mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Product license verification in Console (#518)

Browse Source 
Operator UI - Provide and store License key
- New License section in Operator UI will allow user to provide the
  license key via input form
- New License section in Operator UI will allow the user to fetch the
  license key using subnet credentials
-  Console backend has to verify provided license is valid -
   https://godoc.org/github.com/minio/minio/pkg/licverifier#example-package
-  Console backend has to store the license key in k8s secrets

Operator UI - Set license to tenant during provisioning
- Check if license key exists in k8s secret during tenant creation
- If License is present attach the license-key jwt to the new console
tenant via an environment variable

Operator UI - Set license for an existing tenant
- Tenant view will display information about the current status of the
  Tenant License
- If Tenant doesn't have a License then Operator-UI will allow to attach
new license by clicking the Add License button
- Console backend will extract the license from the k8s secret and save
the license-key jwt in the tenant console environment variable and
redeploy
This commit is contained in:
Lenin Alevski
2021-01-12 15:55:07 -06:00
committed by GitHub
parent fd779c2ffa
commit f3bcfc327d
69 changed files with 4293 additions and 221 deletions
Download Patch File Download Diff File Expand all files Collapse all files

273
restapi/admin_subscription.go Normal file
View File

@@ -0,0 +1,273 @@
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package restapi
import (
"context"
"fmt"
"log"
"time"
operator "github.com/minio/operator/pkg/apis/minio.min.io/v1"
"github.com/minio/console/pkg/acl"
"github.com/minio/console/cluster"
"github.com/minio/console/pkg/subnet"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
"github.com/minio/console/restapi/operations"
"github.com/minio/console/restapi/operations/admin_api"
)
func registerSubscriptionHandlers(api *operations.ConsoleAPI) {
// Validate subscription handler
api.AdminAPISubscriptionValidateHandler = admin_api.SubscriptionValidateHandlerFunc(func(params admin_api.SubscriptionValidateParams, session *models.Principal) middleware.Responder {
license, err := getSubscriptionValidateResponse(session, params.Body)
if err != nil {
return admin_api.NewSubscriptionValidateDefault(int(err.Code)).WithPayload(err)
}
return admin_api.NewSubscriptionValidateOK().WithPayload(license)
})
// Activate license subscription for a particular tenant
api.AdminAPISubscriptionActivateHandler = admin_api.SubscriptionActivateHandlerFunc(func(params admin_api.SubscriptionActivateParams, session *models.Principal) middleware.Responder {
err := getSubscriptionActivateResponse(session, params.Namespace, params.Tenant)
if err != nil {
return admin_api.NewSubscriptionActivateDefault(int(err.Code)).WithPayload(err)
}
return admin_api.NewSubscriptionActivateNoContent()
})
// Get subscription information handler
api.AdminAPISubscriptionInfoHandler = admin_api.SubscriptionInfoHandlerFunc(func(params admin_api.SubscriptionInfoParams, session *models.Principal) middleware.Responder {
license, err := getSubscriptionInfoResponse(session)
if err != nil {
return admin_api.NewSubscriptionInfoDefault(int(err.Code)).WithPayload(err)
}
return admin_api.NewSubscriptionInfoOK().WithPayload(license)
})
}
// addSubscriptionLicenseToTenant replace existing console tenant secret and adds the subnet license key
func addSubscriptionLicenseToTenant(ctx context.Context, clientSet K8sClientI, license, namespace, tenantName, secretName string) error {
// Retrieve console secret for Tenant
consoleSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{})
if err != nil {
return err
}
// Copy current console secret
dataNewSecret := consoleSecret.Data
// Add subnet license to the new console secret
dataNewSecret[ConsoleSubnetLicense] = []byte(license)
// Delete existing console secret
err = clientSet.deleteSecret(ctx, cluster.Namespace, secretName, metav1.DeleteOptions{})
if err != nil {
return err
}
// Prepare the new Console Secret
imm := true
newConsoleSecret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: secretName,
Labels: map[string]string{
operator.TenantLabel: tenantName,
},
},
Immutable: &imm,
Data: dataNewSecret,
}
// Create new Console secret with the subnet License
_, err = clientSet.createSecret(ctx, cluster.Namespace, newConsoleSecret, metav1.CreateOptions{})
if err != nil {
return err
}
// restart Console pods based on label:
// v1.min.io/console: TENANT-console
err = clientSet.deletePodCollection(ctx, namespace, metav1.DeleteOptions{}, metav1.ListOptions{
LabelSelector: fmt.Sprintf("%s=%s%s", operator.ConsoleTenantLabel, tenantName, operator.ConsoleName),
})
if err != nil {
return err
}
return nil
}
func getSubscriptionActivateResponse(session *models.Principal, namespace, tenant string) *models.Error {
// 20 seconds timeout
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
