github.com/minio/mc@v0.0.0-20240503112107-b471de8d1882/cmd/admin-user-policy.go (about) 1 // Copyright (c) 2015-2022 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package cmd 19 20 import ( 21 "fmt" 22 "os" 23 "strings" 24 25 "github.com/fatih/color" 26 "github.com/minio/cli" 27 json "github.com/minio/colorjson" 28 "github.com/minio/mc/pkg/probe" 29 "github.com/minio/pkg/v2/console" 30 "github.com/minio/pkg/v2/policy" 31 ) 32 33 var adminUserPolicyCmd = cli.Command{ 34 Name: "policy", 35 Usage: "export user policies in JSON format", 36 Action: mainAdminUserPolicy, 37 OnUsageError: onUsageError, 38 Before: setGlobalsFromContext, 39 Flags: globalFlags, 40 CustomHelpTemplate: `NAME: 41 {{.HelpName}} - {{.Usage}} 42 USAGE: 43 {{.HelpName}} TARGET USERNAME 44 FLAGS: 45 {{range .VisibleFlags}}{{.}} 46 {{end}} 47 EXAMPLES: 48 1. Display the policy document of a user "foobar" in JSON format. 49 {{.Prompt}} {{.HelpName}} myminio foobar 50 `, 51 } 52 53 // checkAdminUserPolicySyntax - validate all the passed arguments 54 func checkAdminUserPolicySyntax(ctx *cli.Context) { 55 if len(ctx.Args()) != 2 { 56 showCommandHelpAndExit(ctx, 1) // last argument is exit code 57 } 58 } 59 60 // mainAdminUserPolicy is the handler for "mc admin user policy" command. 61 func mainAdminUserPolicy(ctx *cli.Context) error { 62 checkAdminUserPolicySyntax(ctx) 63 64 console.SetColor("UserMessage", color.New(color.FgGreen)) 65 66 // Get the alias parameter from cli 67 args := ctx.Args() 68 aliasedURL := args.Get(0) 69 70 // Create a new MinIO Admin Client 71 client, err := newAdminClient(aliasedURL) 72 fatalIf(err, "Unable to initialize admin connection.") 73 74 user, e := client.GetUserInfo(globalContext, args.Get(1)) 75 fatalIf(probe.NewError(e).Trace(args...), "Unable to get user info") 76 77 if user.PolicyName == "" { 78 e = fmt.Errorf("policy not found for user %s", args.Get(1)) 79 fatalIf(probe.NewError(e).Trace(args...), "Unable to fetch user policy document") 80 } 81 82 policyNames := strings.Split(user.PolicyName, ",") 83 84 var policies []policy.Policy 85 for _, policyName := range policyNames { 86 if policyName == "" { 87 continue 88 } 89 policyInfo, e := getPolicyInfo(client, policyName) 90 fatalIf(probe.NewError(e).Trace(), "Unable to fetch user policy document for policy "+policyName) 91 92 var policyObj policy.Policy 93 if e := json.Unmarshal(policyInfo.Policy, &policyObj); e != nil { 94 fatalIf(probe.NewError(e).Trace(), "Unable to unmarshal policy") 95 } 96 policies = append(policies, policyObj) 97 } 98 99 mergedPolicy := policy.MergePolicies(policies...) 100 json.NewEncoder(os.Stdout).Encode(mergedPolicy) 101 return nil 102 }