mirrors/seaweedfs
1
0
Fork 0
mirror of https://github.com/seaweedfs/seaweedfs.git synced 2026-05-21 09:11:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
87fdea5330835adb2ee200096cfb4ce9511fa1dc
seaweedfs/weed/shell/command_s3_user_delete.go
Chris Lu 37e6263efe fix(shell): attach admin JWT for filer IAM gRPC calls (#9536) 
When jwt.filer_signing.key is set, the filer's IamGrpcServer requires
a Bearer token on every IAM RPC. The shell's s3.* IAM commands dialed
without that header and failed with Unauthenticated. Route them through
a small helper that mints a token from the same key viper-loaded from
security.toml and appends it as outgoing metadata, matching the credential
grpc_store pattern.
2026-05-18 13:42:32 -07:00

56 lines
1.1 KiB
Go
Raw Blame History

package shell
import (
"context"
"encoding/json"
"flag"
"fmt"
"io"
"github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
)
func init() {
Commands = append(Commands, &commandS3UserDelete{})
}
type commandS3UserDelete struct {
}
func (c *commandS3UserDelete) Name() string {
return "s3.user.delete"
}
func (c *commandS3UserDelete) Help() string {
return `delete an S3 IAM user
s3.user.delete -name <username>
`
}
func (c *commandS3UserDelete) HasTag(CommandTag) bool {
return false
}
func (c *commandS3UserDelete) Do(args []string, commandEnv *CommandEnv, writer io.Writer) error {
f := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
name := f.String("name", "", "user name")
if err := f.Parse(args); err != nil {
return err
}
if *name == "" {
return fmt.Errorf("-name is required")
}
err := commandEnv.withIamClient(func(ctx context.Context, client iam_pb.SeaweedIdentityAccessManagementClient) error {
_, err := client.DeleteUser(ctx, &iam_pb.DeleteUserRequest{Username: *name})
return err
})
if err != nil {
return err
}
return json.NewEncoder(writer).Encode(map[string]string{"name": *name})
}
Reference in New Issue View Git Blame Copy Permalink