NC | NSFS | IAM | Fix issue in update_access_key
and delete_access_key
#8233
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explain the changes
update_access_key
anddelete_access_key
when--user-name
flag is not passed, but the access-key-id exists in IAM account of the root account which was the requesting account._throw_error_no_such_entity_access_key
for this error and use it._throw_error_delete_conflict
and_throw_error_perform_action_from_root_accounts_manager_on_iam_user
.Issues: Fixed #xxx / Gap #xxx
List of known GAPs:
IamError
class to have a template message.Testing Instructions:
Unit Tests:
Please run:
sudo npx jest test_accountspace_fs.test.js
Manual Tests:
sudo node src/cmd/manage_nsfs account add --name shira-1001 --new_buckets_path /tmp/nsfs_root1 --access_key <access-key> --secret_key <secret-key> --uid <uid> --gid <gid>
Note: before creating the account need to give permission to the
new_buckets_path
:chmod 777 /tmp/nsfs_root1
.sudo node src/cmd/nsfs --debug 5 --https_port_iam 7005
Notes:
process.env.NOOBAA_LOG_LEVEL = 'nsfs';
in the endpoint.js (before the conditionif (process.env.NOOBAA_LOG_LEVEL) {
)config.NSFS_CHECK_BUCKET_BOUNDARIES = false; //SDSD
because I'm using the/tmp/
and not/private/tmp/
.alias s3-nc-user-1-iam='AWS_ACCESS_KEY_ID=<access-key> AWS_SECRET_ACCESS_KEY=<secret-key> aws --no-verify-ssl --endpoint-url https://localhost:7005'
.s3-nc-user-1-iam iam create-user --user-name Bob
s3-nc-user-1-iam iam create-access-key --user-name Bob
(save the access-key-id, we will use it in next steps).s3-nc-user-1-iam iam update-access-key --access-key-id <access-key-id-of-Bob> --status Inactive #without --user-name Bob
(should throw an errorNoSuchEntity
).s3-nc-user-1-iam iam delete-access-key --access-key-id <access-key-id-of-Bob> #without --user-name Bob
(should throw an errorNoSuchEntity
).