feat: Changed admin api http methods, some cleanup in admin cli commands, bug fix in delete user IAM service

2026-01-05 11:24:52 +00:00 · 2023-07-06 21:21:20 +04:00
parent db484eb900
commit fbafc6b34c
6 changed files with 26 additions and 25 deletions
--- a/auth/iam_internal.go
+++ b/auth/iam_internal.go
@@ -169,11 +169,13 @@ func (s *IAMServiceInternal) DeleteUserAccount(access string) error {

 		delete(conf.AccessAccounts, access)

-		b, err := json.Marshal(s.accts)
+		b, err := json.Marshal(conf)
 		if err != nil {
 			return nil, fmt.Errorf("failed to serialize iam: %w", err)
 		}

+		s.accts = conf
+
 		return b, nil
 	})
 }
--- a/cmd/versitygw/admin.go
+++ b/cmd/versitygw/admin.go
@@ -84,25 +84,25 @@ func adminCommand() *cli.Command {
 		Flags: []cli.Flag{
 			// TODO: create a configuration file for this
 			&cli.StringFlag{
-				Name:        "adminAccess",
+				Name:        "access",
 				Usage:       "admin access account",
 				EnvVars:     []string{"ADMIN_ACCESS_KEY_ID", "ADMIN_ACCESS_KEY"},
-				Aliases:     []string{"aa"},
+				Aliases:     []string{"a"},
 				Destination: &adminAccess,
 			},
 			&cli.StringFlag{
-				Name:        "adminSecret",
+				Name:        "secret",
 				Usage:       "admin secret access key",
 				EnvVars:     []string{"ADMIN_SECRET_ACCESS_KEY", "ADMIN_SECRET_KEY"},
-				Aliases:     []string{"as"},
+				Aliases:     []string{"s"},
 				Destination: &adminSecret,
 			},
 			&cli.StringFlag{
-				Name:        "adminRegion",
+				Name:        "region",
 				Usage:       "s3 region string",
 				Value:       "us-east-1",
 				Destination: &adminRegion,
-				Aliases:     []string{"ar"},
+				Aliases:     []string{"r"},
 			},
 		},
 	}
@@ -117,7 +117,7 @@ func createUser(ctx *cli.Context) error {
 		return fmt.Errorf("invalid input parameter for role")
 	}

-	req, err := http.NewRequest(http.MethodPost, fmt.Sprintf("http://localhost:7070/create-user?access=%v&secret=%v&role=%v", access, secret, role), nil)
+	req, err := http.NewRequest(http.MethodPatch, fmt.Sprintf("http://localhost:7070/create-user?access=%v&secret=%v&role=%v", access, secret, role), nil)
 	if err != nil {
 		return fmt.Errorf("failed to send the request: %w", err)
 	}
@@ -157,7 +157,7 @@ func deleteUser(ctx *cli.Context) error {
 		return fmt.Errorf("invalid input parameter for the new user")
 	}

-	req, err := http.NewRequest(http.MethodDelete, fmt.Sprintf("http://localhost:7070/delete-user?access=%v", access), nil)
+	req, err := http.NewRequest(http.MethodPatch, fmt.Sprintf("http://localhost:7070/delete-user?access=%v", access), nil)
 	if err != nil {
 		return fmt.Errorf("failed to send the request: %w", err)
 	}
--- a/integration/tests.go
+++ b/integration/tests.go
@@ -1373,7 +1373,7 @@ func TestAclActions(s *S3Conf) {
 	succUsrCrt := "The user has been created successfully"
 	failUsrCrt := "failed to create a user: update iam data: account already exists"

-	out, err := execCommand("admin", "-aa", s.awsID, "-as", s.awsSecret, "create-user", "--access", grt1, "--secret", "grt1secret", "--role", "user")
+	out, err := execCommand("admin", "-a", s.awsID, "-s", s.awsSecret, "create-user", "-a", grt1, "-s", "grt1secret", "-r", "user")
 	if err != nil {
 		failF("%v: %v", err)
 		return
--- a/s3api/controllers/admin.go
+++ b/s3api/controllers/admin.go
@@ -27,7 +27,7 @@ type AdminController struct {

 func (c AdminController) CreateUser(ctx *fiber.Ctx) error {
 	access, secret, role := ctx.Query("access"), ctx.Query("secret"), ctx.Query("role")
-	requesterRole := ctx.Locals("role")
+	requesterRole := ctx.Locals("role").(string)

 	if requesterRole != "admin" {
 		return fmt.Errorf("access denied: only admin users have access to this resource")
@@ -48,7 +48,7 @@ func (c AdminController) CreateUser(ctx *fiber.Ctx) error {

 func (c AdminController) DeleteUser(ctx *fiber.Ctx) error {
 	access := ctx.Query("access")
-	requesterRole := ctx.Locals("role")
+	requesterRole := ctx.Locals("role").(string)
 	if requesterRole != "admin" {
 		return fmt.Errorf("access denied: only admin users have access to this resource")
 	}
@@ -58,5 +58,5 @@ func (c AdminController) DeleteUser(ctx *fiber.Ctx) error {
 		return err
 	}

