admin

package
Version: v0.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 17, 2022 License: MIT Imports: 13 Imported by: 14

README

Prerequisites

You must create an admin user like so:

radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=2262XNX11FZRR44XWIRD --secret-key=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw

Then use the access_key and secret_key for authentication.

Snippet usage example:

package main

import (
    "github.com/ceph/go-ceph/rgw/admin"
)

func main() {
    // Generate a connection object
    co, err := admin.New("http://192.168.1.1", "2262XNX11FZRR44XWIRD", "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw", nil)
    if err != nil {
        panic(err)
    }

    // Get the "admin" user
    user, err := co.GetUser(context.Background(), admin.User{ID: "admin"})
    if err != nil {
        panic(err)
    }

    // Print the user display name
    fmt.Println(user.DisplayName)
}

Documentation

Overview

Package admin contains a set of wrappers around Ceph's RGW Admin Ops API.

Index

Constants

View Source
const (
	// ErrUserExists - Attempt to create existing user
	ErrUserExists errorReason = "UserAlreadyExists"

	// ErrNoSuchUser - Attempt to create existing user
	ErrNoSuchUser errorReason = "NoSuchUser"

	// ErrInvalidAccessKey - Invalid access key specified
	ErrInvalidAccessKey errorReason = "InvalidAccessKey"

	// ErrInvalidSecretKey - Invalid secret key specified
	ErrInvalidSecretKey errorReason = "InvalidSecretKey"

	// ErrInvalidKeyType - Invalid key type specified
	ErrInvalidKeyType errorReason = "InvalidKeyType"

	// ErrKeyExists - Provided access key exists and belongs to another user
	ErrKeyExists errorReason = "KeyExists"

	// ErrEmailExists - Provided email address exists
	ErrEmailExists errorReason = "EmailExists"

	// ErrInvalidCapability - Attempt to remove an invalid admin capability
	ErrInvalidCapability errorReason = "InvalidCapability"

	// ErrSubuserExists - Specified subuser exists
	ErrSubuserExists errorReason = "SubuserExists"

	// ErrInvalidAccess - Invalid subuser access specified
	ErrInvalidAccess errorReason = "InvalidAccess"

	// ErrIndexRepairFailed - Bucket index repair failed
	ErrIndexRepairFailed errorReason = "IndexRepairFailed"

	// ErrBucketNotEmpty - Attempted to delete non-empty bucket
	ErrBucketNotEmpty errorReason = "BucketNotEmpty"

	// ErrObjectRemovalFailed - Unable to remove objects
	ErrObjectRemovalFailed errorReason = "ObjectRemovalFailed"

	// ErrBucketUnlinkFailed - Unable to unlink bucket from specified user
	ErrBucketUnlinkFailed errorReason = "BucketUnlinkFailed"

	// ErrBucketLinkFailed - Unable to link bucket to specified user
	ErrBucketLinkFailed errorReason = "BucketLinkFailed"

	// ErrNoSuchObject - Specified object does not exist
	ErrNoSuchObject errorReason = "NoSuchObject"

	// ErrIncompleteBody - Either bucket was not specified for a bucket policy request or bucket and object were not specified for an object policy request.
	ErrIncompleteBody errorReason = "IncompleteBody"

	// ErrNoSuchCap - User does not possess specified capability
	ErrNoSuchCap errorReason = "NoSuchCap"

	// ErrInternalError - Internal server error.
	ErrInternalError errorReason = "InternalError"

	// ErrAccessDenied - Access denied.
	ErrAccessDenied errorReason = "AccessDenied"

	// ErrNoSuchBucket - Bucket does not exist.
	ErrNoSuchBucket errorReason = "NoSuchBucket"

	// ErrNoSuchKey - No such access key.
	ErrNoSuchKey errorReason = "NoSuchKey"

	// ErrInvalidArgument - Invalid argument.
	ErrInvalidArgument errorReason = "InvalidArgument"

	// ErrUnknown - reports an unknown error
	ErrUnknown errorReason = "Unknown"

	// ErrSignatureDoesNotMatch - the query to the API has invalid parameters
	ErrSignatureDoesNotMatch errorReason = "SignatureDoesNotMatch"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type API

type API struct {
	AccessKey  string
	SecretKey  string
	Endpoint   string
	HTTPClient HTTPClient
}

API struct for New Client

func New

func New(endpoint, accessKey, secretKey string, httpClient HTTPClient) (*API, error)

New returns client for Ceph RGW

func (*API) AddUserCap added in v0.13.0

func (api *API) AddUserCap(ctx context.Context, uid, userCap string) ([]UserCapSpec, error)

AddUserCap adds the capabilities for a user.

