github.com/minio/console@v1.4.1/api/admin_kms.go (about) 1 // This file is part of MinIO Console Server 2 // Copyright (c) 2022 MinIO, Inc. 3 // 4 // This program is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Affero General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // This program is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Affero General Public License for more details. 13 // 14 // You should have received a copy of the GNU Affero General Public License 15 // along with this program. If not, see <http://www.gnu.org/licenses/>. 16 // 17 18 package api 19 20 import ( 21 "context" 22 "encoding/json" 23 "sort" 24 25 "github.com/go-openapi/runtime/middleware" 26 "github.com/minio/console/api/operations" 27 kmsAPI "github.com/minio/console/api/operations/k_m_s" 28 "github.com/minio/console/models" 29 "github.com/minio/madmin-go/v3" 30 ) 31 32 func registerKMSHandlers(api *operations.ConsoleAPI) { 33 registerKMSStatusHandlers(api) 34 registerKMSKeyHandlers(api) 35 registerKMSPolicyHandlers(api) 36 registerKMSIdentityHandlers(api) 37 } 38 39 func registerKMSStatusHandlers(api *operations.ConsoleAPI) { 40 api.KmsKMSStatusHandler = kmsAPI.KMSStatusHandlerFunc(func(params kmsAPI.KMSStatusParams, session *models.Principal) middleware.Responder { 41 resp, err := GetKMSStatusResponse(session, params) 42 if err != nil { 43 return kmsAPI.NewKMSStatusDefault(err.Code).WithPayload(err.APIError) 44 } 45 return kmsAPI.NewKMSStatusOK().WithPayload(resp) 46 }) 47 48 api.KmsKMSMetricsHandler = kmsAPI.KMSMetricsHandlerFunc(func(params kmsAPI.KMSMetricsParams, session *models.Principal) middleware.Responder { 49 resp, err := GetKMSMetricsResponse(session, params) 50 if err != nil { 51 return kmsAPI.NewKMSMetricsDefault(err.Code).WithPayload(err.APIError) 52 } 53 return kmsAPI.NewKMSMetricsOK().WithPayload(resp) 54 }) 55 56 api.KmsKMSAPIsHandler = kmsAPI.KMSAPIsHandlerFunc(func(params kmsAPI.KMSAPIsParams, session *models.Principal) middleware.Responder { 57 resp, err := GetKMSAPIsResponse(session, params) 58 if err != nil { 59 return kmsAPI.NewKMSAPIsDefault(err.Code).WithPayload(err.APIError) 60 } 61 return kmsAPI.NewKMSAPIsOK().WithPayload(resp) 62 }) 63 64 api.KmsKMSVersionHandler = kmsAPI.KMSVersionHandlerFunc(func(params kmsAPI.KMSVersionParams, session *models.Principal) middleware.Responder { 65 resp, err := GetKMSVersionResponse(session, params) 66 if err != nil { 67 return kmsAPI.NewKMSVersionDefault(err.Code).WithPayload(err.APIError) 68 } 69 return kmsAPI.NewKMSVersionOK().WithPayload(resp) 70 }) 71 } 72 73 func GetKMSStatusResponse(session *models.Principal, params kmsAPI.KMSStatusParams) (*models.KmsStatusResponse, *CodedAPIError) { 74 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 75 defer cancel() 76 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 77 if err != nil { 78 return nil, ErrorWithContext(ctx, err) 79 } 80 return kmsStatus(ctx, AdminClient{Client: mAdmin}) 81 } 82 83 func kmsStatus(ctx context.Context, minioClient MinioAdmin) (*models.KmsStatusResponse, *CodedAPIError) { 84 st, err := minioClient.kmsStatus(ctx) 85 if err != nil { 86 return nil, ErrorWithContext(ctx, err) 87 } 88 return &models.KmsStatusResponse{ 89 DefaultKeyID: st.DefaultKeyID, 90 Name: st.Name, 91 Endpoints: parseStatusEndpoints(st.Endpoints), 92 }, nil 93 } 94 95 func parseStatusEndpoints(endpoints map[string]madmin.ItemState) (kmsEndpoints []*models.KmsEndpoint) { 96 for key, value := range endpoints { 97 kmsEndpoints = append(kmsEndpoints, &models.KmsEndpoint{URL: key, Status: string(value)}) 98 } 99 return kmsEndpoints 100 } 101 102 func GetKMSMetricsResponse(session *models.Principal, params