README
¶
Prerequisites
You must create an admin user like so:
radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=AKIAIOSFODNN7EXAMPLE --secret-key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Then use the access_key and secret_key for authentication.
Snippet usage example:
package main
import (
"github.com/hasantir/go-ceph/rgw/admin"
)
func main() {
// Generate a connection object
co, err := admin.New("http://192.168.1.1", "AKIAIOSFODNN7EXAMPLE", "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", nil)
if err != nil {
panic(err)
}
// Get the "admin" user
user, err := co.GetUser(context.Background(), admin.User{ID: "admin"})
if err != nil {
panic(err)
}
// Print the user display name
fmt.Println(user.DisplayName)
}
Documentation
¶
Overview ¶
Package admin contains a set of wrappers around Ceph's RGW Admin Ops API.
Index ¶
- Constants
- func ParseError(err error) (statusError, bool)
- type API
- func (api *API) AddUserCap(ctx context.Context, uid, userCap string) ([]UserCapSpec, error)
- func (api *API) CreateKey(ctx context.Context, key UserKeySpec) (*[]UserKeySpec, error)
- func (api *API) CreateSubuser(ctx context.Context, user User, subuser SubuserSpec) error
- func (api *API) CreateUser(ctx context.Context, user User) (User, error)
- func (api *API) GetBucketInfo(ctx context.Context, bucket Bucket) (Bucket, error)
- func (api *API) GetBucketPolicy(ctx context.Context, bucket Bucket) (Policy, error)
- func (api *API) GetBucketQuota(ctx context.Context, quota QuotaSpec) (QuotaSpec, error)
- func (api *API) GetInfo(ctx context.Context) (Info, error)
- func (api *API) GetUsage(ctx context.Context, usage Usage) (Usage, error)
- func (api *API) GetUser(ctx context.Context, user User) (User, error)
- func (api *API) GetUserQuota(ctx context.Context, quota QuotaSpec) (QuotaSpec, error)
- func (api *API) GetUsers(ctx context.Context) (*[]string, error)
- func (api *API) LinkBucket(ctx context.Context, link BucketLinkInput) error
- func (api *API) ListBuckets(ctx context.Context) ([]string, error)
- func (api *API) ListBucketsWithStat(ctx context.Context) ([]Bucket, error)
- func (api *API) ListUsersBuckets(ctx context.Context, uid string) ([]string, error)
- func (api *API) ListUsersBucketsWithStat(ctx context.Context, uid string) ([]Bucket, error)
- func (api *API) ModifySubuser(ctx context.Context, user User, subuser SubuserSpec) error
- func (api *API) ModifyUser(ctx context.Context, user User) (User, error)
- func (api *API) RemoveBucket(ctx context.Context, bucket Bucket) error
- func (api *API) RemoveKey(ctx context.Context, key UserKeySpec) error
- func (api *API) RemoveSubuser(ctx context.Context, user User, subuser SubuserSpec) error
- func (api *API) RemoveUser(ctx context.Context, user User) error
- func (api *API) RemoveUserCap(ctx context.Context, uid, userCap string) ([]UserCapSpec, error)
- func (api *API) SetBucketQuota(ctx context.Context, quota QuotaSpec) error
- func (api *API) SetIndividualBucketQuota(ctx context.Context, quota QuotaSpec) error
- func (api *API) SetUserQuota(ctx context.Context, quota QuotaSpec) error
- func (api *API) TrimUsage(ctx context.Context, usage Usage) error
- func (api *API) UnlinkBucket(ctx context.Context, link BucketLinkInput) error
- type Bucket
- type BucketLinkInput
- type BucketListingSpec
- type HTTPClient
- type Info
- type Policy
- type QuotaSpec
- type StorageBackend
- type SubuserAccess
- type SubuserSpec
- type SwiftKeySpec
- type Usage
- type User
