From 0b3ff0686839d4ec6ed694974ba8f7f174b2799f Mon Sep 17 00:00:00 2001 From: Hitoshi Mitake Date: Sat, 29 Oct 2022 12:31:52 +0900 Subject: [PATCH 1/2] server: add a unit test case for authStore.Reocver() with empty rangePermCache Signed-off-by: Hitoshi Mitake --- auth/store_test.go | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/auth/store_test.go b/auth/store_test.go index 5024b21cac9..a0e23493046 100644 --- a/auth/store_test.go +++ b/auth/store_test.go @@ -186,6 +186,30 @@ func TestRecover(t *testing.T) { } } +func TestRecoverWithEmptyRangePermCache(t *testing.T) { + as, tearDown := setupAuthStore(t) + defer as.Close() + defer tearDown(t) + + as.enabled = false + as.rangePermCache = map[string]*unifiedRangePermissions{} + as.Recover(as.be) + + if !as.IsAuthEnabled() { + t.Fatalf("expected auth enabled got disabled") + } + + if len(as.rangePermCache) != 2 { + t.Fatalf("rangePermCache should have permission information for 2 users (\"root\" and \"foo\"), but has %d information", len(as.rangePermCache)) + } + if _, ok := as.rangePermCache["root"]; !ok { + t.Fatal("user \"root\" should be created by setupAuthStore() but doesn't exist in rangePermCache") + } + if _, ok := as.rangePermCache["foo"]; !ok { + t.Fatal("user \"foo\" should be created by setupAuthStore() but doesn't exist in rangePermCache") + } +} + func TestCheckPassword(t *testing.T) { as, tearDown := setupAuthStore(t) defer tearDown(t) From b7a23311e680b9af4471d2e6a68603f25c9be3de Mon Sep 17 00:00:00 2001 From: Hitoshi Mitake Date: Sat, 29 Oct 2022 13:55:06 +0900 Subject: [PATCH 2/2] etcdserver: call refreshRangePermCache on Recover() in AuthStore Signed-off-by: Oleg Guba Signed-off-by: Hitoshi Mitake --- auth/store.go | 1 + 1 file changed, 1 insertion(+) diff --git a/auth/store.go b/auth/store.go index 1fd14f14642..95fc5c924fd 100644 --- a/auth/store.go +++ b/auth/store.go @@ -402,6 +402,7 @@ func (as *authStore) Recover(be backend.Backend) { } as.setRevision(getRevision(tx)) + as.refreshRangePermCache(tx) tx.Unlock()