admin api: rename allow/deny api calls in api v2
This commit is contained in:
parent
70bf358b60
commit
348a9a4cd6
5 changed files with 28 additions and 28 deletions
|
|
@ -826,11 +826,11 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/components/schemas/BucketInfo'
|
$ref: '#/components/schemas/BucketInfo'
|
||||||
|
|
||||||
/BucketAllowKey:
|
/AllowBucketKey:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
- Permissions
|
- Permissions
|
||||||
operationId: "BucketAllowKey"
|
operationId: "AllowBucketKey"
|
||||||
summary: "Allow key"
|
summary: "Allow key"
|
||||||
description: |
|
description: |
|
||||||
⚠️ **DISCLAIMER**: Garage's developers are aware that this endpoint has an unconventional semantic. Be extra careful when implementing it, its behavior is not obvious.
|
⚠️ **DISCLAIMER**: Garage's developers are aware that this endpoint has an unconventional semantic. Be extra careful when implementing it, its behavior is not obvious.
|
||||||
|
|
@ -886,11 +886,11 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/components/schemas/BucketInfo'
|
$ref: '#/components/schemas/BucketInfo'
|
||||||
|
|
||||||
/BucketDenyKey:
|
/DenyBucketKey:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
- Permissions
|
- Permissions
|
||||||
operationId: "BucketDenyKey"
|
operationId: "DenyBucketKey"
|
||||||
summary: "Deny key"
|
summary: "Deny key"
|
||||||
description: |
|
description: |
|
||||||
⚠️ **DISCLAIMER**: Garage's developers are aware that this endpoint has an unconventional semantic. Be extra careful when implementing it, its behavior is not obvious.
|
⚠️ **DISCLAIMER**: Garage's developers are aware that this endpoint has an unconventional semantic. Be extra careful when implementing it, its behavior is not obvious.
|
||||||
|
|
|
||||||
|
|
@ -705,7 +705,7 @@ Warning: this will delete all aliases associated with the bucket!
|
||||||
|
|
||||||
### Operations on permissions for keys on buckets
|
### Operations on permissions for keys on buckets
|
||||||
|
|
||||||
#### BucketAllowKey `POST /v2/BucketAllowKey`
|
#### AllowBucketKey `POST /v2/AllowBucketKey`
|
||||||
|
|
||||||
Allows a key to do read/write/owner operations on a bucket.
|
Allows a key to do read/write/owner operations on a bucket.
|
||||||
|
|
||||||
|
|
@ -726,7 +726,7 @@ Request body format:
|
||||||
Flags in `permissions` which have the value `true` will be activated.
|
Flags in `permissions` which have the value `true` will be activated.
|
||||||
Other flags will remain unchanged.
|
Other flags will remain unchanged.
|
||||||
|
|
||||||
#### BucketDenyKey `POST /v2/BucketDenyKey`
|
#### DenyBucketKey `POST /v2/DenyBucketKey`
|
||||||
|
|
||||||
Denies a key from doing read/write/owner operations on a bucket.
|
Denies a key from doing read/write/owner operations on a bucket.
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -50,8 +50,8 @@ admin_endpoints![
|
||||||
DeleteBucket,
|
DeleteBucket,
|
||||||
|
|
||||||
// Operations on permissions for keys on buckets
|
// Operations on permissions for keys on buckets
|
||||||
BucketAllowKey,
|
AllowBucketKey,
|
||||||
BucketDenyKey,
|
DenyBucketKey,
|
||||||
|
|
||||||
// Operations on bucket aliases
|
// Operations on bucket aliases
|
||||||
AddGlobalBucketAlias,
|
AddGlobalBucketAlias,
|
||||||
|
|
@ -486,13 +486,13 @@ pub struct DeleteBucketResponse;
|
||||||
// Operations on permissions for keys on buckets
|
// Operations on permissions for keys on buckets
|
||||||
// **********************************************
|
// **********************************************
|
||||||
|
|
||||||
// ---- BucketAllowKey ----
|
// ---- AllowBucketKey ----
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
pub struct BucketAllowKeyRequest(pub BucketKeyPermChangeRequest);
|
pub struct AllowBucketKeyRequest(pub BucketKeyPermChangeRequest);
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
pub struct BucketAllowKeyResponse(pub GetBucketInfoResponse);
|
pub struct AllowBucketKeyResponse(pub GetBucketInfoResponse);
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
#[serde(rename_all = "camelCase")]
|
#[serde(rename_all = "camelCase")]
|
||||||
|
|
@ -502,13 +502,13 @@ pub struct BucketKeyPermChangeRequest {
|
||||||
pub permissions: ApiBucketKeyPerm,
|
pub permissions: ApiBucketKeyPerm,
|
||||||
}
|
}
|
||||||
|
|
||||||
// ---- BucketDenyKey ----
|
// ---- DenyBucketKey ----
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
pub struct BucketDenyKeyRequest(pub BucketKeyPermChangeRequest);
|
pub struct DenyBucketKeyRequest(pub BucketKeyPermChangeRequest);
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize)]
|
#[derive(Serialize, Deserialize)]
|
||||||
pub struct BucketDenyKeyResponse(pub GetBucketInfoResponse);
|
