upgrade deps for minio/pkg v1.6.1 to include groups conditions (#16538)

2026-02-04 18:00:15 -05:00 · 2023-02-06 09:27:29 -08:00
parent 5996c8c4d5
commit 14cf8f1b22
14 changed files with 384 additions and 283 deletions
--- a/cmd/metrics.go
+++ b/cmd/metrics.go
@@ -22,6 +22,7 @@ import (
 	"strings"
 	"time"

+	"github.com/minio/minio/internal/auth"
 	"github.com/minio/minio/internal/logger"
 	"github.com/minio/minio/internal/mcontext"
 	iampolicy "github.com/minio/pkg/iam/policy"
@@ -616,14 +617,21 @@ func AuthMiddleware(h http.Handler) http.Handler {
 			writeErrorResponseJSON(r.Context(), w, toAdminAPIErr(r.Context(), errAuthentication), r.URL)
 			return
 		}
+
+		cred := auth.Credentials{
+			AccessKey: claims.AccessKey,
+			Claims:    claims.Map(),
+			Groups:    groups,
+		}
+
 		// For authenticated users apply IAM policy.
 		if !globalIAMSys.IsAllowed(iampolicy.Args{
-			AccountName:     claims.AccessKey,
-			Groups:          groups,
+			AccountName:     cred.AccessKey,
+			Groups:          cred.Groups,
 			Action:          iampolicy.PrometheusAdminAction,
-			ConditionValues: getConditionValues(r, "", claims.AccessKey, claims.Map()),
+			ConditionValues: getConditionValues(r, "", cred),
 			IsOwner:         owner,
-			Claims:          claims.Map(),
+			Claims:          cred.Claims,
 		}) {
 			if ok {
 				tc.FuncName = "handler.MetricsAuth"