mirror of
https://github.com/etcd-io/etcd.git
synced 2024-09-27 06:25:44 +00:00
068d806bde
This commit resolves a TODO of auth store: Current scheme of role deletion allows existing users to have the deleted roles. Assume a case like below: create a role r1 create a user u1 and grant r1 to u1 delete r1 After this sequence, u1 is still granted the role r1. So if admin create a new role with the name r1, The new r1 is automatically granted u1. In some cases, it would be confusing. So we need to revoke the deleted role from all users.