Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

s3: keep auth enabled in case identities are set to empty 

fix https://github.com/chrislusf/seaweedfs/issues/3084
pull/3112/head
chrislu 3 years ago
parent
81d6159290
commit
b8f3db0d46
1 changed files with 7 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      weed/s3api/auth_credentials.go

8
weed/s3api/auth_credentials.go
View File

@ -27,6 +27,7 @@ type IdentityAccessManagement struct {
m sync.RWMutex m sync.RWMutex
identities []*Identity identities []*Identity
isAuthEnabled bool
domain string domain string
} }
@ -137,14 +138,15 @@ func (iam *IdentityAccessManagement) loadS3ApiConfiguration(config *iam_pb.S3Api
iam.m.Lock() iam.m.Lock()
// atomically switch // atomically switch
iam.identities = identities iam.identities = identities
if !iam.isAuthEnabled { // one-directional, no toggling
iam.isAuthEnabled = len(identities) > 0
}
iam.m.Unlock() iam.m.Unlock()
return nil return nil
} }
func (iam *IdentityAccessManagement) isEnabled() bool { func (iam *IdentityAccessManagement) isEnabled() bool {
iam.m.RLock()
defer iam.m.RUnlock()
return len(iam.identities) > 0
return iam.isAuthEnabled
} }
func (iam *IdentityAccessManagement) lookupByAccessKey(accessKey string) (identity *Identity, cred *Credential, found bool) { func (iam *IdentityAccessManagement) lookupByAccessKey(accessKey string) (identity *Identity, cred *Credential, found bool) {

Write Preview
Loading…
Cancel
Save