if err != nil {
return prepareError(errorGeneric, nil, err)
}
clientSet, err := cluster.K8sClient(session.STSSessionToken)
if err != nil {
return prepareError(errorGeneric, nil, err)
}
opClient := &operatorClient{
client: opClientClientSet,
}
minTenant, err := getTenant(ctx, opClient, namespace, tenant)
if err != nil {
return prepareError(err, errorGeneric)
}
// If console is not deployed for this tenant return an error
if minTenant.Spec.Console == nil {
return prepareError(errorGenericNotFound)
}
// configure kubernetes client
k8sClient := k8sClient{
client: clientSet,
}
// Get cluster subscription license
license, err := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName)
if err != nil {
return prepareError(errInvalidCredentials, nil, err)
}
// add subscription license to existing console Tenant
if err = addSubscriptionLicenseToTenant(ctx, &k8sClient, license, namespace, tenant, minTenant.Spec.Console.ConsoleSecret.Name); err != nil {
return prepareError(err, errorGeneric)
}
return nil
}
// saveSubscriptionLicense will create or replace an existing subnet license secret in the k8s cluster
func saveSubscriptionLicense(ctx context.Context, clientSet K8sClientI, license string) error {
// Delete subnet license secret if exists
err := clientSet.deleteSecret(ctx, cluster.Namespace, OperatorSubnetLicenseSecretName, metav1.DeleteOptions{})
if err != nil {
// log the error if any and continue
log.Println(err)
}
// Save subnet license in k8s secrets
imm := true
licenseSecret := &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte(license),
},
}
_, err = clientSet.createSecret(ctx, cluster.Namespace, licenseSecret, metav1.CreateOptions{})
if err != nil {
return err
}
return nil
}
// subscriptionValidate will validate the provided jwt license against the subnet public key
func subscriptionValidate(client cluster.HTTPClientI, license, email, password string) (*models.License, string, error) {
licenseInfo, rawLicense, err := subnet.ValidateLicense(client, license, email, password)
if err != nil {
return nil, "", err
}
return &models.License{
Email: licenseInfo.Email,
AccountID: licenseInfo.AccountID,
StorageCapacity: licenseInfo.StorageCapacity,
Plan: licenseInfo.ServiceType,
ExpiresAt: licenseInfo.ExpiresAt.String(),
Organization: licenseInfo.TeamName,
}, rawLicense, nil
}
// getSubscriptionValidateResponse
func getSubscriptionValidateResponse(session *models.Principal, params *models.SubscriptionValidateRequest) (*models.License, *models.Error) {
// 20 seconds timeout
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
client := &cluster.HTTPClient{
Client: GetConsoleSTSClient(),
}
// validate license key
licenseInfo, license, err := subscriptionValidate(client, params.License, params.Email, params.Password)
if err != nil {
return nil, prepareError(errInvalidLicense, nil, err)
}
// configure kubernetes client
clientSet, err := cluster.K8sClient(session.STSSessionToken)
k8sClient := k8sClient{
client: clientSet,
}
if err != nil {
return nil, prepareError(errorGeneric, nil, err)
}
// save license key to k8s
if err = saveSubscriptionLicense(ctx, &k8sClient, license); err != nil {
return nil, prepareError(errorGeneric, nil, err)
}
return licenseInfo, nil
}
// getSubscriptionLicense will retrieve stored license jwt from k8s secret
func getSubscriptionLicense(ctx context.Context, clientSet K8sClientI, namespace, secretName string) (string, error) {
// retrieve license stored in k8s
licenseSecret, err := clientSet.getSecret(ctx, namespace, secretName, metav1.GetOptions{})
if err != nil {
return "", err
}
license, ok := licenseSecret.Data[ConsoleSubnetLicense]
if !ok {
log.Println("subnet secret doesn't contain jwt license")
return "", errorGeneric
}
return string(license), nil
}
// getSubscriptionInfoResponse returns information about the current configured subnet license for Console
func getSubscriptionInfoResponse(session *models.Principal) (*models.License, *models.Error) {
// 20 seconds timeout
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
defer cancel()
var licenseInfo *models.License
var license string
client := &cluster.HTTPClient{
Client: GetConsoleSTSClient(),
}
// If Console is running in operator mode retrieve License stored in K8s secrets
if acl.GetOperatorMode() {
// configure kubernetes client
clientSet, err := cluster.K8sClient(session.STSSessionToken)
if err != nil {
return nil, prepareError(errInvalidLicense, nil, err)
}
k8sClient := k8sClient{
client: clientSet,
}
// Get cluster subscription license
license, err = getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName)
if err != nil {
return nil, prepareError(errLicenseNotFound, nil, err)
}
} else {
// If Console is running in Tenant Admin mode retrieve license from env variable
license = GetSubnetLicense()
}
// validate license key and obtain license info
licenseInfo, _, err := subscriptionValidate(client, license, "", "")
if err != nil {
return nil, prepareError(errLicenseNotFound, nil, err)
}
return licenseInfo, nil
}

