github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/admin-policy-info.go (about) 1 // Copyright (c) 2015-2022 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package cmd 19 20 import ( 21 "os" 22 23 "github.com/fatih/color" 24 "github.com/minio/cli" 25 "github.com/minio/madmin-go/v3" 26 "github.com/minio/mc/pkg/probe" 27 "github.com/minio/pkg/v2/console" 28 ) 29 30 var policyInfoFlags = []cli.Flag{ 31 cli.StringFlag{ 32 Name: "policy-file, f", 33 Usage: "additionally (over-)write policy JSON to given file", 34 }, 35 } 36 37 var adminPolicyInfoCmd = cli.Command{ 38 Name: "info", 39 Usage: "show info on an IAM policy", 40 Action: mainAdminPolicyInfo, 41 OnUsageError: onUsageError, 42 Before: setGlobalsFromContext, 43 Flags: append(policyInfoFlags, globalFlags...), 44 CustomHelpTemplate: `NAME: 45 {{.HelpName}} - {{.Usage}} 46 47 USAGE: 48 {{.HelpName}} TARGET POLICYNAME [OPTIONS...] 49 50 POLICYNAME: 51 Name of the policy on the MinIO server. 52 53 FLAGS: 54 {{range .VisibleFlags}}{{.}} 55 {{end}} 56 EXAMPLES: 57 1. Show information on a given policy. 58 {{.Prompt}} {{.HelpName}} myminio writeonly 59 60 2. Show information on a given policy and write the policy JSON content to /tmp/policy.json. 61 {{.Prompt}} {{.HelpName}} myminio writeonly --policy-file /tmp/policy.json 62 `, 63 } 64 65 // checkAdminPolicyInfoSyntax - validate all the passed arguments 66 func checkAdminPolicyInfoSyntax(ctx *cli.Context) { 67 if len(ctx.Args()) != 2 { 68 showCommandHelpAndExit(ctx, 1) // last argument is exit code 69 } 70 } 71 72 func getPolicyInfo(client *madmin.AdminClient, policyName string) (*madmin.PolicyInfo, error) { 73 pinfo, e := client.InfoCannedPolicyV2(globalContext, policyName) 74 if e != nil { 75 return nil, e 76 } 77 78 if pinfo.PolicyName == "" { 79 // Likely server only supports the older version. 80 pinfo.Policy, e = client.InfoCannedPolicy(globalContext, policyName) 81 if e != nil { 82 return nil, e 83 } 84 pinfo.PolicyName = policyName 85 } 86 return pinfo, nil 87 } 88 89 // mainAdminPolicyInfo is the handler for "mc admin policy info" command. 90 func mainAdminPolicyInfo(ctx *cli.Context) error { 91 checkAdminPolicyInfoSyntax(ctx) 92 93 console.SetColor("PolicyMessage", color.New(color.FgGreen)) 94 console.SetColor("Policy", color.New(color.FgBlue)) 95 96 // Get the alias parameter from cli 97 args := ctx.Args() 98 aliasedURL := args.Get(0) 99 policyName := args.Get(1) 100 101 // Create a new MinIO Admin Client 102 client, err := newAdminClient(aliasedURL) 103 fatalIf(err, "Unable to initialize admin connection") 104 105 pinfo, e := getPolicyInfo(client, policyName) 106 fatalIf(probe.NewError(e).Trace(args...), "Unable to fetch policy") 107 108 policyFile := ctx.String("policy-file") 109 if policyFile != "" { 110 f, e := os.Create(policyFile) 111 fatalIf(probe.NewError(e).Trace(args...), "Could not open given policy file") 112 113 _, e = f.Write(pinfo.Policy) 114 fatalIf(probe.NewError(e).Trace(args...), "Could not write to given policy file") 115 } 116 117 printMsg(userPolicyMessage{ 118 op: ctx.Command.Name, 119 Policy: policyName, 120 PolicyInfo: *pinfo, 121 }) 122 123 return nil 124 }