Added S3 user management

[UtkarshBhatthere]

Added CLI to Create, Delete, List and Get S3 users for rgw

ubuntu@microcephtest:~$ sudo microceph s3 list
+---+-------------+
| # |    NAME     |
+---+-------------+
| 1 | test4       |
+---+-------------+
| 2 | testUser100 |
+---+-------------+
| 3 | test        |
+---+-------------+
| 4 | test2       |
+---+-------------+
| 5 | test5       |
+---+-------------+
ubuntu@microcephtest:~$ sudo microceph s3 get testUser100
+-------------+----------------------+------------------------------------------+
|    NAME     |      ACCESS KEY      |                  SECRET                  |
+-------------+----------------------+------------------------------------------+
| testUser100 | 9YI4KEEEZ333ES6Z5PST | iNPJDugy2l1GlnA8TWCWNguncQcb0f6glIjaj1Wu |
+-------------+----------------------+------------------------------------------+
ubuntu@microcephtest:~$ sudo microceph s3 create utkarsh --access-key=yo --secret=doesitwork?
+---------+------------+-------------+
|  NAME   | ACCESS KEY |   SECRET    |
+---------+------------+-------------+
| utkarsh | yo         | doesitwork? |
+---------+------------+-------------+
ubuntu@microcephtest:~$ sudo microceph s3 delete utkarsh
ubuntu@microcephtest:~$ sudo microceph s3 list
+---+-------------+
| # |    NAME     |
+---+-------------+
| 1 | test4       |
+---+-------------+
| 2 | testUser100 |
+---+-------------+
| 3 | test        |
+---+-------------+
| 4 | test2       |
+---+-------------+
| 5 | test5       |
+---+-------------+

[UtkarshBhatthere]

Added implementation, will add tests for the same.

[UtkarshBhatthere]

The PR lacks test, will remove from drafts once I have added them.

[sabaini]

Heya,

this looks very useful.

Some comments after a first quick look:

User interface: we talked about this a bit but jftr. -- think the microceph s3 [create|delete|...] ... might be a bit confusing as it's not clear that this is about creating or deleting users. Maybe could do another subcommand e.g. microceph s3 user [create|delete|...] ... or rename the subcommand to something like microceph s3-user [create|delete|...] ...

REST API: it's recommended to give every entity in a REST api their own URI, and have the REST verbs (GET/PUT/DELETE/...) act on those entities

For this API the entities would be users. It's a convention (though not required by REST) to have directories map to collections of entities.

A mapping to URIs could therefore look something like this, with an example user fooUser

GET /s3/users # list user collection
POST /s3/users # create a new user in collection with data from the req. body

GET /s3/users/fooUser # get details for fooUser (no data required)
PUT /s3/users/fooUser # update fooUser with data from req. body
DELETE /s3/users/fooUser # delete fooUser (no data required)

Note there's no POST /s3/users/fooUser as POST is for creating new entities.

Thanks!

[UtkarshBhatthere]

@sabaini I have modified the APIs to be using ""services/rgw/user"".

[sabaini]

Heya Utkarsh, thanks for the update, added a comment about REST API structure

[sabaini]

For optimal RESTy-ness I'd like to suggest an API structure like this:

GET /services/rgw/user # returns a list of users
GET /services/rgw/user/{uid} # returns info about a specific user

POST /services/rgw/user # create a new user

PUT /services/rgw/user/{name} # update existing user

DELETE /services/rgw/user/{name} # delete user

Something like this can be used to specify a path with a {uid} var:

var s3Cmd = rest.Endpoint{
	Path:   "services/rgw/user/{name}",
	Get:    rest.EndpointAction{Handler: cmdS3GetSingle, ProxyTarget: true},
        Put: 
...

func cmdS3GetSingle(s *state.State, r *http.Request) response.Response {
	var err error
	var name string
	name, err = url.PathUnescape(mux.Vars(r)["name"])
	if err != nil {
		return response.BadRequest(err)
	}
	// do something with user name
	user = ceph.GetS3User(name)
...

[sabaini]

With the API structure change I've suggested above the URL would be built with something like

err = c.Query(queryCtx, "GET", api.NewURL().Path("services", "rgw", "user", strconv.FormatInt(user.name, 10)), nil, nil)

[UtkarshBhatthere]

Thanks for the detailed review @sabaini 🙏🏼 . I will implement your RESTy suggestions in and make the PR ready.

[sabaini]

Hey @UtkarshBhatthere did a quick once over, added some suggestions mostly around API RESTfulness

[sabaini]

Naming nit: maybe a more descriptive name instead of testrgw_old

[sabaini]

I see these lines being repeated
Maybe could refactor the actionutils.sh a bit to have a setup_host function instead of setup_lxd that handles all deps

[sabaini]

Suggest: capitalize S3 here and below (proper noun)

[sabaini]

Suggest: s/Object Storage/object storage/

[sabaini]

Typo, s/a an/an/

[sabaini]

Copy/paste error :-)

[sabaini]

For maximum RESTfulness we should be using a POST to the /client/s3 url to create a user

[sabaini]

RESTfulness:

• retrieving a list of users should be a GET to /client/s3
• retrieving a single user should be a GET to /client/s3/{userid}

See the /disks/{osdid} handler in microceph/api/disks.go for an example on how to implement a handler for a path variable i.e. {userid}

[sabaini]

RESTfulness: this should be using a DELETE against /client/s3/{userid} (also cf. above for getting users)

[sabaini]

I guess this is not actually used?