forked from TrueCloudLab/frostfs-s3-gw
[#580] Fix user removal in astOperation
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
parent
edc6aa2f88
commit
36029ca864
2 changed files with 7 additions and 9 deletions
|
@ -751,14 +751,13 @@ func addUsers(resource *astResource, astO *astOperation, users []string) {
|
||||||
func removeUsers(resource *astResource, astOperation *astOperation, users []string) {
|
func removeUsers(resource *astResource, astOperation *astOperation, users []string) {
|
||||||
for _, astOp := range resource.Operations {
|
for _, astOp := range resource.Operations {
|
||||||
if astOp.Role == astOperation.Role && astOp.Op == astOperation.Op && astOp.Action == astOperation.Action {
|
if astOp.Role == astOperation.Role && astOp.Op == astOperation.Op && astOp.Action == astOperation.Action {
|
||||||
ind := 0
|
filteredUsers := astOp.Users[:0] // new slice without allocation
|
||||||
for _, user := range astOp.Users {
|
for _, user := range astOp.Users {
|
||||||
if containsStr(users, user) {
|
if !containsStr(users, user) {
|
||||||
astOp.Users = append(astOp.Users[:ind], astOp.Users[ind+1:]...)
|
filteredUsers = append(filteredUsers, user)
|
||||||
} else {
|
|
||||||
ind++
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
astOp.Users = filteredUsers
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -394,7 +394,7 @@ func TestRemoveUsers(t *testing.T) {
|
||||||
Bucket: "bucket",
|
Bucket: "bucket",
|
||||||
},
|
},
|
||||||
Operations: []*astOperation{{
|
Operations: []*astOperation{{
|
||||||
Users: []string{"user1", "user3"},
|
Users: []string{"user1", "user3", "user4"},
|
||||||
Role: eacl.RoleUser,
|
Role: eacl.RoleUser,
|
||||||
Op: eacl.OperationPut,
|
Op: eacl.OperationPut,
|
||||||
Action: eacl.ActionAllow,
|
Action: eacl.ActionAllow,
|
||||||
|
@ -407,11 +407,10 @@ func TestRemoveUsers(t *testing.T) {
|
||||||
Action: eacl.ActionAllow,
|
Action: eacl.ActionAllow,
|
||||||
}
|
}
|
||||||
|
|
||||||
removeUsers(resource, op, []string{"user1", "user2"})
|
removeUsers(resource, op, []string{"user1", "user2", "user4"})
|
||||||
|
|
||||||
require.Equal(t, len(resource.Operations), 1)
|
require.Equal(t, len(resource.Operations), 1)
|
||||||
require.Equal(t, resource.Name(), resource.Name())
|
require.Equal(t, []string{"user3"}, resource.Operations[0].Users)
|
||||||
require.Equal(t, resource.Operations[0].Users, []string{"user3"})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestBucketAclToPolicy(t *testing.T) {
|
func TestBucketAclToPolicy(t *testing.T) {
|
||||||
|
|
Loading…
Reference in a new issue