#!/bin/bash

USERNAME=$1
PASSWORD=$2
TARGET="objects"

# Create new prolicy
cat > ./policy.json << EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:PutBucketPolicy",
        "s3:GetBucketPolicy",
        "s3:DeleteBucketPolicy",
        "s3:ListAllMyBuckets",
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::$USERNAME"
      ],
      "Sid": ""
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::$USERNAME/*"
      ],
      "Sid": ""
    }
  ]
}
EOF

# Add new user if not exist
if ! mc admin user info "$TARGET" "$USERNAME" > /dev/null 2>&1 ; then
    mc admin user add "$TARGET" "$USERNAME" "$PASSWORD"
    mc mb "$TARGET/$USERNAME"
fi

# Set new policy to new user
mc admin policy add "$TARGET" "user-$USERNAME" policy.json
mc admin policy set "$TARGET" "user-$USERNAME" "user=$USERNAME"