345
restapi/admin_subscription_test.go Normal file
View File

@@ -0,0 +1,345 @@
// This file is part of MinIO Kubernetes Cloud
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package restapi
import (
"context"
"testing"
"errors"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
func Test_addSubscriptionLicenseToTenant(t *testing.T) {
k8sClient := k8sClientMock{}
type args struct {
ctx context.Context
clientSet K8sClientI
license string
namespace string
tenantName string
secretName string
}
tests := []struct {
name string
args args
wantErr bool
mockFunc func()
}{
{
name: "error because subnet license doesnt exists",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "",
namespace: "",
tenantName: "",
secretName: "subnet-license",
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
return nil, errors.New("something went wrong")
}
},
},
{
name: "error because existing license could not be deleted",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "",
namespace: "",
tenantName: "",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte("eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJsZW5pbitjMUBtaW5pby5pbyIsInRlYW1OYW1lIjoiY29uc29sZS1jdXN0b21lciIsImV4cCI6MS42Mzk5NTI2MTE2MDkxNDQ3MzJlOSwiaXNzIjoic3VibmV0QG1pbmlvLmlvIiwiY2FwYWNpdHkiOjI1LCJpYXQiOjEuNjA4NDE2NjExNjA5MTQ0NzMyZTksImFjY291bnRJZCI6MTc2LCJzZXJ2aWNlVHlwZSI6IlNUQU5EQVJEIn0.ndtf8V_FJTvhXeemVLlORyDev6RJaSPhZ2djkMVK9SvXD0srR_qlYJATPjC4NljkS71nXMGVDov5uCTuUL97x6FGQEKDruA-z24x_2Zr8kof4LfBb3HUHudCR8QvE--I"),
},
}, nil
}
DeleteSecretMock = func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
return errors.New("something went wrong")
}
},
},
{
name: "error because unable to create new subnet license",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "",
namespace: "",
tenantName: "",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte("eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJsZW5pbitjMUBtaW5pby5pbyIsInRlYW1OYW1lIjoiY29uc29sZS1jdXN0b21lciIsImV4cCI6MS42Mzk5NTI2MTE2MDkxNDQ3MzJlOSwiaXNzIjoic3VibmV0QG1pbmlvLmlvIiwiY2FwYWNpdHkiOjI1LCJpYXQiOjEuNjA4NDE2NjExNjA5MTQ0NzMyZTksImFjY291bnRJZCI6MTc2LCJzZXJ2aWNlVHlwZSI6IlNUQU5EQVJEIn0.ndtf8V_FJTvhXeemVLlORyDev6RJaSPhZ2djkMVK9SvXD0srR_qlYJATPjC4NljkS71nXMGVDov5uCTuUL97x6FGQEKDruA-z24x_2Zr8kof4LfBb3HUHudCR8QvE--I"),
},
}, nil
}
DeleteSecretMock = func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
return nil
}
CreateSecretMock = func(ctx context.Context, namespace string, secret *corev1.Secret, opts metav1.CreateOptions) (*corev1.Secret, error) {
return nil, errors.New("something went wrong")
}
},
},
{
name: "error because unable to delete pod collection",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "",
namespace: "",
tenantName: "",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte("eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJsZW5pbitjMUBtaW5pby5pbyIsInRlYW1OYW1lIjoiY29uc29sZS1jdXN0b21lciIsImV4cCI6MS42Mzk5NTI2MTE2MDkxNDQ3MzJlOSwiaXNzIjoic3VibmV0QG1pbmlvLmlvIiwiY2FwYWNpdHkiOjI1LCJpYXQiOjEuNjA4NDE2NjExNjA5MTQ0NzMyZTksImFjY291bnRJZCI6MTc2LCJzZXJ2aWNlVHlwZSI6IlNUQU5EQVJEIn0.ndtf8V_FJTvhXeemVLlORyDev6RJaSPhZ2djkMVK9SvXD0srR_qlYJATPjC4NljkS71nXMGVDov5uCTuUL97x6FGQEKDruA-z24x_2Zr8kof4LfBb3HUHudCR8QvE--I"),
},
}, nil
}
DeleteSecretMock = func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
return nil
}
CreateSecretMock = func(ctx context.Context, namespace string, secret *corev1.Secret, opts metav1.CreateOptions) (*corev1.Secret, error) {
return nil, nil
}
DeletePodCollectionMock = func(ctx context.Context, namespace string, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
return errors.New("something went wrong")
}
},
},
{
name: "subscription updated successfully",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "",
namespace: "",
tenantName: "",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: false,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte("eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJsZW5pbitjMUBtaW5pby5pbyIsInRlYW1OYW1lIjoiY29uc29sZS1jdXN0b21lciIsImV4cCI6MS42Mzk5NTI2MTE2MDkxNDQ3MzJlOSwiaXNzIjoic3VibmV0QG1pbmlvLmlvIiwiY2FwYWNpdHkiOjI1LCJpYXQiOjEuNjA4NDE2NjExNjA5MTQ0NzMyZTksImFjY291bnRJZCI6MTc2LCJzZXJ2aWNlVHlwZSI6IlNUQU5EQVJEIn0.ndtf8V_FJTvhXeemVLlORyDev6RJaSPhZ2djkMVK9SvXD0srR_qlYJATPjC4NljkS71nXMGVDov5uCTuUL97x6FGQEKDruA-z24x_2Zr8kof4LfBb3HUHudCR8QvE--I"),
},
}, nil
}
DeleteSecretMock = func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
return nil
}
CreateSecretMock = func(ctx context.Context, namespace string, secret *corev1.Secret, opts metav1.CreateOptions) (*corev1.Secret, error) {
return nil, nil
}
DeletePodCollectionMock = func(ctx context.Context, namespace string, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
return nil
}
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if tt.mockFunc != nil {
tt.mockFunc()
}
if err := addSubscriptionLicenseToTenant(tt.args.ctx, tt.args.clientSet, tt.args.license, tt.args.namespace, tt.args.tenantName, tt.args.secretName); (err != nil) != tt.wantErr {
t.Errorf("addSubscriptionLicenseToTenant() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func Test_saveSubscriptionLicense(t *testing.T) {
k8sClient := k8sClientMock{}
type args struct {
ctx context.Context
clientSet K8sClientI
license string
}
tests := []struct {
name string
args args
wantErr bool
mockFunc func()
}{
{
name: "error deleting existing secret",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
license: "1111111111",
},
mockFunc: func() {
DeleteSecretMock = func(ctx context.Context, namespace string, name string, opts metav1.DeleteOptions) error {
return nil
}
CreateSecretMock = func(ctx context.Context, namespace string, secret *corev1.Secret, opts metav1.CreateOptions) (*corev1.Secret, error) {
return nil, errors.New("something went wrong")
}
},
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if tt.mockFunc != nil {
tt.mockFunc()
}
if err := saveSubscriptionLicense(tt.args.ctx, tt.args.clientSet, tt.args.license); (err != nil) != tt.wantErr {
t.Errorf("saveSubscriptionLicense() error = %v, wantErr %v", err, tt.wantErr)
}
})
}
}
func Test_getSubscriptionLicense(t *testing.T) {
license := "eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJsZW5pbitjMUBtaW5pby5pbyIsInRlYW1OYW1lIjoiY29uc29sZS1jdXN0b21lciIsImV4cCI6MS42Mzk5NTI2MTE2MDkxNDQ3MzJlOSwiaXNzIjoic3VibmV0QG1pbmlvLmlvIiwiY2FwYWNpdHkiOjI1LCJpYXQiOjEuNjA4NDE2NjExNjA5MTQ0NzMyZTksImFjY291bnRJZCI6MTc2LCJzZXJ2aWNlVHlwZSI6IlNUQU5EQVJEIn0.ndtf8V_FJTvhXeemVLlORyDev6RJaSPhZ2djkMVK9SvXD0srR_qlYJATPjC4NljkS71nXMGVDov5uCTuUL97x6FGQEKDruA-z24x_2Zr8kof4LfBb3HUHudCR8QvE--I"
k8sClient := k8sClientMock{}
type args struct {
ctx context.Context
clientSet K8sClientI
namespace string
secretName string
}
tests := []struct {
name string
args args
want string
wantErr bool
mockFunc func()
}{
{
name: "error because subscription license doesnt exists",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
namespace: "namespace",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
return nil, errors.New("something went wrong")
}
},
},
{
name: "error because license field doesnt exist in k8s secret",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
namespace: "namespace",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: true,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
//ConsoleSubnetLicense: []byte(license),
},
}, nil
}
},
},
{
name: "license obtained successfully",
args: args{
ctx: context.Background(),
clientSet: k8sClient,
namespace: "namespace",
secretName: OperatorSubnetLicenseSecretName,
},
wantErr: false,
want: license,
mockFunc: func() {
k8sclientGetSecretMock = func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
imm := true
return &corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: OperatorSubnetLicenseSecretName,
},
Immutable: &imm,
Data: map[string][]byte{
ConsoleSubnetLicense: []byte(license),
},
}, nil
}
},
},
}
for _, tt := range tests {
if tt.mockFunc != nil {
tt.mockFunc()
}
t.Run(tt.name, func(t *testing.T) {
got, err := getSubscriptionLicense(tt.args.ctx, tt.args.clientSet, tt.args.namespace, tt.args.secretName)
if (err != nil) != tt.wantErr {
t.Errorf("getSubscriptionLicense() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("getSubscriptionLicense() got = %v, want %v", got, tt.want)
}
})
}
}

