From f734b2d4bf154b372d382283a8ef09fe1c808154 Mon Sep 17 00:00:00 2001 From: chrislu Date: Sun, 14 Dec 2025 16:08:56 -0800 Subject: Refactor: Extract common IAM logic into shared weed/iam package (#7747) This resolves GitHub issue #7747 by extracting duplicated IAM code into a shared package that both the embedded S3 IAM and standalone IAM use. New shared package (weed/iam/): - constants.go: Common constants (charsets, action strings, error messages) - helpers.go: Shared helper functions (Hash, GenerateRandomString, GenerateAccessKeyId, GenerateSecretAccessKey, StringSlicesEqual, MapToStatementAction, MapToIdentitiesAction, MaskAccessKey) - responses.go: Common IAM response structs (CommonResponse, ListUsersResponse, CreateUserResponse, etc.) - helpers_test.go: Unit tests for shared helpers Updated files: - weed/s3api/s3api_embedded_iam.go: Use type aliases and function wrappers to the shared package, removing ~200 lines of duplicated code - weed/iamapi/iamapi_management_handlers.go: Use shared package for constants and helper functions, removing ~100 lines of duplicated code - weed/iamapi/iamapi_response.go: Re-export types from shared package for backwards compatibility Benefits: - Single source of truth for IAM constants and helpers - Easier maintenance - changes only need to be made in one place - Reduced risk of inconsistencies between embedded and standalone IAM - Better test coverage through shared test suite --- weed/iamapi/iamapi_response.go | 129 +++++++---------------------------------- 1 file changed, 21 insertions(+), 108 deletions(-) (limited to 'weed/iamapi/iamapi_response.go') diff --git a/weed/iamapi/iamapi_response.go b/weed/iamapi/iamapi_response.go index fc68ce5a5..c16b1f79b 100644 --- a/weed/iamapi/iamapi_response.go +++ b/weed/iamapi/iamapi_response.go @@ -1,113 +1,26 @@ package iamapi -import ( - "encoding/xml" - "fmt" - "time" +// This file re-exports IAM response types from the shared weed/iam package +// for backwards compatibility with existing code. - "github.com/aws/aws-sdk-go/service/iam" +import ( + iamlib "github.com/seaweedfs/seaweedfs/weed/iam" ) -type CommonResponse struct { - ResponseMetadata struct { - RequestId string `xml:"RequestId"` - } `xml:"ResponseMetadata"` -} - -type ListUsersResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ ListUsersResponse"` - ListUsersResult struct { - Users []*iam.User `xml:"Users>member"` - IsTruncated bool `xml:"IsTruncated"` - } `xml:"ListUsersResult"` -} - -type ListAccessKeysResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ ListAccessKeysResponse"` - ListAccessKeysResult struct { - AccessKeyMetadata []*iam.AccessKeyMetadata `xml:"AccessKeyMetadata>member"` - IsTruncated bool `xml:"IsTruncated"` - } `xml:"ListAccessKeysResult"` -} - -type DeleteAccessKeyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ DeleteAccessKeyResponse"` -} - -type CreatePolicyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ CreatePolicyResponse"` - CreatePolicyResult struct { - Policy iam.Policy `xml:"Policy"` - } `xml:"CreatePolicyResult"` -} - -type CreateUserResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ CreateUserResponse"` - CreateUserResult struct { - User iam.User `xml:"User"` - } `xml:"CreateUserResult"` -} - -type DeleteUserResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ DeleteUserResponse"` -} - -type GetUserResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ GetUserResponse"` - GetUserResult struct { - User iam.User `xml:"User"` - } `xml:"GetUserResult"` -} - -type UpdateUserResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ UpdateUserResponse"` -} - -type CreateAccessKeyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ CreateAccessKeyResponse"` - CreateAccessKeyResult struct { - AccessKey iam.AccessKey `xml:"AccessKey"` - } `xml:"CreateAccessKeyResult"` -} - -type PutUserPolicyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ PutUserPolicyResponse"` -} - -type DeleteUserPolicyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ DeleteUserPolicyResponse"` -} - -type GetUserPolicyResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ GetUserPolicyResponse"` - GetUserPolicyResult struct { - UserName string `xml:"UserName"` - PolicyName string `xml:"PolicyName"` - PolicyDocument string `xml:"PolicyDocument"` - } `xml:"GetUserPolicyResult"` -} - -type ErrorResponse struct { - CommonResponse - XMLName xml.Name `xml:"https://iam.amazonaws.com/doc/2010-05-08/ ErrorResponse"` - Error struct { - iam.ErrorDetails - Type string `xml:"Type"` - } `xml:"Error"` -} - -func (r *CommonResponse) SetRequestId() { - r.ResponseMetadata.RequestId = fmt.Sprintf("%d", time.Now().UnixNano()) -} +// Type aliases for IAM response types from shared package +type ( + CommonResponse = iamlib.CommonResponse + ListUsersResponse = iamlib.ListUsersResponse + ListAccessKeysResponse = iamlib.ListAccessKeysResponse + DeleteAccessKeyResponse = iamlib.DeleteAccessKeyResponse + CreatePolicyResponse = iamlib.CreatePolicyResponse + CreateUserResponse = iamlib.CreateUserResponse + DeleteUserResponse = iamlib.DeleteUserResponse + GetUserResponse = iamlib.GetUserResponse + UpdateUserResponse = iamlib.UpdateUserResponse + CreateAccessKeyResponse = iamlib.CreateAccessKeyResponse + PutUserPolicyResponse = iamlib.PutUserPolicyResponse + DeleteUserPolicyResponse = iamlib.DeleteUserPolicyResponse + GetUserPolicyResponse = iamlib.GetUserPolicyResponse + ErrorResponse = iamlib.ErrorResponse +) -- cgit v1.2.3