fix ineffectual assign and related bugs

pull/10745/head
Matt Hook 2023-12-04 16:54:41 +13:00
parent 974378c9b5
commit 7d1031672f
5 changed files with 24 additions and 1 deletions

View File

@ -8,6 +8,8 @@ linters:
- govet
- errorlint
- exportloopref
- ineffassign
linters-settings:
depguard:
rules:

View File

@ -455,6 +455,9 @@ func buildServer(flags *portainer.CLIFlags) portainer.Server {
dockerClientFactory := initDockerClientFactory(digitalSignatureService, reverseTunnelService)
kubernetesClientFactory, err := initKubernetesClientFactory(digitalSignatureService, reverseTunnelService, dataStore, instanceID, *flags.AddrHTTPS, settings.UserSessionTimeout)
if err != nil {
log.Fatal().Err(err).Msg("failed initializing kubernetes client factory")
}
authorizationService := authorization.NewService(dataStore)
authorizationService.K8sClientFactory = kubernetesClientFactory

View File

@ -1,6 +1,8 @@
package migrator
import (
"fmt"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/internal/authorization"
@ -56,6 +58,9 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
endpointAdministratorRole.Authorizations = authorization.DefaultEndpointAuthorizationsForEndpointAdministratorRole()
err = m.roleService.Update(endpointAdministratorRole.ID, endpointAdministratorRole)
if err != nil {
return fmt.Errorf("failed to update Administrator role: %w", err)
}
helpDeskRole, err := m.roleService.Read(portainer.RoleID(2))
if err != nil {
@ -65,6 +70,9 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
helpDeskRole.Authorizations = authorization.DefaultEndpointAuthorizationsForHelpDeskRole(settings.AllowVolumeBrowserForRegularUsers)
err = m.roleService.Update(helpDeskRole.ID, helpDeskRole)
if err != nil {
return fmt.Errorf("failed to update Help Desk role: %w", err)
}
standardUserRole, err := m.roleService.Read(portainer.RoleID(3))
if err != nil {
@ -74,6 +82,9 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
standardUserRole.Authorizations = authorization.DefaultEndpointAuthorizationsForStandardUserRole(settings.AllowVolumeBrowserForRegularUsers)
err = m.roleService.Update(standardUserRole.ID, standardUserRole)
if err != nil {
return fmt.Errorf("failed to update Standard User Role role: %w", err)
}
readOnlyUserRole, err := m.roleService.Read(portainer.RoleID(4))
if err != nil {
@ -84,7 +95,7 @@ func (m *Migrator) updateUsersAndRolesToDBVersion22() error {
err = m.roleService.Update(readOnlyUserRole.ID, readOnlyUserRole)
if err != nil {
return err
return fmt.Errorf("failed to update Readonly User Role role: %w", err)
}
return m.authorizationService.UpdateUsersAuthorizations()

View File

@ -344,6 +344,7 @@ func Test_apiKeyLookup(t *testing.T) {
req.Header.Add("x-api-key", rawAPIKey)
token, err := bouncer.apiKeyLookup(req)
is.NoError(err)
expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
is.Equal(expectedToken, token)
@ -358,6 +359,7 @@ func Test_apiKeyLookup(t *testing.T) {
req.Header.Add("x-api-key", rawAPIKey)
token, err := bouncer.apiKeyLookup(req)
is.NoError(err)
expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
is.Equal(expectedToken, token)
@ -372,6 +374,7 @@ func Test_apiKeyLookup(t *testing.T) {
req.Header.Add("x-api-key", rawAPIKey)
token, err := bouncer.apiKeyLookup(req)
is.NoError(err)
expectedToken := &portainer.TokenData{ID: user.ID, Username: user.Username, Role: portainer.StandardUserRole}
is.Equal(expectedToken, token)

View File

@ -242,6 +242,10 @@ func (factory *ClientFactory) buildEdgeConfig(endpoint *portainer.Endpoint) (*re
}
signature, err := factory.signatureService.CreateSignature(portainer.PortainerAgentSignatureMessage)
if err != nil {
return nil, err
}
config.Insecure = true
config.QPS = DefaultKubeClientQPS
config.Burst = DefaultKubeClientBurst