kmsAPI.KMSMetricsParams) (*models.KmsMetricsResponse, *CodedAPIError) { 103 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 104 defer cancel() 105 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 106 if err != nil { 107 return nil, ErrorWithContext(ctx, err) 108 } 109 return kmsMetrics(ctx, AdminClient{Client: mAdmin}) 110 } 111 112 func kmsMetrics(ctx context.Context, minioClient MinioAdmin) (*models.KmsMetricsResponse, *CodedAPIError) { 113 metrics, err := minioClient.kmsMetrics(ctx) 114 if err != nil { 115 return nil, ErrorWithContext(ctx, err) 116 } 117 return &models.KmsMetricsResponse{ 118 RequestOK: &metrics.RequestOK, 119 RequestErr: &metrics.RequestErr, 120 RequestFail: &metrics.RequestFail, 121 RequestActive: &metrics.RequestActive, 122 AuditEvents: &metrics.AuditEvents, 123 ErrorEvents: &metrics.ErrorEvents, 124 LatencyHistogram: parseHistogram(metrics.LatencyHistogram), 125 Uptime: &metrics.UpTime, 126 Cpus: &metrics.CPUs, 127 UsableCPUs: &metrics.UsableCPUs, 128 Threads: &metrics.Threads, 129 HeapAlloc: &metrics.HeapAlloc, 130 HeapObjects: metrics.HeapObjects, 131 StackAlloc: &metrics.StackAlloc, 132 }, nil 133 } 134 135 func parseHistogram(histogram map[int64]int64) (records []*models.KmsLatencyHistogram) { 136 for duration, total := range histogram { 137 records = append(records, &models.KmsLatencyHistogram{Duration: duration, Total: total}) 138 } 139 cp := func(i, j int) bool { 140 return records[i].Duration < records[j].Duration 141 } 142 sort.Slice(records, cp) 143 return records 144 } 145 146 func GetKMSAPIsResponse(session *models.Principal, params kmsAPI.KMSAPIsParams) (*models.KmsAPIsResponse, *CodedAPIError) { 147 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 148 defer cancel() 149 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 150 if err != nil { 151 return nil, ErrorWithContext(ctx, err) 152 } 153 return kmsAPIs(ctx, AdminClient{Client: mAdmin}) 154 } 155 156 func kmsAPIs(ctx context.Context, minioClient MinioAdmin) (*models.KmsAPIsResponse, *CodedAPIError) { 157 apis, err := minioClient.kmsAPIs(ctx) 158 if err != nil { 159 return nil, ErrorWithContext(ctx, err) 160 } 161 return &models.KmsAPIsResponse{ 162 Results: parseApis(apis), 163 }, nil 164 } 165 166 func parseApis(apis []madmin.KMSAPI) (data []*models.KmsAPI) { 167 for _, api := range apis { 168 data = append(data, &models.KmsAPI{ 169 Method: api.Method, 170 Path: api.Path, 171 MaxBody: api.MaxBody, 172 Timeout: api.Timeout, 173 }) 174 } 175 return data 176 } 177 178 func GetKMSVersionResponse(session *models.Principal, params kmsAPI.KMSVersionParams) (*models.KmsVersionResponse, *CodedAPIError) { 179 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 180 defer cancel() 181 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 182 if err != nil { 183 return nil, ErrorWithContext(ctx, err) 184 } 185 return kmsVersion(ctx, AdminClient{Client: mAdmin}) 186 } 187 188 func kmsVersion(ctx context.Context, minioClient MinioAdmin) (*models.KmsVersionResponse, *CodedAPIError) { 189 version, err := minioClient.kmsVersion(ctx) 190 if err != nil { 191 return nil, ErrorWithContext(ctx, err) 192 } 193 return &models.KmsVersionResponse{ 194 Version: version.Version, 195 }, nil 196 } 197 198 func registerKMSKeyHandlers(api *operations.ConsoleAPI) { 199 api.KmsKMSCreateKeyHandler = kmsAPI.KMSCreateKeyHandlerFunc(func(params kmsAPI.KMSCreateKeyParams, session *models.Principal) middleware.Responder { 200 err := GetKMSCreateKeyResponse(session, params) 201 if err != nil { 202 return kmsAPI.NewKMSCreateKeyDefault(err.Code).WithPayload(err.APIError) 203 } 204 return kmsAPI.NewKMSCreateKeyCreated() 