Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix: add name collision check in embedded IAM UpdateUser 

The embedded IAM handler renamed users without checking if the
target name already existed, unlike the standalone handler.
pull/8560/head
Chris Lu 4 days ago
parent
42f8495f59
commit
d3efe5dde9
1 changed files with 8 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      weed/s3api/s3api_embedded_iam.go

8
weed/s3api/s3api_embedded_iam.go
View File

@ -349,6 +349,14 @@ func (e *EmbeddedIamApi) UpdateUser(s3cfg *iam_pb.S3ApiConfiguration, values url
userName := values.Get("UserName") userName := values.Get("UserName")
newUserName := values.Get("NewUserName") newUserName := values.Get("NewUserName")
if newUserName != "" { if newUserName != "" {
// Check for name collision before renaming
if newUserName != userName {
for _, ident := range s3cfg.Identities {
if ident.Name == newUserName {
return resp, &iamError{Code: iam.ErrCodeEntityAlreadyExistsException, Error: fmt.Errorf("user %s already exists", newUserName)}
}
}
}
for _, ident := range s3cfg.Identities { for _, ident := range s3cfg.Identities {
if userName == ident.Name { if userName == ident.Name {
ident.Name = newUserName ident.Name = newUserName

Write Preview
Loading…
Cancel
Save