diff --git a/cmd/admin-handlers_test.go b/cmd/admin-handlers_test.go index 6f451a1fe..861620747 100644 --- a/cmd/admin-handlers_test.go +++ b/cmd/admin-handlers_test.go @@ -73,6 +73,8 @@ func prepareAdminErasureTestBed(ctx context.Context) (*adminErasureTestBed, erro initAllSubsystems(ctx, objLayer) + globalIAMSys.InitStore(objLayer) + // Setup admin mgmt REST API handlers. adminRouter := mux.NewRouter() registerAdminRouter(adminRouter, true, true) diff --git a/cmd/auth-handler_test.go b/cmd/auth-handler_test.go index 84357751b..f8b3a917b 100644 --- a/cmd/auth-handler_test.go +++ b/cmd/auth-handler_test.go @@ -357,6 +357,12 @@ func TestIsReqAuthenticated(t *testing.T) { t.Fatalf("unable initialize config file, %s", err) } + newAllSubsystems() + + initAllSubsystems(context.Background(), objLayer) + + globalIAMSys.InitStore(objLayer) + creds, err := auth.CreateCredentials("myuser", "mypassword") if err != nil { t.Fatalf("unable create credential, %s", err) @@ -442,6 +448,12 @@ func TestValidateAdminSignature(t *testing.T) { t.Fatalf("unable initialize config file, %s", err) } + newAllSubsystems() + + initAllSubsystems(context.Background(), objLayer) + + globalIAMSys.InitStore(objLayer) + creds, err := auth.CreateCredentials("admin", "mypassword") if err != nil { t.Fatalf("unable create credential, %s", err) diff --git a/cmd/signature-v4-utils.go b/cmd/signature-v4-utils.go index a601273a4..6a86883e1 100644 --- a/cmd/signature-v4-utils.go +++ b/cmd/signature-v4-utils.go @@ -121,6 +121,12 @@ func isValidRegion(reqRegion string, confRegion string) bool { // check if the access key is valid and recognized, additionally // also returns if the access key is owner/admin. func checkKeyValid(accessKey string) (auth.Credentials, bool, APIErrorCode) { + if !globalIAMSys.Initialized() && !globalIsGateway { + // Check if server has initialized, then only proceed + // to check for IAM users otherwise its okay for clients + // to retry with 503 errors when server is coming up. + return auth.Credentials{}, false, ErrServerNotInitialized + } var owner = true var cred = globalActiveCred if cred.AccessKey != accessKey { diff --git a/cmd/test-utils_test.go b/cmd/test-utils_test.go index 0961b7eb8..767001e79 100644 --- a/cmd/test-utils_test.go +++ b/cmd/test-utils_test.go @@ -352,6 +352,8 @@ func UnstartedTestServer(t TestErrHandler, instanceType string) TestServer { initAllSubsystems(ctx, objLayer) + globalIAMSys.InitStore(objLayer) + return testServer } @@ -1571,6 +1573,8 @@ func newTestObjectLayer(ctx context.Context, endpointServerPools EndpointServerP initAllSubsystems(ctx, z) + globalIAMSys.InitStore(z) + return z, nil } @@ -1617,6 +1621,8 @@ func initAPIHandlerTest(obj ObjectLayer, endpoints []string) (string, http.Handl initAllSubsystems(context.Background(), obj) + globalIAMSys.InitStore(obj) + // get random bucket name. bucketName := getRandomBucketName() @@ -1909,6 +1915,8 @@ func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) { initAllSubsystems(ctx, objLayer) + globalIAMSys.InitStore(objLayer) + // Executing the object layer tests for single node setup. objTest(objLayer, FSTestStr, t) @@ -1928,6 +1936,8 @@ func ExecObjectLayerTest(t TestErrHandler, objTest objTestType) { initAllSubsystems(ctx, objLayer) + globalIAMSys.InitStore(objLayer) + defer removeRoots(append(fsDirs, fsDir)) // Executing the object layer tests for Erasure. objTest(objLayer, ErasureTestStr, t)