diff --git a/src/cmd/manage_nsfs.js b/src/cmd/manage_nsfs.js index 902348af3e..277c397de2 100644 --- a/src/cmd/manage_nsfs.js +++ b/src/cmd/manage_nsfs.js @@ -99,7 +99,6 @@ Account Options: # required for add, update, and delete --access_key (default none) Authenticate incoming requests for this access key only (default is no auth). - --new_access_key (default none) Set a new access key for the account. --regenerate (default none) When set and new_access_key is not set, will regenerate the access_key and secret_key --config_root (default config.NSFS_NC_DEFAULT_CONF_DIR) Configuration files path for Noobaa standalon NSFS. @@ -146,7 +145,7 @@ async function check_and_create_config_dirs() { config_root, buckets_dir_path, accounts_dir_path, - access_keys_dir_path + access_keys_dir_path ]; for (const dir_path of pre_req_dirs) { try { @@ -399,7 +398,11 @@ function set_access_keys(argv, generate) { async function fetch_account_data(argv, from_file) { let data; - let generate_access_keys = true; + let access_keys = [{ + access_key: undefined, + secret_key: undefined, + }]; + let new_access_key; const action = argv._[1] || ''; if (from_file) { const fs_context = native_fs_utils.get_process_fs_context(); @@ -407,15 +410,14 @@ async function fetch_account_data(argv, from_file) { data = JSON.parse(raw_data.toString()); } if (action !== ACTIONS.LIST && action !== ACTIONS.STATUS) _validate_access_keys(argv); - let new_access_key = argv.new_access_key; - if (action === 'update') { - generate_access_keys = false; - if (argv.regenerate) { - const keys = set_access_keys(argv, true); - new_access_key = keys[0].access_key; - } + if (action === ACTIONS.ADD || action === ACTIONS.STATUS) { + access_keys = set_access_keys(argv, true); + } else if (action === ACTIONS.UPDATE) { + access_keys = set_access_keys(argv, Boolean(argv.regenerate)); + new_access_key = access_keys[0].access_key; + access_keys[0].access_key = undefined; //Setting it as undefined so we can replace the symlink } - if (action === 'delete') generate_access_keys = false; + if (!data) { data = _.omitBy({ name: argv.name, @@ -424,7 +426,7 @@ async function fetch_account_data(argv, from_file) { wide: argv.wide, new_name: argv.new_name, new_access_key, - access_keys: set_access_keys(argv, generate_access_keys), + access_keys, nsfs_account_config: { distinguished_name: argv.user, uid: !argv.user && argv.uid, @@ -817,14 +819,7 @@ function _validate_access_keys(argv) { check_numbers: true, check_symbols: true, })) throw_cli_error(ManageCLIError.AccountSecretKeyFlagComplexity); - // checking the complexity of new_access_key - if (!is_undefined(argv.new_access_key) && !string_utils.validate_complexity(argv.new_access_key, { - require_length: 20, - check_uppercase: true, - check_lowercase: false, - check_numbers: true, - check_symbols: false, - })) throw_cli_error(ManageCLIError.NewAccountAccessKeyFlagComplexity); + } exports.main = main; diff --git a/src/manage_nsfs/manage_nsfs_cli_errors.js b/src/manage_nsfs/manage_nsfs_cli_errors.js index 04075f0f3a..02fcbce778 100644 --- a/src/manage_nsfs/manage_nsfs_cli_errors.js +++ b/src/manage_nsfs/manage_nsfs_cli_errors.js @@ -158,12 +158,6 @@ ManageCLIError.AccountAccessKeyFlagComplexity = Object.freeze({ http_code: 400, }); -ManageCLIError.NewAccountAccessKeyFlagComplexity = Object.freeze({ - code: 'NewAccountAccessKeyFlagComplexity', - message: 'Account new access key length must be 20, and must contain uppercase and numbers', - http_code: 400, -}); - ManageCLIError.MissingAccountNameFlag = Object.freeze({ code: 'MissingAccountNameFlag', message: 'Account name is mandatory, please use the --name flag', @@ -178,7 +172,7 @@ ManageCLIError.MissingAccountEmailFlag = Object.freeze({ ManageCLIError.MissingIdentifier = Object.freeze({ code: 'MissingIdentifier', - message: 'Account identifier is mandatory, please use the --acces_key or --name flag', + message: 'Account identifier is mandatory, please use the --access_key or --name flag', http_code: 400, }); diff --git a/src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js b/src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js index 90e9fbcafc..18d1707ad0 100644 --- a/src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js +++ b/src/test/unit_tests/jest_tests/test_nc_nsfs_account_cli.test.js @@ -190,29 +190,59 @@ describe('manage nsfs cli account flow', () => { assert_account(account_symlink, new_account_details); }); - it('cli update account access_key', async () => { + it('cli account update name by name', async function() { const { type, name } = defaults; - const new_access_key = 'GIGiFAnjaaE7OKD5N7hB'; - const account_options = { config_root, name, new_access_key: new_access_key }; + const new_name = 'account1_new_name' + const account_options = { config_root, name, new_name }; + const action = nc_nsfs_manage_actions.UPDATE; + account_options.new_name = 'account1_new_name'; + await exec_manage_cli(type, action, account_options); + let new_account_details = await read_config_file(config_root, accounts_schema_dir, new_name); + expect(new_account_details.name).toBe(new_name); + const access_key = new_account_details.access_keys[0].access_key; + const account_symlink = await