MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

avoid frivolous logs for expired credentials (#18767)

This commit is contained in:
Harshavardhana 2024-01-09 12:25:18 -08:00 committed by GitHub
parent a89e0bab7d
commit f02d282754
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/iam.go
View File

@ -1358,9 +1358,15 @@ func (sys *IAMSys) updateGroupMembershipsForLDAP(ctx context.Context) {
// DN to ldap username mapping for each LDAP user // DN to ldap username mapping for each LDAP user
parentUserToLDAPUsernameMap := make(map[string]string) parentUserToLDAPUsernameMap := make(map[string]string)
for _, cred := range allCreds { for _, cred := range allCreds {
// Expired credentials don't need parent user updates.
if cred.IsExpired() {
continue
}
if !sys.LDAPConfig.IsLDAPUserDN(cred.ParentUser) { if !sys.LDAPConfig.IsLDAPUserDN(cred.ParentUser) {
continue continue
} }
// Check if this is the first time we are // Check if this is the first time we are
// encountering this LDAP user. // encountering this LDAP user.
if _, ok := parentUserToCredsMap[cred.ParentUser]; !ok { if _, ok := parentUserToCredsMap[cred.ParentUser]; !ok {
@ -1425,6 +1431,11 @@ func (sys *IAMSys) updateGroupMembershipsForLDAP(ctx context.Context) {
continue continue
} }
// Expired credentials don't need group membership updates.
if cred.IsExpired() {
continue
}
cred.Groups = currGroups cred.Groups = currGroups
if err := sys.store.UpdateUserIdentity(ctx, cred); err != nil { if err := sys.store.UpdateUserIdentity(ctx, cred); err != nil {
// Log and continue error - perhaps it'll work the next time. // Log and continue error - perhaps it'll work the next time.