Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add admin users #2554

Merged
merged 1 commit into from
Oct 16, 2018
Merged

Add admin users #2554

merged 1 commit into from
Oct 16, 2018

Conversation

harshavardhana
Copy link
Member

No description provided.

@harshavardhana harshavardhana mentioned this pull request Sep 25, 2018
Merged
9 tasks
@harshavardhana harshavardhana force-pushed the users branch 2 times, most recently from 74e0409 to 35ecf85 Compare September 27, 2018 02:47
@codecov
Copy link

codecov bot commented Sep 27, 2018
edited
Loading

Codecov Report

Merging #2554 into master will decrease coverage by 0.26%.
The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2554      +/-   ##
==========================================
- Coverage   10.49%   10.22%   -0.27%     
==========================================
  Files         107      117      +10     
  Lines       10828    11114     +286     
==========================================
  Hits         1136     1136              
- Misses       9542     9828     +286     
  Partials      150      150
Impacted Files Coverage Δ
cmd/admin-main.go 0% <ø> (ø) ⬆️
cmd/admin-users-disable.go 0% <0%> (ø)
cmd/find.go 43.28% <0%> (ø) ⬆️
cmd/admin-policies-remove.go 0% <0%> (ø)
cmd/admin-policies-add.go 0% <0%> (ø)
cmd/admin-users-remove.go 0% <0%> (ø)
cmd/admin-users.go 0% <0%> (ø)
cmd/admin-policies.go 0% <0%> (ø)
cmd/admin-policies-list.go 0% <0%> (ø)
cmd/admin-credentials.go 0% <0%> (ø) ⬆️
... and 13 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7bbc81f...fe368dd. Read the comment docs.

@harshavardhana harshavardhana mentioned this pull request Oct 10, 2018
Closed
@harshavardhana harshavardhana changed the title [WIP] Add admin users Add admin users Oct 11, 2018
@harshavardhana harshavardhana mentioned this pull request Oct 11, 2018
Merged
9 tasks
@deekoder deekoder requested review from vadmeste and poornas October 11, 2018 20:31
vadmeste
vadmeste previously requested changes Oct 11, 2018
View reviewed changes
Copy link
Member

@vadmeste vadmeste left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some comments

cmd/admin-users-add.go Outdated
e := client.AddUser(args.Get(1), args.Get(2))
fatalIf(probe.NewError(e).Trace(args...), "Cannot add new user")

policy, e := ioutil.ReadFile(args.Get(3))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's load policy first to fail before adding a user above.

cmd/admin-users-remove.go Outdated

// checkAdminUsersRemoveSyntax - validate all the passed arguments
func checkAdminUsersRemoveSyntax(ctx *cli.Context) {
if len(ctx.Args()) != 4 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think two arguments not four

cmd/admin-users-revoke.go Outdated

// checkAdminUsersRevokeSyntax - validate all the passed arguments
func checkAdminUsersRevokeSyntax(ctx *cli.Context) {
if len(ctx.Args()) != 4 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two arguments

cmd/admin-users-revoke.go Outdated
"github.com/minio/minio/pkg/madmin"
)

var adminUsersRevokeCmd = cli.Command{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure, if we revoke the user, how can we reenable it again ?

poornas
poornas requested changes Oct 11, 2018
View reviewed changes
cmd/admin-users-revoke.go Outdated
}
}

// mainAdminUsersRevoke is the handle for "mc admin users add" command.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"mc admin users add" -> "mc admin users revoke"

poornas
poornas reviewed Oct 11, 2018
View reviewed changes
cmd/admin-users.go Outdated Show resolved Hide resolved
poornas
poornas reviewed Oct 11, 2018
View reviewed changes
cmd/admin-users-remove.go Outdated
}
}

// mainAdminUsersRemove is the handle for "mc admin users add" command.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mc admin users add" -> mc admin users remove"