On Success, it returns the updated list of UserCaps for the user.

func (*API) CreateSubuser added in v0.17.0

func (api *API) CreateSubuser(ctx context.Context, user User, subuser SubuserSpec) error

CreateSubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#create-subuser

func (*API) CreateUser

func (api *API) CreateUser(ctx context.Context, user User) (User, error)

CreateUser creates a user in the object store

func (*API) GetBucketInfo

func (api *API) GetBucketInfo(ctx context.Context, bucket Bucket) (Bucket, error)

GetBucketInfo will return various information about a specific token

func (*API) GetUsage

func (api *API) GetUsage(ctx context.Context, usage Usage) (Usage, error)

GetUsage request bandwidth usage information on the object store

func (*API) GetUser

func (api *API) GetUser(ctx context.Context, user User) (User, error)

GetUser retrieves a given object store user

func (*API) GetUserQuota

func (api *API) GetUserQuota(ctx context.Context, quota QuotaSpec) (QuotaSpec, error)

GetUserQuota will return the quota for a user

func (*API) GetUsers

func (api *API) GetUsers(ctx context.Context) (*[]string, error)

GetUsers lists all object store users

func (*API) LinkBucket added in v0.17.0

func (api *API) LinkBucket(ctx context.Context, link BucketLinkInput) error

LinkBucket will link a bucket to a specified user unlinking the bucket from any previous user

func (*API) ListBuckets

func (api *API) ListBuckets(ctx context.Context) ([]string, error)

ListBuckets will return the list of all buckets present in the object store

func (*API) ModifySubuser added in v0.17.0

func (api *API) ModifySubuser(ctx context.Context, user User, subuser SubuserSpec) error

ModifySubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#modify-subuser

func (*API) ModifyUser

func (api *API) ModifyUser(ctx context.Context, user User) (User, error)

ModifyUser - http://docs.ceph.com/en/latest/radosgw/adminops/#modify-user

func (*API) RemoveBucket

func (api *API) RemoveBucket(ctx context.Context, bucket Bucket) error

RemoveBucket will remove a given token from the object store

func (*API) RemoveSubuser added in v0.17.0

func (api *API) RemoveSubuser(ctx context.Context, user User, subuser SubuserSpec) error

RemoveSubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#remove-subuser

func (*API) RemoveUser

func (api *API) RemoveUser(ctx context.Context, user User) error

RemoveUser remove an user from the object store

func (*API) RemoveUserCap added in v0.13.0

func (api *API) RemoveUserCap(ctx context.Context, uid, userCap string) ([]UserCapSpec, error)

RemoveUserCap removes the capabilities from a user.

On Success, it returns the updated list of UserCaps for the user.

func (*API) SetUserQuota

func (api *API) SetUserQuota(ctx context.Context, quota QuotaSpec) error

SetUserQuota sets quota to a user Global quotas (https://docs.ceph.com/en/latest/radosgw/admin/#reading-writing-global-quotas) are not surfaced in the Admin Ops API So this library cannot expose it yet

func (*API) TrimUsage

func (api *API) TrimUsage(ctx context.Context, usage Usage) error

TrimUsage removes bandwidth usage information. With no dates specified, removes all usage information.

func (*API) UnlinkBucket added in v0.17.0

func (api *API) UnlinkBucket(ctx context.Context, link BucketLinkInput) error

UnlinkBucket unlink a bucket from a specified user Primarily useful for changing bucket ownership.

type Bucket

type Bucket struct {
	Bucket            string  `json:"bucket" url:"bucket"`
	NumShards         *uint64 `json:"num_shards"`
	Zonegroup         string  `json:"zonegroup"`
	PlacementRule     string  `json:"placement_rule"`
	ExplicitPlacement struct {
		DataPool      string `json:"data_pool"`
		DataExtraPool string `json:"data_extra_pool"`
		IndexPool     string `json:"index_pool"`
	} `json:"explicit_placement"`
	ID        string `json:"id"`
	Marker    string `json:"marker"`
	IndexType string `json:"index_type"`
	Owner     string `json:"owner"`
	Ver       string `json:"ver"`
	MasterVer string `json:"master_ver"`
	Mtime     string `json:"mtime"`
	MaxMarker string `json:"max_marker"`
	Usage     struct {
		RgwMain struct {
			Size           *uint64 `json:"size"`
			SizeActual     *uint64 `json:"size_actual"`
			SizeUtilized   *uint64 `json:"size_utilized"`
			SizeKb         *uint64 `json:"size_kb"`
			SizeKbActual   *uint64 `json:"size_kb_actual"`
			SizeKbUtilized *uint64 `json:"size_kb_utilized"`
			NumObjects     *uint64 `json:"num_objects"`
		} `json:"rgw.main"`
		RgwMultimeta struct {
			Size           *uint64 `json:"size"`
			SizeActual     *uint64 `json:"size_actual"`
			SizeUtilized   *uint64 `json:"size_utilized"`
			SizeKb         *uint64 `json:"size_kb"`
			SizeKbActual   *uint64 `json:"size_kb_actual"`
			SizeKbUtilized *uint64 `json:"size_kb_utilized"`
			NumObjects     *uint64 `json:"num_objects"`
		} `json:"rgw.multimeta"`
	} `json:"usage"`
	BucketQuota QuotaSpec `json:"bucket_quota"`
	Policy      *bool     `url:"policy"`
	PurgeObject *bool     `url:"purge-objects"`
}

