diff --git a/minio/minioadmin.py b/minio/minioadmin.py index d62ac21d..9c781b39 100644 --- a/minio/minioadmin.py +++ b/minio/minioadmin.py @@ -452,16 +452,25 @@ def group_list(self) -> str: response = self._url_open("GET", _COMMAND.LIST_GROUPS) return response.data.decode() - def policy_add(self, policy_name: str, policy_file: str) -> str: + def policy_add(self, + policy_name: str, + policy_file: str | os.PathLike | None = None, + policy: dict | None = None) -> str: """Add new policy.""" - with open(policy_file, encoding='utf-8') as file: - response = self._url_open( - "PUT", - _COMMAND.ADD_CANNED_POLICY, - query_params={"name": policy_name}, - body=file.read().encode(), - ) - return response.data.decode() + if not (policy_file is not None) ^ (policy is not None): + raise ValueError("either policy_file or policy must be provided") + if policy_file: + with open(policy_file, encoding='utf-8') as file: + body = file.read().encode() + else: + body = json.dumps(policy).encode() + response = self._url_open( + "PUT", + _COMMAND.ADD_CANNED_POLICY, + query_params={"name": policy_name}, + body=body, + ) + return response.data.decode() def policy_remove(self, policy_name: str) -> str: """Remove policy.""" @@ -753,7 +762,8 @@ def add_service_account(self, secret_key: str | None = None, name: str | None = None, description: str | None = None, - policy_file: str | None = None, + policy: dict | None = None, + policy_file: str | os.PathLike | None = None, expiration: str | None = None, status: str | None = None) -> str: """ @@ -763,7 +773,9 @@ def add_service_account(self, raise ValueError("both access key and secret key must be provided") if access_key == "" or secret_key == "": raise ValueError("access key or secret key must not be empty") - data = { + if policy_file is not None and policy is not None: + raise ValueError("either policy_file or policy must be provided") + data: dict[str, Any] = { "status": "enabled", "accessKey": access_key, "secretKey": secret_key, @@ -775,6 +787,8 @@ def add_service_account(self, if policy_file: with open(policy_file, encoding="utf-8") as file: data["policy"] = json.load(file) + if policy: + data["policy"] = policy if expiration: data["expiration"] = expiration if status: @@ -797,16 +811,20 @@ def update_service_account(self, secret_key: str | None = None, name: str | None = None, description: str | None = None, - policy_file: str | None = None, + policy_file: str | os.PathLike | None = None, + policy: dict | None = None, expiration: str | None = None, status: str | None = None) -> str: """Update an existing service account""" - args = [secret_key, name, description, policy_file, expiration, status] + args = [secret_key, name, description, + policy_file, policy, expiration, status] if not any(arg for arg in args): raise ValueError("at least one of secret_key, name, description, " - "policy_file, expiration or status must be " - "specified") - data = {} + "policy_file, policy, expiration or status must " + "be specified") + if policy_file is not None and policy is not None: + raise ValueError("either policy_file or policy must be provided") + data: dict[str, Any] = {} if secret_key: data["newSecretKey"] = secret_key if name: @@ -816,6 +834,8 @@ def update_service_account(self, if policy_file: with open(policy_file, encoding="utf-8") as file: data["newPolicy"] = json.load(file) + if policy: + data["newPolicy"] = policy if expiration: data["newExpiration"] = expiration if status: