diff --git a/fiat-sql/src/main/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepository.kt b/fiat-sql/src/main/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepository.kt index a7d28ef8a..9080e4940 100644 --- a/fiat-sql/src/main/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepository.kt +++ b/fiat-sql/src/main/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepository.kt @@ -398,7 +398,7 @@ class SqlPermissionsRepository( val toStore = mutableListOf() // ids that are new or changed resources.forEach { - val resourceId = ResourceId(it.resourceType, it.name) + val resourceId = ResourceId(it.resourceType, it.name.toLowerCase()) currentPermissions.add(resourceId) if (!existingPermissions.contains(resourceId)) { @@ -494,7 +494,7 @@ class SqlPermissionsRepository( val hashes = mutableMapOf() // id to sha256(body) resources.forEach { - val id = ResourceId(it.resourceType, it.name) + val id = ResourceId(it.resourceType, it.name.toLowerCase()) currentIds.add(id) val body: String? = objectMapper.writeValueAsString(it) diff --git a/fiat-sql/src/test/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepositoryTests.kt b/fiat-sql/src/test/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepositoryTests.kt index 8f0fd83ed..8c36f485c 100644 --- a/fiat-sql/src/test/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepositoryTests.kt +++ b/fiat-sql/src/test/kotlin/com/netflix/spinnaker/fiat/permissions/SqlPermissionsRepositoryTests.kt @@ -21,7 +21,6 @@ import com.netflix.spinnaker.fiat.config.UnrestrictedResourceConfig.UNRESTRICTED import com.netflix.spinnaker.fiat.model.Authorization import com.netflix.spinnaker.fiat.model.UserPermission import com.netflix.spinnaker.fiat.model.resources.* -import com.netflix.spinnaker.fiat.permissions.SqlPermissionsRepository import com.netflix.spinnaker.kork.sql.config.SqlRetryProperties import com.netflix.spinnaker.fiat.permissions.sql.tables.references.PERMISSION import com.netflix.spinnaker.fiat.permissions.sql.tables.references.RESOURCE @@ -30,7 +29,6 @@ import com.netflix.spinnaker.kork.dynamicconfig.DynamicConfigService import dev.minutest.ContextBuilder import dev.minutest.junit.JUnit5Minutests import dev.minutest.rootContext -import kotlinx.coroutines.newSingleThreadContext import org.jooq.DSLContext import org.jooq.SQLDialect import org.jooq.impl.DSL.* @@ -682,6 +680,47 @@ internal object SqlPermissionsRepositoryTests : JUnit5Minutests { } } +<<<<<<< HEAD +======= + test("putAllById should not delete existing permissions when application name is uppercase") { + val abcRead = Permissions.Builder().add(Authorization.EXECUTE, "abc").build() + val account1 = Account().setName("account").setPermissions(abcRead) + val application1 = Application().setName("APP").setPermissions(abcRead) + val testUser = UserPermission() + .setId("testUser") + .setAccounts(mutableSetOf(account1)) + .setApplications(mutableSetOf(application1)) + .setServiceAccounts(mutableSetOf(ServiceAccount().setName("serviceAccount"))) + + sqlPermissionsRepository.put(testUser) + + expectThat( + jooq.select(USER.ADMIN).from(USER).where(USER.ID.eq("testuser")).fetchOne(USER.ADMIN) + ).isFalse() + + sqlPermissionsRepository.putAllById(mutableMapOf("testUser" to testUser)) + + + expectThat( + jooq.selectCount().from(USER).fetchOne(count()) + ).isEqualTo(1) + + + expectThat( + resourceBody(jooq, "testuser", application1.resourceType, application1.name.toLowerCase()).get() + ).isEqualTo("""{"name":"APP","permissions":{"EXECUTE":["abc"]},"details":{}}""") + + expectThat( + jooq.select(PERMISSION.RESOURCE_TYPE).from(PERMISSION).where(PERMISSION.USER_ID.eq("testuser").and(PERMISSION.RESOURCE_NAME.eq("app"))).count() + ).isEqualTo(1) + + sqlPermissionsRepository.putAllById(mutableMapOf("testUser" to testUser)) + expectThat( + jooq.select(PERMISSION.RESOURCE_TYPE).from(PERMISSION).where(PERMISSION.USER_ID.eq("testuser").and(PERMISSION.RESOURCE_NAME.eq("app"))).count() + ).isEqualTo(1) + + } +>>>>>>> 6d4bcfc (fix: Should fix the deletion of permissions when resource name is uppercase (#1012)) } after {