aboutsummaryrefslogtreecommitdiff
path: root/weed/iamapi/iamapi_management_handlers.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/iamapi/iamapi_management_handlers.go')
-rw-r--r--weed/iamapi/iamapi_management_handlers.go19
1 files changed, 8 insertions, 11 deletions
diff --git a/weed/iamapi/iamapi_management_handlers.go b/weed/iamapi/iamapi_management_handlers.go
index 488e92aa5..e1f215bd3 100644
--- a/weed/iamapi/iamapi_management_handlers.go
+++ b/weed/iamapi/iamapi_management_handlers.go
@@ -204,6 +204,7 @@ func (iama *IamApiServer) CreatePolicy(s3cfg *iam_pb.S3ApiConfiguration, values
return resp, nil
}
+// https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html
func (iama *IamApiServer) PutUserPolicy(s3cfg *iam_pb.S3ApiConfiguration, values url.Values) (resp PutUserPolicyResponse, err error) {
userName := values.Get("UserName")
policyName := values.Get("PolicyName")
@@ -215,14 +216,15 @@ func (iama *IamApiServer) PutUserPolicy(s3cfg *iam_pb.S3ApiConfiguration, values
policyDocuments[policyName] = &policyDocument
actions := GetActions(&policyDocument)
for _, ident := range s3cfg.Identities {
- if userName == ident.Name {
- for _, action := range actions {
- ident.Actions = append(ident.Actions, action)
- }
- break
+ if userName != ident.Name {
+ continue
+ }
+ for _, action := range actions {
+ ident.Actions = append(ident.Actions, action)
}
+ return resp, nil
}
- return resp, nil
+ return resp, fmt.Errorf("%s: the user with name %s cannot be found", iam.ErrCodeNoSuchEntityException, userName)
}
func (iama *IamApiServer) GetUserPolicy(s3cfg *iam_pb.S3ApiConfiguration, values url.Values) (resp GetUserPolicyResponse, err error) {
@@ -412,14 +414,11 @@ func (iama *IamApiServer) DoActions(w http.ResponseWriter, r *http.Request) {
return
}
values := r.PostForm
- var s3cfgLock sync.RWMutex
- s3cfgLock.RLock()
s3cfg := &iam_pb.S3ApiConfiguration{}
if err := iama.s3ApiConfig.GetS3ApiConfiguration(s3cfg); err != nil {
s3err.WriteErrorResponse(w, r, s3err.ErrInternalError)
return
}
- s3cfgLock.RUnlock()
glog.V(4).Infof("DoActions: %+v", values)
var response interface{}
@@ -498,9 +497,7 @@ func (iama *IamApiServer) DoActions(w http.ResponseWriter, r *http.Request) {
return
}
if changed {
- s3cfgLock.Lock()
err := iama.s3ApiConfig.PutS3ApiConfiguration(s3cfg)
- s3cfgLock.Unlock()
if err != nil {
writeIamErrorResponse(w, r, fmt.Errorf(iam.ErrCodeServiceFailureException), "", "", err)
return
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-24 04:43:47 +0000