mirror of
https://github.com/minio/minio.git
synced 2024-12-23 21:55:53 -05:00
Allow setting non-existent policy on a user/group (#13898)
This commit is contained in:
parent
8144a125ce
commit
de400f3473
@ -1191,7 +1191,7 @@ func (sys *IAMSys) PolicyDBSet(ctx context.Context, name, policy string, isGroup
|
||||
|
||||
err := sys.store.PolicyDBSet(ctx, name, policy, userType, isGroup)
|
||||
if err != nil {
|
||||
return nil
|
||||
return err
|
||||
}
|
||||
|
||||
// Notify all other MinIO peers to reload policy
|
||||
|
@ -277,7 +277,13 @@ func (s *TestSuiteIAM) TestLDAPSTS(c *check) {
|
||||
c.Fatalf("Expected to fail to create STS cred with no associated policy!")
|
||||
}
|
||||
|
||||
// Attempting to set a non-existent policy should fail.
|
||||
userDN := "uid=dillon,ou=people,ou=swengg,dc=min,dc=io"
|
||||
err = s.adm.SetPolicy(ctx, policy+"x", userDN, false)
|
||||
if err == nil {
|
||||
c.Fatalf("should not be able to set non-existent policy")
|
||||
}
|
||||
|
||||
err = s.adm.SetPolicy(ctx, policy, userDN, false)
|
||||
if err != nil {
|
||||
c.Fatalf("Unable to set policy: %v", err)
|
||||
|
Loading…
Reference in New Issue
Block a user