205 }) 206 207 api.KmsKMSImportKeyHandler = kmsAPI.KMSImportKeyHandlerFunc(func(params kmsAPI.KMSImportKeyParams, session *models.Principal) middleware.Responder { 208 err := GetKMSImportKeyResponse(session, params) 209 if err != nil { 210 return kmsAPI.NewKMSImportKeyDefault(err.Code).WithPayload(err.APIError) 211 } 212 return kmsAPI.NewKMSImportKeyCreated() 213 }) 214 215 api.KmsKMSListKeysHandler = kmsAPI.KMSListKeysHandlerFunc(func(params kmsAPI.KMSListKeysParams, session *models.Principal) middleware.Responder { 216 resp, err := GetKMSListKeysResponse(session, params) 217 if err != nil { 218 return kmsAPI.NewKMSListKeysDefault(err.Code).WithPayload(err.APIError) 219 } 220 return kmsAPI.NewKMSListKeysOK().WithPayload(resp) 221 }) 222 223 api.KmsKMSKeyStatusHandler = kmsAPI.KMSKeyStatusHandlerFunc(func(params kmsAPI.KMSKeyStatusParams, session *models.Principal) middleware.Responder { 224 resp, err := GetKMSKeyStatusResponse(session, params) 225 if err != nil { 226 return kmsAPI.NewKMSKeyStatusDefault(err.Code).WithPayload(err.APIError) 227 } 228 return kmsAPI.NewKMSKeyStatusOK().WithPayload(resp) 229 }) 230 231 api.KmsKMSDeleteKeyHandler = kmsAPI.KMSDeleteKeyHandlerFunc(func(params kmsAPI.KMSDeleteKeyParams, session *models.Principal) middleware.Responder { 232 err := GetKMSDeleteKeyResponse(session, params) 233 if err != nil { 234 return kmsAPI.NewKMSDeleteKeyDefault(err.Code).WithPayload(err.APIError) 235 } 236 return kmsAPI.NewKMSDeleteKeyOK() 237 }) 238 } 239 240 func GetKMSCreateKeyResponse(session *models.Principal, params kmsAPI.KMSCreateKeyParams) *CodedAPIError { 241 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 242 defer cancel() 243 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 244 if err != nil { 245 return ErrorWithContext(ctx, err) 246 } 247 return createKey(ctx, *params.Body.Key, AdminClient{Client: mAdmin}) 248 } 249 250 func createKey(ctx context.Context, key string, minioClient MinioAdmin) *CodedAPIError { 251 if err := minioClient.createKey(ctx, key); err != nil { 252 return ErrorWithContext(ctx, err) 253 } 254 return nil 255 } 256 257 func GetKMSImportKeyResponse(session *models.Principal, params kmsAPI.KMSImportKeyParams) *CodedAPIError { 258 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 259 defer cancel() 260 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 261 if err != nil { 262 return ErrorWithContext(ctx, err) 263 } 264 bytes, err := json.Marshal(params.Body) 265 if err != nil { 266 return ErrorWithContext(ctx, err) 267 } 268 return importKey(ctx, params.Name, bytes, AdminClient{Client: mAdmin}) 269 } 270 271 func importKey(ctx context.Context, key string, bytes []byte, minioClient MinioAdmin) *CodedAPIError { 272 if err := minioClient.importKey(ctx, key, bytes); err != nil { 273 return ErrorWithContext(ctx, err) 274 } 275 return nil 276 } 277 278 func GetKMSListKeysResponse(session *models.Principal, params kmsAPI.KMSListKeysParams) (*models.KmsListKeysResponse, *CodedAPIError) { 279 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 280 defer cancel() 281 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 282 if err != nil { 283 return nil, ErrorWithContext(ctx, err) 284 } 285 pattern := "" 286 if params.Pattern != nil { 287 pattern = *params.Pattern 288 } 289 return listKeys(ctx, pattern, AdminClient{Client: mAdmin}) 290 } 291 292 func listKeys(ctx context.Context, pattern string, minioClient MinioAdmin) (*models.KmsListKeysResponse, *CodedAPIError) { 293 results, err := minioClient.listKeys(ctx, pattern) 294 if err != nil { 295 return nil, ErrorWithContext(ctx, err) 296 } 297 return &models.KmsListKeysResponse{Results: