# Exclude this API from the authentication requirement
security: [ ]
security: []
tags:
- Auth
post:
@@ -55,7 +55,7 @@ paths:
schema:
$ref: "#/definitions/error"
# Exclude this API from the authentication requirement
security: [ ]
security: []
tags:
- Auth
/login/oauth2/auth:
@@ -75,7 +75,7 @@ paths:
description: Generic error response.
schema:
$ref: "#/definitions/error"
security: [ ]
security: []
tags:
- Auth
@@ -122,7 +122,7 @@ paths:
description: Generic error response.
schema:
$ref: "#/definitions/error"
security: [ ]
security: []
tags:
- System
@@ -1568,7 +1568,21 @@ paths:
$ref: "#/definitions/error"
tags:
- User
/user/policy:
get:
summary: returns policies for logged in user
operationId: GetUserPolicy
responses:
200:
description: A successful response.
schema:
type: string
default:
description: Generic error response.
schema:
$ref: "#/definitions/error"
tags:
- Policy
/user/{name}/service-accounts:
get:
summary: returns a list of service accounts for a user
@@ -2765,7 +2779,7 @@ paths:
- name: order
in: query
type: string
enum: [ timeDesc, timeAsc ]
enum: [timeDesc, timeAsc]
default: timeDesc
- name: timeStart
in: query
@@ -3009,7 +3023,6 @@ definitions:
$ref: "#/definitions/setBucketQuota"
retention:
$ref: "#/definitions/putBucketRetentionRequest"
error:
type: object
required:
@@ -3579,7 +3592,7 @@ definitions:
properties:
loginStrategy:
type: string
enum: [ form, redirect, service-account, redirect-service-account ]
enum: [form, redirect, service-account, redirect-service-account]
redirect:
type: string
loginOauth2AuthRequest:
@@ -3662,7 +3675,7 @@ definitions:
type: string
status:
type: string
enum: [ ok ]
enum: [ok]
operator:
type: boolean
distributedMode:
@@ -3683,7 +3696,7 @@ definitions:
type: string
values:
type: array
items: { }
items: {}
resultTarget:
type: object
properties:
@@ -4075,7 +4088,7 @@ definitions:
type: string
service:
type: string
enum: [ replication ]
enum: [replication]
syncMode:
type: string
bandwidth: