Skip to content

Commit 8d9d3db

Browse files
shiradyshirady
committed
IAM | Remove Unneeded system_store Calls - Part 2
Signed-off-by: shirady <57721533+shirady@users.noreply.github.com>
1 parent d6808e3 commit 8d9d3db

File tree

2 files changed

+8
-34
lines changed

2 files changed

+8
-34
lines changed

src/server/system_services/account_server.js

Lines changed: 6 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -1227,13 +1227,12 @@ async function get_user(req) {
12271227
async function update_user(req) {
12281228

12291229
const action = IAM_ACTIONS.UPDATE_USER;
1230-
const requesting_account = system_store.get_account_by_email(req.account.email);
1230+
const requesting_account = req.account;
12311231
const old_account_email_wrapped = account_util.get_account_email_from_username(
12321232
req.rpc_params.username, requesting_account._id.toString());
12331233
account_util._check_if_requesting_account_is_root_account(action, requesting_account,
12341234
{ username: req.rpc_params.username, iam_path: req.rpc_params.new_iam_path });
1235-
account_util._check_if_account_exists(action, old_account_email_wrapped, req.rpc_params.username);
1236-
const requested_account = system_store.get_account_by_email(old_account_email_wrapped);
1235+
const requested_account = account_util._check_if_account_exists(action, old_account_email_wrapped, req.rpc_params.username);
12371236
let iam_path = requested_account.iam_path;
12381237
let user_name = req.rpc_params.username;
12391238
// Change to complete user name
@@ -1279,8 +1278,7 @@ async function delete_user(req) {
12791278
const requesting_account = req.account;
12801279
const account_email_wrapped = account_util.get_account_email_from_username(req.rpc_params.username, requesting_account._id.toString());
12811280
account_util._check_if_requesting_account_is_root_account(action, requesting_account, { username: req.rpc_params.username });
1282-
account_util._check_if_account_exists(action, account_email_wrapped, req.rpc_params.username);
1283-
const requested_account = system_store.get_account_by_email(account_email_wrapped);
1281+
const requested_account = account_util._check_if_account_exists(action, account_email_wrapped, req.rpc_params.username);
12841282
account_util._check_if_requested_account_is_root_account_or_IAM_user(action, requesting_account, requested_account);
12851283
account_util._check_if_requested_is_owned_by_root_account(action, requesting_account, requested_account);
12861284
account_util._check_if_user_does_not_have_resources_before_deletion(action, requested_account);
@@ -1432,15 +1430,7 @@ async function delete_access_key(req) {
14321430
async function tag_user(req) {
14331431
const action = IAM_ACTIONS.TAG_USER;
14341432
const requesting_account = req.account;
1435-
const account_email_wrapped = account_util.get_account_email_from_username(req.rpc_params.username, requesting_account._id.toString());
1436-
1437-
account_util._check_if_requesting_account_is_root_account(action, requesting_account, { username: req.rpc_params.username });
1438-
account_util._check_if_account_exists(action, account_email_wrapped, req.rpc_params.username);
1439-
1440-
const requested_account = system_store.get_account_by_email(account_email_wrapped);
1441-
account_util._check_if_requested_account_is_root_account_or_IAM_user(action, requesting_account, requested_account);
1442-
account_util._check_if_requested_is_owned_by_root_account(action, requesting_account, requested_account);
1443-
1433+
const requested_account = account_util.validate_and_return_requested_account(req.rpc_params, action, requesting_account);
14441434
const existing_tags = requested_account.tagging || [];
14451435

14461436
const tags_map = new Map();
@@ -1474,15 +1464,7 @@ async function tag_user(req) {
14741464
async function untag_user(req) {
14751465
const action = IAM_ACTIONS.UNTAG_USER;
14761466
const requesting_account = req.account;
1477-
const account_email_wrapped = account_util.get_account_email_from_username(req.rpc_params.username, requesting_account._id.toString());
1478-
1479-
account_util._check_if_requesting_account_is_root_account(action, requesting_account, { username: req.rpc_params.username });
1480-
account_util._check_if_account_exists(action, account_email_wrapped, req.rpc_params.username);
1481-
1482-
const requested_account = system_store.get_account_by_email(account_email_wrapped);
1483-
account_util._check_if_requested_account_is_root_account_or_IAM_user(action, requesting_account, requested_account);
1484-
account_util._check_if_requested_is_owned_by_root_account(action, requesting_account, requested_account);
1485-
1467+
const requested_account = account_util.validate_and_return_requested_account(req.rpc_params, action, requesting_account);
14861468
const existing_tags = requested_account.tagging || [];
14871469

14881470
const tag_keys_set = new Set(req.rpc_params.tag_keys);
@@ -1503,15 +1485,7 @@ async function untag_user(req) {
15031485
async function list_user_tags(req) {
15041486
const action = IAM_ACTIONS.LIST_USER_TAGS;
15051487
const requesting_account = req.account;
1506-
const account_email_wrapped = account_util.get_account_email_from_username(req.rpc_params.username, requesting_account._id.toString());
1507-
1508-
account_util._check_if_requesting_account_is_root_account(action, requesting_account, { username: req.rpc_params.username });
1509-
account_util._check_if_account_exists(action, account_email_wrapped, req.rpc_params.username);
1510-
1511-
const requested_account = system_store.get_account_by_email(account_email_wrapped);
1512-
account_util._check_if_requested_account_is_root_account_or_IAM_user(action, requesting_account, requested_account);
1513-
account_util._check_if_requested_is_owned_by_root_account(action, requesting_account, requested_account);
1514-
1488+
const requested_account = account_util.validate_and_return_requested_account(req.rpc_params, action, requesting_account);
15151489
// TODO: Pagination not supported - currently returns all tags, ignoring marker and max_items params
15161490
const tags = account_util.get_sorted_list_tags_for_user(requested_account.tagging);
15171491
dbg.log1('AccountSpaceNB.list_user_tags: returning', tags, 'tags for user', req.rpc_params.username);

src/util/account_util.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -329,6 +329,7 @@ function _check_if_account_exists(action, email_wrapped, username) {
329329
const message_with_details = `The user with name ${username} cannot be found.`;
330330
throw new RpcError('NO_SUCH_ENTITY', message_with_details);
331331
}
332+
return account;
332333
}
333334

334335
function _check_root_account_owns_user(root_account, user_account) {
@@ -715,8 +716,7 @@ function validate_and_return_requested_account(params, action, requesting_accoun
715716
} else {
716717
_check_if_requesting_account_is_root_account(action, requesting_account, { username: params.username });
717718
const account_email = get_account_email_from_username(params.username, requesting_account._id.toString());
718-
_check_if_account_exists(action, account_email, params.username);
719-
requested_account = system_store.get_account_by_email(account_email);
719+
requested_account = _check_if_account_exists(action, account_email, params.username);
720720
_check_if_requested_account_is_root_account_or_IAM_user(action, requesting_account, requested_account);
721721
_check_if_requested_is_owned_by_root_account(action, requesting_account, requested_account);
722722
}

0 commit comments

Comments
 (0)