parseKeys(results)}, nil 298 } 299 300 func parseKeys(results []madmin.KMSKeyInfo) (data []*models.KmsKeyInfo) { 301 for _, key := range results { 302 data = append(data, &models.KmsKeyInfo{ 303 CreatedAt: key.CreatedAt, 304 CreatedBy: key.CreatedBy, 305 Name: key.Name, 306 }) 307 } 308 return data 309 } 310 311 func GetKMSKeyStatusResponse(session *models.Principal, params kmsAPI.KMSKeyStatusParams) (*models.KmsKeyStatusResponse, *CodedAPIError) { 312 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 313 defer cancel() 314 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 315 if err != nil { 316 return nil, ErrorWithContext(ctx, err) 317 } 318 return keyStatus(ctx, params.Name, AdminClient{Client: mAdmin}) 319 } 320 321 func keyStatus(ctx context.Context, key string, minioClient MinioAdmin) (*models.KmsKeyStatusResponse, *CodedAPIError) { 322 ks, err := minioClient.keyStatus(ctx, key) 323 if err != nil { 324 return nil, ErrorWithContext(ctx, err) 325 } 326 return &models.KmsKeyStatusResponse{ 327 KeyID: ks.KeyID, 328 EncryptionErr: ks.EncryptionErr, 329 DecryptionErr: ks.DecryptionErr, 330 }, nil 331 } 332 333 func GetKMSDeleteKeyResponse(session *models.Principal, params kmsAPI.KMSDeleteKeyParams) *CodedAPIError { 334 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 335 defer cancel() 336 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 337 if err != nil { 338 return ErrorWithContext(ctx, err) 339 } 340 return deleteKey(ctx, params.Name, AdminClient{Client: mAdmin}) 341 } 342 343 func deleteKey(ctx context.Context, key string, minioClient MinioAdmin) *CodedAPIError { 344 if err := minioClient.deleteKey(ctx, key); err != nil { 345 return ErrorWithContext(ctx, err) 346 } 347 return nil 348 } 349 350 func registerKMSPolicyHandlers(api *operations.ConsoleAPI) { 351 api.KmsKMSSetPolicyHandler = kmsAPI.KMSSetPolicyHandlerFunc(func(params kmsAPI.KMSSetPolicyParams, session *models.Principal) middleware.Responder { 352 err := GetKMSSetPolicyResponse(session, params) 353 if err != nil { 354 return kmsAPI.NewKMSSetPolicyDefault(err.Code).WithPayload(err.APIError) 355 } 356 return kmsAPI.NewKMSSetPolicyOK() 357 }) 358 359 api.KmsKMSAssignPolicyHandler = kmsAPI.KMSAssignPolicyHandlerFunc(func(params kmsAPI.KMSAssignPolicyParams, session *models.Principal) middleware.Responder { 360 err := GetKMSAssignPolicyResponse(session, params) 361 if err != nil { 362 return kmsAPI.NewKMSAssignPolicyDefault(err.Code).WithPayload(err.APIError) 363 } 364 return kmsAPI.NewKMSAssignPolicyOK() 365 }) 366 367 api.KmsKMSDescribePolicyHandler = kmsAPI.KMSDescribePolicyHandlerFunc(func(params kmsAPI.KMSDescribePolicyParams, session *models.Principal) middleware.Responder { 368 resp, err := GetKMSDescribePolicyResponse(session, params) 369 if err != nil { 370 return kmsAPI.NewKMSDescribePolicyDefault(err.Code).WithPayload(err.APIError) 371 } 372 return kmsAPI.NewKMSDescribePolicyOK().WithPayload(resp) 373 }) 374 375 api.KmsKMSGetPolicyHandler = kmsAPI.KMSGetPolicyHandlerFunc(func(params kmsAPI.KMSGetPolicyParams, session *models.Principal) middleware.Responder { 376 resp, err := GetKMSGetPolicyResponse(session, params) 377 if err != nil { 378 return kmsAPI.NewKMSGetPolicyDefault(err.Code).WithPayload(err.APIError) 379 } 380 return kmsAPI.NewKMSGetPolicyOK().WithPayload(resp) 381 }) 382 383 api.KmsKMSListPoliciesHandler = kmsAPI.KMSListPoliciesHandlerFunc(func(params kmsAPI.KMSListPoliciesParams, session *models.Principal) middleware.Responder { 384 resp, err := GetKMSListPoliciesResponse(session, params) 385 if err != nil { 386 return kmsAPI.NewKMSListPoliciesDefault(err.Code).WithPayload(err.APIError) 387 } 388 return