diff options
| author | Jiffin Tony Thottan <thottanjiffin@gmail.com> | 2024-09-06 10:42:12 +0200 |
|---|---|---|
| committer | Jiffin Tony Thottan <thottanjiffin@gmail.com> | 2024-11-14 15:59:33 +0100 |
| commit | 05e207fa774c16212bb02d0cb6c89bd821167003 (patch) | |
| tree | e0f838c57c677f4cb1d2cc31499ce9cdb4964d0c /src | |
| parent | Merge pull request #56597 from liangmingyuanneo/optimize-reshard (diff) | |
| download | ceph-05e207fa774c16212bb02d0cb6c89bd821167003.tar.xz ceph-05e207fa774c16212bb02d0cb6c89bd821167003.zip | |
radosgw-admin: create user without credentials via cli
Add option `generate-key` to create user without credentials.
Signed-off-by: Jiffin Tony Thottan <thottanjiffin@gmail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/bash_completion/radosgw-admin | 2 | ||||
| -rw-r--r-- | src/rgw/rgw_admin.cc | 36 | ||||
| -rw-r--r-- | src/test/cli/radosgw-admin/help.t | 1 |
3 files changed, 33 insertions, 6 deletions
diff --git a/src/bash_completion/radosgw-admin b/src/bash_completion/radosgw-admin index 023a83f87e4..d9e36d8ef29 100644 --- a/src/bash_completion/radosgw-admin +++ b/src/bash_completion/radosgw-admin @@ -19,7 +19,7 @@ _radosgw_admin() if [[ ${cur} == -* ]] ; then COMPREPLY=( $(compgen -W "--uid --subuser --access-key --os-user --email --auth_uid --secret --os-secret --gen-access-key --gen-secret \ - --access --display-name --bucket --object --date --conf --name --id --version -s -w" -- ${cur}) ) + --access --display-name --bucket --object --date --conf --name --id --version -s -w --generate-key" -- ${cur}) ) return 0 fi diff --git a/src/rgw/rgw_admin.cc b/src/rgw/rgw_admin.cc index 3fe5f686bf0..8750cb04a07 100644 --- a/src/rgw/rgw_admin.cc +++ b/src/rgw/rgw_admin.cc @@ -360,6 +360,7 @@ void usage() cout << " --secret/--secret-key=<key> specify secret key\n"; cout << " --gen-access-key generate random access key (for S3)\n"; cout << " --gen-secret generate random secret key\n"; + cout << " --generate-key create user with or without credentials\n"; cout << " --key-type=<type> key type, options are: swift, s3\n"; cout << " --key-active=<bool> activate or deactivate a key\n"; cout << " --temp-url-key[-2]=<key> temp url key\n"; @@ -3428,6 +3429,13 @@ int main(int argc, const char **argv) OPT opt_cmd = OPT::NO_CMD; int gen_access_key = 0; int gen_secret_key = 0; + enum generate_key_enum { + OPTION_SET_FALSE = 0, + OPTION_SET_TRUE = 1, + OPTION_NOT_SET = 2, + }; + + generate_key_enum generate_key = OPTION_NOT_SET; bool set_perm = false; bool set_temp_url_key = false; map<int, string> temp_url_keys; @@ -3708,6 +3716,17 @@ int main(int argc, const char **argv) cerr << "bad key type: " << key_type_str << std::endl; exit(1); } + } else if (ceph_argparse_witharg(args, i, &val, "--generate-key", (char*)NULL)) { + key_type_str = val; + if (key_type_str.compare("true") == 0) { + generate_key = OPTION_SET_TRUE; + } else if(key_type_str.compare("false") == 0) { + generate_key = OPTION_SET_FALSE; + } else { + cerr << "wrong value for --generate-key: " << key_type_str << " please specify either true or false" << std::endl; + exit(1); + } + // do nothing } else if (ceph_argparse_binary_flag(args, i, &key_active, NULL, "--key-active", (char*)NULL)) { key_active_specified = true; } else if (ceph_argparse_witharg(args, i, &val, "--job-id", (char*)NULL)) { @@ -4470,14 +4489,21 @@ int main(int argc, const char **argv) } /* check key parameter conflict */ - if ((!access_key.empty()) && gen_access_key) { - cerr << "ERROR: key parameter conflict, --access-key & --gen-access-key" << std::endl; + if ((!access_key.empty()) && (gen_access_key || generate_key == OPTION_SET_TRUE)) { + cerr << "ERROR: key parameter conflict, --access-key & --gen-access-key/generate-key" << std::endl; return EINVAL; } - if ((!secret_key.empty()) && gen_secret_key) { - cerr << "ERROR: key parameter conflict, --secret & --gen-secret" << std::endl; + if ((!secret_key.empty()) && (gen_secret_key || generate_key == OPTION_SET_TRUE)) { + cerr << "ERROR: key parameter conflict, --secret & --gen-secret/generate-key" << std::endl; return EINVAL; } + if (generate_key == OPTION_SET_FALSE) { + if ((!access_key.empty()) || gen_access_key || (!secret_key.empty()) || gen_secret_key) { + cerr << "ERROR: key parameter conflict, if --generate-key is not set so no other key parameters can be set" << std::endl; + return EINVAL; + } + } + } // default to pretty json @@ -6642,7 +6668,7 @@ int main(int argc, const char **argv) } break; case OPT::USER_CREATE: - if (!user_op.has_existing_user()) { + if (!user_op.has_existing_user() && (generate_key != OPTION_SET_FALSE)) { user_op.set_generate_key(); // generate a new key by default } ret = ruser.add(dpp(), user_op, null_yield, &err_msg); diff --git a/src/test/cli/radosgw-admin/help.t b/src/test/cli/radosgw-admin/help.t index 0b937a3f988..c0249d30cd4 100644 --- a/src/test/cli/radosgw-admin/help.t +++ b/src/test/cli/radosgw-admin/help.t @@ -225,6 +225,7 @@ --secret/--secret-key=<key> specify secret key --gen-access-key generate random access key (for S3) --gen-secret generate random secret key + --generate-key create user with or without credentials --key-type=<type> key type, options are: swift, s3 --key-active=<bool> activate or deactivate a key --temp-url-key[-2]=<key> temp url key |