@harshavardhana
Copy link
Member Author

This PR is changing a bit

@harshavardhana harshavardhana force-pushed the users branch 3 times, most recently from 4305d32 to 0de3054 Compare October 11, 2018 22:48
@harshavardhana harshavardhana force-pushed the users branch 5 times, most recently from de9b614 to 7e731bf Compare October 12, 2018 17:20
poornas
poornas reviewed Oct 12, 2018
View reviewed changes
docs/minio-admin-complete-guide.md Outdated
@@ -273,19 +275,69 @@ FLAGS:
Storage : Used 8.2GiB
```

<a name="users"></a>
### Command `users` - Manage regular users
`users` command to add new, remove, enable, disable, list users on Minio server.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add new, -> add

vadmeste
vadmeste reviewed Oct 12, 2018
View reviewed changes
cmd/admin-users-add.go Outdated
{{.HelpName}} - {{.Usage}}

USAGE:
{{.HelpName}} TARGET USERNAME PASSWORD POLICYTYPE|POLICYFILE
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add possible values of policy type ? and a short example of policy file content

@vadmeste
Copy link
Member

One little problem is when trying to upload an object, mc cp, in a bucket.. it doesn't work because for some reasons, mc want to list all buckets, readwrite policy won't guarantee it that, but users can use custom policy document probably and then fix this later

@harshavardhana
Copy link
Member Author

One little problem is when trying to upload an object, mc cp, in a bucket.. it doesn't work because for some reasons, mc want to list all buckets, readwrite policy won't guarantee it that, but users can use custom policy document probably and then fix this later

This is something of a problem in minio-go I think it constructs policies with explicit API names but not for everything.

@harshavardhana
Copy link
Member Author

After talking to @abperiasamy some more requirements came in blocking this for now.

@harshavardhana harshavardhana mentioned this pull request Oct 15, 2018
Merged
8 tasks
@harshavardhana harshavardhana force-pushed the users branch 2 times, most recently from 5a675bd to 9e3f098 Compare October 15, 2018 23:54
@poornas
Copy link
Contributor

poornas commented Oct 16, 2018

Removing a revoked user gives an inconsistent error that specified key does not exist.

➜  mc git:(a52ea918) ✗ mc admin users add myss3 newus2e4r newuser123 readonly --insecure
Added used `newus2e4r` successfully.
➜  mc git:(a52ea918) ✗ mc admin users disable myss3 newus2e4r --insecure    
Disabled user `newus2e4r` successfully.
➜  mc git:(a52ea918) ✗ mc admin users remove myss3 newus2e4r --insecure     
mc: <ERROR> Cannot remove new user The specified key does not exist.

server side
Error: Object not found: .minio.sys#config/iam/users/newus2e4r/policy.json
       1: cmd/logger/logger.go:295:logger.LogIf()
       2: cmd/admin-handlers.go:733:cmd.adminAPIHandlers.RemoveUser()
       3: cmd/admin-router.go:96:cmd.(adminAPIHandlers).RemoveUser-fm()
       4: net/http/server.go:1947:http.HandlerFunc.ServeHTTP()

@harshavardhana harshavardhana force-pushed the users branch 3 times, most recently from 9df99b5 to 3edcf4f Compare October 16, 2018 18:52
@harshavardhana harshavardhana mentioned this pull request Oct 16, 2018
Merged
9 tasks
vadmeste
vadmeste approved these changes Oct 16, 2018
View reviewed changes
Copy link
Member

@vadmeste vadmeste left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM & tested

poornas
poornas approved these changes Oct 16, 2018
View reviewed changes
Copy link
Contributor

@poornas poornas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested & LGTM

@deekoder deekoder merged commit b7e87b6 into minio:master Oct 16, 2018
@harshavardhana harshavardhana deleted the users branch October 16, 2018 21:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vadmeste vadmeste vadmeste approved these changes

@poornas poornas poornas approved these changes

Assignees
No one assigned
Labels
priority: high
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@harshavardhana @vadmeste @poornas @deekoder