Ensure that token clone copies the roles (#7577)

This commit is contained in:
Matt Keeler 2020-04-02 12:09:35 -04:00 committed by GitHub
parent bcb7a89fda
commit 8aec09aa8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 1 deletions

View File

@ -311,6 +311,7 @@ func (a *ACL) TokenClone(args *structs.ACLTokenSetRequest, reply *structs.ACLTok
Datacenter: args.Datacenter,
ACLToken: structs.ACLToken{
Policies: token.Policies,
Roles: token.Roles,
ServiceIdentities: token.ServiceIdentities,
Local: token.Local,
Description: token.Description,

View File

@ -754,7 +754,23 @@ func TestACLEndpoint_TokenClone(t *testing.T) {
testrpc.WaitForLeader(t, s1.RPC, "dc1")
t1, err := upsertTestToken(codec, "root", "dc1", nil)
p1, err := upsertTestPolicy(codec, "root", "dc1")
require.NoError(t, err)
r1, err := upsertTestRole(codec, "root", "dc1")
require.NoError(t, err)
t1, err := upsertTestToken(codec, "root", "dc1", func(t *structs.ACLToken) {
t.Policies = []structs.ACLTokenPolicyLink{
{ID: p1.ID},
}
t.Roles = []structs.ACLTokenRoleLink{
{ID: r1.ID},
}
t.ServiceIdentities = []*structs.ACLServiceIdentity{
&structs.ACLServiceIdentity{ServiceName: "web"},
}
})
require.NoError(t, err)
endpoint := ACL{srv: s1}
@ -773,6 +789,8 @@ func TestACLEndpoint_TokenClone(t *testing.T) {
require.Equal(t, t1.Description, t2.Description)
require.Equal(t, t1.Policies, t2.Policies)
require.Equal(t, t1.Roles, t2.Roles)
require.Equal(t, t1.ServiceIdentities, t2.ServiceIdentities)
require.Equal(t, t1.Rules, t2.Rules)
require.Equal(t, t1.Local, t2.Local)
require.NotEqual(t, t1.AccessorID, t2.AccessorID)