Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stop admin privileges from being cached in PATCH /orgs/{orgid}/users/{username} when they are not added to the DB #628

Open
ewee33 opened this issue Jun 22, 2022 · 0 comments
Open

Stop admin privileges from being cached in PATCH /orgs/{orgid}/users/{username} when they are not added to the DB #628

ewee33 opened this issue Jun 22, 2022 · 0 comments
Labels
bug

Comments

@ewee33
Copy link
Contributor

ewee33 commented Jun 22, 2022

In this route, if a caller provides multiple attributes in the request body, only one will be updated. However, in the case where the admin attribute is set to true in the request body, this will be added to the AuthCache whether or not the admin attribute is the one updated in the database. This leads to the scenario where a user does not have admin privilege in the database, but they do in the cache.
@ewee33 ewee33 self-assigned this Jun 22, 2022
@ewee33 ewee33 added the bug label Jun 22, 2022
@ewee33 ewee33 changed the title Stop admin privileges from being cached in POST /orgs/{orgid}/users/{username} when they are not added to the DB Stop admin privileges from being cached in PATCH /orgs/{orgid}/users/{username} when they are not added to the DB Jun 27, 2022
ewee33 added a commit to ewee33/exchange-api that referenced this issue Jun 27, 2022
@ewee33
Issue open-horizon#628: admin credentials will no longer be added to …
be7f87e 
…the cache when they are not updated in the DB in PATCH /orgs/{orgid}/users/{username}

Signed-off-by: Ethan Weaver <emw0022@mix.wvu.edu>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ewee33