Skip to content

Commit

Permalink
auth: ensure RoleGrantPermission is compatible with older versions
Browse files Browse the repository at this point in the history
  • Loading branch information
tangcong committed Apr 8, 2020
1 parent a46ee16 commit f8df6b6
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 59 deletions.
10 changes: 0 additions & 10 deletions auth/store.go
Original file line number Diff line number Diff line change
Expand Up @@ -879,16 +879,6 @@ func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) (
})

if idx < len(role.KeyPermission) && bytes.Equal(role.KeyPermission[idx].Key, r.Perm.Key) && bytes.Equal(role.KeyPermission[idx].RangeEnd, r.Perm.RangeEnd) {
if role.KeyPermission[idx].PermType == r.Perm.PermType {
as.lg.Warn(
"ignored grant permission request to a role, existing permission",
zap.String("role-name", r.Name),
zap.ByteString("key", r.Perm.Key),
zap.ByteString("range-end", r.Perm.RangeEnd),
zap.String("permission-type", authpb.Permission_Type_name[int32(r.Perm.PermType)]),
)
return &pb.AuthRoleGrantPermissionResponse{}, nil
}
// update existing permission
role.KeyPermission[idx].PermType = r.Perm.PermType
} else {
Expand Down
49 changes: 0 additions & 49 deletions auth/store_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -414,55 +414,6 @@ func TestListUsers(t *testing.T) {
}
}

func TestRoleGrantPermissionRevision(t *testing.T) {
as, tearDown := setupAuthStore(t)
defer tearDown(t)

_, err := as.RoleAdd(&pb.AuthRoleAddRequest{Name: "role-test-1"})
if err != nil {
t.Fatal(err)
}

perm := &authpb.Permission{
PermType: authpb.WRITE,
Key: []byte("Keys"),
RangeEnd: []byte("RangeEnd"),
}
_, err = as.RoleGrantPermission(&pb.AuthRoleGrantPermissionRequest{
Name: "role-test-1",
Perm: perm,
})

if err != nil {
t.Fatal(err)
}

r, err := as.RoleGet(&pb.AuthRoleGetRequest{Role: "role-test-1"})
if err != nil {
t.Fatal(err)
}

if !reflect.DeepEqual(perm, r.Perm[0]) {
t.Errorf("expected %v, got %v", perm, r.Perm[0])
}

oldRevision := as.Revision()

_, err = as.RoleGrantPermission(&pb.AuthRoleGrantPermissionRequest{
Name: "role-test-1",
Perm: perm,
})

if err != nil {
t.Error(err)
}
newRevision := as.Revision()

if oldRevision != newRevision {
t.Errorf("expected revision diff is 0, got %d", newRevision-oldRevision)
}
}

func TestRoleGrantPermission(t *testing.T) {
as, tearDown := setupAuthStore(t)
defer tearDown(t)
Expand Down

0 comments on commit f8df6b6

Please sign in to comment.