-
Notifications
You must be signed in to change notification settings - Fork 3.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix create authorization command #10947
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯 as always (only one little things about errors).
http/auth_test.go
Outdated
@@ -387,6 +389,9 @@ func TestService_handlePostAuthorization(t *testing.T) { | |||
}, | |||
UserService: &mock.UserService{ | |||
FindUserByIDFn: func(ctx context.Context, id platform.ID) (*platform.User, error) { | |||
if !id.Valid() { | |||
return nil, errors.New("invalid ID") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably you want to use platform.ErrInvalidID
here :)
http/auth_test.go
Outdated
@@ -395,6 +400,9 @@ func TestService_handlePostAuthorization(t *testing.T) { | |||
}, | |||
OrganizationService: &mock.OrganizationService{ | |||
FindOrganizationByIDF: func(ctx context.Context, id platform.ID) (*platform.Organization, error) { | |||
if !id.Valid() { | |||
return nil, errors.New("invalid ID") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above.
This has some merge conflicts now, and needs to be rebased to get CI sorted out. But when I built merged locally to master and built, and took a blind guess on the merge conflicts, it appeared to fix the issue of being unable to create authorizations for other users. |
ed35a73
to
c62895b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Again 💯
cmd/influx/authorization.go
Outdated
@@ -229,6 +228,23 @@ func authorizationCreateF(cmd *cobra.Command, args []string) error { | |||
OrgID: o.ID, | |||
} | |||
|
|||
if authorizationCreateFlags.user != "" { | |||
// if the user flag is supplied, the set the user ID explicitly on the request |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps a typo here @desa?
then set
?
test(http): get user off of session in create authz test fix(http): allow user id to be specified explicitly on authorization create authorization now allows specifying user id explicitly. If no user id is specified then we use the user id from the authorizer. fix(http): use influxdb import fix(http): use platform error in http auth tests feat(cmd/influx): allow create auth command to specify user explicitly feat(http): add org id to permissions
Link https://github.com/influxdata/platform/pull/2185
Closes #10837
Briefly describe your proposed changes:
Previously, authorizations required the users id to be set explicitly on the authorization. As of #2157 the user id is retrieved off of the authorization or session used in the http request.
We now allow users to specify an explicit user when creating authorizations. If the id is not provided, the user from the authorizer will be used.
Additionally, we now need to pass the organization id when creating an authorization.