MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

cleanup handling of STS isAllowed and simplifies the PolicyDBGet() (#18554)

Browse Source
This commit is contained in:
Harshavardhana
2023-11-29 16:07:35 -08:00
committed by GitHub
parent b7d11141e1
commit 0ee722f8c3
6 changed files with 32 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/iam-store.go
View File

@@ -655,7 +655,7 @@ func (store *IAMStoreSys) GroupNotificationHandler(ctx context.Context, group st
// PolicyDBGet - fetches policies associated with the given user or group, and
// additional groups if provided.
func (store *IAMStoreSys) PolicyDBGet(name string, isGroup bool, groups ...string) ([]string, error) {
func (store *IAMStoreSys) PolicyDBGet(name string, groups ...string) ([]string, error) {
if name == "" {
return nil, errInvalidArgument
}
@@ -663,19 +663,17 @@ func (store *IAMStoreSys) PolicyDBGet(name string, isGroup bool, groups ...strin
cache := store.rlock()
defer store.runlock()
policies, _, err := cache.policyDBGet(store, name, isGroup)
policies, _, err := cache.policyDBGet(store, name, false)
if err != nil {
return nil, err
}
if !isGroup {
for _, group := range groups {
ps, _, err := cache.policyDBGet(store, group, true)
if err != nil {
return nil, err
}
policies = append(policies, ps...)
for _, group := range groups {
ps, _, err := cache.policyDBGet(store, group, true)
if err != nil {
return nil, err
}
policies = append(policies, ps...)
}
return policies, nil
@@ -1219,6 +1217,9 @@ func (store *IAMStoreSys) GetPolicy(name string) (policy.Policy, error) {
}
toMerge = append(toMerge, v.Policy)
}
if len(toMerge) == 0 {
return policy.Policy{}, errNoSuchPolicy
}
return policy.MergePolicies(toMerge...), nil
}