mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
Allow setting non-existent policy on a user/group (#13898)
This commit is contained in:
parent
8144a125ce
commit
de400f3473
@ -1191,7 +1191,7 @@ func (sys *IAMSys) PolicyDBSet(ctx context.Context, name, policy string, isGroup
|
|||||||
|
|
||||||
err := sys.store.PolicyDBSet(ctx, name, policy, userType, isGroup)
|
err := sys.store.PolicyDBSet(ctx, name, policy, userType, isGroup)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
// Notify all other MinIO peers to reload policy
|
// Notify all other MinIO peers to reload policy
|
||||||
|
@ -277,7 +277,13 @@ func (s *TestSuiteIAM) TestLDAPSTS(c *check) {
|
|||||||
c.Fatalf("Expected to fail to create STS cred with no associated policy!")
|
c.Fatalf("Expected to fail to create STS cred with no associated policy!")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Attempting to set a non-existent policy should fail.
|
||||||
userDN := "uid=dillon,ou=people,ou=swengg,dc=min,dc=io"
|
userDN := "uid=dillon,ou=people,ou=swengg,dc=min,dc=io"
|
||||||
|
err = s.adm.SetPolicy(ctx, policy+"x", userDN, false)
|
||||||
|
if err == nil {
|
||||||
|
c.Fatalf("should not be able to set non-existent policy")
|
||||||
|
}
|
||||||
|
|
||||||
err = s.adm.SetPolicy(ctx, policy, userDN, false)
|
err = s.adm.SetPolicy(ctx, policy, userDN, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.Fatalf("Unable to set policy: %v", err)
|
c.Fatalf("Unable to set policy: %v", err)
|
||||||
|
Loading…
Reference in New Issue
Block a user