s3iam_conf.go 1.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. package filer
  2. import (
  3. "fmt"
  4. "io"
  5. "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
  6. jsonpb "google.golang.org/protobuf/encoding/protojson"
  7. "google.golang.org/protobuf/proto"
  8. )
  9. func ParseS3ConfigurationFromBytes[T proto.Message](content []byte, config T) error {
  10. if err := jsonpb.Unmarshal(content, config); err != nil {
  11. return err
  12. }
  13. return nil
  14. }
  15. func ProtoToText(writer io.Writer, config proto.Message) error {
  16. m := jsonpb.MarshalOptions{
  17. EmitUnpopulated: true,
  18. Indent: " ",
  19. }
  20. text, marshalErr := m.Marshal(config)
  21. if marshalErr != nil {
  22. return fmt.Errorf("marshal proto message: %v", marshalErr)
  23. }
  24. _, writeErr := writer.Write(text)
  25. if writeErr != nil {
  26. return fmt.Errorf("fail to write proto message: %v", writeErr)
  27. }
  28. return writeErr
  29. }
  30. // CheckDuplicateAccessKey returns an error message when s3cfg has duplicate access keys
  31. func CheckDuplicateAccessKey(s3cfg *iam_pb.S3ApiConfiguration) error {
  32. accessKeySet := make(map[string]string)
  33. for _, ident := range s3cfg.Identities {
  34. for _, cred := range ident.Credentials {
  35. if userName, found := accessKeySet[cred.AccessKey]; !found {
  36. accessKeySet[cred.AccessKey] = ident.Name
  37. } else if userName != ident.Name {
  38. return fmt.Errorf("duplicate accessKey[%s], already configured in user[%s]", cred.AccessKey, userName)
  39. }
  40. }
  41. }
  42. return nil
  43. }