data provider: remove prefer_database_credentials

Google Cloud Storage credentials are now always stored within the data provider. Added a migration to read credentials from disk and store them inside the data provider. After v2.3 we can also remove credentials_path Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-08 07:10:56 +03:00 · 2022-04-28 12:55:01 +02:00
parent 4a44a7dfe1
commit ecd488a840
33 changed files with 312 additions and 564 deletions
--- a/ftpd/ftpd_test.go
+++ b/ftpd/ftpd_test.go
@@ -1813,24 +1813,6 @@ func TestLoginWithDatabaseCredentials(t *testing.T) {
 	u.FsConfig.Provider = sdk.GCSFilesystemProvider
 	u.FsConfig.GCSConfig.Bucket = "test"
 	u.FsConfig.GCSConfig.Credentials = kms.NewPlainSecret(`{ "type": "service_account" }`)
-
-	providerConf := config.GetProviderConf()
-	providerConf.PreferDatabaseCredentials = true
-	credentialsFile := filepath.Join(providerConf.CredentialsPath, fmt.Sprintf("%v_gcs_credentials.json", u.Username))
-	if !filepath.IsAbs(credentialsFile) {
-		credentialsFile = filepath.Join(configDir, credentialsFile)
-	}
-
-	assert.NoError(t, dataprovider.Close())
-
-	err := dataprovider.Initialize(providerConf, configDir, true)
-	assert.NoError(t, err)
-
-	if _, err = os.Stat(credentialsFile); err == nil {
-		// remove the credentials file
-		assert.NoError(t, os.Remove(credentialsFile))
-	}
-
 	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
 	assert.NoError(t, err)
 	assert.Equal(t, sdkkms.SecretStatusSecretBox, user.FsConfig.GCSConfig.Credentials.GetStatus())
@@ -1838,8 +1820,6 @@ func TestLoginWithDatabaseCredentials(t *testing.T) {
 	assert.Empty(t, user.FsConfig.GCSConfig.Credentials.GetAdditionalData())
 	assert.Empty(t, user.FsConfig.GCSConfig.Credentials.GetKey())

-	assert.NoFileExists(t, credentialsFile)
-
 	client, err := getFTPClient(user, false, nil)
 	if assert.NoError(t, err) {
 		err = client.Quit()
@@ -1850,23 +1830,9 @@ func TestLoginWithDatabaseCredentials(t *testing.T) {
 	assert.NoError(t, err)
 	err = os.RemoveAll(user.GetHomeDir())
 	assert.NoError(t, err)
-
-	assert.NoError(t, dataprovider.Close())
-	assert.NoError(t, config.LoadConfig(configDir, ""))
-	providerConf = config.GetProviderConf()
-	assert.NoError(t, dataprovider.Initialize(providerConf, configDir, true))
 }

 func TestLoginInvalidFs(t *testing.T) {
-	err := dataprovider.Close()
-	assert.NoError(t, err)
-	err = config.LoadConfig(configDir, "")
-	assert.NoError(t, err)
-	providerConf := config.GetProviderConf()
-	providerConf.PreferDatabaseCredentials = false
-	err = dataprovider.Initialize(providerConf, configDir, true)
-	assert.NoError(t, err)
-
 	u := getTestUser()
 	u.FsConfig.Provider = sdk.GCSFilesystemProvider
 	u.FsConfig.GCSConfig.Bucket = "test"
@@ -1874,16 +1840,6 @@ func TestLoginInvalidFs(t *testing.T) {
 	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
 	assert.NoError(t, err)

-	providerConf = config.GetProviderConf()
-	credentialsFile := filepath.Join(providerConf.CredentialsPath, fmt.Sprintf("%v_gcs_credentials.json", u.Username))
-	if !filepath.IsAbs(credentialsFile) {
-		credentialsFile = filepath.Join(configDir, credentialsFile)
-	}
-
-	// now remove the credentials file so the filesystem creation will fail
-	err = os.Remove(credentialsFile)
-	assert.NoError(t, err)
-
 	client, err := getFTPClient(user, false, nil)
 	if !assert.Error(t, err) {
 		err = client.Quit()
@@ -1893,14 +1849,6 @@ func TestLoginInvalidFs(t *testing.T) {
 	assert.NoError(t, err)
 	err = os.RemoveAll(user.GetHomeDir())
 	assert.NoError(t, err)
-
-	err = dataprovider.Close()
-	assert.NoError(t, err)
-	err = config.LoadConfig(configDir, "")
-	assert.NoError(t, err)
-	providerConf = config.GetProviderConf()
-	err = dataprovider.Initialize(providerConf, configDir, true)
-	assert.NoError(t, err)
 }

 func TestClientClose(t *testing.T) {