48
restapi/admin_tenants.go
View File

@@ -335,7 +335,6 @@ func getTenantInfoResponse(session *models.Principal, params admin_api.TenantInf
// 5 seconds timeout
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
opClientClientSet, err := cluster.OperatorClient(session.STSSessionToken)
if err != nil {
return nil, prepareError(err)
@@ -351,6 +350,29 @@ func getTenantInfoResponse(session *models.Principal, params admin_api.TenantInf
}
info := getTenantInfo(minTenant)
if minTenant.Spec.Console != nil {
clientSet, err := cluster.K8sClient(session.STSSessionToken)
k8sClient := k8sClient{
client: clientSet,
}
if err != nil {
return nil, prepareError(err)
}
// obtain current subnet license for tenant (if exists)
license, _ := getSubscriptionLicense(context.Background(), &k8sClient, params.Namespace, minTenant.Spec.Console.ConsoleSecret.Name)
if license != "" {
client := &cluster.HTTPClient{
Client: GetConsoleSTSClient(),
}
licenseInfo, _, _ := subscriptionValidate(client, license, "", "")
// if licenseInfo is present attach it to the tenantInfo response
if licenseInfo != nil {
info.SubnetLicense = licenseInfo
}
}
}
return info, nil
}
@@ -511,13 +533,13 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
}
}()
var envrionmentVariables []corev1.EnvVar
var environmentVariables []corev1.EnvVar
// Check the Erasure Coding Parity for validity and pass it to Tenant
if tenantReq.ErasureCodingParity > 0 {
if tenantReq.ErasureCodingParity < 2 || tenantReq.ErasureCodingParity > 8 {
return nil, prepareError(errorInvalidErasureCodingValue)
}
envrionmentVariables = append(envrionmentVariables, corev1.EnvVar{
environmentVariables = append(environmentVariables, corev1.EnvVar{
Name: "MINIO_STORAGE_CLASS_STANDARD",
Value: fmt.Sprintf("EC:%d", tenantReq.ErasureCodingParity),
})
@@ -535,7 +557,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
CredsSecret: &corev1.LocalObjectReference{
Name: secretName,
},
Env: envrionmentVariables,
Env: environmentVariables,
},
}
idpEnabled := false
@@ -653,6 +675,19 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
consoleSecretName := fmt.Sprintf("%s-secret", consoleSelector)
consoleAccess = RandomCharString(16)
consoleSecret = RandomCharString(32)
consoleSecretData := map[string][]byte{
"CONSOLE_PBKDF_PASSPHRASE": []byte(RandomCharString(16)),
"CONSOLE_PBKDF_SALT": []byte(RandomCharString(8)),
"CONSOLE_ACCESS_KEY": []byte(consoleAccess),
"CONSOLE_SECRET_KEY": []byte(consoleSecret),
}
// If Subnet License is present in k8s secrets, copy that to the CONSOLE_SUBNET_LICENSE env variable
// of the console tenant
license, _ := getSubscriptionLicense(ctx, &k8sClient, cluster.Namespace, OperatorSubnetLicenseSecretName)
if license != "" {
consoleSecretData[ConsoleSubnetLicense] = []byte(license)
}
imm := true
instanceSecret := corev1.Secret{
ObjectMeta: metav1.ObjectMeta{
@@ -662,10 +697,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
},
},
Immutable: &imm,
Data: map[string][]byte{
"CONSOLE_PBKDF_PASSPHRASE": []byte(RandomCharString(16)),
"CONSOLE_PBKDF_SALT": []byte(RandomCharString(8)),
},
Data: consoleSecretData,
}
minInst.Spec.Console = &operator.ConsoleConfiguration{

13
restapi/admin_tenants_test.go
View File

@@ -21,6 +21,7 @@ import (
"context"
"encoding/json"
"errors"
"io"
"io/ioutil"
"net/http"
"reflect"
@@ -47,6 +48,8 @@ var opClientTenantGetMock func(ctx context.Context, namespace string, tenantName
var opClientTenantPatchMock func(ctx context.Context, namespace string, tenantName string, pt types.PatchType, data []byte, options metav1.PatchOptions) (*v1.Tenant, error)
var opClientTenantListMock func(ctx context.Context, namespace string, opts metav1.ListOptions) (*v1.TenantList, error)
var httpClientGetMock func(url string) (resp *http.Response, err error)
var httpClientPostMock func(url, contentType string, body io.Reader) (resp *http.Response, err error)
var httpClientDoMock func(req *http.Request) (*http.Response, error)
var k8sclientGetSecretMock func(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error)
var k8sclientGetServiceMock func(ctx context.Context, namespace, serviceName string, opts metav1.GetOptions) (*corev1.Service, error)
@@ -75,6 +78,16 @@ func (h httpClientMock) Get(url string) (resp *http.Response, err error) {
return httpClientGetMock(url)
}
// mock function of post()
func (h httpClientMock) Post(url, contentType string, body io.Reader) (resp *http.Response, err error) {
return httpClientPostMock(url, contentType, body)
}
// mock function of Do()
func (h httpClientMock) Do(req *http.Request) (*http.Response, error) {
return httpClientDoMock(req)
}
func (c k8sClientMock) getSecret(ctx context.Context, namespace, secretName string, opts metav1.GetOptions) (*corev1.Secret, error) {
return k8sclientGetSecretMock(ctx, namespace, secretName, opts)
}

5
restapi/config.go
View File

@@ -220,6 +220,11 @@ func getSecureExpectCTHeader() string {
return env.Get(ConsoleSecureExpectCTHeader, "")
}
// GetSubnetLicense returns the current subnet jwt license
func GetSubnetLicense() string {
return env.Get(ConsoleSubnetLicense, "")
}
var (
// GlobalRootCAs is CA root certificates, a nil value means system certs pool will be used
GlobalRootCAs *x509.CertPool

2
restapi/configure_console.go
View File

@@ -121,6 +121,8 @@ func configureAPI(api *operations.ConsoleAPI) http.Handler {
registerServiceAccountsHandlers(api)
// Register admin remote buckets
registerAdminBucketRemoteHandlers(api)
// Register admin subscription handlers
registerSubscriptionHandlers(api)
// Operator Console
// Register tenant handlers

7
restapi/consts.go
View File

@@ -26,6 +26,7 @@ const (
ConsolePort = "CONSOLE_PORT"
ConsoleTLSHostname = "CONSOLE_TLS_HOSTNAME"
ConsoleTLSPort = "CONSOLE_TLS_PORT"
ConsoleSubnetLicense = "CONSOLE_SUBNET_LICENSE"
// Constants for Secure middleware
ConsoleSecureAllowedHosts = "CONSOLE_SECURE_ALLOWED_HOSTS"
@@ -59,3 +60,9 @@ const (
KESImageVersion = "minio/kes:v0.12.1"
ConsoleImageVersion = "minio/console:v0.4.6"
)
// K8s
const (
OperatorSubnetLicenseSecretName = "subnet-license"
)

