remove legacy path for LDAP during policy map removal (#12081)

Thanks to @Alevsk for noticing this nuanced behavior
change between releases from 03-04 to 03-20, make sure
that we handle the legacy path removal as well.
This commit is contained in:
Harshavardhana 2021-04-16 18:18:55 -07:00 committed by GitHub
parent 0a9d8dfb0b
commit 7a0a5bdc0d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1729,7 +1729,14 @@ func (sys *IAMSys) policyDBSet(name, policyName string, userType IAMUserType, is
// Handle policy mapping removal
if policyName == "" {
if err := sys.store.deleteMappedPolicy(context.Background(), name, userType, isGroup); err != nil && err != errNoSuchPolicy {
if sys.usersSysType == LDAPUsersSysType {
// Add a fallback removal towards previous content that may come back
// as a ghost user due to lack of delete, this change occurred
// introduced in PR #11840
sys.store.deleteMappedPolicy(context.Background(), name, regularUser, false)
}
err := sys.store.deleteMappedPolicy(context.Background(), name, userType, isGroup)
if err != nil && err != errNoSuchPolicy {
return err
}
if !isGroup {