sdgoij/rustfs
1
0
Fork 0
mirror of https://github.com/rustfs/rustfs.git synced 2026-01-16 17:20:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: is-admin api (For STS/temporary credentials, we need to check the… (#1101)

Browse Source 
Co-authored-by: loverustfs <hello@rustfs.com>
This commit is contained in:
yxrxy
2025-12-11 08:55:41 +08:00
committed by GitHub
parent 978845b555
commit ede2fa9d0b
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
rustfs/src/admin/handlers.rs
View File

@@ -158,14 +158,15 @@ impl Operation for IsAdminHandler {
return Err(s3_error!(InvalidRequest, "get cred failed"));
};
let (_cred, _owner) =
let (cred, _owner) =
check_key_valid(get_session_token(&req.uri, &req.headers).unwrap_or_default(), &input_cred.access_key).await?;
let access_key_to_check = input_cred.access_key.clone();
// Check if the user is admin by comparing with global credentials
let is_admin = if let Some(sys_cred) = get_global_action_cred() {
sys_cred.access_key == access_key_to_check
crate::auth::constant_time_eq(&access_key_to_check, &sys_cred.access_key)
|| crate::auth::constant_time_eq(&cred.parent_user, &sys_cred.access_key)
} else {
false
};