- type UserCapSpec
- type UserKeySpec
- type UserStat
Constants ¶
const ( // ErrUserExists - Attempt to create existing user ErrUserExists errorReason = "UserAlreadyExists" // ErrNoSuchUser - User does not exist ErrNoSuchUser errorReason = "NoSuchUser" // ErrInvalidAccessKey - Invalid access key specified ErrInvalidAccessKey errorReason = "InvalidAccessKey" // ErrInvalidSecretKey - Invalid secret key specified ErrInvalidSecretKey errorReason = "InvalidSecretKey" // ErrInvalidKeyType - Invalid key type specified ErrInvalidKeyType errorReason = "InvalidKeyType" // ErrKeyExists - Provided access key exists and belongs to another user ErrKeyExists errorReason = "KeyExists" // ErrEmailExists - Provided email address exists ErrEmailExists errorReason = "EmailExists" // ErrInvalidCapability - Attempt to remove an invalid admin capability ErrInvalidCapability errorReason = "InvalidCapability" // ErrSubuserExists - Specified subuser exists ErrSubuserExists errorReason = "SubuserExists" // ErrNoSuchSubUser - SubUser does not exist ErrNoSuchSubUser errorReason = "NoSuchSubUser" // ErrInvalidAccess - Invalid subuser access specified ErrInvalidAccess errorReason = "InvalidAccess" // ErrIndexRepairFailed - Bucket index repair failed ErrIndexRepairFailed errorReason = "IndexRepairFailed" // ErrBucketNotEmpty - Attempted to delete non-empty bucket ErrBucketNotEmpty errorReason = "BucketNotEmpty" // ErrObjectRemovalFailed - Unable to remove objects ErrObjectRemovalFailed errorReason = "ObjectRemovalFailed" // ErrBucketUnlinkFailed - Unable to unlink bucket from specified user ErrBucketUnlinkFailed errorReason = "BucketUnlinkFailed" // ErrBucketLinkFailed - Unable to link bucket to specified user ErrBucketLinkFailed errorReason = "BucketLinkFailed" // ErrNoSuchObject - Specified object does not exist ErrNoSuchObject errorReason = "NoSuchObject" // ErrIncompleteBody - Either bucket was not specified for a bucket policy request or bucket and object were not specified for an object policy request. ErrIncompleteBody errorReason = "IncompleteBody" // ErrNoSuchCap - User does not possess specified capability ErrNoSuchCap errorReason = "NoSuchCap" // ErrInternalError - Internal server error. ErrInternalError errorReason = "InternalError" // ErrAccessDenied - Access denied. ErrAccessDenied errorReason = "AccessDenied" // ErrNoSuchBucket - Bucket does not exist. ErrNoSuchBucket errorReason = "NoSuchBucket" // ErrNoSuchKey - No such access key. ErrNoSuchKey errorReason = "NoSuchKey" // ErrInvalidArgument - Invalid argument. ErrInvalidArgument errorReason = "InvalidArgument" // ErrUnknown - reports an unknown error ErrUnknown errorReason = "Unknown" // ErrSignatureDoesNotMatch - the query to the API has invalid parameters ErrSignatureDoesNotMatch errorReason = "SignatureDoesNotMatch" )
Variables ¶
This section is empty.
Functions ¶
func ParseError ¶ added in v0.31.3
ParseError parses an error returned by the RGW API and attempts to extract error model. It returns the extracted error model and a boolean indicating whether the error was successfully parsed.
Does not handle internal client errors such as "missing user ID"
Types ¶
type API ¶
type API struct {
AccessKey string
SecretKey string
Endpoint string
HTTPClient HTTPClient
}
API struct for New Client
func New ¶
func New(endpoint, accessKey, secretKey string, httpClient HTTPClient) (*API, error)
New returns client for Ceph RGW
func (*API) AddUserCap ¶
AddUserCap adds the capabilities for a user.