266
restapi/embedded_spec.go
View File

@@ -2631,6 +2631,96 @@ func init() {
}
}
},
"/subscription/info": {
"get": {
"tags": [
"AdminAPI"
],
"summary": "Subscription info",
"operationId": "SubscriptionInfo",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/license"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/subscription/namespaces/{namespace}/tenants/{tenant}/activate": {
"post": {
"tags": [
"AdminAPI"
],
"summary": "Activate a particular tenant using the existing subscription license",
"operationId": "SubscriptionActivate",
"parameters": [
{
"type": "string",
"name": "namespace",
"in": "path",
"required": true
},
{
"type": "string",
"name": "tenant",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/subscription/validate": {
"post": {
"tags": [
"AdminAPI"
],
"summary": "Validate a provided subscription license",
"operationId": "SubscriptionValidate",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/subscriptionValidateRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/license"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/tenants": {
"get": {
"tags": [
@@ -3726,6 +3816,29 @@ func init() {
}
}
},
"license": {
"type": "object",
"properties": {
"account_id": {
"type": "integer"
},
"email": {
"type": "string"
},
"expires_at": {
"type": "string"
},
"organization": {
"type": "string"
},
"plan": {
"type": "string"
},
"storage_capacity": {
"type": "integer"
}
}
},
"listBucketEventsResponse": {
"type": "object",
"properties": {
@@ -4754,6 +4867,9 @@ func init() {
"sessionResponse": {
"type": "object",
"properties": {
"operator": {
"type": "boolean"
},
"pages": {
"type": "array",
"items": {
@@ -4923,6 +5039,20 @@ func init() {
}
}
},
"subscriptionValidateRequest": {
"type": "object",
"properties": {
"email": {
"type": "string"
},
"license": {
"type": "string"
},
"password": {
"type": "string"
}
}
},
"tenant": {
"type": "object",
"properties": {
@@ -4956,6 +5086,9 @@ func init() {
"$ref": "#/definitions/pool"
}
},
"subnet_license": {
"$ref": "#/definitions/license"
},
"total_size": {
"type": "integer",
"format": "int64"
@@ -7792,6 +7925,96 @@ func init() {
}
}
},
"/subscription/info": {
"get": {
"tags": [
"AdminAPI"
],
"summary": "Subscription info",
"operationId": "SubscriptionInfo",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/license"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/subscription/namespaces/{namespace}/tenants/{tenant}/activate": {
"post": {
"tags": [
"AdminAPI"
],
"summary": "Activate a particular tenant using the existing subscription license",
"operationId": "SubscriptionActivate",
"parameters": [
{
"type": "string",
"name": "namespace",
"in": "path",
"required": true
},
{
"type": "string",
"name": "tenant",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "A successful response."
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/subscription/validate": {
"post": {
"tags": [
"AdminAPI"
],
"summary": "Validate a provided subscription license",
"operationId": "SubscriptionValidate",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/subscriptionValidateRequest"
}
}
],
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/license"
}
},
"default": {
"description": "Generic error response.",
"schema": {
"$ref": "#/definitions/error"
}
}
}
}
},
"/tenants": {
"get": {
"tags": [
@@ -9410,6 +9633,29 @@ func init() {
}
}
},
"license": {
"type": "object",
"properties": {
"account_id": {
"type": "integer"
},
"email": {
"type": "string"
},
"expires_at": {
"type": "string"
},
"organization": {
"type": "string"
},
"plan": {
"type": "string"
},
"storage_capacity": {
"type": "integer"
}
}
},
"listBucketEventsResponse": {
"type": "object",
"properties": {
@@ -10303,6 +10549,9 @@ func init() {
"sessionResponse": {
"type": "object",
"properties": {
"operator": {
"type": "boolean"
},
"pages": {
"type": "array",
"items": {
@@ -10472,6 +10721,20 @@ func init() {
}
}
},
"subscriptionValidateRequest": {
"type": "object",
"properties": {
"email": {
"type": "string"
},
"license": {
"type": "string"
},
"password": {
"type": "string"
}
}
},
"tenant": {
"type": "object",
"properties": {
@@ -10505,6 +10768,9 @@ func init() {
"$ref": "#/definitions/pool"
}
},
"subnet_license": {
"$ref": "#/definitions/license"
},
"total_size": {
"type": "integer",
"format": "int64"

10
restapi/error.go
View File

@@ -32,6 +32,8 @@ var (
errInvalidEncryptionAlgorithm = errors.New("error invalid encryption algorithm")
errSSENotConfigured = errors.New("error server side encryption configuration was not found")
errChangePassword = errors.New("unable to update password, please check your current password")
errInvalidLicense = errors.New("invalid license key")
errLicenseNotFound = errors.New("license not found")
)
// prepareError receives an error object and parse it against k8sErrors, returns the right error code paired with a generic error message
@@ -95,6 +97,14 @@ func prepareError(err ...error) *models.Error {
errorCode = 403
errorMessage = errChangePassword.Error()
}
if errors.Is(err[0], errLicenseNotFound) {
errorCode = 404
errorMessage = errLicenseNotFound.Error()
}
if errors.Is(err[0], errInvalidLicense) {
errorCode = 404
errorMessage = errInvalidLicense.Error()
}
if madmin.ToErrorResponse(err[0]).Code == "InvalidAccessKeyId" {
errorCode = 401
errorMessage = errorGenericInvalidSession.Error()

90
restapi/operations/admin_api/subscription_activate.go Normal file
View File

@@ -0,0 +1,90 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// SubscriptionActivateHandlerFunc turns a function with the right signature into a subscription activate handler
type SubscriptionActivateHandlerFunc func(SubscriptionActivateParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn SubscriptionActivateHandlerFunc) Handle(params SubscriptionActivateParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// SubscriptionActivateHandler interface for that can handle valid subscription activate params
type SubscriptionActivateHandler interface {
Handle(SubscriptionActivateParams, *models.Principal) middleware.Responder
}
// NewSubscriptionActivate creates a new http.Handler for the subscription activate operation
func NewSubscriptionActivate(ctx *middleware.Context, handler SubscriptionActivateHandler) *SubscriptionActivate {
return &SubscriptionActivate{Context: ctx, Handler: handler}
}
/*SubscriptionActivate swagger:route POST /subscription/namespaces/{namespace}/tenants/{tenant}/activate AdminAPI subscriptionActivate
Activate a particular tenant using the existing subscription license
*/
type SubscriptionActivate struct {
Context *middleware.Context
Handler SubscriptionActivateHandler
}
func (o *SubscriptionActivate) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
r = rCtx
}
var Params = NewSubscriptionActivateParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
r = aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

114
restapi/operations/admin_api/subscription_activate_parameters.go Normal file
View File

@@ -0,0 +1,114 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
"github.com/go-openapi/strfmt"
)
// NewSubscriptionActivateParams creates a new SubscriptionActivateParams object
// no default values defined in spec.
func NewSubscriptionActivateParams() SubscriptionActivateParams {
return SubscriptionActivateParams{}
}
// SubscriptionActivateParams contains all the bound params for the subscription activate operation
// typically these are obtained from a http.Request
//
// swagger:parameters SubscriptionActivate
type SubscriptionActivateParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: path
*/
Namespace string
/*
Required: true
In: path
*/
Tenant string
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewSubscriptionActivateParams() beforehand.
func (o *SubscriptionActivateParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
rNamespace, rhkNamespace, _ := route.Params.GetOK("namespace")
if err := o.bindNamespace(rNamespace, rhkNamespace, route.Formats); err != nil {
res = append(res, err)
}
rTenant, rhkTenant, _ := route.Params.GetOK("tenant")
if err := o.bindTenant(rTenant, rhkTenant, route.Formats); err != nil {
res = append(res, err)
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}
// bindNamespace binds and validates parameter Namespace from path.
func (o *SubscriptionActivateParams) bindNamespace(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// Parameter is provided by construction from the route
o.Namespace = raw
return nil
}
// bindTenant binds and validates parameter Tenant from path.
func (o *SubscriptionActivateParams) bindTenant(rawData []string, hasKey bool, formats strfmt.Registry) error {
var raw string
if len(rawData) > 0 {
raw = rawData[len(rawData)-1]
}
// Required: true
// Parameter is provided by construction from the route
o.Tenant = raw
return nil
}

