Skip to content

Commit f6fe89b

Browse files
Shivam-nagar23Shivam-nagar23
authored
fix: rbac fix in case of project in upper case (#4840)
* lower case rbac objects * lower case * lower
1 parent 8b41a86 commit f6fe89b

File tree

2 files changed

+17
-18
lines changed

2 files changed

+17
-18
lines changed

api/restHandler/app/workflow/AppWorkflowRestHandler.go

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -262,8 +262,7 @@ func (impl AppWorkflowRestHandlerImpl) FindAppWorkflow(w http.ResponseWriter, r
262262
itr := 0
263263
for _, val := range workflowIdToObjectMap {
264264
rbacObjects = append(rbacObjects, val)
265-
// doing this here as casbin returns lowercase objects which will not match in case of Project with uppercase letters, not done in enterprise as we use custom enforcer which returns the map with given expected rbac objects
266-
workNameObjectMap[strings.ToLower(val)] = workflowsList[itr]
265+
workNameObjectMap[val] = workflowsList[itr]
267266
itr++
268267
}
269268

util/rbac/EnforcerUtil.go

Lines changed: 16 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,7 @@ func (impl EnforcerUtilImpl) GetRbacObjectsByEnvIdsAndAppId(envIds []int, appId
128128

129129
for _, env := range envs {
130130
if _, ok := objects[env.Id]; !ok {
131-
objects[env.Id] = fmt.Sprintf("%s/%s", env.EnvironmentIdentifier, appName)
131+
objects[env.Id] = strings.ToLower(fmt.Sprintf("%s/%s", env.EnvironmentIdentifier, appName))
132132
envObjectToName[objects[env.Id]] = env.Name
133133
}
134134
}
@@ -144,7 +144,7 @@ func (impl EnforcerUtilImpl) GetRbacObjectsByAppIds(appIds []int) map[int]string
144144
}
145145
for _, item := range result {
146146
if _, ok := objects[item.Id]; !ok {
147-
objects[item.Id] = fmt.Sprintf("%s/%s", item.Team.Name, item.AppName)
147+
objects[item.Id] = strings.ToLower(fmt.Sprintf("%s/%s", item.Team.Name, item.AppName))
148148
}
149149
}
150150
return objects
@@ -174,7 +174,7 @@ func (impl EnforcerUtilImpl) GetRbacObjectsForAllApps(appType helper.AppType) ma
174174
}
175175
for _, item := range result {
176176
if _, ok := objects[item.Id]; !ok {
177-
objects[item.Id] = fmt.Sprintf("%s/%s", item.Team.Name, strings.ToLower(item.AppName))
177+
objects[item.Id] = strings.ToLower(fmt.Sprintf("%s/%s", item.Team.Name, item.AppName))
178178
}
179179
}
180180
return objects
@@ -188,7 +188,7 @@ func (impl EnforcerUtilImpl) GetRbacObjectsForAllAppsWithTeamID(teamID int, appT
188188
}
189189
for _, item := range result {
190190
if _, ok := objects[item.Id]; !ok {
191-
objects[item.Id] = fmt.Sprintf("%s/%s", item.Team.Name, strings.ToLower(item.AppName))
191+
objects[item.Id] = strings.ToLower(fmt.Sprintf("%s/%s", item.Team.Name, strings.ToLower(item.AppName)))
192192
}
193193
}
194194
return objects
@@ -425,16 +425,16 @@ func (impl EnforcerUtilImpl) GetHelmObjectByAppNameAndEnvId(appName string, envI
425425
}
426426
}
427427
if environmentIdentifier2 == "" {
428-
return fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier, application.AppName), ""
428+
return strings.ToLower(fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier, application.AppName)), ""
429429
}
430430

431431
//TODO - FIX required for futuristic permission for cluster__* all environment for migrated environment identifier only
432432
/*//here cluster, env, namespace must not have double underscore in names, as we are using that for separator.
433433
if !strings.HasPrefix(env.EnvironmentIdentifier, fmt.Sprintf("%s__", env.Cluster.ClusterName)) {
434434
environmentIdentifier = fmt.Sprintf("%s__%s", env.Cluster.ClusterName, env.EnvironmentIdentifier)
435435
}*/
436-
return fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier, application.AppName),
437-
fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier2, application.AppName)
436+
return strings.ToLower(fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier, application.AppName)),
437+
strings.ToLower(fmt.Sprintf("%s/%s/%s", application.Team.Name, environmentIdentifier2, application.AppName))
438438
}
439439

