NC | NSFS | IAM | Fix issue in update_access_key and delete_access_key
#8233
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
shirady
changed the title
update_access_key and `delete_access_key update_access_key and delete_access_key
alphaprinz
reviewed
Jul 25, 2024
alphaprinz
reviewed
Jul 25, 2024
alphaprinz
reviewed
Jul 25, 2024
alphaprinz
reviewed
Jul 25, 2024
alphaprinz
requested changes
Jul 25, 2024
shirady
force-pushed
the
nsfs-iam-username-issue
branch
from
f1b2ac9
to
1d7a9eb
Compare
1. Fix an issue related to update_access_key and delete_access_key when --user-name flag is not passed, but the access-key-id exists in IAM account of the root account which was the requesting account. 2. Add a function _throw_error_no_such_entity_access_key for this error and use it. 3. Fix indentation in functions: _throw_error_delete_conflict and _throw_error_perform_action_from_root_accounts_manager_on_iam_user. Signed-off-by: shirady <57721533 [email protected]>
shirady
force-pushed
the
nsfs-iam-username-issue
branch
from
1d7a9eb
to
b7f3d16
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explain the changes
update_access_keyanddelete_access_keywhen--user-nameflag is not passed, but the access-key-id exists in IAM account of the root account which was the requesting account._throw_error_no_such_entity_access_keyfor this error and use it._throw_error_delete_conflictand_throw_error_perform_action_from_root_accounts_manager_on_iam_user.Issues: Fixed #xxx / Gap #xxx
List of known GAPs:
IamErrorclass to have a template message.Testing Instructions:
Unit Tests:
Please run:
sudo npx jest test_accountspace_fs.test.jsManual Tests:
sudo node src/cmd/manage_nsfs account add --name shira-1001 --new_buckets_path /tmp/nsfs_root1 --access_key <access-key> --secret_key <secret-key> --uid <uid> --gid <gid>Note: before creating the account need to give permission to the
new_buckets_path:chmod 777 /tmp/nsfs_root1.sudo node src/cmd/nsfs --debug 5 --https_port_iam 7005Notes:
process.env.NOOBAA_LOG_LEVEL = 'nsfs';in the endpoint.js (before the conditionif (process.env.NOOBAA_LOG_LEVEL) {)config.NSFS_CHECK_BUCKET_BOUNDARIES = false; //SDSDbecause I'm using the/tmp/and not/private/tmp/.alias s3-nc-user-1-iam='AWS_ACCESS_KEY_ID=<access-key> AWS_SECRET_ACCESS_KEY=<secret-key> aws --no-verify-ssl --endpoint-url https://localhost:7005'.s3-nc-user-1-iam iam create-user --user-name Bobs3-nc-user-1-iam iam create-access-key --user-name Bob(save the access-key-id, we will use it in next steps).s3-nc-user-1-iam iam update-access-key --access-key-id <access-key-id-of-Bob> --status Inactive #without --user-name Bob(should throw an errorNoSuchEntity).s3-nc-user-1-iam iam delete-access-key --access-key-id <access-key-id-of-Bob> #without --user-name Bob(should throw an errorNoSuchEntity).