diff options
| author | Chris Lu <chrislusf@users.noreply.github.com> | 2025-07-02 18:03:17 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-07-02 18:03:17 -0700 |
| commit | 1db7c2b8aad59177f9ccb32f156908faf0c13eca (patch) | |
| tree | b1ea2df918591ab01822e3bd3ce08277825c47fb /weed/credential/credential_manager.go | |
| parent | 6b706f9ccdf46046133c867c4240c4e8594da5b3 (diff) | |
| download | seaweedfs-1db7c2b8aad59177f9ccb32f156908faf0c13eca.tar.xz seaweedfs-1db7c2b8aad59177f9ccb32f156908faf0c13eca.zip | |
Add credential storage (#6938)
* add credential store interface
* load credential.toml
* lint
* create credentialManager with explicit store type
* add type name
* InitializeCredentialManager
* remove unused functions
* fix missing import
* fix import
* fix nil configuration
Diffstat (limited to 'weed/credential/credential_manager.go')
| -rw-r--r-- | weed/credential/credential_manager.go | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/weed/credential/credential_manager.go b/weed/credential/credential_manager.go new file mode 100644 index 000000000..d4323e920 --- /dev/null +++ b/weed/credential/credential_manager.go @@ -0,0 +1,125 @@ +package credential + +import ( + "context" + "fmt" + "strings" + + "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb" + "github.com/seaweedfs/seaweedfs/weed/util" +) + +// CredentialManager manages user credentials using a configurable store +type CredentialManager struct { + store CredentialStore +} + +// NewCredentialManager creates a new credential manager with the specified store +func NewCredentialManager(storeName CredentialStoreTypeName, configuration util.Configuration, prefix string) (*CredentialManager, error) { + var store CredentialStore + + // Find the requested store implementation + for _, s := range Stores { + if s.GetName() == storeName { + store = s + break + } + } + + if store == nil { + return nil, fmt.Errorf("credential store '%s' not found. Available stores: %s", + storeName, getAvailableStores()) + } + + // Initialize the store + if err := store.Initialize(configuration, prefix); err != nil { + return nil, fmt.Errorf("failed to initialize credential store '%s': %v", storeName, err) + } + + return &CredentialManager{ + store: store, + }, nil +} + +// GetStore returns the underlying credential store +func (cm *CredentialManager) GetStore() CredentialStore { + return cm.store +} + +// LoadConfiguration loads the S3 API configuration +func (cm *CredentialManager) LoadConfiguration(ctx context.Context) (*iam_pb.S3ApiConfiguration, error) { + return cm.store.LoadConfiguration(ctx) +} + +// SaveConfiguration saves the S3 API configuration +func (cm *CredentialManager) SaveConfiguration(ctx context.Context, config *iam_pb.S3ApiConfiguration) error { + return cm.store.SaveConfiguration(ctx, config) +} + +// CreateUser creates a new user +func (cm *CredentialManager) CreateUser(ctx context.Context, identity *iam_pb.Identity) error { + return cm.store.CreateUser(ctx, identity) +} + +// GetUser retrieves a user by username +func (cm *CredentialManager) GetUser(ctx context.Context, username string) (*iam_pb.Identity, error) { + return cm.store.GetUser(ctx, username) +} + +// UpdateUser updates an existing user +func (cm *CredentialManager) UpdateUser(ctx context.Context, username string, identity *iam_pb.Identity) error { + return cm.store.UpdateUser(ctx, username, identity) +} + +// DeleteUser removes a user +func (cm *CredentialManager) DeleteUser(ctx context.Context, username string) error { + return cm.store.DeleteUser(ctx, username) +} + +// ListUsers returns all usernames +func (cm *CredentialManager) ListUsers(ctx context.Context) ([]string, error) { + return cm.store.ListUsers(ctx) +} + +// GetUserByAccessKey retrieves a user by access key +func (cm *CredentialManager) GetUserByAccessKey(ctx context.Context, accessKey string) (*iam_pb.Identity, error) { + return cm.store.GetUserByAccessKey(ctx, accessKey) +} + +// CreateAccessKey creates a new access key for a user +func (cm *CredentialManager) CreateAccessKey(ctx context.Context, username string, credential *iam_pb.Credential) error { + return cm.store.CreateAccessKey(ctx, username, credential) +} + +// DeleteAccessKey removes an access key for a user +func (cm *CredentialManager) DeleteAccessKey(ctx context.Context, username string, accessKey string) error { + return cm.store.DeleteAccessKey(ctx, username, accessKey) +} + +// Shutdown performs cleanup +func (cm *CredentialManager) Shutdown() { + if cm.store != nil { + cm.store.Shutdown() + } +} + +// getAvailableStores returns a comma-separated list of available store names +func getAvailableStores() string { + var storeNames []string + for _, store := range Stores { + storeNames = append(storeNames, string(store.GetName())) + } + return strings.Join(storeNames, ", ") +} + +// GetAvailableStores returns a list of available credential store names +func GetAvailableStores() []CredentialStoreTypeName { + var storeNames []CredentialStoreTypeName + for _, store := range Stores { + storeNames = append(storeNames, store.GetName()) + } + if storeNames == nil { + return []CredentialStoreTypeName{} + } + return storeNames +} |