From cf6d03b907f64c73e8bf67948f681cafde8c84e9 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Tue, 17 Feb 2015 19:06:01 -0800 Subject: [PATCH] Expose policy code, for api router usage --- pkg/api/minioapi/policy.go | 32 -------------------------------- pkg/utils/config/config.go | 7 +++++++ pkg/utils/policy/policy.go | 32 ++++++++++++++++---------------- 3 files changed, 23 insertions(+), 48 deletions(-) delete mode 100644 pkg/api/minioapi/policy.go diff --git a/pkg/api/minioapi/policy.go b/pkg/api/minioapi/policy.go deleted file mode 100644 index c7423574f..000000000 --- a/pkg/api/minioapi/policy.go +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Mini Object Storage, (C) 2015 Minio, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package minioapi - -import ( - "net/http" -) - -type pHandler struct { - handler http.Handler -} - -func policyHandler(h http.Handler) http.Handler { - return pHandler{h} -} - -func (p pHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { -} diff --git a/pkg/utils/config/config.go b/pkg/utils/config/config.go index a7851944e..9ca7d3ca9 100644 --- a/pkg/utils/config/config.go +++ b/pkg/utils/config/config.go @@ -152,6 +152,13 @@ func Loadusers() map[string]User { return c.Users } +func Loadkey(accessKeyId string) User { + c := Config{} + c.SetupConfig() + c.ReadConfig() + return c.GetKey(accessKeyId) +} + func Loaduser(username string) User { c := Config{} c.SetupConfig() diff --git a/pkg/utils/policy/policy.go b/pkg/utils/policy/policy.go index 9be426243..7ebe7a272 100644 --- a/pkg/utils/policy/policy.go +++ b/pkg/utils/policy/policy.go @@ -25,17 +25,17 @@ type BucketPolicy struct { } const ( - awsResource = "arn:aws:s3:::" - minioResource = "minio:::" + AwsResource = "arn:aws:s3:::" + MinioResource = "minio:::" ) // TODO support canonical user const ( - awsPrincipal = "arn:aws:iam::Account-ID:user/" - minioPrincipal = "minio::Account-ID:user/" + AwsPrincipal = "arn:aws:iam::Account-ID:user/" + MinioPrincipal = "minio::Account-ID:user/" ) -var supportedActionMap = map[string]bool{ +var SupportedActionMap = map[string]bool{ "*": true, "s3:GetObject": true, "s3:ListBucket": true, @@ -47,7 +47,7 @@ var supportedActionMap = map[string]bool{ "s3:PutBucketPolicy": true, } -var supportedEffectMap = map[string]bool{ +var SupportedEffectMap = map[string]bool{ "Allow": true, "Deny": true, } @@ -55,7 +55,7 @@ var supportedEffectMap = map[string]bool{ func isValidAction(action []string) bool { var ok bool = false for _, a := range action { - if supportedActionMap[a] { + if SupportedActionMap[a] { ok = true } } @@ -63,7 +63,7 @@ func isValidAction(action []string) bool { } func isValidEffect(effect string) bool { - if supportedEffectMap[effect] { + if SupportedEffectMap[effect] { return true } return false @@ -73,14 +73,14 @@ func isValidResource(resources []string) bool { var ok bool = false for _, resource := range resources { switch true { - case strings.HasPrefix(resource, awsResource): - bucket := strings.SplitAfter(resource, awsResource)[1] + case strings.HasPrefix(resource, AwsResource): + bucket := strings.SplitAfter(resource, AwsResource)[1] ok = true if len(bucket) == 0 { ok = false } - case strings.HasPrefix(resource, minioResource): - bucket := strings.SplitAfter(resource, minioResource)[1] + case strings.HasPrefix(resource, MinioResource): + bucket := strings.SplitAfter(resource, MinioResource)[1] ok = true if len(bucket) == 0 { ok = false @@ -98,14 +98,14 @@ func isValidPrincipal(principal string) bool { return true } switch true { - case strings.HasPrefix(principal, awsPrincipal): - username := strings.SplitAfter(principal, awsPrincipal)[1] + case strings.HasPrefix(principal, AwsPrincipal): + username := strings.SplitAfter(principal, AwsPrincipal)[1] ok = true if len(username) == 0 { ok = false } - case strings.HasPrefix(principal, minioPrincipal): - username := strings.SplitAfter(principal, minioPrincipal)[1] + case strings.HasPrefix(principal, MinioPrincipal): + username := strings.SplitAfter(principal, MinioPrincipal)[1] ok = true if len(username) == 0 { ok = false