fix: Application name mismatch when fiat permissions coming from diff…

…erent sources. #5156 (#512) This is part of: spinnaker/spinnaker#5156. Fixed the name mismatch bug in ResourcePrefixPermissionSource.java Resource(Application) always returns the name in CAPITAL letters. Permission prefixes added in external sources in fiat-local.yml has the application name in lowercase letters. Modified the code to check these names with 1)prefix.equalsIgnoreCase(resource.getName()); 2) prefixWithoutStar = prefixWithoutStar.toUpperCase(); Modified the ResourcePrefixPermissionSourceSpec.java to fix the testcases. Co-authored-by: Adam Jordens <adam@jordens.org> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
spinnaker · Feb 18, 2020 · c4513b9 · c4513b9
1 parent ef1e3df
commit c4513b9
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 7 deletions.
diff --git a/...es/src/main/java/com/netflix/spinnaker/fiat/providers/ResourcePrefixPermissionSource.java b/...es/src/main/java/com/netflix/spinnaker/fiat/providers/ResourcePrefixPermissionSource.java
@@ -63,10 +63,11 @@ public PrefixEntry setPermissions(Map<Authorization, List<String>> permissions)
 
     public boolean contains(T resource) {
       if (isFullApplicationName) {
-        return prefix.equals(resource.getName());
+        return prefix.equalsIgnoreCase(resource.getName());
       }
 
       String prefixWithoutStar = prefix.substring(0, prefix.length() - 1);
+      prefixWithoutStar = prefixWithoutStar.toUpperCase();
       return resource.getName().startsWith(prefixWithoutStar);
     }
   }

diff --git a/...est/groovy/com/netflix/spinnaker/fiat/providers/ResourcePrefixPermissionSourceSpec.groovy b/...est/groovy/com/netflix/spinnaker/fiat/providers/ResourcePrefixPermissionSourceSpec.groovy
@@ -34,6 +34,12 @@ class ResourcePrefixPermissionSourceSpec extends Specification {
                 new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('gotham-joker').setPermissions([
                         (Authorization.CREATE): ['batman']
                 ]),
+                new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('foo*').setPermissions([
+                        (Authorization.CREATE): ['police']
+                ]),
+                new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('foo-joker').setPermissions([
+                        (Authorization.CREATE): ['batman']
+                ]),
         ]).setResolutionStrategy(ResourcePrefixPermissionSource.ResolutionStrategy.AGGREGATE)
 
         when:
@@ -44,9 +50,11 @@ class ResourcePrefixPermissionSourceSpec extends Specification {
 
         where:
         applicationName     | expectedCreatePermissions
-        'new york'          | ["admins"]
-        'gotham-criminals'  | ["admins", "police"]
-        'gotham-joker'      | ["admins", "police", "batman"]
+        'NEW YORK'          | ["admins"]
+        'GOTHAM-CRIMINALS'  | ["admins", "police"]
+        'GOTHAM-JOKER'      | ["admins", "police", "batman"]
+        'foo-joker'         | ["admins", "batman"]
+        'foo-test'          | ["admins"]
     }
 
     def "should apply the most specific permissions matching a resource if resolution strategy is most_specific"() {
@@ -61,6 +69,12 @@ class ResourcePrefixPermissionSourceSpec extends Specification {
                 new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('gotham-joker').setPermissions([
                         (Authorization.CREATE): ['batman']
                 ]),
+                new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('foo*').setPermissions([
+                        (Authorization.CREATE): ['police']
+                ]),
+                new ResourcePrefixPermissionSource.PrefixEntry<Application>().setPrefix('foo-joker').setPermissions([
+                        (Authorization.CREATE): ['batman']
+                ]),
         ]).setResolutionStrategy(ResourcePrefixPermissionSource.ResolutionStrategy.MOST_SPECIFIC)
 
         when:
@@ -71,8 +85,10 @@ class ResourcePrefixPermissionSourceSpec extends Specification {
 
         where:
         applicationName     | expectedCreatePermissions
-        'new york'          | ["admins"]
-        'gotham-criminals'  | ["police"]
-        'gotham-joker'      | ["batman"]
+        'NEW YORK'          | ["admins"]
+        'GOTHAM-CRIMINALS'  | ["police"]
+        'GOTHAM-JOKER'      | ["batman"]
+        'foo-joker'         | ["batman"]
+        'foo-test'          | ["admins"]
     }
 }