440440
func (impl EnforcerUtilImpl) GetHelmObjectByProjectIdAndEnvId(teamId int, envId int) (string, string) {
@@ -517,7 +517,7 @@ func (impl EnforcerUtilImpl) GetAppObjectByCiPipelineIds(ciPipelineIds []int) ma
517517
}
518518
for _, pipeline := range models {
519519
if _, ok := objects[pipeline.Id]; !ok {
520-
appObject := fmt.Sprintf("%s/%s", pipeline.App.Team.Name, pipeline.App.AppName)
520+
appObject := strings.ToLower(fmt.Sprintf("%s/%s", pipeline.App.Team.Name, pipeline.App.AppName))
521521
objects[pipeline.Id] = appObject
522522
}
523523
}
@@ -533,8 +533,8 @@ func (impl EnforcerUtilImpl) GetAppAndEnvObjectByPipelineIds(cdPipelineIds []int
533533
}
534534
for _, pipeline := range models {
535535
if _, ok := objects[pipeline.Id]; !ok {
536-
appObject := fmt.Sprintf("%s/%s", pipeline.App.Team.Name, pipeline.App.AppName)
537-
envObject := fmt.Sprintf("%s/%s", pipeline.Environment.EnvironmentIdentifier, pipeline.App.AppName)
536+
appObject := strings.ToLower(fmt.Sprintf("%s/%s", pipeline.App.Team.Name, pipeline.App.AppName))
537+
envObject := strings.ToLower(fmt.Sprintf("%s/%s", pipeline.Environment.EnvironmentIdentifier, pipeline.App.AppName))
538538
objects[pipeline.Id] = []string{appObject, envObject}
539539
}
540540
}
@@ -549,7 +549,7 @@ func (impl EnforcerUtilImpl) GetRbacObjectsForAllAppsWithMatchingAppName(appName
549549
}
550550
for _, item := range result {
551551
if _, ok := objects[item.Id]; !ok {
552-
objects[item.Id] = fmt.Sprintf("%s/%s", item.Team.Name, strings.ToLower(item.AppName))
552+
objects[item.Id] = strings.ToLower(fmt.Sprintf("%s/%s", item.Team.Name, item.AppName))
553553
}
554554
}
555555
return objects
@@ -572,8 +572,8 @@ func (impl EnforcerUtilImpl) GetAppAndEnvObjectByPipeline(cdPipelines []*bean.CD
572572
}
573573
for _, pipeline := range cdPipelines {
574574
if _, ok := objects[pipeline.Id]; !ok {
575-
appObject := fmt.Sprintf("%s/%s", teamMap[pipeline.TeamId], pipeline.AppName)
576-
envObject := fmt.Sprintf("%s/%s", pipeline.EnvironmentIdentifier, pipeline.AppName)
575+
appObject := strings.ToLower(fmt.Sprintf("%s/%s", teamMap[pipeline.TeamId], pipeline.AppName))
576+
envObject := strings.ToLower(fmt.Sprintf("%s/%s", pipeline.EnvironmentIdentifier, pipeline.AppName))
577577
objects[pipeline.Id] = []string{appObject, envObject}
578578
}
579579
}
@@ -599,8 +599,8 @@ func (impl EnforcerUtilImpl) GetAppAndEnvObjectByDbPipeline(cdPipelines []*pipel
599599
}
600600
for _, pipeline := range cdPipelines {
601601
if _, ok := objects[pipeline.Id]; !ok {
602-
appObject := fmt.Sprintf("%s/%s", teamMap[pipeline.App.TeamId], pipeline.App.AppName)
603-
envObject := fmt.Sprintf("%s/%s", pipeline.Environment.EnvironmentIdentifier, pipeline.App.AppName)
602+
appObject := strings.ToLower(fmt.Sprintf("%s/%s", teamMap[pipeline.App.TeamId], pipeline.App.AppName))
603+
envObject := strings.ToLower(fmt.Sprintf("%s/%s", pipeline.Environment.EnvironmentIdentifier, pipeline.App.AppName))
604604
objects[pipeline.Id] = []string{appObject, envObject}
605605
}
606606
}
@@ -681,7 +681,7 @@ func (impl EnforcerUtilImpl) GetAllWorkflowRBACObjectsByAppId(appId int, workflo
681681
teamName := application.Team.Name
682682
objects := make(map[int]string, len(workflowNames))
683683
for index, wfName := range workflowNames {
684-
objects[workflowIds[index]] = fmt.Sprintf("%s/%s/%s", teamName, appName, wfName)
684+
objects[workflowIds[index]] = strings.ToLower(fmt.Sprintf("%s/%s/%s", teamName, appName, wfName))
685685
}
686686
return objects
687687
}

0 commit comments

Comments
 (0)