aboutsummaryrefslogtreecommitdiff
path: root/weed/admin/dash/admin_server.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/admin/dash/admin_server.go')
-rw-r--r--weed/admin/dash/admin_server.go87
1 files changed, 53 insertions, 34 deletions
diff --git a/weed/admin/dash/admin_server.go b/weed/admin/dash/admin_server.go
index bcc126374..cff6f3300 100644
--- a/weed/admin/dash/admin_server.go
+++ b/weed/admin/dash/admin_server.go
@@ -1,6 +1,7 @@
package dash
import (
+ "bytes"
"context"
"fmt"
"net/http"
@@ -8,10 +9,12 @@ import (
"time"
"github.com/seaweedfs/seaweedfs/weed/cluster"
+ "github.com/seaweedfs/seaweedfs/weed/filer"
"github.com/seaweedfs/seaweedfs/weed/glog"
"github.com/seaweedfs/seaweedfs/weed/operation"
"github.com/seaweedfs/seaweedfs/weed/pb"
"github.com/seaweedfs/seaweedfs/weed/pb/filer_pb"
+ "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
"github.com/seaweedfs/seaweedfs/weed/pb/master_pb"
"github.com/seaweedfs/seaweedfs/weed/pb/volume_server_pb"
"github.com/seaweedfs/seaweedfs/weed/security"
@@ -651,41 +654,57 @@ func (s *AdminServer) DeleteS3Bucket(bucketName string) error {
})
}
-// GetObjectStoreUsers retrieves object store users data
+// GetObjectStoreUsers retrieves object store users from identity.json
func (s *AdminServer) GetObjectStoreUsers() ([]ObjectStoreUser, error) {
- // For now, return mock data since SeaweedFS doesn't have built-in user management
- // In a real implementation, this would query the IAM system or user database
- users := []ObjectStoreUser{
- {
- Username: "admin",
- Email: "admin@example.com",
- AccessKey: "AKIAIOSFODNN7EXAMPLE",
- SecretKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
- Status: "active",
- CreatedAt: time.Now().AddDate(0, -1, 0),
- LastLogin: time.Now().AddDate(0, 0, -1),
- Permissions: []string{"s3:*", "iam:*"},
- },
- {
- Username: "readonly",
- Email: "readonly@example.com",
- AccessKey: "AKIAI44QH8DHBEXAMPLE",
- SecretKey: "je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY",
- Status: "active",
- CreatedAt: time.Now().AddDate(0, -2, 0),
- LastLogin: time.Now().AddDate(0, 0, -3),
- Permissions: []string{"s3:GetObject", "s3:ListBucket"},
- },
- {
- Username: "backup",
- Email: "backup@example.com",
- AccessKey: "AKIAIGCEVSQ6C2EXAMPLE",
- SecretKey: "BnL1dIqRF/+WoWcouZ5e3qthJhEXAMPLEKEY",
- Status: "inactive",
- CreatedAt: time.Now().AddDate(0, -3, 0),
- LastLogin: time.Now().AddDate(0, -1, -15),
- Permissions: []string{"s3:PutObject", "s3:GetObject"},
- },
+ s3cfg := &iam_pb.S3ApiConfiguration{}
+
+ // Load IAM configuration from filer
+ err := s.WithFilerClient(func(client filer_pb.SeaweedFilerClient) error {
+ var buf bytes.Buffer
+ if err := filer.ReadEntry(nil, client, filer.IamConfigDirectory, filer.IamIdentityFile, &buf); err != nil {
+ if err == filer_pb.ErrNotFound {
+ // If file doesn't exist, return empty configuration
+ return nil
+ }
+ return err
+ }
+ if buf.Len() > 0 {
+ return filer.ParseS3ConfigurationFromBytes(buf.Bytes(), s3cfg)
+ }
+ return nil
+ })
+
+ if err != nil {
+ glog.Errorf("Failed to load IAM configuration: %v", err)
+ return []ObjectStoreUser{}, nil // Return empty list instead of error for UI
+ }
+
+ var users []ObjectStoreUser
+
+ // Convert IAM identities to ObjectStoreUser format
+ for _, identity := range s3cfg.Identities {
+ // Skip anonymous identity
+ if identity.Name == "anonymous" {
+ continue
+ }
+
+ user := ObjectStoreUser{
+ Username: identity.Name,
+ Permissions: identity.Actions,
+ }
+
+ // Set email from account if available
+ if identity.Account != nil {
+ user.Email = identity.Account.EmailAddress
+ }
+
+ // Get first access key for display
+ if len(identity.Credentials) > 0 {
+ user.AccessKey = identity.Credentials[0].AccessKey
+ user.SecretKey = identity.Credentials[0].SecretKey
+ }
+
+ users = append(users, user)
}
return users, nil
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-21 03:06:22 +0000