kmsAPI.NewKMSListPoliciesOK().WithPayload(resp) 389 }) 390 391 api.KmsKMSDeletePolicyHandler = kmsAPI.KMSDeletePolicyHandlerFunc(func(params kmsAPI.KMSDeletePolicyParams, session *models.Principal) middleware.Responder { 392 err := GetKMSDeletePolicyResponse(session, params) 393 if err != nil { 394 return kmsAPI.NewKMSDeletePolicyDefault(err.Code).WithPayload(err.APIError) 395 } 396 return kmsAPI.NewKMSDeletePolicyOK() 397 }) 398 } 399 400 func GetKMSSetPolicyResponse(session *models.Principal, params kmsAPI.KMSSetPolicyParams) *CodedAPIError { 401 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 402 defer cancel() 403 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 404 if err != nil { 405 return ErrorWithContext(ctx, err) 406 } 407 bytes, err := json.Marshal(params.Body) 408 if err != nil { 409 return ErrorWithContext(ctx, err) 410 } 411 return setPolicy(ctx, *params.Body.Policy, bytes, AdminClient{Client: mAdmin}) 412 } 413 414 func setPolicy(ctx context.Context, policy string, content []byte, minioClient MinioAdmin) *CodedAPIError { 415 if err := minioClient.setKMSPolicy(ctx, policy, content); err != nil { 416 return ErrorWithContext(ctx, err) 417 } 418 return nil 419 } 420 421 func GetKMSAssignPolicyResponse(session *models.Principal, params kmsAPI.KMSAssignPolicyParams) *CodedAPIError { 422 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 423 defer cancel() 424 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 425 if err != nil { 426 return ErrorWithContext(ctx, err) 427 } 428 bytes, err := json.Marshal(params.Body) 429 if err != nil { 430 return ErrorWithContext(ctx, err) 431 } 432 return assignPolicy(ctx, params.Name, bytes, AdminClient{Client: mAdmin}) 433 } 434 435 func assignPolicy(ctx context.Context, policy string, content []byte, minioClient MinioAdmin) *CodedAPIError { 436 if err := minioClient.assignPolicy(ctx, policy, content); err != nil { 437 return ErrorWithContext(ctx, err) 438 } 439 return nil 440 } 441 442 func GetKMSDescribePolicyResponse(session *models.Principal, params kmsAPI.KMSDescribePolicyParams) (*models.KmsDescribePolicyResponse, *CodedAPIError) { 443 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 444 defer cancel() 445 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 446 if err != nil { 447 return nil, ErrorWithContext(ctx, err) 448 } 449 return describePolicy(ctx, params.Name, AdminClient{Client: mAdmin}) 450 } 451 452 func describePolicy(ctx context.Context, policy string, minioClient MinioAdmin) (*models.KmsDescribePolicyResponse, *CodedAPIError) { 453 dp, err := minioClient.describePolicy(ctx, policy) 454 if err != nil { 455 return nil, ErrorWithContext(ctx, err) 456 } 457 return &models.KmsDescribePolicyResponse{ 458 Name: dp.Name, 459 CreatedAt: dp.CreatedAt, 460 CreatedBy: dp.CreatedBy, 461 }, nil 462 } 463 464 func GetKMSGetPolicyResponse(session *models.Principal, params kmsAPI.KMSGetPolicyParams) (*models.KmsGetPolicyResponse, *CodedAPIError) { 465 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 466 defer cancel() 467 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 468 if err != nil { 469 return nil, ErrorWithContext(ctx, err) 470 } 471 return getPolicy(ctx, params.Name, AdminClient{Client: mAdmin}) 472 } 473 474 func getPolicy(ctx context.Context, policy string, minioClient MinioAdmin) (*models.KmsGetPolicyResponse, *CodedAPIError) { 475 p, err := minioClient.getKMSPolicy(ctx, policy) 476 if err != nil { 477 return nil, ErrorWithContext(ctx, err) 478 } 479 return &models.KmsGetPolicyResponse{ 480 Allow: p.Allow, 481 Deny: p.Deny, 482 }, nil 483 } 484 485 func GetKMSListPoliciesResponse(session *models.Principal, params