113
restapi/operations/admin_api/subscription_activate_responses.go Normal file
View File

@@ -0,0 +1,113 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// SubscriptionActivateNoContentCode is the HTTP code returned for type SubscriptionActivateNoContent
const SubscriptionActivateNoContentCode int = 204
/*SubscriptionActivateNoContent A successful response.
swagger:response subscriptionActivateNoContent
*/
type SubscriptionActivateNoContent struct {
}
// NewSubscriptionActivateNoContent creates SubscriptionActivateNoContent with default headers values
func NewSubscriptionActivateNoContent() *SubscriptionActivateNoContent {
return &SubscriptionActivateNoContent{}
}
// WriteResponse to the client
func (o *SubscriptionActivateNoContent) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
rw.WriteHeader(204)
}
/*SubscriptionActivateDefault Generic error response.
swagger:response subscriptionActivateDefault
*/
type SubscriptionActivateDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewSubscriptionActivateDefault creates SubscriptionActivateDefault with default headers values
func NewSubscriptionActivateDefault(code int) *SubscriptionActivateDefault {
if code <= 0 {
code = 500
}
return &SubscriptionActivateDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the subscription activate default response
func (o *SubscriptionActivateDefault) WithStatusCode(code int) *SubscriptionActivateDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the subscription activate default response
func (o *SubscriptionActivateDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the subscription activate default response
func (o *SubscriptionActivateDefault) WithPayload(payload *models.Error) *SubscriptionActivateDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the subscription activate default response
func (o *SubscriptionActivateDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SubscriptionActivateDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

124
restapi/operations/admin_api/subscription_activate_urlbuilder.go Normal file
View File

@@ -0,0 +1,124 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
"strings"
)
// SubscriptionActivateURL generates an URL for the subscription activate operation
type SubscriptionActivateURL struct {
Namespace string
Tenant string
_basePath string
// avoid unkeyed usage
_ struct{}
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionActivateURL) WithBasePath(bp string) *SubscriptionActivateURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionActivateURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *SubscriptionActivateURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/subscription/namespaces/{namespace}/tenants/{tenant}/activate"
namespace := o.Namespace
if namespace != "" {
_path = strings.Replace(_path, "{namespace}", namespace, -1)
} else {
return nil, errors.New("namespace is required on SubscriptionActivateURL")
}
tenant := o.Tenant
if tenant != "" {
_path = strings.Replace(_path, "{tenant}", tenant, -1)
} else {
return nil, errors.New("tenant is required on SubscriptionActivateURL")
}
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *SubscriptionActivateURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *SubscriptionActivateURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *SubscriptionActivateURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on SubscriptionActivateURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on SubscriptionActivateURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *SubscriptionActivateURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

90
restapi/operations/admin_api/subscription_info.go Normal file
View File

@@ -0,0 +1,90 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// SubscriptionInfoHandlerFunc turns a function with the right signature into a subscription info handler
type SubscriptionInfoHandlerFunc func(SubscriptionInfoParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn SubscriptionInfoHandlerFunc) Handle(params SubscriptionInfoParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// SubscriptionInfoHandler interface for that can handle valid subscription info params
type SubscriptionInfoHandler interface {
Handle(SubscriptionInfoParams, *models.Principal) middleware.Responder
}
// NewSubscriptionInfo creates a new http.Handler for the subscription info operation
func NewSubscriptionInfo(ctx *middleware.Context, handler SubscriptionInfoHandler) *SubscriptionInfo {
return &SubscriptionInfo{Context: ctx, Handler: handler}
}
/*SubscriptionInfo swagger:route GET /subscription/info AdminAPI subscriptionInfo
Subscription info
*/
type SubscriptionInfo struct {
Context *middleware.Context
Handler SubscriptionInfoHandler
}
func (o *SubscriptionInfo) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
r = rCtx
}
var Params = NewSubscriptionInfoParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
r = aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

62
restapi/operations/admin_api/subscription_info_parameters.go Normal file
View File

@@ -0,0 +1,62 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime/middleware"
)
// NewSubscriptionInfoParams creates a new SubscriptionInfoParams object
// no default values defined in spec.
func NewSubscriptionInfoParams() SubscriptionInfoParams {
return SubscriptionInfoParams{}
}
// SubscriptionInfoParams contains all the bound params for the subscription info operation
// typically these are obtained from a http.Request
//
// swagger:parameters SubscriptionInfo
type SubscriptionInfoParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewSubscriptionInfoParams() beforehand.
func (o *SubscriptionInfoParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

133
restapi/operations/admin_api/subscription_info_responses.go Normal file
View File

@@ -0,0 +1,133 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// SubscriptionInfoOKCode is the HTTP code returned for type SubscriptionInfoOK
const SubscriptionInfoOKCode int = 200
/*SubscriptionInfoOK A successful response.
swagger:response subscriptionInfoOK
*/
type SubscriptionInfoOK struct {
/*
In: Body
*/
Payload *models.License `json:"body,omitempty"`
}
// NewSubscriptionInfoOK creates SubscriptionInfoOK with default headers values
func NewSubscriptionInfoOK() *SubscriptionInfoOK {
return &SubscriptionInfoOK{}
}
// WithPayload adds the payload to the subscription info o k response
func (o *SubscriptionInfoOK) WithPayload(payload *models.License) *SubscriptionInfoOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the subscription info o k response
func (o *SubscriptionInfoOK) SetPayload(payload *models.License) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SubscriptionInfoOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*SubscriptionInfoDefault Generic error response.
swagger:response subscriptionInfoDefault
*/
type SubscriptionInfoDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewSubscriptionInfoDefault creates SubscriptionInfoDefault with default headers values
func NewSubscriptionInfoDefault(code int) *SubscriptionInfoDefault {
if code <= 0 {
code = 500
}
return &SubscriptionInfoDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the subscription info default response
func (o *SubscriptionInfoDefault) WithStatusCode(code int) *SubscriptionInfoDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the subscription info default response
func (o *SubscriptionInfoDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the subscription info default response
func (o *SubscriptionInfoDefault) WithPayload(payload *models.Error) *SubscriptionInfoDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the subscription info default response
func (o *SubscriptionInfoDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SubscriptionInfoDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/admin_api/subscription_info_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// SubscriptionInfoURL generates an URL for the subscription info operation
type SubscriptionInfoURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionInfoURL) WithBasePath(bp string) *SubscriptionInfoURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionInfoURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *SubscriptionInfoURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/subscription/info"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *SubscriptionInfoURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *SubscriptionInfoURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *SubscriptionInfoURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on SubscriptionInfoURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on SubscriptionInfoURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *SubscriptionInfoURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

