This commit is contained in:
parent
c90e46f038
commit
073c91fe0d
96
src/minio.rs
96
src/minio.rs
@ -118,6 +118,22 @@ struct MinioUserListRes {
|
|||||||
accessKey: String,
|
accessKey: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Clone, Deserialize)]
|
||||||
|
struct MinioPoliciesUserEntities {
|
||||||
|
result: MinioPoliciesUserEntitiesInner,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[allow(non_snake_case)]
|
||||||
|
#[derive(Debug, Clone, Deserialize)]
|
||||||
|
struct MinioPoliciesUserEntitiesInner {
|
||||||
|
userMappings: Option<Vec<MinioPoliciesUserEntitiesInnerUser>>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Clone, Deserialize)]
|
||||||
|
struct MinioPoliciesUserEntitiesInnerUser {
|
||||||
|
policies: Vec<String>,
|
||||||
|
}
|
||||||
|
|
||||||
impl BasicMinioResult {
|
impl BasicMinioResult {
|
||||||
pub fn success(&self) -> bool {
|
pub fn success(&self) -> bool {
|
||||||
self.status == "success"
|
self.status == "success"
|
||||||
@ -512,6 +528,55 @@ impl MinioService {
|
|||||||
.map(|p| p.accessKey.to_string())
|
.map(|p| p.accessKey.to_string())
|
||||||
.collect())
|
.collect())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Attach a user to a policy
|
||||||
|
pub async fn policy_attach_user(&self, user: &MinioUser, policy: &str) -> anyhow::Result<()> {
|
||||||
|
let res = self
|
||||||
|
.exec_mc_cmd::<BasicMinioResult>(&[
|
||||||
|
"admin",
|
||||||
|
"policy",
|
||||||
|
"attach",
|
||||||
|
MC_ALIAS_NAME,
|
||||||
|
policy,
|
||||||
|
"--user",
|
||||||
|
user.username.as_str(),
|
||||||
|
])
|
||||||
|
.await?;
|
||||||
|
|
||||||
|
if res.get(0).map(|r| r.success()) != Some(true) {
|
||||||
|
return Err(MinioError::CreateUserFailed.into());
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
||||||
|
/// Get the list of entities attached to a user
|
||||||
|
pub async fn policy_attach_get_user_list(
|
||||||
|
&self,
|
||||||
|
user: &MinioUser,
|
||||||
|
) -> anyhow::Result<Vec<String>> {
|
||||||
|
let res = self
|
||||||
|
.exec_mc_cmd::<MinioPoliciesUserEntities>(&[
|
||||||
|
"admin",
|
||||||
|
"policy",
|
||||||
|
"entities",
|
||||||
|
MC_ALIAS_NAME,
|
||||||
|
"--user",
|
||||||
|
user.username.as_str(),
|
||||||
|
])
|
||||||
|
.await?
|
||||||
|
.remove(0)
|
||||||
|
.result
|
||||||
|
.userMappings;
|
||||||
|
|
||||||
|
if let Some(mapping) = res {
|
||||||
|
if let Some(e) = mapping.get(0) {
|
||||||
|
return Ok(e.policies.clone());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(vec![])
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
@ -1030,4 +1095,35 @@ mod test {
|
|||||||
service.user_apply(&user).await.unwrap();
|
service.user_apply(&user).await.unwrap();
|
||||||
assert!(service.user_list().await.unwrap().contains(&user.username));
|
assert!(service.user_list().await.unwrap().contains(&user.username));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[tokio::test]
|
||||||
|
async fn attach_policy_user() {
|
||||||
|
let _ = env_logger::builder().is_test(true).try_init();
|
||||||
|
|
||||||
|
let srv = MinioTestServer::start().await.unwrap();
|
||||||
|
let service = srv.as_service();
|
||||||
|
|
||||||
|
let user = MinioUser::gen_random();
|
||||||
|
|
||||||
|
service.user_apply(&user).await.unwrap();
|
||||||
|
service
|
||||||
|
.policy_apply(TEST_POLICY_NAME, include_str!("../test/test-policy1.json"))
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
|
assert!(!service
|
||||||
|
.policy_attach_get_user_list(&user)
|
||||||
|
.await
|
||||||
|
.unwrap()
|
||||||
|
.contains(&TEST_POLICY_NAME.to_string()));
|
||||||
|
service
|
||||||
|
.policy_attach_user(&user, TEST_POLICY_NAME)
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
assert!(service
|
||||||
|
.policy_attach_get_user_list(&user)
|
||||||
|
.await
|
||||||
|
.unwrap()
|
||||||
|
.contains(&TEST_POLICY_NAME.to_string()));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user