diff --git a/authority/admin/api/policy.go b/authority/admin/api/policy.go index b84c18c5..d04147b3 100644 --- a/authority/admin/api/policy.go +++ b/authority/admin/api/policy.go @@ -88,6 +88,8 @@ func (par *PolicyAdminResponder) CreateAuthorityPolicy(w http.ResponseWriter, r applyConditionalDefaults(newPolicy) + newPolicy.Deduplicate() + adm := linkedca.AdminFromContext(ctx) var createdPolicy *linkedca.Policy @@ -129,6 +131,8 @@ func (par *PolicyAdminResponder) UpdateAuthorityPolicy(w http.ResponseWriter, r return } + newPolicy.Deduplicate() + adm := linkedca.AdminFromContext(ctx) var updatedPolicy *linkedca.Policy @@ -207,6 +211,8 @@ func (par *PolicyAdminResponder) CreateProvisionerPolicy(w http.ResponseWriter, applyConditionalDefaults(newPolicy) + newPolicy.Deduplicate() + prov.Policy = newPolicy if err := par.auth.UpdateProvisioner(ctx, prov); err != nil { @@ -241,6 +247,8 @@ func (par *PolicyAdminResponder) UpdateProvisionerPolicy(w http.ResponseWriter, return } + newPolicy.Deduplicate() + prov.Policy = newPolicy if err := par.auth.UpdateProvisioner(ctx, prov); err != nil { var pe *authority.PolicyError @@ -311,6 +319,8 @@ func (par *PolicyAdminResponder) CreateACMEAccountPolicy(w http.ResponseWriter, return } + newPolicy.Deduplicate() + eak.Policy = newPolicy acmeEAK := linkedEAKToCertificates(eak) @@ -339,6 +349,8 @@ func (par *PolicyAdminResponder) UpdateACMEAccountPolicy(w http.ResponseWriter, return } + newPolicy.Deduplicate() + eak.Policy = newPolicy acmeEAK := linkedEAKToCertificates(eak) if err := par.acmeDB.UpdateExternalAccountKey(ctx, prov.GetId(), acmeEAK); err != nil {