Bucket describes an object store bucket

type BucketLinkInput added in v0.17.0

type BucketLinkInput struct {
	Bucket   string `url:"bucket" json:"bucket"`
	BucketID string `url:"bucket-id" json:"bucket_id"`
	UID      string `url:"uid" json:"uid"`
}

BucketLinkInput the bucket link/unlink input parameters

type HTTPClient added in v0.11.0

type HTTPClient interface {
	Do(req *http.Request) (*http.Response, error)
}

HTTPClient interface that conforms to that of the http package's Client.

type Policy

type Policy struct {
	ACL struct {
		ACLUserMap []struct {
			User string `json:"user"`
			ACL  *int   `json:"acl"`
		} `json:"acl_user_map"`
		ACLGroupMap []interface{} `json:"acl_group_map"`
		GrantMap    []struct {
			ID    string `json:"id"`
			Grant struct {
				Type struct {
					Type int `json:"type"`
				} `json:"type"`
				ID         string `json:"id"`
				Email      string `json:"email"`
				Permission struct {
					Flags int `json:"flags"`
				} `json:"permission"`
				Name    string `json:"name"`
				Group   *int   `json:"group"`
				URLSpec string `json:"url_spec"`
			} `json:"grant"`
		} `json:"grant_map"`
	} `json:"acl"`
	Owner struct {
		ID          string `json:"id"`
		DisplayName string `json:"display_name"`
	} `json:"owner"`
}

Policy describes a bucket policy

type QuotaSpec

type QuotaSpec struct {
	UID        string `json:"user_id" url:"uid"`
	Bucket     string `json:"bucket" url:"bucket"`
	QuotaType  string `url:"quota-type"`
	Enabled    *bool  `json:"enabled" url:"enabled"`
	CheckOnRaw bool   `json:"check_on_raw"`
	MaxSize    *int64 `json:"max_size" url:"max-size"`
	MaxSizeKb  *int   `json:"max_size_kb" url:"max-size-kb"`
	MaxObjects *int64 `json:"max_objects" url:"max-objects"`
}

QuotaSpec describes an object store quota for a user or a bucket Only user's quota are supported

type SubuserAccess added in v0.15.0

type SubuserAccess string

SubuserAccess represents an access level for a subuser

const (
	SubuserAccessNone      SubuserAccess = ""
	SubuserAccessRead      SubuserAccess = "read"
	SubuserAccessWrite     SubuserAccess = "write"
	SubuserAccessReadWrite SubuserAccess = "readwrite"
	SubuserAccessFull      SubuserAccess = "full"

	SubuserAccessReplyNone      SubuserAccess = "<none>"
	SubuserAccessReplyRead      SubuserAccess = "read"
	SubuserAccessReplyWrite     SubuserAccess = "write"
	SubuserAccessReplyReadWrite SubuserAccess = "read-write"
	SubuserAccessReplyFull      SubuserAccess = "full-control"
)

The possible values of SubuserAccess

There are two sets of constants as the API parameters and the values returned by the API do not match. The SubuserAccess* values must be used when setting access level, the SubuserAccessReply* values are the ones that may be returned. This is a design problem of the upstream API. We do not feel confident to do the mapping in the library.

type SubuserSpec added in v0.15.0

type SubuserSpec struct {
	Name   string        `json:"id" url:"subuser"`
	Access SubuserAccess `json:"permissions" url:"access"`

	// these are always nil in answers, they are only relevant in requests
	GenerateKey *bool   `json:"-" url:"generate-key"`
	SecretKey   *string `json:"-" url:"secret-key"`
	Secret      *string `json:"-" url:"secret"`
	PurgeKeys   *bool   `json:"-" url:"purge-keys"`
	KeyType     *string `json:"-" url:"key-type"`
}

