From 017722cf85671a8a882cfe400fde06b1ed07c8a5 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Wed, 14 Jul 2021 21:28:53 -0700 Subject: [PATCH] fix: propagate service account deletes properly (#12717) service account deletes were not propagating to remote peers, fix this. --- cmd/admin-handlers-users.go | 7 +++++++ cmd/iam.go | 6 +----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/cmd/admin-handlers-users.go b/cmd/admin-handlers-users.go index 07ee8e721..622a9d8bf 100644 --- a/cmd/admin-handlers-users.go +++ b/cmd/admin-handlers-users.go @@ -956,6 +956,13 @@ func (a adminAPIHandlers) DeleteServiceAccount(w http.ResponseWriter, r *http.Re return } + for _, nerr := range globalNotificationSys.DeleteServiceAccount(serviceAccount) { + if nerr.Err != nil { + logger.GetReqInfo(ctx).SetTags("peerAddress", nerr.Host.String()) + logger.LogIf(ctx, nerr.Err) + } + } + writeSuccessNoContent(w) } diff --git a/cmd/iam.go b/cmd/iam.go index 83f12ba22..2d40f23b5 100644 --- a/cmd/iam.go +++ b/cmd/iam.go @@ -1390,11 +1390,7 @@ func (sys *IAMSys) DeleteServiceAccount(ctx context.Context, accessKey string) e // It is ok to ignore deletion error on the mapped policy err := sys.store.deleteUserIdentity(context.Background(), accessKey, svcUser) - if err != nil { - // ignore if user is already deleted. - if err == errNoSuchUser { - return nil - } + if err != nil && err != errNoSuchUser { return err }