mirror of
https://github.com/seaweedfs/seaweedfs.git
synced 2026-05-14 05:41:29 +00:00
74905c4b5d
* shell: s3.* commands output JSON, connection messages to stderr
All s3.user.* and s3.policy.attach|detach commands now output structured
JSON to stdout instead of human-readable text:
- s3.user.create: {"name","access_key"} (secret key to stderr only)
- s3.user.list: [{name,status,policies,keys}]
- s3.user.show: {name,status,source,account,policies,credentials,...}
- s3.user.delete: {"name"}
- s3.user.enable/disable: {"name","status"}
- s3.policy.attach/detach: {"policy","user"}
Connection startup messages (master/filer) moved to stderr so they
don't pollute structured output when piping.
Closes #8962 (partial — covers merged s3.user/policy commands).
* shell: fix secret leak, duplicate JSON output, and non-interactive prompt
- s3.user.create: only echo secret key to stderr when auto-generated,
never echo caller-supplied secrets
- s3.user.enable/disable: fix duplicate JSON output — remove inner
write in early-return path, keep single write site after gRPC call
- shell_liner: use bufio.Scanner when stdin is not a terminal instead
of liner.Prompt, suppressing the "> " prompt in piped mode
* shell: check scanner error, idempotent enable output, history errors to stderr
- Check scanner.Err() after non-interactive input loop to surface read errors
- s3.user.enable: always emit JSON regardless of current state (idempotent)
- saveHistory: write error messages to stderr instead of stdout
88 lines
2.0 KiB
Go
88 lines
2.0 KiB
Go
package shell
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"io"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/seaweedfs/seaweedfs/weed/pb"
|
|
"github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
|
|
"google.golang.org/grpc"
|
|
)
|
|
|
|
func init() {
|
|
Commands = append(Commands, &commandS3UserList{})
|
|
}
|
|
|
|
type commandS3UserList struct {
|
|
}
|
|
|
|
func (c *commandS3UserList) Name() string {
|
|
return "s3.user.list"
|
|
}
|
|
|
|
func (c *commandS3UserList) Help() string {
|
|
return `list S3 IAM users
|
|
|
|
s3.user.list
|
|
|
|
Output: JSON array of users with status, policies, and credential count.
|
|
`
|
|
}
|
|
|
|
func (c *commandS3UserList) HasTag(CommandTag) bool {
|
|
return false
|
|
}
|
|
|
|
type s3UserListEntry struct {
|
|
Name string `json:"name"`
|
|
Status string `json:"status"`
|
|
Policies []string `json:"policies"`
|
|
Keys int `json:"keys"`
|
|
}
|
|
|
|
func (c *commandS3UserList) Do(args []string, commandEnv *CommandEnv, writer io.Writer) error {
|
|
return pb.WithGrpcClient(false, 0, func(conn *grpc.ClientConn) error {
|
|
client := iam_pb.NewSeaweedIdentityAccessManagementClient(conn)
|
|
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
|
defer cancel()
|
|
|
|
resp, err := client.GetConfiguration(ctx, &iam_pb.GetConfigurationRequest{})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
var result []s3UserListEntry
|
|
for _, id := range resp.Configuration.GetIdentities() {
|
|
status := "enabled"
|
|
if id.Disabled {
|
|
status = "disabled"
|
|
}
|
|
policies := id.PolicyNames
|
|
if policies == nil {
|
|
policies = []string{}
|
|
}
|
|
result = append(result, s3UserListEntry{
|
|
Name: id.Name,
|
|
Status: status,
|
|
Policies: policies,
|
|
Keys: len(id.Credentials),
|
|
})
|
|
}
|
|
if result == nil {
|
|
result = []s3UserListEntry{}
|
|
}
|
|
return json.NewEncoder(writer).Encode(result)
|
|
}, commandEnv.option.FilerAddress.ToGrpcAddress(), false, commandEnv.option.GrpcDialOption)
|
|
}
|
|
|
|
// joinMax joins up to max strings with ", " and appends "..." if truncated.
|
|
func joinMax(items []string, max int) string {
|
|
if len(items) <= max {
|
|
return strings.Join(items, ", ")
|
|
}
|
|
return strings.Join(items[:max], ", ") + "..."
|
|
}
|