read_config_file(config_root, access_keys_schema_dir, access_key, true); + //fixing the new_account_details for compare. + new_account_details = { ...new_account_details, ...new_account_details.nsfs_account_config }; + assert_account(account_symlink, new_account_details); + }); + + it('cli account update access key, secret_key & new_name by name', async function() { + const { type, name } = defaults; + const new_name = 'account1_new_name' + const access_key = 'GIGiFAnjaaE7OKD5N7hB'; + const secret_key = 'U3AYaMpU3zRDcRFWmvzgQr9MoHIAsD+3oEXAMPLE'; + const account_options = { config_root, name, new_name, access_key, secret_key }; const account_details = await read_config_file(config_root, accounts_schema_dir, name); const action = nc_nsfs_manage_actions.UPDATE; + account_options.new_name = 'account1_new_name'; await exec_manage_cli(type, action, account_options); - let new_account_details = await read_config_file(config_root, accounts_schema_dir, name); + let new_account_details = await read_config_file(config_root, accounts_schema_dir, new_name); + expect(new_account_details.name).toBe(new_name); expect(account_details.access_keys[0].access_key).not.toBe(new_account_details.access_keys[0].access_key); - expect(new_account_details.access_keys[0].access_key).toBe(new_access_key); - const account_symlink = await read_config_file(config_root, access_keys_schema_dir, new_access_key, true); + expect(account_details.access_keys[0].secret_key).not.toBe(new_account_details.access_keys[0].secret_key); + expect(new_account_details.access_keys[0].access_key).toBe(access_key); + const account_symlink = await read_config_file(config_root, access_keys_schema_dir, access_key, true); //fixing the new_account_details for compare. new_account_details = { ...new_account_details, ...new_account_details.nsfs_account_config }; assert_account(account_symlink, new_account_details); }); - it('should fail - cli update account new access_key wrong complexity', async () => { + it('cli update account access_key and secret_key using flags', async () => { const { type, name } = defaults; - const new_access_key = 'new'; - const account_options = { config_root, name, new_access_key: new_access_key }; + const access_key = 'GIGiFAnjaaE7OKD5N7hB'; + const secret_key = 'U3AYaMpU3zRDcRFWmvzgQr9MoHIAsD+3oEXAMPLE'; + const account_options = { config_root, name, access_key, secret_key }; + const account_details = await read_config_file(config_root, accounts_schema_dir, name); const action = nc_nsfs_manage_actions.UPDATE; - const res = await exec_manage_cli(type, action, account_options); - expect(JSON.parse(res.stdout).error.message).toBe(ManageCLIError.NewAccountAccessKeyFlagComplexity.message); + await exec_manage_cli(type, action, account_options); + let new_account_details = await read_config_file(config_root, accounts_schema_dir, name); + expect(account_details.access_keys[0].access_key).not.toBe(new_account_details.access_keys[0].access_key); + expect(account_details.access_keys[0].secret_key).not.toBe(new_account_details.access_keys[0].secret_key); + expect(new_account_details.access_keys[0].access_key).toBe(access_key); + const account_symlink = await read_config_file(config_root, access_keys_schema_dir, access_key, true); + //fixing the new_account_details for compare. + new_account_details = { ...new_account_details, ...new_account_details.nsfs_account_config }; + assert_account(account_symlink, new_account_details); }); }); diff --git a/src/test/unit_tests/test_nc_nsfs_cli.js b/src/test/unit_tests/test_nc_nsfs_cli.js index e380e23321..e12bf87117 100644 --- a/src/test/unit_tests/test_nc_nsfs_cli.js +++ b/src/test/unit_tests/test_nc_nsfs_cli.js @@ -81,7 +81,7 @@ mocha.describe('manage_nsfs cli', function() { try { await fs_utils.create_fresh_path(bucket_path); await fs_utils.file_must_exist(bucket_path); - await exec_manage_cli(type, action, { ...bucket_options, bucket_policy: invalid_bucket_policy}); + await exec_manage_cli(type, action, { ...bucket_options, bucket_policy: invalid_bucket_policy }); assert.fail('should have failed with invalid bucket policy'); } catch (err) { assert_error(err, ManageCLIError.MalformedPolicy); @@ -432,27 +432,6 @@ mocha.describe('manage_nsfs cli', function() { assert_response(action, type, account_list, expected_list, undefined, true); }); - mocha.it('cli account update uid by access key', async function() { - const action = nc_nsfs_manage_actions.UPDATE; - const update_options = { - config_root, - access_key: account_options.access_key, - secret_key: account_options.secret_key, - email: 'account2@noobaa.io', - uid: 222, - gid: 222 - }; - const update_response = await exec_manage_cli(type, action, update_options); - updating_options = { ...updating_options, ...update_options }; - assert_response(action, type, update_response, updating_options); - const account_symlink = await read_config_file(config_root, access_keys_schema_dir, access_key, true); - account_options = { ...account_options, ...update_options }; - assert_account(account_symlink, account_options); - const account = await read_config_file(config_root, accounts_schema_dir, name); - assert_account(account, account_options); - await