The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/8223
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
The data from RBAC uses resource IDs not project names, so we need to
map things through r.resources.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
From 3a726c2472b875fb7be66a357d77f5796fdb1eab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 7 Dec 2020 17:10:29 -0500
Subject: [PATCH] lxd/rbac: Fix checks by matching proper name
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The data from RBAC uses resource IDs not project names, so we need to
map things through r.resources.
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
lxd/rbac/server.go | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/lxd/rbac/server.go b/lxd/rbac/server.go
index 48c15569ea..7faeb1a949 100644
--- a/lxd/rbac/server.go
+++ b/lxd/rbac/server.go
@@ -332,7 +332,17 @@ func (r *Server) UserAccess(username string) (*UserAccess,
error) {
continue
}
- access.Projects[k] = v
+ // Look for project name.
+ for projectName, resourceId := range r.resources {
+ if k != resourceId {
+ continue
+ }
+
+ access.Projects[projectName] = v
+ break
+ }
+
+ // Ignore unknown projects.
}
return &access, nil
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
