Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8233 Commits
33 Branches
297 Tags
166 MiB
Tree: 1451b389a4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1451b389a4'
${ noResults }
seaweedfs/weed/shell/command_s3_configure.go

196 lines
5.4 KiB
Raw Normal View History

s3 configure
4 years ago
refactoring
4 years ago
Check whether there is a duplicate accessKey when modifying iam
3 years ago
s3 configure
4 years ago
refactoring
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
remove WIP status
4 years ago
2.14
4 years ago
s3 configure
4 years ago
refactoring
4 years ago
s3 configure
4 years ago
change parameter help message
4 years ago
s3 configure
4 years ago
refactoring
4 years ago
use streaming mode for long poll grpc calls streaming mode would create separate grpc connections for each call. this is to ensure the long poll connections are properly closed.
3 years ago
refactoring
4 years ago
s3 configure
4 years ago
refactoring
4 years ago
s3 configure
4 years ago
s3 config changes
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 config changes
4 years ago
s3 configure
4 years ago
help message when in simulation mode
3 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
s3 config changes
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
s3 config changes
4 years ago
s3 configure
4 years ago
s3 config changes
4 years ago
help message when in simulation mode
3 years ago
new pkg s3iam
4 years ago
s3 config changes
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
Check whether there is a duplicate accessKey when modifying iam
3 years ago
Make the prompt information clearer
3 years ago
Check whether there is a duplicate accessKey when modifying iam
3 years ago
refactoring
4 years ago
rename
4 years ago
s3 config changes
4 years ago
refactoring
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
refactoring
4 years ago
use streaming mode for long poll grpc calls streaming mode would create separate grpc connections for each call. this is to ensure the long poll connections are properly closed.
3 years ago
save /etc/iam/identity.json inside filer store
4 years ago
s3 configure
4 years ago
refactoring
4 years ago
s3 configure
4 years ago
new pkg s3iam
4 years ago
s3 configure
4 years ago
  1. package shell
  3. import (
  4. "bytes"
  5. "errors"
  6. "flag"
  7. "fmt"
  8. "github.com/chrislusf/seaweedfs/weed/filer"
  9. "io"
  10. "sort"
  11. "strings"
  13. "github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
  14. "github.com/chrislusf/seaweedfs/weed/pb/iam_pb"
  15. )
  17. func init() {
  18. Commands = append(Commands, &commandS3Configure{})
  19. }
  21. type commandS3Configure struct {
  22. }
  24. func (c *commandS3Configure) Name() string {
  25. return "s3.configure"
  26. }
  28. func (c *commandS3Configure) Help() string {
  29. return `configure and apply s3 options for each bucket
  31. # see the current configuration file content
  32. s3.configure
  33. `
  34. }
  36. func (c *commandS3Configure) Do(args []string, commandEnv *CommandEnv, writer io.Writer) (err error) {
  38. s3ConfigureCommand := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
  39. actions := s3ConfigureCommand.String("actions", "", "comma separated actions names: Read,Write,List,Tagging,Admin")
  40. user := s3ConfigureCommand.String("user", "", "user name")
  41. buckets := s3ConfigureCommand.String("buckets", "", "bucket name")
  42. accessKey := s3ConfigureCommand.String("access_key", "", "specify the access key")
  43. secretKey := s3ConfigureCommand.String("secret_key", "", "specify the secret key")
  44. isDelete := s3ConfigureCommand.Bool("delete", false, "delete users, actions or access keys")
  45. apply := s3ConfigureCommand.Bool("apply", false, "update and apply s3 configuration")
  46. if err = s3ConfigureCommand.Parse(args); err != nil {
  47. return nil
  48. }
  50. var buf bytes.Buffer
  51. if err = commandEnv.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  52. return filer.ReadEntry(commandEnv.MasterClient, client, filer.IamConfigDirecotry, filer.IamIdentityFile, &buf)
  53. }); err != nil && err != filer_pb.ErrNotFound {
  54. return err
  55. }
