Replicate member_entity_ids and policies in identity/group across nodes identically (#16088)
* Replicate values of group member_entity_ids and policies across nodes identically * Adding CL * fixing tests
This commit is contained in:
parent
29cae725ce
commit
fa754c7fa5
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:bug
|
||||||
|
core/identity: Replicate member_entity_ids and policies in identity/group across nodes identically
|
||||||
|
```
|
|
@ -628,8 +628,20 @@ func assertMember(t *testing.T, client *api.Client, entityID, groupName, groupID
|
||||||
t.Fatal(err)
|
t.Fatal(err)
|
||||||
}
|
}
|
||||||
groupMap := secret.Data
|
groupMap := secret.Data
|
||||||
|
|
||||||
|
groupEntityMembers, ok := groupMap["member_entity_ids"].([]interface{})
|
||||||
|
if !ok && expectFound {
|
||||||
|
t.Fatalf("expected member_entity_ids not to be nil")
|
||||||
|
}
|
||||||
|
|
||||||
|
// if type assertion fails and expectFound is false, groupEntityMembers
|
||||||
|
// is nil, then let's just return, nothing to be done!
|
||||||
|
if !ok && !expectFound {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
found := false
|
found := false
|
||||||
for _, entityIDRaw := range groupMap["member_entity_ids"].([]interface{}) {
|
for _, entityIDRaw := range groupEntityMembers {
|
||||||
if entityIDRaw.(string) == entityID {
|
if entityIDRaw.(string) == entityID {
|
||||||
found = true
|
found = true
|
||||||
}
|
}
|
||||||
|
|
|
@ -1473,19 +1473,23 @@ func (i *IdentityStore) sanitizeAndUpsertGroup(ctx context.Context, group *ident
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove duplicate entity IDs and check if all IDs are valid
|
// Remove duplicate entity IDs and check if all IDs are valid
|
||||||
group.MemberEntityIDs = strutil.RemoveDuplicates(group.MemberEntityIDs, false)
|
if group.MemberEntityIDs != nil {
|
||||||
for _, entityID := range group.MemberEntityIDs {
|
group.MemberEntityIDs = strutil.RemoveDuplicates(group.MemberEntityIDs, false)
|
||||||
entity, err := i.MemDBEntityByID(entityID, false)
|
for _, entityID := range group.MemberEntityIDs {
|
||||||
if err != nil {
|
entity, err := i.MemDBEntityByID(entityID, false)
|
||||||
return fmt.Errorf("failed to validate entity ID %q: %w", entityID, err)
|
if err != nil {
|
||||||
}
|
return fmt.Errorf("failed to validate entity ID %q: %w", entityID, err)
|
||||||
if entity == nil {
|
}
|
||||||
return fmt.Errorf("invalid entity ID %q", entityID)
|
if entity == nil {
|
||||||
|
return fmt.Errorf("invalid entity ID %q", entityID)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove duplicate policies
|
// Remove duplicate policies
|
||||||
group.Policies = strutil.RemoveDuplicates(group.Policies, false)
|
if group.Policies != nil {
|
||||||
|
group.Policies = strutil.RemoveDuplicates(group.Policies, false)
|
||||||
|
}
|
||||||
|
|
||||||
txn := i.db.Txn(true)
|
txn := i.db.Txn(true)
|
||||||
defer txn.Abort()
|
defer txn.Abort()
|
||||||
|
|
Loading…
Reference in New Issue