On Success, it returns the updated list of UserCaps for the user.
func (*API) CreateKey ¶
func (api *API) CreateKey(ctx context.Context, key UserKeySpec) (*[]UserKeySpec, error)
CreateKey will generate new keys or add specified to keyring https://docs.ceph.com/en/latest/radosgw/adminops/#create-key
func (*API) CreateSubuser ¶
CreateSubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#create-subuser
func (*API) CreateUser ¶
CreateUser creates a user in the object store
func (*API) GetBucketInfo ¶
GetBucketInfo will return various information about a specific token
func (*API) GetBucketPolicy ¶
GetBucketPolicy - https://docs.ceph.com/en/latest/radosgw/adminops/#get-bucket-or-object-policy
func (*API) GetBucketQuota ¶
GetBucketQuota - https://docs.ceph.com/en/latest/radosgw/adminops/#get-bucket-quota
func (*API) GetInfo ¶
GetInfo - https://docs.ceph.com/en/latest/radosgw/adminops/#info
func (*API) GetUserQuota ¶
GetUserQuota will return the quota for a user
func (*API) LinkBucket ¶
func (api *API) LinkBucket(ctx context.Context, link BucketLinkInput) error
LinkBucket will link a bucket to a specified user unlinking the bucket from any previous user
func (*API) ListBuckets ¶
ListBuckets will return the list of all buckets present in the object store
func (*API) ListBucketsWithStat ¶
ListBucketsWithStat will return the list of all buckets with stat (system admin API only)
func (*API) ListUsersBuckets ¶
ListUsersBuckets will return the list of all users buckets without stat
func (*API) ListUsersBucketsWithStat ¶
ListUsersBucketsWithStat will return the list of all users buckets with stat
func (*API) ModifySubuser ¶
ModifySubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#modify-subuser
func (*API) ModifyUser ¶
ModifyUser - http://docs.ceph.com/en/latest/radosgw/adminops/#modify-user
func (*API) RemoveBucket ¶
RemoveBucket will remove a given token from the object store
func (*API) RemoveKey ¶
func (api *API) RemoveKey(ctx context.Context, key UserKeySpec) error
RemoveKey will remove an existing key https://docs.ceph.com/en/latest/radosgw/adminops/#remove-key KeySpec.SecretKey parameter shouldn't be provided and will be ignored
func (*API) RemoveSubuser ¶
RemoveSubuser - https://docs.ceph.com/en/latest/radosgw/adminops/#remove-subuser
func (*API) RemoveUser ¶
RemoveUser remove an user from the object store
func (*API) RemoveUserCap ¶
RemoveUserCap removes the capabilities from a user.
On Success, it returns the updated list of UserCaps for the user.
func (*API) SetBucketQuota ¶
SetBucketQuota - https://docs.ceph.com/en/latest/radosgw/adminops/#set-bucket-quota
func (*API) SetIndividualBucketQuota ¶
SetIndividualBucketQuota sets quota to a specific bucket https://docs.ceph.com/en/latest/radosgw/adminops/#set-quota-for-an-individual-bucket
func (*API) SetUserQuota ¶
SetUserQuota sets quota to a user Global quotas (https://docs.ceph.com/en/latest/radosgw/admin/#reading-writing-global-quotas) are not surfaced in the Admin Ops API So this library cannot expose it yet
func (*API) TrimUsage ¶
TrimUsage removes bandwidth usage information. With no dates specified, removes all usage information.
func (*API) UnlinkBucket ¶
func (api *API) UnlinkBucket(ctx context.Context, link BucketLinkInput) error
UnlinkBucket unlink a bucket from a specified user Primarily useful for changing bucket ownership.
