Soumitra Sulav created HDDS-6600:
------------------------------------
Summary: [MultiTenancy] No user validation on assignUser API
Key: HDDS-6600
URL: https://issues.apache.org/jira/browse/HDDS-6600
Project: Apache Ozone
Issue Type: Bug
Components: Ozone Manager
Affects Versions: 1.3.0
Reporter: Soumitra Sulav
No validation of user while running assignUser API under tenant.
Non-existent User
{code:java}
bash-4.2$ ozone tenant user assign user -t tenantone
Assigned 'user' to 'tenantone' with accessId 'tenantone$user'.
export AWS_ACCESS_KEY_ID='tenantone$user'
export
AWS_SECRET_ACCESS_KEY='b58a64f66e6091cd22cdd1666e226c82e8138ba7a86804a3086d108ef6036961'{code}
Invalid user (tried regex)
{code:java}
bash-4.2$ ozone tenant user assign "*" -t tenantone
Assigned '*' to 'tenantone' with accessId 'tenantone$*'.
export AWS_ACCESS_KEY_ID='tenantone$*'
export
AWS_SECRET_ACCESS_KEY='27f9420833b1433774660654a8cc054e76d630e0d5d2ee3d0e3a1c327ecc5ac8'
bash-4.2$ ozone tenant user assign "user*" -t tenantone
Assigned 'user*' to 'tenantone' with accessId 'tenantone$user*'.
export AWS_ACCESS_KEY_ID='tenantone$user*'
export
AWS_SECRET_ACCESS_KEY='99c4652cc90a4f5b46396432b00c3422f0ba481528cdc968b91ee6cedaa2f649'{code}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
