From 19da23be2890521fe2c9593d5d31b33f2fe3a793 Mon Sep 17 00:00:00 2001
From: freddygv <freddy@hashicorp.com>
Date: Thu, 2 Sep 2021 12:12:51 -0600
Subject: [PATCH] Expand testing of removeSameSourceIntentions for partitions

---
 agent/xds/rbac.go | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/agent/xds/rbac.go b/agent/xds/rbac.go
index 1c7f6c1021..12ce411131 100644
--- a/agent/xds/rbac.go
+++ b/agent/xds/rbac.go
@@ -457,6 +457,16 @@ func makeRBACRules(intentions structs.Intentions, intentionDefaultAllow bool, is
 	return rbac, nil
 }
 
+// removeSameSourceIntentions will iterate over intentions and remove any lower precedence
+// intentions that share the same source. Intentions are sorted by descending precedence
+// so once a source has been seen, additional intentions with the same source can be dropped.
+//
+// Example for the default/web service:
+// input: [(backend/* -> default/web), (backend/* -> default/*)]
+// output: [(backend/* -> default/web)]
+//
+// (backend/* -> default/*) was dropped because it is already known that any service
+// in the backend namespace can target default/web.
 func removeSameSourceIntentions(intentions structs.Intentions) structs.Intentions {
 	if len(intentions) < 2 {
 		return intentions