assert_config_file_permissions(config_root, accounts_schema_dir, name); - }); - mocha.it('cli account update uid by name', async function() { const action = nc_nsfs_manage_actions.UPDATE; const update_options = { @@ -475,64 +454,6 @@ mocha.describe('manage_nsfs cli', function() { assert_account(account, account_options); }); - mocha.it('cli account update name by access key', async function() { - const action = nc_nsfs_manage_actions.UPDATE; - const update_options = { - config_root, - new_name: 'account1_new_name', - access_key: account_options.access_key, - secret_key: account_options.secret_key, - }; - account_options.new_name = 'account1_new_name'; - const update_response = await exec_manage_cli(type, action, update_options); - updating_options = { ...updating_options, name: update_options.new_name }; - assert_response(action, type, update_response, updating_options); - account_options = { ...account_options, new_name: undefined, name: update_options.new_name }; - const account_symlink = await read_config_file(config_root, access_keys_schema_dir, access_key, true); - assert_account(account_symlink, account_options); - const account = await read_config_file(config_root, accounts_schema_dir, account_options.name); - assert_account(account, account_options); - }); - - mocha.it('cli account update access key by name', async function() { - const action = nc_nsfs_manage_actions.UPDATE; - const update_options = { - config_root, - new_access_key: 'BIGiFAnjaaE7OKD5N7hB', - name: account_options.name - }; - const update_response = await exec_manage_cli(type, action, update_options); - updating_options = { ...updating_options, access_key: update_options.new_access_key }; - assert_response(action, type, update_response, updating_options); - account_options = { ...account_options, new_access_key: undefined, access_key: update_options.new_access_key }; - const account_symlink = await read_config_file(config_root, access_keys_schema_dir, account_options.access_key, true); - assert_account(account_symlink, account_options); - const account = await read_config_file(config_root, accounts_schema_dir, account_options.name); - assert_account(account, account_options); - }); - - mocha.it('cli account update access key & new_name by name', async function() { - const action = nc_nsfs_manage_actions.UPDATE; - const update_options = { - config_root, - new_access_key: 'BIGiFAnjaaE6OGD5N7hB', - new_name: 'account2_new_name', - name: account_options.name - }; - await exec_manage_cli(type, action, update_options); - account_options = { - ...account_options, - new_access_key: undefined, - new_name: undefined, - access_key: update_options.new_access_key, - name: update_options.new_name - }; - const account_symlink = await read_config_file(config_root, access_keys_schema_dir, account_options.access_key, true); - assert_account(account_symlink, account_options); - const account = await read_config_file(config_root, accounts_schema_dir, account_options.name); - assert_account(account, account_options); - }); - mocha.it('cli account delete by name', async function() { const action = nc_nsfs_manage_actions.DELETE; const res = await exec_manage_cli(type, action, { config_root, name: account_options.name }); @@ -635,8 +556,10 @@ mocha.describe('manage_nsfs cli', function() { mocha.it('cli account2 update - new_access_key already exists', async function() { const action = nc_nsfs_manage_actions.UPDATE; + const options = { ...account2_options }; + options.access_key = 'GIGiFAnjaaE7OKD5N7hA'; try { - await exec_manage_cli(type, action, { ...account2_options, new_access_key: 'GIGiFAnjaaE7OKD5N7hA' }); + await exec_manage_cli(type, action, options); assert.fail('should have failed with account access key already exists'); } catch (err) { assert_error(err, ManageCLIError.AccountAccessKeyAlreadyExists); @@ -685,32 +608,8 @@ mocha.describe('manage_nsfs cli', function() { assert_account(account, account_options); }); - mocha.it('cli account delete by access key', async function() { - const action = nc_nsfs_manage_actions.DELETE; - const res = await exec_manage_cli(type, action, { config_root, access_key, secret_key }); - assert_response(action, type, res); - try { - await read_config_file(config_root, access_keys_schema_dir, access_key, true); - throw new Error('cli account delete failed - account config file exists after deletion'); - } catch (err) { - if (err.code !== 'ENOENT') { - throw new Error('cli account delete failed - read file failed with the following error - ', err.code); - } - } - try { - await read_config_file(config_root, accounts_schema_dir, account_options.name); - throw new Error('cli account delete failed - account config file exists after deletion'); - } catch (err) { - if (err.code !== 'ENOENT') { - throw new Error('cli account delete failed - read file failed with the following error - ', err.code); - } - } - }); - mocha.it('cli account delete by name', async function() { - let action = nc_nsfs_manage_actions.ADD; - await exec_manage_cli(type, action, account_options); - action = nc_nsfs_manage_actions.DELETE; + const action = nc_nsfs_manage_actions.DELETE; const res = await exec_manage_cli(type, action, { config_root, name: account_options.name }); assert_response(action, type, res); try {