-	return ctx.SendString("The user has been created successfully")
+	return ctx.SendString("The user has been deleted successfully")
 }
--- a/s3api/controllers/admin_test.go
+++ b/s3api/controllers/admin_test.go
@@ -43,7 +43,7 @@ func TestAdminController_CreateUser(t *testing.T) {
 		return ctx.Next()
 	})

-	app.Post("/create-user", adminController.CreateUser)
+	app.Patch("/create-user", adminController.CreateUser)

 	appErr := fiber.New()

@@ -52,7 +52,7 @@ func TestAdminController_CreateUser(t *testing.T) {
 		return ctx.Next()
 	})

-	appErr.Post("/create-user", adminController.CreateUser)
+	appErr.Patch("/create-user", adminController.CreateUser)

 	tests := []struct {
 		name       string
@@ -65,7 +65,7 @@ func TestAdminController_CreateUser(t *testing.T) {
 			name: "Admin-create-user-success",
 			app:  app,
 			args: args{
-				req: httptest.NewRequest(http.MethodPost, "/create-user?access=test&secret=test&role=user", nil),
+				req: httptest.NewRequest(http.MethodPatch, "/create-user?access=test&secret=test&role=user", nil),
 			},
 			wantErr:    false,
 			statusCode: 200,
@@ -74,7 +74,7 @@ func TestAdminController_CreateUser(t *testing.T) {
 			name: "Admin-create-user-invalid-user-role",
 			app:  app,
 			args: args{
-				req: httptest.NewRequest(http.MethodPost, "/create-user?access=test&secret=test&role=invalid", nil),
+				req: httptest.NewRequest(http.MethodPatch, "/create-user?access=test&secret=test&role=invalid", nil),
 			},
 			wantErr:    false,
 			statusCode: 500,
@@ -83,7 +83,7 @@ func TestAdminController_CreateUser(t *testing.T) {
 			name: "Admin-create-user-invalid-requester-role",
 			app:  appErr,
 			args: args{
-				req: httptest.NewRequest(http.MethodPost, "/create-user?access=test&secret=test&role=admin", nil),
+				req: httptest.NewRequest(http.MethodPatch, "/create-user?access=test&secret=test&role=admin", nil),
 			},
 			wantErr:    false,
 			statusCode: 500,
@@ -122,7 +122,7 @@ func TestAdminController_DeleteUser(t *testing.T) {
 		return ctx.Next()
 	})

-	app.Delete("/delete-user", adminController.DeleteUser)
+	app.Patch("/delete-user", adminController.DeleteUser)

 	appErr := fiber.New()

@@ -131,7 +131,7 @@ func TestAdminController_DeleteUser(t *testing.T) {
 		return ctx.Next()
 	})

-	appErr.Delete("/delete-user", adminController.DeleteUser)
+	appErr.Patch("/delete-user", adminController.DeleteUser)

 	tests := []struct {
 		name       string
@@ -144,7 +144,7 @@ func TestAdminController_DeleteUser(t *testing.T) {
 			name: "Admin-delete-user-success",
 			app:  app,
 			args: args{
-				req: httptest.NewRequest(http.MethodDelete, "/delete-user?access=test", nil),
+				req: httptest.NewRequest(http.MethodPatch, "/delete-user?access=test", nil),
 			},
 			wantErr:    false,
 			statusCode: 200,
@@ -153,7 +153,7 @@ func TestAdminController_DeleteUser(t *testing.T) {
 			name: "Admin-delete-user-invalid-requester-role",
 			app:  appErr,
 			args: args{
-				req: httptest.NewRequest(http.MethodDelete, "/delete-user?access=test", nil),
+				req: httptest.NewRequest(http.MethodPatch, "/delete-user?access=test", nil),
 			},
 			wantErr:    false,
 			statusCode: 500,
--- a/s3api/router.go
+++ b/s3api/router.go
@@ -27,11 +27,10 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ
 	s3ApiController := controllers.New(be, iam)
 	adminController := controllers.AdminController{IAMService: iam}

-	// TODO: think of better routing system
-	app.Post("/create-user", adminController.CreateUser)
+	app.Patch("/create-user", adminController.CreateUser)

 	// Admin Delete api
-	app.Delete("/delete-user", adminController.DeleteUser)
+	app.Patch("/delete-user", adminController.DeleteUser)
 	// ListBuckets action
 	app.Get("/", s3ApiController.ListBuckets)