bugfix: acl sso auth methods test failures (#15512)

This PR fixes unit test failures introduced in f4e89e2
2022-12-09 18:47:32 +01:00 · 2022-12-09 18:47:32 +01:00 · db98e26375
parent 08f50f7dbf
commit db98e26375
5 changed files with 14 additions and 3 deletions
--- a/command/acl_auth_method_create_test.go
+++ b/command/acl_auth_method_create_test.go
@ -87,7 +87,7 @@ func TestACLAuthMethodCreateCommand_Run(t *testing.T) {

 	args = []string{
 		"-address=" + url, "-token=" + rootACLToken.SecretID, "-name=acl-auth-method-cli-test",
-		"-type=OIDC", "-token-locality=global", "-default=true", "-max-token-ttl=3600s",
+		"-type=OIDC", "-token-locality=global", "-default=false", "-max-token-ttl=3600s",
 		fmt.Sprintf("-config=@%s", configFile.Name()),
 	}
 	must.Eq(t, 0, cmd.Run(args))
--- a/command/acl_auth_method_update_test.go
+++ b/command/acl_auth_method_update_test.go
@ -108,4 +108,14 @@ func TestACLAuthMethodUpdateCommand_Run(t *testing.T) {

 	ui.OutputWriter.Reset()
 	ui.ErrorWriter.Reset()
+
+	// Update a default auth method
+	code = cmd.Run([]string{
+		"-address=" + url, "-token=" + rootACLToken.SecretID, "-default=true", method.Name})
+	must.Zero(t, code)
+	s = ui.OutputWriter.String()
+	must.StrContains(t, s, method.Name)
+
+	ui.OutputWriter.Reset()
+	ui.ErrorWriter.Reset()
 }
--- a/nomad/acl_endpoint.go
+++ b/nomad/acl_endpoint.go
@ -1727,7 +1727,7 @@ func (a *ACL) UpsertAuthMethods(
 		// a default one for that very type already.
 		if authMethod.Default {
 			existingMethodsDefaultmethod, _ := stateSnapshot.GetDefaultACLAuthMethodByType(nil, authMethod.Type)
-			if existingMethodsDefaultmethod != nil {
+			if existingMethodsDefaultmethod != nil && existingMethodsDefaultmethod.Name != authMethod.Name {
 				return structs.NewErrRPCCodedf(
 					http.StatusBadRequest,
 					"default method for type %s already exists: %v", authMethod.Type, existingMethodsDefaultmethod.Name,
--- a/nomad/acl_endpoint_test.go
+++ b/nomad/acl_endpoint_test.go
@ -3023,6 +3023,7 @@ func TestACLEndpoint_UpsertACLAuthMethods(t *testing.T) {
 	// Create the register request
 	am1 := mock.ACLAuthMethod()
 	am1.Default = true // make sure it's going to be a default method
+	am1.SetHash()

 	// Lookup the authMethods
 	req := &structs.ACLAuthMethodUpsertRequest{
--- a/nomad/state/state_store_acl_sso.go
+++ b/nomad/state/state_store_acl_sso.go
@ -66,7 +66,7 @@ func (s *StateStore) upsertACLAuthMethodTxn(index uint64, txn *txn, method *stru
 	// with an existing name or a duplicate default for the same type.
 	if method.Default {
 		existingMethodsDefaultmethod, _ := s.GetDefaultACLAuthMethodByType(nil, method.Type)
-		if existingMethodsDefaultmethod != nil {
+		if existingMethodsDefaultmethod != nil && existingMethodsDefaultmethod.Name != method.Name {
 			return false, fmt.Errorf(
 				"default ACL auth method for type %s already exists: %v",
 				method.Type, existingMethodsDefaultmethod.Name,