Skip to content

Commit

Permalink
NC | account by id | iam merge fixes
Browse files Browse the repository at this point in the history 
Signed-off-by: Amit Prinz Setter <[email protected]>
  • Loading branch information
@alphaprinz
alphaprinz committed Jul 3, 2024
1 parent df89276 commit 5cb4178
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 25 deletions.
2 changes: 1 addition & 1 deletion src/sdk/accountspace_fs.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -723,7 +723,7 @@ class AccountSpaceFS {
if (entry.name.endsWith('.json')) {
const full_path = path.join(this.buckets_dir, entry.name);
const bucket_data = await get_config_data(this.config_root_backend, full_path, false);
if (bucket_data.bucket_owner === account_to_delete.name) {
if (bucket_data.owner_account === account_to_delete._id) {
this._throw_error_delete_conflict(action, account_to_delete, resource_name);
}
return bucket_data;
Expand Down
36 changes: 18 additions & 18 deletions src/test/unit_tests/jest_tests/test_accountspace_fs.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,7 +281,7 @@ describe('Accountspace_FS tests', () => {
expect(res.arn).toBeDefined();
expect(res.create_date).toBeDefined();

const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
expect(user_account_config_file.name).toBe(params.username);
expect(user_account_config_file._id).toBeDefined();
expect(user_account_config_file.creation_date).toBeDefined();
Expand Down Expand Up @@ -310,7 +310,7 @@ describe('Accountspace_FS tests', () => {
expect(res.arn).toBeDefined();
expect(res.create_date).toBeDefined();

const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
expect(user_account_config_file.name).toBe(params.username);
expect(user_account_config_file._id).toBeDefined();
expect(user_account_config_file.creation_date).toBeDefined();
Expand Down Expand Up @@ -340,7 +340,7 @@ describe('Accountspace_FS tests', () => {
expect(res.arn).toBeDefined();
expect(res.create_date).toBeDefined();

const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
expect(user_account_config_file.name).toBe(params.username);
expect(user_account_config_file._id).toBeDefined();
expect(user_account_config_file.creation_date).toBeDefined();
Expand Down Expand Up @@ -548,7 +548,7 @@ describe('Accountspace_FS tests', () => {
expect(res.username).toBe(dummy_user_root_account.username);
expect(res.user_id).toBeDefined();
expect(res.arn).toBeDefined();
const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
expect(user_account_config_file.name).toBe(params.username);
expect(user_account_config_file.iam_path).toBe(dummy_iam_path);
});
Expand Down Expand Up @@ -652,7 +652,7 @@ describe('Accountspace_FS tests', () => {
await accountspace_fs.update_user(params, account_sdk);
});

it('update_user should return user params (user has access_keys)', async function() {
it('update_user2 should return user params (user has access_keys)', async function() {
const account_sdk = make_dummy_account_sdk();
// create the user
let params = {
Expand Down Expand Up @@ -781,7 +781,7 @@ describe('Accountspace_FS tests', () => {
expect(err).toHaveProperty('code', IamError.DeleteConflict.code);
expect(err).toHaveProperty('message');
expect(err.message).toMatch(/must delete access keys first/i);
const user_account_config_path = path.join(accountspace_fs.accounts_dir, params.username + '.json');
const user_account_config_path = path.join(accountspace_fs.root_accounts_dir, params.username + '.symlink');
await fs_utils.file_must_exist(user_account_config_path);
}
});
Expand All @@ -799,8 +799,8 @@ describe('Accountspace_FS tests', () => {
// same params
await accountspace_fs.create_access_key(params, account_sdk);
// create a user with the root account
const account_config_file = await read_config_file(accountspace_fs.accounts_dir, username_for_root_account);
const root_account_manager_id = account_sdk.requesting_account._id;json
const account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, username_for_root_account, true);
const root_account_manager_id = account_sdk.requesting_account._id;
const account_sdk_root = make_dummy_account_sdk_from_root_accounts_manager(
account_config_file, root_account_manager_id);
const username = dummy_username7;
Expand All @@ -817,7 +817,7 @@ describe('Accountspace_FS tests', () => {
expect(err).toHaveProperty('code', IamError.DeleteConflict.code);
expect(err).toHaveProperty('message');
expect(err.message).toMatch(/must delete IAM users first/i);
const user_account_config_path = path.join(accountspace_fs.accounts_dir, params.username + '.json');
const user_account_config_path = path.join(accountspace_fs.root_accounts_dir, params.username + '.symlink');
await fs_utils.file_must_exist(user_account_config_path);
}
});
Expand All @@ -833,7 +833,7 @@ describe('Accountspace_FS tests', () => {
await accountspace_fs.create_user(params, account_sdk);
// create a dummy bucket
const bucket_name = `my-bucket-${params.username}`;
const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
await create_dummy_bucket(user_account_config_file, bucket_name);
await accountspace_fs.delete_user(params, account_sdk);
throw new NoErrorThrownError();
Expand Down Expand Up @@ -1156,7 +1156,7 @@ describe('Accountspace_FS tests', () => {
expect(res.status).toBe('Active');
expect(res.secret_key).toBeDefined();

