mirror of
https://github.com/minio/minio.git
synced 2025-02-03 09:55:59 -05:00
fix: reload LDAP users properly with latest mapping (#12137)
peer nodes would not update if policy is unset on a user, until policies reload every 5minutes. Make sure to reload the policies properly, if no policy is found make sure to delete such users and groups fixes #12074 Signed-off-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
Harshavardhana
GitHub
parent
93cdecaadd
commit
799691eded
20
cmd/iam.go
20
cmd/iam.go
@ -355,12 +355,24 @@ func (sys *IAMSys) LoadPolicyMapping(objAPI ObjectLayer, userOrGroup string, isG
|
|||||||
|
|
||||||
if globalEtcdClient == nil {
|
if globalEtcdClient == nil {
|
||||||
var err error
|
var err error
|
||||||
if isGroup {
|
userType := regularUser
|
||||||
err = sys.store.loadMappedPolicy(context.Background(), userOrGroup, regularUser, isGroup, sys.iamGroupPolicyMap)
|
if sys.usersSysType == LDAPUsersSysType {
|
||||||
} else {
|
userType = stsUser
|
||||||
err = sys.store.loadMappedPolicy(context.Background(), userOrGroup, regularUser, isGroup, sys.iamUserPolicyMap)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if isGroup {
|
||||||
|
err = sys.store.loadMappedPolicy(context.Background(), userOrGroup, userType, isGroup, sys.iamGroupPolicyMap)
|
||||||
|
} else {
|
||||||
|
err = sys.store.loadMappedPolicy(context.Background(), userOrGroup, userType, isGroup, sys.iamUserPolicyMap)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err == errNoSuchPolicy {
|
||||||
|
if isGroup {
|
||||||
|
delete(sys.iamGroupPolicyMap, userOrGroup)
|
||||||
|
} else {
|
||||||
|
delete(sys.iamUserPolicyMap, userOrGroup)
|
||||||
|
}
|
||||||
|
}
|
||||||
// Ignore policy not mapped error
|
// Ignore policy not mapped error
|
||||||
if err != nil && err != errNoSuchPolicy {
|
if err != nil && err != errNoSuchPolicy {
|
||||||
return err
|
return err
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user