type Bucket ¶
type Bucket struct {
Bucket string `json:"bucket" url:"bucket"`
NumShards *uint64 `json:"num_shards"`
Tenant string `json:"tenant"`
Zonegroup string `json:"zonegroup"`
PlacementRule string `json:"placement_rule"`
ExplicitPlacement struct {
DataPool string `json:"data_pool"`
DataExtraPool string `json:"data_extra_pool"`
IndexPool string `json:"index_pool"`
} `json:"explicit_placement"`
ID string `json:"id"`
Marker string `json:"marker"`
IndexType string `json:"index_type"`
Owner string `json:"owner"`
Ver string `json:"ver"`
MasterVer string `json:"master_ver"`
Mtime string `json:"mtime"`
CreationTime *time.Time `json:"creation_time"`
MaxMarker string `json:"max_marker"`
Usage struct {
RgwMain struct {
Size *uint64 `json:"size"`
SizeActual *uint64 `json:"size_actual"`
SizeUtilized *uint64 `json:"size_utilized"`
SizeKb *uint64 `json:"size_kb"`
SizeKbActual *uint64 `json:"size_kb_actual"`
SizeKbUtilized *uint64 `json:"size_kb_utilized"`
NumObjects *uint64 `json:"num_objects"`
} `json:"rgw.main"`
RgwMultimeta struct {
Size *uint64 `json:"size"`
SizeActual *uint64 `json:"size_actual"`
SizeUtilized *uint64 `json:"size_utilized"`
SizeKb *uint64 `json:"size_kb"`
SizeKbActual *uint64 `json:"size_kb_actual"`
SizeKbUtilized *uint64 `json:"size_kb_utilized"`
NumObjects *uint64 `json:"num_objects"`
} `json:"rgw.multimeta"`
} `json:"usage"`
BucketQuota QuotaSpec `json:"bucket_quota"`
Policy *bool `url:"policy"`
PurgeObject *bool `url:"purge-objects"`
}
Bucket describes an object store bucket
type BucketLinkInput ¶
type BucketLinkInput struct {
Bucket string `url:"bucket" json:"bucket"`
BucketID string `url:"bucket-id" json:"bucket_id"`
UID string `url:"uid" json:"uid"`
}
BucketLinkInput the bucket link/unlink input parameters
type BucketListingSpec ¶
BucketListingSpec describes a request
type HTTPClient ¶
HTTPClient interface that conforms to that of the http package's Client.
type Info ¶
type Info struct {
InfoSpec struct {
StorageBackends []StorageBackend `json:"storage_backends"`
} `json:"info"`
}
Info struct
type Policy ¶
type Policy struct {
ACL struct {
ACLUserMap []struct {
User string `json:"user"`
ACL *int `json:"acl"`
} `json:"acl_user_map"`
ACLGroupMap []interface{} `json:"acl_group_map"`
GrantMap []struct {
ID string `json:"id"`
Grant struct {
Type struct {
Type int `json:"type"`
} `json:"type"`
ID string `json:"id"`
Email string `json:"email"`
Permission struct {
Flags int `json:"flags"`
} `json:"permission"`
Name string `json:"name"`
Group *int `json:"group"`
URLSpec string `json:"url_spec"`
} `json:"grant"`
} `json:"grant_map"`
} `json:"acl"`
Owner struct {
ID string `json:"id"`
DisplayName string `json:"display_name"`
} `json:"owner"`
}
Policy describes a bucket policy
type QuotaSpec ¶
type QuotaSpec struct {
UID string `json:"user_id" url:"uid"`
Bucket string `json:"bucket" url:"bucket"`
QuotaType string `url:"quota-type"`
Enabled *bool `json:"enabled" url:"enabled"`
CheckOnRaw bool `json:"check_on_raw"`
MaxSize *int64 `json:"max_size" url:"max-size"`
MaxSizeKb *int `json:"max_size_kb" url:"max-size-kb"`
MaxObjects *int64 `json:"max_objects" url:"max-objects"`
}
QuotaSpec describes an object store quota for a user or a bucket Only user's quota are supported
type StorageBackend ¶
StorageBackend struct
type SubuserAccess ¶
type SubuserAccess string
SubuserAccess represents an access level for a subuser
const ( SubuserAccessNone SubuserAccess = "" SubuserAccessRead SubuserAccess = "read" SubuserAccessWrite SubuserAccess = "write" SubuserAccessReadWrite SubuserAccess = "readwrite" SubuserAccessFull SubuserAccess = "full" SubuserAccessReplyNone SubuserAccess = "<none>" SubuserAccessReplyRead SubuserAccess = "read" SubuserAccessReplyWrite SubuserAccess = "write" SubuserAccessReplyReadWrite SubuserAccess = "read-write" SubuserAccessReplyFull SubuserAccess = "full-control" )
The possible values of SubuserAccess
There are two sets of constants as the API parameters and the values returned by the API do not match. The SubuserAccess* values must be used when setting access level, the SubuserAccessReply* values are the ones that may be returned. This is a design problem of the upstream API. We do not feel confident to do the mapping in the library.
