feat(iam): implements policy operations#62
Conversation
Greptile SummaryThis PR implements complete IAM policy operations (add, edit, delete, get, list) and refactors all IAM endpoint paths to use a centralized Key changes:
Issue found:
Confidence Score: 4/5
Important Files Changed
Last reviewed commit: 44620fc |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
| const response = await client.request<URLSearchParams, unknown>({ | ||
| method: 'POST', | ||
| path: ``, | ||
| path: IAM_ENDPOINTS.removeAccessKey, |
There was a problem hiding this comment.
Duplicate Action parameter in removeAccessKey after refactoring
High Severity
The removeAccessKey function now sends Action=DeleteAccessKey in both the URL query string (via IAM_ENDPOINTS.removeAccessKey = '/?Action=DeleteAccessKey') and the POST body (via formData.append('Action', 'DeleteAccessKey')). Before this refactoring, the path was an empty string so Action was only in the body. All other access-key operations that use ?Action=... in the path do not also append Action to formData. This duplication is inconsistent and could cause unexpected server behavior for a destructive operation.
Additional Locations (1)
There was a problem hiding this comment.
Good catch but this works fine and doesn't have a side effect
|
🎉 This PR is included in version 1.2.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.14.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
2 participants
Note
Medium Risk
Introduces new IAM policy write operations and touches shared HTTP path configuration, so incorrect endpoint mappings or error handling could break IAM admin workflows.
Overview
Adds policy management support to
@tigrisdata/iam, exposing newaddPolicy,editPolicy,deletePolicy,getPolicy, andlistPoliciesAPIs (with newPolicy/PolicyDocumenttypes) from the package entrypoint.Refactors IAM request path handling by introducing
IAM_ENDPOINTSinhttp-client.tsand updating existing access-key and organization operations to use these constants instead of inline paths. Also adds a sharedhandleErrorutility (exported fromshared) to normalize certain IAM/storage error codes into friendlier messages, and uses it in the new policy calls.Written by Cursor Bugbot for commit 44620fc. This will update automatically on new commits. Configure here.