Initial FS CLI

2026-04-05 08:26:28 +00:00 · 2026-03-11 00:40:51 +01:00
parent 181cd42bbf
commit f57c7b8390
16 changed files with 1313 additions and 81 deletions
--- a/cmd/admin_policy.go
+++ b/cmd/admin_policy.go
@@ -0,0 +1,47 @@
+package cmd
+
+import (
+	"fmt"
+	"strings"
+)
+
+type rolePolicyOptions struct {
+	Role   string
+	Bucket string
+	Prefix string
+}
+
+func buildPolicyFromRole(opts rolePolicyOptions) (adminPolicy, error) {
+	role := strings.ToLower(strings.TrimSpace(opts.Role))
+	bucket := strings.TrimSpace(opts.Bucket)
+	prefix := strings.TrimSpace(opts.Prefix)
+	if bucket == "" {
+		bucket = "*"
+	}
+	if prefix == "" {
+		prefix = "*"
+	}
+
+	var actions []string
+	switch role {
+	case "admin":
+		actions = []string{"s3:*"}
+	case "readwrite":
+		actions = []string{"s3:ListBucket", "s3:GetObject", "s3:PutObject", "s3:DeleteObject"}
+	case "readonly":
+		actions = []string{"s3:ListBucket", "s3:GetObject"}
+	default:
+		return adminPolicy{}, fmt.Errorf("invalid role %q (allowed: admin, readwrite, readonly)", opts.Role)
+	}
+
+	return adminPolicy{
+		Statements: []adminPolicyStatement{
+			{
+				Effect:  "allow",
+				Actions: actions,
+				Bucket:  bucket,
+				Prefix:  prefix,
+			},
+		},
+	}, nil
+}