SubuserSpec represents a subusers of a ceph-rgw user

type SwiftKeySpec added in v0.15.0

type SwiftKeySpec struct {
	User      string `json:"user"`
	SecretKey string `json:"secret_key"`
}

SwiftKeySpec represents the secret key associated to a subuser

type Usage

type Usage struct {
	Entries []struct {
		User    string `json:"user"`
		Buckets []struct {
			Bucket     string `json:"bucket"`
			Time       string `json:"time"`
			Epoch      uint64 `json:"epoch"`
			Owner      string `json:"owner"`
			Categories []struct {
				Category      string `json:"category"`
				BytesSent     uint64 `json:"bytes_sent"`
				BytesReceived uint64 `json:"bytes_received"`
				Ops           uint64 `json:"ops"`
				SuccessfulOps uint64 `json:"successful_ops"`
			} `json:"categories"`
		} `json:"buckets"`
	} `json:"entries"`
	Summary []struct {
		User       string `json:"user"`
		Categories []struct {
			Category      string `json:"category"`
			BytesSent     uint64 `json:"bytes_sent"`
			BytesReceived uint64 `json:"bytes_received"`
			Ops           uint64 `json:"ops"`
			SuccessfulOps uint64 `json:"successful_ops"`
		} `json:"categories"`
		Total struct {
			BytesSent     uint64 `json:"bytes_sent"`
			BytesReceived uint64 `json:"bytes_received"`
			Ops           uint64 `json:"ops"`
			SuccessfulOps uint64 `json:"successful_ops"`
		} `json:"total"`
	} `json:"summary"`
	Start       string `url:"start"` //Example:	2012-09-25 16:00:00
	End         string `url:"end"`
	ShowEntries *bool  `url:"show-entries"`
	ShowSummary *bool  `url:"show-summary"`
	RemoveAll   *bool  `url:"remove-all"` //true
}

Usage struct

type User

type User struct {
	ID                  string         `json:"user_id" url:"uid"`
	DisplayName         string         `json:"display_name" url:"display-name"`
	Email               string         `json:"email" url:"email"`
	Suspended           *int           `json:"suspended" url:"suspended"`
	MaxBuckets          *int           `json:"max_buckets" url:"max-buckets"`
	Subusers            []SubuserSpec  `json:"subusers" url:"-"`
	Keys                []UserKeySpec  `json:"keys"`
	SwiftKeys           []SwiftKeySpec `json:"swift_keys" url:"-"`
	Caps                []UserCapSpec  `json:"caps"`
	OpMask              string         `json:"op_mask"`
	DefaultPlacement    string         `json:"default_placement"`
	DefaultStorageClass string         `json:"default_storage_class"`
	PlacementTags       []interface{}  `json:"placement_tags"`
	BucketQuota         QuotaSpec      `json:"bucket_quota"`
	UserQuota           QuotaSpec      `json:"user_quota"`
	TempURLKeys         []interface{}  `json:"temp_url_keys"`
	Type                string         `json:"type"`
	MfaIds              []interface{}  `json:"mfa_ids"`
	KeyType             string         `url:"key-type"`
	Tenant              string         `url:"tenant"`
	GenerateKey         *bool          `url:"generate-key"`
	PurgeData           *int           `url:"purge-data"`
	GenerateStat        *bool          `url:"stats"`
	Stat                UserStat       `json:"stats"`
	UserCaps            string         `url:"user-caps"`
}

User is GO representation of the json output of a user creation

type UserCapSpec

type UserCapSpec struct {
	Type string `json:"type"`
	Perm string `json:"perm"`
}

UserCapSpec represents a user capability which gives access to certain ressources

type UserKeySpec

type UserKeySpec struct {
	User      string `json:"user"`
	AccessKey string `json:"access_key" url:"access-key"`
	SecretKey string `json:"secret_key" url:"secret-key"`
	// Request fields
	UID         string `url:"uid"`     // The user ID to receive the new key
	SubUser     string `url:"subuser"` // The subuser ID to receive the new key
	KeyType     string `url:"key-type"`
	GenerateKey *bool  `url:"generate-key"` // Generate a new key pair and add to the existing keyring
}

UserKeySpec is the user credential configuration

type UserStat added in v0.11.0

type UserStat struct {
	Size        *uint64 `json:"size"`
	SizeRounded *uint64 `json:"size_rounded"`
	NumObjects  *uint64 `json:"num_objects"`
}

UserStat contains information about storage consumption by the ceph user

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL