Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 16 for estesp (0.27 sec)

  2. github.com/minio/minio

    cmd/bucket-policy.go 

    	currTime := UTCNow()

	var (
		username = cred.AccessKey
		claims   = cred.Claims
		groups   = cred.Groups
	)

	if cred.IsTemp() || cred.IsServiceAccount() {
		// For derived credentials, check the parent user's permissions.
		username = cred.ParentUser
	}

	principalType := "Anonymous"
	if username != "" {
		principalType = "User"
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 8K bytes
    - Viewed (0)
  3. github.com/minio/minio

    cmd/iam-etcd-store.go 

    		return nil
	}
	if u.Credentials.AccessKey == "" {
		u.Credentials.AccessKey = user
	}
	if u.Credentials.SessionToken != "" {
		jwtClaims, err := extractJWTClaims(u)
		if err != nil {
			if u.Credentials.IsTemp() {
				// We should delete such that the client can re-request
				// for the expiring credentials.
				deleteKeyEtcd(ctx, ies.client, getUserIdentityPath(user, userType))
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 13.6K bytes
    - Viewed (0)
  4. github.com/minio/minio

    cmd/site-replication.go 

    			}); err != nil {
				replLogIf(ctx, fmt.Errorf("Unable to heal service account %s from peer site %s -> %s : %w", user, latestPeerName, peerName, err))
			}
			continue
		}
		if creds.IsTemp() && !creds.IsExpired() {
			var parentPolicy string
			u, err := globalIAMSys.GetUserInfo(ctx, creds.ParentUser)
			if err != nil {
				// Parent may be "virtual" (for ldap, oidc, client tls auth,
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Wed May 01 01:09:56 GMT 2024
    - 184.2K bytes
    - Viewed (1)
  5. github.com/minio/minio

    cmd/iam-store.go 

    		// non-empty session tokens.
		if !(cred.IsServiceAccount() || cred.IsTemp()) ||
			cred.SessionToken == "" {
			continue
		}

		var (
			err    error
			claims map[string]interface{} = cred.Claims
		)

		if cred.IsServiceAccount() {
			claims, err = getClaimsFromTokenWithSecret(cred.SessionToken, cred.SecretKey)
		} else if cred.IsTemp() {
			var secretKey string
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Sat Apr 27 10:04:10 GMT 2024
    - 75.2K bytes
    - Viewed (2)
  6. github.com/minio/minio

    cmd/auth-handler.go 

    	}

	if token == "" && cred.IsTemp() && !cred.IsServiceAccount() {
		// Temporary credentials should always have x-amz-security-token
		return nil, ErrInvalidToken
	}

	if token != "" && !cred.IsTemp() {
		// x-amz-security-token should not present for static credentials.
		return nil, ErrInvalidToken
	}
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 04 12:04:40 GMT 2024
    - 26K bytes
    - Viewed (0)
  7. github.com/minio/minio

    cmd/iam.go 

    	}

	if isGroup {
		_, err = sys.GetGroupDescription(userOrGroup)
		if err != nil {
			return
		}
	} else {
		var isTemp bool
		isTemp, _, err = sys.IsTempUser(userOrGroup)
		if err != nil && err != errNoSuchUser {
			return
		}
		if isTemp {
			err = errIAMActionNotAllowed
			return
		}

		// When the user is root credential you are not allowed to
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 25 21:28:16 GMT 2024
    - 71.1K bytes
    - Viewed (1)
  8. github.com/minio/minio

    cmd/admin-handlers-users.go 

    	user, exists := globalIAMSys.GetUser(ctx, accessKey)
	if exists && (user.Credentials.IsTemp() || user.Credentials.IsServiceAccount()) {
		// Updating STS credential is not allowed, and this API does not
		// support updating service accounts.
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAddUserInvalidArgument), r.URL)
		return
	}

	if (cred.IsTemp() || cred.IsServiceAccount()) && cred.ParentUser == accessKey {
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Wed May 01 12:41:13 GMT 2024
    - 77.5K bytes
    - Viewed (0)
  9. github.com/minio/minio

    cmd/admin-handlers-idp-ldap.go 

    	// account or STS account):
	requestorUser := cred.AccessKey
	requestorParentUser := cred.AccessKey
	requestorGroups := cred.Groups
	requestorIsDerivedCredential := false
	if cred.IsServiceAccount() || cred.IsTemp() {
		requestorParentUser = cred.ParentUser
		requestorIsDerivedCredential = true
	}

	// Check if we are creating svc account for request sender.
	isSvcAccForRequestor := false
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Thu Apr 25 15:50:16 GMT 2024
    - 13.3K bytes
    - Viewed (0)
  10. github.com/golang/go

    src/archive/tar/writer_test.go 

    // license that can be found in the LICENSE file.

package tar

import (
	"bytes"
	"encoding/hex"
	"errors"
	"io"
	"io/fs"
	"os"
	"path"
	"reflect"
	"sort"
	"strings"
	"testing"
	"testing/fstest"
	"testing/iotest"
	"time"
)

func bytediff(a, b []byte) string {
	const (
		uniqueA  = "-  "
		uniqueB  = "+  "
		identity = "   "
	)
	var ss []string
    Go
    - Registered: Tue Apr 30 11:13:12 GMT 2024
    - Last Modified: Tue Feb 27 16:39:23 GMT 2024
    - 38.7K bytes
    - Viewed (0)
  11. github.com/minio/minio

    cmd/sftp-server-driver.go 

    		return minio.New(f.endpoint, &minio.Options{
			Creds:     mcreds,
			Secure:    globalIsTLS,
			Transport: globalRemoteFTPClientTransport,
		})
	}

	// ok == true - at this point

	if ui.Credentials.IsTemp() {
		// Temporary credentials are not allowed.
		return nil, errAuthentication
	}

	return minio.New(f.endpoint, &minio.Options{
    Go
    - Registered: Sun May 05 19:28:20 GMT 2024
    - Last Modified: Fri Apr 19 12:23:42 GMT 2024
    - 12.9K bytes
    - Viewed (0)
Back to top