kmsAPI.KMSListPoliciesParams) (*models.KmsListPoliciesResponse, *CodedAPIError) { 486 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 487 defer cancel() 488 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 489 if err != nil { 490 return nil, ErrorWithContext(ctx, err) 491 } 492 pattern := "" 493 if params.Pattern != nil { 494 pattern = *params.Pattern 495 } 496 return listKMSPolicies(ctx, pattern, AdminClient{Client: mAdmin}) 497 } 498 499 func listKMSPolicies(ctx context.Context, pattern string, minioClient MinioAdmin) (*models.KmsListPoliciesResponse, *CodedAPIError) { 500 results, err := minioClient.listKMSPolicies(ctx, pattern) 501 if err != nil { 502 return nil, ErrorWithContext(ctx, err) 503 } 504 return &models.KmsListPoliciesResponse{Results: parsePolicies(results)}, nil 505 } 506 507 func parsePolicies(results []madmin.KMSPolicyInfo) (data []*models.KmsPolicyInfo) { 508 for _, policy := range results { 509 data = append(data, &models.KmsPolicyInfo{ 510 CreatedAt: policy.CreatedAt, 511 CreatedBy: policy.CreatedBy, 512 Name: policy.Name, 513 }) 514 } 515 return data 516 } 517 518 func GetKMSDeletePolicyResponse(session *models.Principal, params kmsAPI.KMSDeletePolicyParams) *CodedAPIError { 519 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 520 defer cancel() 521 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 522 if err != nil { 523 return ErrorWithContext(ctx, err) 524 } 525 return deletePolicy(ctx, params.Name, AdminClient{Client: mAdmin}) 526 } 527 528 func deletePolicy(ctx context.Context, policy string, minioClient MinioAdmin) *CodedAPIError { 529 if err := minioClient.deletePolicy(ctx, policy); err != nil { 530 return ErrorWithContext(ctx, err) 531 } 532 return nil 533 } 534 535 func registerKMSIdentityHandlers(api *operations.ConsoleAPI) { 536 api.KmsKMSDescribeIdentityHandler = kmsAPI.KMSDescribeIdentityHandlerFunc(func(params kmsAPI.KMSDescribeIdentityParams, session *models.Principal) middleware.Responder { 537 resp, err := GetKMSDescribeIdentityResponse(session, params) 538 if err != nil { 539 return kmsAPI.NewKMSDescribeIdentityDefault(err.Code).WithPayload(err.APIError) 540 } 541 return kmsAPI.NewKMSDescribeIdentityOK().WithPayload(resp) 542 }) 543 544 api.KmsKMSDescribeSelfIdentityHandler = kmsAPI.KMSDescribeSelfIdentityHandlerFunc(func(params kmsAPI.KMSDescribeSelfIdentityParams, session *models.Principal) middleware.Responder { 545 resp, err := GetKMSDescribeSelfIdentityResponse(session, params) 546 if err != nil { 547 return kmsAPI.NewKMSDescribeSelfIdentityDefault(err.Code).WithPayload(err.APIError) 548 } 549 return kmsAPI.NewKMSDescribeSelfIdentityOK().WithPayload(resp) 550 }) 551 552 api.KmsKMSListIdentitiesHandler = kmsAPI.KMSListIdentitiesHandlerFunc(func(params kmsAPI.KMSListIdentitiesParams, session *models.Principal) middleware.Responder { 553 resp, err := GetKMSListIdentitiesResponse(session, params) 554 if err != nil { 555 return kmsAPI.NewKMSListIdentitiesDefault(err.Code).WithPayload(err.APIError) 556 } 557 return kmsAPI.NewKMSListIdentitiesOK().WithPayload(resp) 558 }) 559 api.KmsKMSDeleteIdentityHandler = kmsAPI.KMSDeleteIdentityHandlerFunc(func(params kmsAPI.KMSDeleteIdentityParams, session *models.Principal) middleware.Responder { 560 err := GetKMSDeleteIdentityResponse(session, params) 561 if err != nil { 562 return kmsAPI.NewKMSDeleteIdentityDefault(err.Code).WithPayload(err.APIError) 563 } 564 return kmsAPI.NewKMSDeleteIdentityOK() 565 }) 566 } 567 568 func GetKMSDescribeIdentityResponse(session *models.Principal, params kmsAPI.KMSDescribeIdentityParams) (*models.KmsDescribeIdentityResponse, *CodedAPIError) { 569 