90
restapi/operations/admin_api/subscription_validate.go Normal file
View File

@@ -0,0 +1,90 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"net/http"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// SubscriptionValidateHandlerFunc turns a function with the right signature into a subscription validate handler
type SubscriptionValidateHandlerFunc func(SubscriptionValidateParams, *models.Principal) middleware.Responder
// Handle executing the request and returning a response
func (fn SubscriptionValidateHandlerFunc) Handle(params SubscriptionValidateParams, principal *models.Principal) middleware.Responder {
return fn(params, principal)
}
// SubscriptionValidateHandler interface for that can handle valid subscription validate params
type SubscriptionValidateHandler interface {
Handle(SubscriptionValidateParams, *models.Principal) middleware.Responder
}
// NewSubscriptionValidate creates a new http.Handler for the subscription validate operation
func NewSubscriptionValidate(ctx *middleware.Context, handler SubscriptionValidateHandler) *SubscriptionValidate {
return &SubscriptionValidate{Context: ctx, Handler: handler}
}
/*SubscriptionValidate swagger:route POST /subscription/validate AdminAPI subscriptionValidate
Validate a provided subscription license
*/
type SubscriptionValidate struct {
Context *middleware.Context
Handler SubscriptionValidateHandler
}
func (o *SubscriptionValidate) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
route, rCtx, _ := o.Context.RouteInfo(r)
if rCtx != nil {
r = rCtx
}
var Params = NewSubscriptionValidateParams()
uprinc, aCtx, err := o.Context.Authorize(r, route)
if err != nil {
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
if aCtx != nil {
r = aCtx
}
var principal *models.Principal
if uprinc != nil {
principal = uprinc.(*models.Principal) // this is really a models.Principal, I promise
}
if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
o.Context.Respond(rw, r, route.Produces, route, err)
return
}
res := o.Handler.Handle(Params, principal) // actually handle the request
o.Context.Respond(rw, r, route.Produces, route, res)
}

94
restapi/operations/admin_api/subscription_validate_parameters.go Normal file
View File

@@ -0,0 +1,94 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"io"
"net/http"
"github.com/go-openapi/errors"
"github.com/go-openapi/runtime"
"github.com/go-openapi/runtime/middleware"
"github.com/minio/console/models"
)
// NewSubscriptionValidateParams creates a new SubscriptionValidateParams object
// no default values defined in spec.
func NewSubscriptionValidateParams() SubscriptionValidateParams {
return SubscriptionValidateParams{}
}
// SubscriptionValidateParams contains all the bound params for the subscription validate operation
// typically these are obtained from a http.Request
//
// swagger:parameters SubscriptionValidate
type SubscriptionValidateParams struct {
// HTTP Request Object
HTTPRequest *http.Request `json:"-"`
/*
Required: true
In: body
*/
Body *models.SubscriptionValidateRequest
}
// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
// for simple values it will use straight method calls.
//
// To ensure default values, the struct must have been initialized with NewSubscriptionValidateParams() beforehand.
func (o *SubscriptionValidateParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
var res []error
o.HTTPRequest = r
if runtime.HasBody(r) {
defer r.Body.Close()
var body models.SubscriptionValidateRequest
if err := route.Consumer.Consume(r.Body, &body); err != nil {
if err == io.EOF {
res = append(res, errors.Required("body", "body", ""))
} else {
res = append(res, errors.NewParseError("body", "body", "", err))
}
} else {
// validate body object
if err := body.Validate(route.Formats); err != nil {
res = append(res, err)
}
if len(res) == 0 {
o.Body = &body
}
}
} else {
res = append(res, errors.Required("body", "body", ""))
}
if len(res) > 0 {
return errors.CompositeValidationError(res...)
}
return nil
}

133
restapi/operations/admin_api/subscription_validate_responses.go Normal file
View File

@@ -0,0 +1,133 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"net/http"
"github.com/go-openapi/runtime"
"github.com/minio/console/models"
)
// SubscriptionValidateOKCode is the HTTP code returned for type SubscriptionValidateOK
const SubscriptionValidateOKCode int = 200
/*SubscriptionValidateOK A successful response.
swagger:response subscriptionValidateOK
*/
type SubscriptionValidateOK struct {
/*
In: Body
*/
Payload *models.License `json:"body,omitempty"`
}
// NewSubscriptionValidateOK creates SubscriptionValidateOK with default headers values
func NewSubscriptionValidateOK() *SubscriptionValidateOK {
return &SubscriptionValidateOK{}
}
// WithPayload adds the payload to the subscription validate o k response
func (o *SubscriptionValidateOK) WithPayload(payload *models.License) *SubscriptionValidateOK {
o.Payload = payload
return o
}
// SetPayload sets the payload to the subscription validate o k response
func (o *SubscriptionValidateOK) SetPayload(payload *models.License) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SubscriptionValidateOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(200)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}
/*SubscriptionValidateDefault Generic error response.
swagger:response subscriptionValidateDefault
*/
type SubscriptionValidateDefault struct {
_statusCode int
/*
In: Body
*/
Payload *models.Error `json:"body,omitempty"`
}
// NewSubscriptionValidateDefault creates SubscriptionValidateDefault with default headers values
func NewSubscriptionValidateDefault(code int) *SubscriptionValidateDefault {
if code <= 0 {
code = 500
}
return &SubscriptionValidateDefault{
_statusCode: code,
}
}
// WithStatusCode adds the status to the subscription validate default response
func (o *SubscriptionValidateDefault) WithStatusCode(code int) *SubscriptionValidateDefault {
o._statusCode = code
return o
}
// SetStatusCode sets the status to the subscription validate default response
func (o *SubscriptionValidateDefault) SetStatusCode(code int) {
o._statusCode = code
}
// WithPayload adds the payload to the subscription validate default response
func (o *SubscriptionValidateDefault) WithPayload(payload *models.Error) *SubscriptionValidateDefault {
o.Payload = payload
return o
}
// SetPayload sets the payload to the subscription validate default response
func (o *SubscriptionValidateDefault) SetPayload(payload *models.Error) {
o.Payload = payload
}
// WriteResponse to the client
func (o *SubscriptionValidateDefault) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
rw.WriteHeader(o._statusCode)
if o.Payload != nil {
payload := o.Payload
if err := producer.Produce(rw, payload); err != nil {
panic(err) // let the recovery middleware deal with this
}
}
}

104
restapi/operations/admin_api/subscription_validate_urlbuilder.go Normal file
View File

