User

Create

curl -H "Content-Type:application/json" -X POST --data '{"id":"testuser","pwd":"12345","type":3}' "http://10.196.59.198:17010/user/create"

Create a user in the cluster to access object storage service. When the cluster starts, the root user is automatically created (the value of type is 0x1).

ChubaoFS treats every Owner of volume as a user. For example, if the value of Owner is testuser when creating a volume, the volume is owned by user testuser.

If there is no user ID with the same value as the Owner when creating the volume, the user named the value of Owner will be automatically created when creating the volume.

body key
Key Type Description Range Mandatory Default
id string user ID Consists of letters, numbers and underscores, no more than 20 characters Yes None
pwd string user’s password Unlimited No ChubaoFSUser
ak string Access Key Consists of 16-bits letters and numbers No Random value
sk string Secret Key Consists of 32-bits letters and numbers No Random value
type int user type 2: [admin] / 3: [normal user] Yes None

Delete

curl -v "http://10.196.59.198:17010/user/delete?user=testuser"

Delete the specified user in the cluster.

Parameters
Parameter Type Description
user string user ID

Get

Show basic user information, including user ID, Access Key, Secret Key, list of owned volumes, list of permissions granted by other users, user type, creation time.

The field policy shows the volumes which the user has permission, of which own_vols indicates that volumes owned by the user, and authorized_vols indicates the volume authorized by other users to the user with restrictions.

There are two ways to obtain:

Query by User ID

curl -v "http://10.196.59.198:17010/user/info?user=testuser" | python -m json.tool
Parameters
Parameter Type Description
user string user ID

Query by Access Key

curl -v "http://10.196.59.198:17010/user/akInfo?ak=0123456789123456" | python -m json.tool
Parameters
Parameter Type Description
ak string Access Key

response

{
     "user_id": "testuser",
     "access_key": "0123456789123456",
     "secret_key": "ZVY5RHlrnOrCjImW9S3MajtYZyxSegcf",
     "policy": {
         "own_vols": ["vol1"],
         "authorized_vols": {
             "ltptest": [
                 "perm:builtin:ReadOnly",
                 "perm:custom:PutObjectAction"
             ]
         }
     },
     "user_type": 3,
     "create_time": "2020-05-11 09:25:04"
}

List Users

curl -v "http://10.196.59.198:17010/user/list?keywords=test" | python -m json.tool

Query information about all users in a cluster whose user ID contains the keyword.

Parameters
Parameter Type Description
keywords string check user ID contains this or not

Update

curl -H "Content-Type:application/json" -X POST --data '{"user_id":"testuser","access_key":"KzuIVYCFqvu0b3Rd","secret_key":"iaawlCchJeeuGSnmFW72J2oDqLlSqvA5","type":3}' "http://10.196.59.198:17010/user/update"

Update the specified user’s information, including access key, secret key and user type.

body key
Key Type Description Mandatory
user_id string user ID value after updating Yes
access_key string Access Key value after updating No
secret_key string Secret Key value after updating No
type int user type value after updating No

Update Permission

curl -H "Content-Type:application/json" -X POST --data '{"user_id":"testuser","volume":"vol","policy":["perm:builtin:ReadOnly","perm:custom:PutObjectAction"]}' "http://10.196.59.198:17010/user/updatePolicy"

Update the specified user’s permission to a volume. There are three types of values for policy:

  • Grant read-only or read-write permission, the value is perm:builtin:ReadOnly or perm:builtin:Writable.
  • Grant a permission of the specified action, the format is action:oss:XXX, take GetObject action as an example, the value of policy is action:oss:GetObject.
  • Grant a custom permission, the format is perm:custom:XXX, where XXX is customized by the user.

After the permissions are specified, the user can only access the volume within the specified permissions when using the object storage. If the user already has permissions for this volume, this operation will overwrite the original permissions.

body key
Key Type Description Mandatory
user_id string user ID to be set Yes
volume string volume name to be set Yes
policy string slice policy to be set Yes

Remove Permission

curl -H "Content-Type:application/json" -X POST --data '{"user_id":"testuser","volume":"vol"}' "http://10.196.59.198:17010/user/removePolicy"

Remove all permissions of a specified user for a volume.

body key
Key Type Description Mandatory
user_id string user ID to be deleted Yes
volume string volume name to be deleted Yes

Transfer Volume

curl -H "Content-Type:application/json" -X POST --data '{"volume":"vol","user_src":"user1","user_dst":"user2","force":"true"}' "http://10.196.59.198:17010/user/transferVol"

Transfer the ownership of the specified volume. This operation removes the specified volume from the owner_vols of source user name and adds it to the owner_vols of target user name; At the same time, the value of the field Owner in the volume structure will also be updated to the target user ID.

body key
Key Type Description Mandatory
volume string Volume name to be transfered Yes
user_src string Original owner of the volume, and must be the same as the Owner of the volume Yes
user_dst string Target user ID after transferring Yes
force bool Force to transfer the volume. If the value is set to true, even if the value of user_src is different from the value of the owner of the volume, the volume will also be transferred to the target user No