Skip to content

Commit

Permalink
backport of commit bab1063 (#16842)
Browse files Browse the repository at this point in the history
Co-authored-by: Jason O'Donnell <[email protected]>
  • Loading branch information
1 parent 5b1aff3 commit e5caf39
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 1 deletion.
2 changes: 1 addition & 1 deletion vault/identity_store.go
Original file line number Diff line number Diff line change
Expand Up @@ -1220,7 +1220,7 @@ func (i *IdentityStore) CreateOrFetchEntity(ctx context.Context, alias *logical.
// names match or no metadata is different, -1 is returned.
func changedAliasIndex(entity *identity.Entity, alias *logical.Alias) int {
for i, a := range entity.Aliases {
if a.Name == alias.Name && !strutil.EqualStringMaps(a.Metadata, alias.Metadata) {
if a.Name == alias.Name && a.MountAccessor == alias.MountAccessor && !strutil.EqualStringMaps(a.Metadata, alias.Metadata) {
return i
}
}
Expand Down
49 changes: 49 additions & 0 deletions vault/identity_store_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -806,3 +806,52 @@ func TestIdentityStore_NewEntityCounter(t *testing.T) {

expectSingleCount(t, sink, "identity.entity.creation")
}

func TestIdentityStore_UpdateAliasMetadataPerAccessor(t *testing.T) {
entity := &identity.Entity{
ID: "testEntityID",
Name: "testEntityName",
Policies: []string{"foo", "bar"},
Aliases: []*identity.Alias{
{
ID: "testAliasID1",
CanonicalID: "testEntityID",
MountType: "testMountType",
MountAccessor: "testMountAccessor",
Name: "sameAliasName",
},
{
ID: "testAliasID2",
CanonicalID: "testEntityID",
MountType: "testMountType",
MountAccessor: "testMountAccessor2",
Name: "sameAliasName",
},
},
NamespaceID: namespace.RootNamespaceID,
}

login := &logical.Alias{
MountType: "testMountType",
MountAccessor: "testMountAccessor",
Name: "sameAliasName",
ID: "testAliasID",
Metadata: map[string]string{"foo": "bar"},
}

if i := changedAliasIndex(entity, login); i != 0 {
t.Fatalf("wrong alias index changed. Expected 0, got %d", i)
}

login2 := &logical.Alias{
MountType: "testMountType",
MountAccessor: "testMountAccessor2",
Name: "sameAliasName",
ID: "testAliasID2",
Metadata: map[string]string{"bar": "foo"},
}

if i := changedAliasIndex(entity, login2); i != 1 {
t.Fatalf("wrong alias index changed. Expected 1, got %d", i)
}
}

0 comments on commit e5caf39

Please sign in to comment.