  57. s3cfg := &iam_pb.S3ApiConfiguration{}
  58. if buf.Len() > 0 {
  59. if err = filer.ParseS3ConfigurationFromBytes(buf.Bytes(), s3cfg); err != nil {
  60. return err
  61. }
  62. }
  64. idx := 0
  65. changed := false
  66. if *user != "" {
  67. for i, identity := range s3cfg.Identities {
  68. if *user == identity.Name {
  69. idx = i
  70. changed = true
  71. break
  72. }
  73. }
  74. }
  75. var cmdActions []string
  76. for _, action := range strings.Split(*actions, ",") {
  77. if *buckets == "" {
  78. cmdActions = append(cmdActions, action)
  79. } else {
  80. for _, bucket := range strings.Split(*buckets, ",") {
  81. cmdActions = append(cmdActions, fmt.Sprintf("%s:%s", action, bucket))
  82. }
  83. }
  84. }
  85. if changed {
  86. infoAboutSimulationMode(writer, *apply, "-apply")
  87. if *isDelete {
  88. var exists []int
  89. for _, cmdAction := range cmdActions {
  90. for i, currentAction := range s3cfg.Identities[idx].Actions {
  91. if cmdAction == currentAction {
  92. exists = append(exists, i)
  93. }
  94. }
  95. }
  96. sort.Sort(sort.Reverse(sort.IntSlice(exists)))
  97. for _, i := range exists {
  98. s3cfg.Identities[idx].Actions = append(
  99. s3cfg.Identities[idx].Actions[:i],
  100. s3cfg.Identities[idx].Actions[i+1:]...,
  101. )
  102. }
  103. if *accessKey != "" {
  104. exists = []int{}
  105. for i, credential := range s3cfg.Identities[idx].Credentials {
  106. if credential.AccessKey == *accessKey {
  107. exists = append(exists, i)
  108. }
  109. }
  110. sort.Sort(sort.Reverse(sort.IntSlice(exists)))
  111. for _, i := range exists {
  112. s3cfg.Identities[idx].Credentials = append(
  113. s3cfg.Identities[idx].Credentials[:i],
  114. s3cfg.Identities[idx].Credentials[:i+1]...,
  115. )
  116. }
  118. }
  119. if *actions == "" && *accessKey == "" && *buckets == "" {
  120. s3cfg.Identities = append(s3cfg.Identities[:idx], s3cfg.Identities[idx+1:]...)
  121. }
  122. } else {
  123. if *actions != "" {
  124. for _, cmdAction := range cmdActions {
  125. found := false
  126. for _, action := range s3cfg.Identities[idx].Actions {
  127. if cmdAction == action {
  128. found = true
  129. break
  130. }
  131. }
  132. if !found {
  133. s3cfg.Identities[idx].Actions = append(s3cfg.Identities[idx].Actions, cmdAction)
  134. }
  135. }
  136. }
  137. if *accessKey != "" && *user != "anonymous" {
  138. found := false
  139. for _, credential := range s3cfg.Identities[idx].Credentials {
  140. if credential.AccessKey == *accessKey {
  141. found = true
  142. credential.SecretKey = *secretKey
  143. break
  144. }
  145. }
  146. if !found {
  147. s3cfg.Identities[idx].Credentials = append(s3cfg.Identities[idx].Credentials, &iam_pb.Credential{
  148. AccessKey: *accessKey,
  149. SecretKey: *secretKey,
  150. })
  151. }
  152. }
  153. }
  154. } else if *user != "" && *actions != "" {
  155. infoAboutSimulationMode(writer, *apply, "-apply")
  156. identity := iam_pb.Identity{
  157. Name: *user,
  158. Actions: cmdActions,
  159. Credentials: []*iam_pb.Credential{},
  160. }
  161. if *user != "anonymous" {
  162. identity.Credentials = append(identity.Credentials,
  163. &iam_pb.Credential{AccessKey: *accessKey, SecretKey: *secretKey})
  164. }
  165. s3cfg.Identities = append(s3cfg.Identities, &identity)
  166. }
  168. accessKeySet := make(map[string]string)
  169. for _, ident := range s3cfg.Identities {
  170. for _, cred := range ident.Credentials {
  171. if userName, found := accessKeySet[cred.AccessKey]; !found {
  172. accessKeySet[cred.AccessKey] = ident.Name
  173. } else {
  174. return errors.New(fmt.Sprintf("duplicate accessKey[%s], already configured in user[%s]", cred.AccessKey, userName))
  175. }
  176. }
  177. }
  179. buf.Reset()
  180. filer.ProtoToText(&buf, s3cfg)
  182. fmt.Fprintf(writer, string(buf.Bytes()))
  183. fmt.Fprintln(writer)
  185. if *apply {
  187. if err := commandEnv.WithFilerClient(false, func(client filer_pb.SeaweedFilerClient) error {
  188. return filer.SaveInsideFiler(client, filer.IamConfigDirecotry, filer.IamIdentityFile, buf.Bytes())
  189. }); err != nil {
  190. return err
  191. }
  193. }
  195. return nil
  196. }