@@ -0,0 +1,104 @@
// Code generated by go-swagger; DO NOT EDIT.
// This file is part of MinIO Console Server
// Copyright (c) 2020 MinIO, Inc.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
package admin_api
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the generate command
import (
"errors"
"net/url"
golangswaggerpaths "path"
)
// SubscriptionValidateURL generates an URL for the subscription validate operation
type SubscriptionValidateURL struct {
_basePath string
}
// WithBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionValidateURL) WithBasePath(bp string) *SubscriptionValidateURL {
o.SetBasePath(bp)
return o
}
// SetBasePath sets the base path for this url builder, only required when it's different from the
// base path specified in the swagger spec.
// When the value of the base path is an empty string
func (o *SubscriptionValidateURL) SetBasePath(bp string) {
o._basePath = bp
}
// Build a url path and query string
func (o *SubscriptionValidateURL) Build() (*url.URL, error) {
var _result url.URL
var _path = "/subscription/validate"
_basePath := o._basePath
if _basePath == "" {
_basePath = "/api/v1"
}
_result.Path = golangswaggerpaths.Join(_basePath, _path)
return &_result, nil
}
// Must is a helper function to panic when the url builder returns an error
func (o *SubscriptionValidateURL) Must(u *url.URL, err error) *url.URL {
if err != nil {
panic(err)
}
if u == nil {
panic("url can't be nil")
}
return u
}
// String returns the string representation of the path with query string
func (o *SubscriptionValidateURL) String() string {
return o.Must(o.Build()).String()
}
// BuildFull builds a full url with scheme, host, path and query string
func (o *SubscriptionValidateURL) BuildFull(scheme, host string) (*url.URL, error) {
if scheme == "" {
return nil, errors.New("scheme is required for a full url on SubscriptionValidateURL")
}
if host == "" {
return nil, errors.New("host is required for a full url on SubscriptionValidateURL")
}
base, err := o.Build()
if err != nil {
return nil, err
}
base.Scheme = scheme
base.Host = host
return base, nil
}
// StringFull returns the string representation of a complete url
func (o *SubscriptionValidateURL) StringFull(scheme, host string) string {
return o.Must(o.BuildFull(scheme, host)).String()
}

36
restapi/operations/console_api.go
View File

@@ -289,6 +289,15 @@ func NewConsoleAPI(spec *loads.Document) *ConsoleAPI {
UserAPIShareObjectHandler: user_api.ShareObjectHandlerFunc(func(params user_api.ShareObjectParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation user_api.ShareObject has not yet been implemented")
}),
AdminAPISubscriptionActivateHandler: admin_api.SubscriptionActivateHandlerFunc(func(params admin_api.SubscriptionActivateParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.SubscriptionActivate has not yet been implemented")
}),
AdminAPISubscriptionInfoHandler: admin_api.SubscriptionInfoHandlerFunc(func(params admin_api.SubscriptionInfoParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.SubscriptionInfo has not yet been implemented")
}),
AdminAPISubscriptionValidateHandler: admin_api.SubscriptionValidateHandlerFunc(func(params admin_api.SubscriptionValidateParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.SubscriptionValidate has not yet been implemented")
}),
AdminAPITenantAddPoolHandler: admin_api.TenantAddPoolHandlerFunc(func(params admin_api.TenantAddPoolParams, principal *models.Principal) middleware.Responder {
return middleware.NotImplemented("operation admin_api.TenantAddPool has not yet been implemented")
}),
@@ -518,6 +527,12 @@ type ConsoleAPI struct {
AdminAPISetPolicyMultipleHandler admin_api.SetPolicyMultipleHandler
// UserAPIShareObjectHandler sets the operation handler for the share object operation
UserAPIShareObjectHandler user_api.ShareObjectHandler
// AdminAPISubscriptionActivateHandler sets the operation handler for the subscription activate operation
AdminAPISubscriptionActivateHandler admin_api.SubscriptionActivateHandler
// AdminAPISubscriptionInfoHandler sets the operation handler for the subscription info operation
AdminAPISubscriptionInfoHandler admin_api.SubscriptionInfoHandler
// AdminAPISubscriptionValidateHandler sets the operation handler for the subscription validate operation
AdminAPISubscriptionValidateHandler admin_api.SubscriptionValidateHandler
// AdminAPITenantAddPoolHandler sets the operation handler for the tenant add pool operation
AdminAPITenantAddPoolHandler admin_api.TenantAddPoolHandler
// AdminAPITenantInfoHandler sets the operation handler for the tenant info operation
@@ -837,6 +852,15 @@ func (o *ConsoleAPI) Validate() error {
if o.UserAPIShareObjectHandler == nil {
unregistered = append(unregistered, "user_api.ShareObjectHandler")
}
if o.AdminAPISubscriptionActivateHandler == nil {
unregistered = append(unregistered, "admin_api.SubscriptionActivateHandler")
}
if o.AdminAPISubscriptionInfoHandler == nil {
unregistered = append(unregistered, "admin_api.SubscriptionInfoHandler")
}
if o.AdminAPISubscriptionValidateHandler == nil {
unregistered = append(unregistered, "admin_api.SubscriptionValidateHandler")
}
if o.AdminAPITenantAddPoolHandler == nil {
unregistered = append(unregistered, "admin_api.TenantAddPoolHandler")
}
@@ -1269,6 +1293,18 @@ func (o *ConsoleAPI) initHandlerCache() {
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/subscription/namespaces/{namespace}/tenants/{tenant}/activate"] = admin_api.NewSubscriptionActivate(o.context, o.AdminAPISubscriptionActivateHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)
}
o.handlers["GET"]["/subscription/info"] = admin_api.NewSubscriptionInfo(o.context, o.AdminAPISubscriptionInfoHandler)
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/subscription/validate"] = admin_api.NewSubscriptionValidate(o.context, o.AdminAPISubscriptionValidateHandler)
if o.handlers["POST"] == nil {
o.handlers["POST"] = make(map[string]http.Handler)
}
o.handlers["POST"]["/namespaces/{namespace}/tenants/{tenant}/pools"] = admin_api.NewTenantAddPool(o.context, o.AdminAPITenantAddPoolHandler)
if o.handlers["GET"] == nil {
o.handlers["GET"] = make(map[string]http.Handler)

5
restapi/user_session.go
View File

@@ -42,8 +42,9 @@ func getSessionResponse(session *models.Principal) (*models.SessionResponse, *mo
return nil, prepareError(errorGenericInvalidSession)
}
sessionResp := &models.SessionResponse{
Pages: acl.GetAuthorizedEndpoints(session.Actions),
Status: models.SessionResponseStatusOk,
Pages: acl.GetAuthorizedEndpoints(session.Actions),
Status: models.SessionResponseStatusOk,
Operator: acl.GetOperatorMode(),
}
return sessionResp, nil
}