type SubuserSpec ¶
type SubuserSpec struct {
Name string `json:"id" url:"subuser"`
Access SubuserAccess `json:"permissions" url:"access"`
// these are always nil in answers, they are only relevant in requests
GenerateKey *bool `json:"-" url:"generate-key"`
SecretKey *string `json:"-" url:"secret-key"`
Secret *string `json:"-" url:"secret"`
PurgeKeys *bool `json:"-" url:"purge-keys"`
KeyType *string `json:"-" url:"key-type"`
}
SubuserSpec represents a subusers of a ceph-rgw user
type SwiftKeySpec ¶
SwiftKeySpec represents the secret key associated to a subuser
type Usage ¶
type Usage struct {
Entries []struct {
User string `json:"user"`
Buckets []struct {
Bucket string `json:"bucket"`
Time string `json:"time"`
Epoch uint64 `json:"epoch"`
Owner string `json:"owner"`
Categories []struct {
Category string `json:"category"`
BytesSent uint64 `json:"bytes_sent"`
BytesReceived uint64 `json:"bytes_received"`
Ops uint64 `json:"ops"`
SuccessfulOps uint64 `json:"successful_ops"`
} `json:"categories"`
} `json:"buckets"`
} `json:"entries"`
Summary []struct {
User string `json:"user"`
Categories []struct {
Category string `json:"category"`
BytesSent uint64 `json:"bytes_sent"`
BytesReceived uint64 `json:"bytes_received"`
Ops uint64 `json:"ops"`
SuccessfulOps uint64 `json:"successful_ops"`
} `json:"categories"`
Total struct {
BytesSent uint64 `json:"bytes_sent"`
BytesReceived uint64 `json:"bytes_received"`
Ops uint64 `json:"ops"`
SuccessfulOps uint64 `json:"successful_ops"`
} `json:"total"`
} `json:"summary"`
UserID string `url:"uid"`
Start string `url:"start"` //Example: 2012-09-25 16:00:00
End string `url:"end"`
ShowEntries *bool `url:"show-entries"`
ShowSummary *bool `url:"show-summary"`
RemoveAll *bool `url:"remove-all"` //true
}
Usage struct
type User ¶
type User struct {
ID string `json:"user_id" url:"uid"`
DisplayName string `json:"display_name" url:"display-name"`
Email string `json:"email" url:"email"`
Suspended *int `json:"suspended" url:"suspended"`
MaxBuckets *int `json:"max_buckets" url:"max-buckets"`
Subusers []SubuserSpec `json:"subusers" url:"-"`
Keys []UserKeySpec `json:"keys"`
SwiftKeys []SwiftKeySpec `json:"swift_keys" url:"-"`
Caps []UserCapSpec `json:"caps"`
OpMask string `json:"op_mask" url:"op-mask"`
DefaultPlacement string `json:"default_placement"`
DefaultStorageClass string `json:"default_storage_class"`
PlacementTags []interface{} `json:"placement_tags"`
BucketQuota QuotaSpec `json:"bucket_quota"`
UserQuota QuotaSpec `json:"user_quota"`
TempURLKeys []interface{} `json:"temp_url_keys"`
Type string `json:"type"`
MfaIds []interface{} `json:"mfa_ids"` //revive:disable-line:var-naming old-yet-exported public api
KeyType string `url:"key-type"`
Tenant string `url:"tenant"`
GenerateKey *bool `url:"generate-key"`
PurgeData *int `url:"purge-data"`
GenerateStat *bool `url:"stats"`
Stat UserStat `json:"stats"`
UserCaps string `url:"user-caps"`
}
User is GO representation of the json output of a user creation
type UserCapSpec ¶
UserCapSpec represents a user capability which gives access to certain ressources
type UserKeySpec ¶
type UserKeySpec struct {
User string `json:"user"`
AccessKey string `json:"access_key" url:"access-key"`
SecretKey string `json:"secret_key" url:"secret-key"`
// Request fields
UID string `url:"uid"` // The user ID to receive the new key
SubUser string `url:"subuser"` // The subuser ID to receive the new key
KeyType string `url:"key-type"`
GenerateKey *bool `url:"generate-key"` // Generate a new key pair and add to the existing keyring
}
UserKeySpec is the user credential configuration
Source Files