Changed Share Object logic to use Access Keys (#2827)

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
minio · May 24, 2023 · 7a9b775 · 7a9b775
1 parent 17e791a
commit 7a9b775
Show file tree

Hide file tree

Showing 16 changed files with 656 additions and 291 deletions.
diff --git a/integration/user_api_bucket_test.go b/integration/user_api_bucket_test.go
@@ -461,12 +461,24 @@ func ListObjects(bucketName, prefix, withVersions string) (*http.Response, error
 	return response, err
 }
 
-func SharesAnObjectOnAUrl(bucketName, prefix, versionID, expires string) (*http.Response, error) {
-	// Helper function to share an object on a url
+func SharesAnObjectOnAUrl(bucketName, prefix, versionID, expires, accessKey, secretKey string) (*http.Response, error) {
+	// Helper function to share an object on an url
+
+	requestDataAdd := map[string]interface{}{
+		"prefix":     prefix,
+		"version_id": versionID,
+		"expires":    expires,
+		"access_key": accessKey,
+		"secret_key": secretKey,
+	}
+
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
 	request, err := http.NewRequest(
-		"GET",
-		"http://localhost:9090/api/v1/buckets/"+bucketName+"/objects/share?prefix="+prefix+"&version_id="+versionID+"&expires="+expires,
-		nil,
+		"POST",
+		"http://localhost:9090/api/v1/buckets/"+bucketName+"/objects/share",
+		requestDataBody,
 	)
 	if err != nil {
 		log.Println(err)
@@ -743,6 +755,39 @@ func PutObjectsLegalholdStatus(bucketName, prefix, status, versionID string) (*h
 	return response, err
 }
 
+func PostServiceAccountCredentials(accessKey, secretKey, policy string) (*http.Response, error) {
+	/*
+		Helper function to create a service account
+		POST: {{baseUrl}}/service-account-credentials
+		{
+			"accessKey":"testsa",
+			"secretKey":"secretsa",
+			"policy":""
+		}
+	*/
+	requestDataAdd := map[string]interface{}{
+		"accessKey": accessKey,
+		"secretKey": secretKey,
+		"policy":    policy,
+	}
+	requestDataJSON, _ := json.Marshal(requestDataAdd)
+	requestDataBody := bytes.NewReader(requestDataJSON)
+
+	request, err := http.NewRequest("POST",
+		"http://localhost:9090/api/v1/service-account-credentials",
+		requestDataBody)
+	if err != nil {
+		log.Println(err)
+	}
+	request.Header.Add("Cookie", fmt.Sprintf("token=%s", token))
+	request.Header.Add("Content-Type", "application/json")
+	client := &http.Client{
+		Timeout: 2 * time.Second,
+	}
+	response, err := client.Do(request)
+	return response, err
+}
+
 func TestPutObjectsLegalholdStatus(t *testing.T) {
 	// Variables
 	assert := assert.New(t)
@@ -1514,6 +1559,8 @@ func TestShareObjectOnURL(t *testing.T) {
 	tags := make(map[string]string)
 	tags["tag"] = "testputobjecttagbucketonetagone"
 	versionID := "null"
+	accessKey := "testaccesskey"
+	secretKey := "secretAccessKey"
 
 	// 1. Create the bucket
 	if !setupBucket(bucketName, false, false, nil, nil, assert, 200) {
@@ -1534,6 +1581,21 @@ func TestShareObjectOnURL(t *testing.T) {
 			inspectHTTPResponse(uploadResponse),
 		)
 	}
+	// 2. Create Access Key
+	accKeyRsp, createError := PostServiceAccountCredentials(accessKey, secretKey, "")
+
+	if createError != nil {
+		log.Println(createError)
+		return
+	}
+
+	if accKeyRsp != nil {
+		assert.Equal(
+			201,
+			accKeyRsp.StatusCode,
+			inspectHTTPResponse(accKeyRsp),
+		)
+	}
 
 	type args struct {
 		prefix string
@@ -1561,7 +1623,7 @@ func TestShareObjectOnURL(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			// 3. Share the object on a URL
-			shareResponse, shareError := SharesAnObjectOnAUrl(bucketName, tt.args.prefix, versionID, "604800s")
+			shareResponse, shareError := SharesAnObjectOnAUrl(bucketName, tt.args.prefix, versionID, "604800s", accessKey, secretKey)
 			assert.Nil(shareError)
 			if shareError != nil {
 				log.Println(shareError)

diff --git a/models/share_request.go b/models/share_request.go
diff --git a/portal-ui/package.json b/portal-ui/package.json
@@ -66,7 +66,7 @@
   },
   "proxy": "http://localhost:9090/",
   "devDependencies": {
-    "@playwright/test": "^1.32.3",
+    "@playwright/test": "^1.34.0",
     "@types/lodash": "^4.14.194",
     "@types/luxon": "^3.3.0",
     "@types/minio": "^7.0.18",
@@ -85,15 +85,15 @@
     "@types/websocket": "^1.0.0",
     "babel-plugin-istanbul": "^6.1.1",
     "customize-cra": "^1.0.0",
+    "minio": "^7.0.33",
     "nyc": "^15.1.0",
     "playwright": "^1.31.3",
     "prettier": "2.8.8",
     "react-app-rewire-hot-loader": "^2.0.1",
     "react-app-rewired": "^2.2.1",
     "react-scripts": "5.0.1",
     "testcafe": "^2.5.0",
-    "typescript": "^4.4.3",
-    "minio": "^7.0.33"
+    "typescript": "^4.4.3"
   },
   "resolutions": {
     "nth-check": "^2.0.1",

diff --git a/portal-ui/src/api/consoleApi.ts b/portal-ui/src/api/consoleApi.ts
@@ -1494,6 +1494,14 @@ export interface LdapPolicyEntity {
   groups?: string[];
 }
 
+export interface ShareRequest {
+  prefix: string;
+  version_id: string;
+  expires?: string;
+  access_key: string;
+  secret_key: string;
+}
+
 export type QueryParamsType = Record<string | number, any>;
 export type ResponseFormat = keyof Omit<Body, "body" | "bodyUsed">;
 
@@ -2171,23 +2179,20 @@ export class Api<
      * @tags Object
      * @name ShareObject
      * @summary Shares an Object on a url
-     * @request GET:/buckets/{bucket_name}/objects/share
+     * @request POST:/buckets/{bucket_name}/objects/share
      * @secure
      */
     shareObject: (
       bucketName: string,
-      query: {
-        prefix: string;
-        version_id: string;
-        expires?: string;
-      },
+      body: ShareRequest,
       params: RequestParams = {}
     ) =>
       this.request<IamEntity, Error>({
         path: `/buckets/${bucketName}/objects/share`,
-        method: "GET",
-        query: query,
+        method: "POST",
+        body: body,
         secure: true,
+        type: ContentType.Json,
         format: "json",
         ...params,
       }),