Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

server/auth: disallow creating empty permission ranges

Browse Source 
Signed-off-by: Hitoshi Mitake <h.mitake@gmail.com>
Co-authored-by: Benjamin Wang <wachao@vmware.com>
This commit is contained in:
Hitoshi Mitake
2023-02-11 14:51:39 +09:00
parent 77baf66b52
commit e6eeca6885
5 changed files with 309 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/auth/store.go
View File

@@ -791,6 +791,9 @@ func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) (
if r.Perm == nil {
return nil, ErrPermissionNotGiven
}
if !isValidPermissionRange(r.Perm.Key, r.Perm.RangeEnd) {
return nil, ErrInvalidAuthMgmt
}
tx := as.be.BatchTx()
tx.LockInsideApply()