s3iam_conf.go 1.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556
  1. package filer
  2. import (
  3. "fmt"
  4. "io"
  5. "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
  6. jsonpb "google.golang.org/protobuf/encoding/protojson"
  7. "google.golang.org/protobuf/proto"
  8. )
  9. func ParseS3ConfigurationFromBytes[T proto.Message](content []byte, config T) error {
  10. options := &jsonpb.UnmarshalOptions{
  11. DiscardUnknown: true,
  12. AllowPartial: true,
  13. }
  14. if err := options.Unmarshal(content, config); err != nil {
  15. return err
  16. }
  17. return nil
  18. }
  19. func ProtoToText(writer io.Writer, config proto.Message) error {
  20. m := jsonpb.MarshalOptions{
  21. EmitUnpopulated: true,
  22. Indent: " ",
  23. }
  24. text, marshalErr := m.Marshal(config)
  25. if marshalErr != nil {
  26. return fmt.Errorf("marshal proto message: %v", marshalErr)
  27. }
  28. _, writeErr := writer.Write(text)
  29. if writeErr != nil {
  30. return fmt.Errorf("fail to write proto message: %v", writeErr)
  31. }
  32. return writeErr
  33. }
  34. // CheckDuplicateAccessKey returns an error message when s3cfg has duplicate access keys
  35. func CheckDuplicateAccessKey(s3cfg *iam_pb.S3ApiConfiguration) error {
  36. accessKeySet := make(map[string]string)
  37. for _, ident := range s3cfg.Identities {
  38. for _, cred := range ident.Credentials {
  39. if userName, found := accessKeySet[cred.AccessKey]; !found {
  40. accessKeySet[cred.AccessKey] = ident.Name
  41. } else if userName != ident.Name {
  42. return fmt.Errorf("duplicate accessKey[%s], already configured in user[%s]", cred.AccessKey, userName)
  43. }
  44. }
  45. }
  46. return nil
  47. }