const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, params.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, params.username, true);
expect(user_account_config_file.name).toBe(params.username);
expect(user_account_config_file.access_keys).toBeDefined();
expect(Array.isArray(user_account_config_file.access_keys)).toBe(true);
Expand Down Expand Up @@ -1277,11 +1277,11 @@ describe('Accountspace_FS tests', () => {
it('get_access_key_last_used return an error if user is not owned by the root account (requester is an IAM user)', async function() {
try {
let account_sdk = make_dummy_account_sdk();
const requester_account_config_file = await read_config_file(accountspace_fs.accounts_dir, dummy_user2.username);
const requester_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, dummy_user2.username, true);
// by the IAM user
account_sdk = make_dummy_account_sdk_created_from_another_account(requester_account_config_file,
requester_account_config_file.owner);
const user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, dummy_user_root_account.username);
const user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, dummy_user_root_account.username, true);
const access_key = user_account_config_file.access_keys[0].access_key;
const params = {
access_key: access_key,
Expand Down Expand Up @@ -1406,7 +1406,7 @@ describe('Accountspace_FS tests', () => {
const params = {
username: dummy_username1,
access_key: access_key,
status: access_key_status_enum.ACTIVE,
status: access_key_status_enum.ACTIVE
};
const res = await accountspace_fs.update_access_key(params, account_sdk);
expect(res).toBeUndefined();
Expand Down Expand Up @@ -1457,7 +1457,7 @@ describe('Accountspace_FS tests', () => {
it('update_access_key should not return any param (update status to Inactive) (requesting account is root accounts manager requested account is root account)', async function() {
const username = dummy_user_root_account.username;
const account_sdk = make_dummy_account_sdk_root_accounts_manager();
let user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, username);
let user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, username, true);
const access_key = user_account_config_file.access_keys[0].access_key;
const params = {
username: username,
Expand All @@ -1466,7 +1466,7 @@ describe('Accountspace_FS tests', () => {
};
const res = await accountspace_fs.update_access_key(params, account_sdk);
expect(res).toBeUndefined();
user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, username);
user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, username, true);
expect(user_account_config_file.access_keys[0].deactivated).toBe(true);
});
});
Expand Down Expand Up @@ -1614,15 +1614,15 @@ describe('Accountspace_FS tests', () => {
it('delete_access_key should not return any param (requesting account is root accounts manager requested account is root account)', async function() {
const username = dummy_user_root_account.username;
const account_sdk = make_dummy_account_sdk_root_accounts_manager();
let user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, username);
let user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, username, true);
const access_key = user_account_config_file.access_keys[0].access_key;
const params = {
username: username,
access_key: access_key,
};
const res = await accountspace_fs.delete_access_key(params, account_sdk);
expect(res).toBeUndefined();
user_account_config_file = await read_config_file(accountspace_fs.accounts_dir, username);
user_account_config_file = await read_config_file(accountspace_fs.root_accounts_dir, username, true);
expect(user_account_config_file.access_keys.length).toBe(1);
const symlink_config_path = path.join(accountspace_fs.access_keys_dir, access_key + '.symlink');
await fs_utils.file_must_not_exist(symlink_config_path);
Expand Down
12 changes: 6 additions & 6 deletions src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -389,7 +389,7 @@ describe('manage nsfs cli account flow', () => {
await fs_utils.file_must_exist(new_buckets_path);
await set_path_permissions_and_owner(new_buckets_path, account_options, 0o700);
await exec_manage_cli(type, action, account_options);
const account = await read_config_file(config_root, CONFIG_SUBDIRS.ACCOUNTS, name);
const account = await read_config_file(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name, true);
expect(account.iam_operate_on_root_account).toBe(true);
expect(account.allow_bucket_creation).toBe(true);
});
Expand All @@ -404,7 +404,7 @@ describe('manage nsfs cli account flow', () => {
await fs_utils.file_must_exist(new_buckets_path);
await set_path_permissions_and_owner(new_buckets_path, account_options, 0o700);
await exec_manage_cli(type, action, account_options);
const account = await read_config_file(config_root, CONFIG_SUBDIRS.ACCOUNTS, name);
const account = await read_config_file(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name, true);
expect(account.iam_operate_on_root_account).toBe(false);
expect(account.allow_bucket_creation).toBe(true); // by default it is inferred when we have new_buckets_path
});
Expand Down Expand Up @@ -783,12 +783,12 @@ describe('manage nsfs cli account flow', () => {
const account_options = { config_root, name, iam_operate_on_root_account: 'true'};
const action = ACTIONS.UPDATE;
await exec_manage_cli(type, action, account_options);
let new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ACCOUNTS, name);
let new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name, true);
expect(new_account_details.iam_operate_on_root_account).toBe(true);

account_options.iam_operate_on_root_account = 'false';
await exec_manage_cli(type, action, account_options);
new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ACCOUNTS, name);
new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name, true);
expect(new_account_details.iam_operate_on_root_account).toBe(false);
});

Expand All @@ -798,7 +798,7 @@ describe('manage nsfs cli account flow', () => {
const account_options = { config_root, name, iam_operate_on_root_account: 'true'};
const action = ACTIONS.UPDATE;
await exec_manage_cli(type, action, account_options);
const new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ACCOUNTS, name);
const new_account_details = await read_config_file(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name, true);
expect(new_account_details.iam_operate_on_root_account).toBe(true);

// unset iam_operate_on_root_account (is not allowed)
Expand Down Expand Up @@ -857,7 +857,7 @@ describe('manage nsfs cli account flow', () => {
// update the account to have the property owner
// (we use this way because now we don't have the way to create IAM users through the noobaa cli)
const { name } = defaults;
const account_config_path = path.join(config_root, CONFIG_SUBDIRS.ACCOUNTS, name + '.json');
const account_config_path = path.join(config_root, CONFIG_SUBDIRS.ROOT_ACCOUNTS, name + '.symlink');
const { data } = await nb_native().fs.readFile(DEFAULT_FS_CONFIG, account_config_path);
const config_data = JSON.parse(data.toString());
config_data.owner = '65a62e22ceae5e5f1a758aa9'; // just so we can identify this account as IAM user
Expand Down

0 comments on commit 5cb4178

Please sign in to comment.