pub struct DenyBucketKeyResponse(pub GetBucketInfoResponse);
|
||||||
|
|
||||||
// **********************************************
|
// **********************************************
|
||||||
// Operations on bucket aliases
|
// Operations on bucket aliases
|
||||||
|
|
|
||||||
|
|
@ -18,8 +18,8 @@ use garage_model::s3::object_table::*;
|
||||||
|
|
||||||
use crate::admin::api::ApiBucketKeyPerm;
|
use crate::admin::api::ApiBucketKeyPerm;
|
||||||
use crate::admin::api::{
|
use crate::admin::api::{
|
||||||
ApiBucketQuotas, BucketAllowKeyRequest, BucketAllowKeyResponse, BucketDenyKeyRequest,
|
ApiBucketQuotas, AllowBucketKeyRequest, AllowBucketKeyResponse, DenyBucketKeyRequest,
|
||||||
BucketDenyKeyResponse, BucketKeyPermChangeRequest, BucketLocalAlias, CreateBucketRequest,
|
DenyBucketKeyResponse, BucketKeyPermChangeRequest, BucketLocalAlias, CreateBucketRequest,
|
||||||
CreateBucketResponse, DeleteBucketRequest, DeleteBucketResponse, GetBucketInfoKey,
|
CreateBucketResponse, DeleteBucketRequest, DeleteBucketResponse, GetBucketInfoKey,
|
||||||
GetBucketInfoRequest, GetBucketInfoResponse, GetBucketInfoWebsiteResponse,
|
GetBucketInfoRequest, GetBucketInfoResponse, GetBucketInfoWebsiteResponse,
|
||||||
AddGlobalBucketAliasRequest, AddGlobalBucketAliasResponse, RemoveGlobalBucketAliasRequest,
|
AddGlobalBucketAliasRequest, AddGlobalBucketAliasResponse, RemoveGlobalBucketAliasRequest,
|
||||||
|
|
@ -394,22 +394,22 @@ impl EndpointHandler for UpdateBucketRequest {
|
||||||
// ---- BUCKET/KEY PERMISSIONS ----
|
// ---- BUCKET/KEY PERMISSIONS ----
|
||||||
|
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl EndpointHandler for BucketAllowKeyRequest {
|
impl EndpointHandler for AllowBucketKeyRequest {
|
||||||
type Response = BucketAllowKeyResponse;
|
type Response = AllowBucketKeyResponse;
|
||||||
|
|
||||||
async fn handle(self, garage: &Arc<Garage>) -> Result<BucketAllowKeyResponse, Error> {
|
async fn handle(self, garage: &Arc<Garage>) -> Result<AllowBucketKeyResponse, Error> {
|
||||||
let res = handle_bucket_change_key_perm(garage, self.0, true).await?;
|
let res = handle_bucket_change_key_perm(garage, self.0, true).await?;
|
||||||
Ok(BucketAllowKeyResponse(res))
|
Ok(AllowBucketKeyResponse(res))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[async_trait]
|
#[async_trait]
|
||||||
impl EndpointHandler for BucketDenyKeyRequest {
|
impl EndpointHandler for DenyBucketKeyRequest {
|
||||||
type Response = BucketDenyKeyResponse;
|
type Response = DenyBucketKeyResponse;
|
||||||
|
|
||||||
async fn handle(self, garage: &Arc<Garage>) -> Result<BucketDenyKeyResponse, Error> {
|
async fn handle(self, garage: &Arc<Garage>) -> Result<DenyBucketKeyResponse, Error> {
|
||||||
let res = handle_bucket_change_key_perm(garage, self.0, false).await?;
|
let res = handle_bucket_change_key_perm(garage, self.0, false).await?;
|
||||||
Ok(BucketDenyKeyResponse(res))
|
Ok(DenyBucketKeyResponse(res))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -52,8 +52,8 @@ impl AdminApiRequest {
|
||||||
POST DeleteBucket (query::id),
|
POST DeleteBucket (query::id),
|
||||||
POST UpdateBucket (body_field, query::id),
|
POST UpdateBucket (body_field, query::id),
|
||||||
// Bucket-key permissions
|
// Bucket-key permissions
|
||||||
POST BucketAllowKey (body),
|
POST AllowBucketKey (body),
|
||||||
POST BucketDenyKey (body),
|
POST DenyBucketKey (body),
|
||||||
// Bucket aliases
|
// Bucket aliases
|
||||||
POST AddGlobalBucketAlias (body),
|
POST AddGlobalBucketAlias (body),
|
||||||
POST RemoveGlobalBucketAlias (body),
|
POST RemoveGlobalBucketAlias (body),
|
||||||
|
|
@ -167,11 +167,11 @@ impl AdminApiRequest {
|
||||||
// Bucket-key permissions
|
// Bucket-key permissions
|
||||||
Endpoint::BucketAllowKey => {
|
Endpoint::BucketAllowKey => {
|
||||||
let req = parse_json_body::<BucketKeyPermChangeRequest, _, Error>(req).await?;
|
let req = parse_json_body::<BucketKeyPermChangeRequest, _, Error>(req).await?;
|
||||||
Ok(AdminApiRequest::BucketAllowKey(BucketAllowKeyRequest(req)))
|
Ok(AdminApiRequest::AllowBucketKey(AllowBucketKeyRequest(req)))
|
||||||
}
|
}
|
||||||
Endpoint::BucketDenyKey => {
|
Endpoint::BucketDenyKey => {
|
||||||
let req = parse_json_body::<BucketKeyPermChangeRequest, _, Error>(req).await?;
|
let req = parse_json_body::<BucketKeyPermChangeRequest, _, Error>(req).await?;
|
||||||
Ok(AdminApiRequest::BucketDenyKey(BucketDenyKeyRequest(req)))
|
Ok(AdminApiRequest::DenyBucketKey(DenyBucketKeyRequest(req)))
|
||||||
}
|
}
|
||||||
// Bucket aliasing
|
// Bucket aliasing
|
||||||
Endpoint::GlobalAliasBucket { id, alias } => Ok(AdminApiRequest::AddGlobalBucketAlias(
|
Endpoint::GlobalAliasBucket { id, alias } => Ok(AdminApiRequest::AddGlobalBucketAlias(
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue