auth: reject empty user name when checking op permissions

Passing AuthInfo{} to permission checking was causing an infinite loop because it would always return an old revision error. Fixes #7124
2024-09-27 06:25:44 +00:00 · 2017-01-09 15:27:09 -08:00 · 2017-01-09 15:27:09 -08:00 · c39a59c0be
commit c39a59c0be
parent 5278ea5ed0
1 changed files with 5 additions and 0 deletions
--- a/auth/store.go
+++ b/auth/store.go
@ -706,6 +706,11 @@ func (as *authStore) isOpPermitted(userName string, revision uint64, key, rangeE
 		return nil
 	}

+	// only gets rev == 0 when passed AuthInfo{}; no user given
+	if revision == 0 {
+		return ErrUserEmpty
+	}
+
 	if revision < as.revision {
 		return ErrAuthOldRevision
 	}