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 570 defer cancel() 571 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 572 if err != nil { 573 return nil, ErrorWithContext(ctx, err) 574 } 575 return describeIdentity(ctx, params.Name, AdminClient{Client: mAdmin}) 576 } 577 578 func describeIdentity(ctx context.Context, identity string, minioClient MinioAdmin) (*models.KmsDescribeIdentityResponse, *CodedAPIError) { 579 i, err := minioClient.describeIdentity(ctx, identity) 580 if err != nil { 581 return nil, ErrorWithContext(ctx, err) 582 } 583 return &models.KmsDescribeIdentityResponse{ 584 Policy: i.Policy, 585 Admin: i.IsAdmin, 586 Identity: i.Identity, 587 CreatedAt: i.CreatedAt, 588 CreatedBy: i.CreatedBy, 589 }, nil 590 } 591 592 func GetKMSDescribeSelfIdentityResponse(session *models.Principal, params kmsAPI.KMSDescribeSelfIdentityParams) (*models.KmsDescribeSelfIdentityResponse, *CodedAPIError) { 593 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 594 defer cancel() 595 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 596 if err != nil { 597 return nil, ErrorWithContext(ctx, err) 598 } 599 return describeSelfIdentity(ctx, AdminClient{Client: mAdmin}) 600 } 601 602 func describeSelfIdentity(ctx context.Context, minioClient MinioAdmin) (*models.KmsDescribeSelfIdentityResponse, *CodedAPIError) { 603 i, err := minioClient.describeSelfIdentity(ctx) 604 if err != nil { 605 return nil, ErrorWithContext(ctx, err) 606 } 607 return &models.KmsDescribeSelfIdentityResponse{ 608 Policy: &models.KmsGetPolicyResponse{ 609 Allow: i.Policy.Allow, 610 Deny: i.Policy.Deny, 611 }, 612 Identity: i.Identity, 613 Admin: i.IsAdmin, 614 CreatedAt: i.CreatedAt, 615 CreatedBy: i.CreatedBy, 616 }, nil 617 } 618 619 func GetKMSListIdentitiesResponse(session *models.Principal, params kmsAPI.KMSListIdentitiesParams) (*models.KmsListIdentitiesResponse, *CodedAPIError) { 620 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 621 defer cancel() 622 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 623 if err != nil { 624 return nil, ErrorWithContext(ctx, err) 625 } 626 pattern := "" 627 if params.Pattern != nil { 628 pattern = *params.Pattern 629 } 630 return listIdentities(ctx, pattern, AdminClient{Client: mAdmin}) 631 } 632 633 func listIdentities(ctx context.Context, pattern string, minioClient MinioAdmin) (*models.KmsListIdentitiesResponse, *CodedAPIError) { 634 results, err := minioClient.listIdentities(ctx, pattern) 635 if err != nil { 636 return nil, ErrorWithContext(ctx, err) 637 } 638 return &models.KmsListIdentitiesResponse{Results: parseIdentities(results)}, nil 639 } 640 641 func parseIdentities(results []madmin.KMSIdentityInfo) (data []*models.KmsIdentityInfo) { 642 for _, policy := range results { 643 data = append(data, &models.KmsIdentityInfo{ 644 CreatedAt: policy.CreatedAt, 645 CreatedBy: policy.CreatedBy, 646 Identity: policy.Identity, 647 Error: policy.Error, 648 Policy: policy.Policy, 649 }) 650 } 651 return data 652 } 653 654 func GetKMSDeleteIdentityResponse(session *models.Principal, params kmsAPI.KMSDeleteIdentityParams) *CodedAPIError { 655 ctx, cancel := context.WithCancel(params.HTTPRequest.Context()) 656 defer cancel() 657 mAdmin, err := NewMinioAdminClient(params.HTTPRequest.Context(), session) 658 if err != nil { 659 return ErrorWithContext(ctx, err) 660 } 661 return deleteIdentity(ctx, params.Name, AdminClient{Client: mAdmin}) 662 } 663 664 func deleteIdentity(ctx context.Context, identity string, minioClient MinioAdmin) *CodedAPIError { 665 if err := minioClient.deleteIdentity(ctx, identity); err != nil { 666 return ErrorWithContext(ctx, err) 667 } 668 return nil 669 }