From dc8c20e002b58dd544f4b57a3e5aeae7e9ea2f45 Mon Sep 17 00:00:00 2001 From: Adrien Raffin-Caboisse Date: Wed, 4 May 2022 22:56:55 +0200 Subject: [PATCH] fix: handle empty aclPolicy for integration tests --- cmd/headscale/cli/nodes.go | 3 ++- grpcv1.go | 2 +- machine.go | 8 ++++++-- machine_test.go | 27 ++++++++++++++++++++++----- 4 files changed, 31 insertions(+), 9 deletions(-) diff --git a/cmd/headscale/cli/nodes.go b/cmd/headscale/cli/nodes.go index a3176ded..6397c9da 100644 --- a/cmd/headscale/cli/nodes.go +++ b/cmd/headscale/cli/nodes.go @@ -68,7 +68,8 @@ func init() { if err != nil { log.Fatalf(err.Error()) } - tagCmd.Flags().StringSliceP("tags", "t", []string{}, "List of tags to add to the node") + tagCmd.Flags(). + StringSliceP("tags", "t", []string{}, "List of tags to add to the node") nodeCmd.AddCommand(tagCmd) } diff --git a/grpcv1.go b/grpcv1.go index 1bdba702..83cd5bf2 100644 --- a/grpcv1.go +++ b/grpcv1.go @@ -268,7 +268,7 @@ func (api headscaleV1APIServer) ListMachines( for index, machine := range machines { m := machine.toProto() validTags, invalidTags := getTags( - *api.h.aclPolicy, + api.h.aclPolicy, machine, api.h.cfg.OIDC.StripEmaildomain, ) diff --git a/machine.go b/machine.go index 088eff8e..73ab75b7 100644 --- a/machine.go +++ b/machine.go @@ -659,14 +659,18 @@ func (machine *Machine) toProto() *v1.Machine { // getTags will return the tags of the current machine. func getTags( - aclPolicy ACLPolicy, + aclPolicy *ACLPolicy, machine Machine, stripEmailDomain bool, ) (validTags []string, invalidTags []string) { + if aclPolicy == nil { + return + } + fmt.Println(aclPolicy) validTagMap := make(map[string]bool) invalidTagMap := make(map[string]bool) for _, tag := range machine.HostInfo.RequestTags { - owners, err := expandTagOwners(aclPolicy, tag, stripEmailDomain) + owners, err := expandTagOwners(*aclPolicy, tag, stripEmailDomain) if errors.Is(err, errInvalidTag) { invalidTagMap[tag] = true diff --git a/machine_test.go b/machine_test.go index 988c7a5f..b111c776 100644 --- a/machine_test.go +++ b/machine_test.go @@ -279,7 +279,7 @@ func (s *Suite) TestSerdeAddressStrignSlice(c *check.C) { func Test_getTags(t *testing.T) { type args struct { - aclPolicy ACLPolicy + aclPolicy *ACLPolicy machine Machine stripEmailDomain bool } @@ -292,7 +292,7 @@ func Test_getTags(t *testing.T) { { name: "valid tag one machine", args: args{ - aclPolicy: ACLPolicy{ + aclPolicy: &ACLPolicy{ TagOwners: TagOwners{ "tag:valid": []string{"joe"}, }, @@ -313,7 +313,7 @@ func Test_getTags(t *testing.T) { { name: "invalid tag and valid tag one machine", args: args{ - aclPolicy: ACLPolicy{ + aclPolicy: &ACLPolicy{ TagOwners: TagOwners{ "tag:valid": []string{"joe"}, }, @@ -334,7 +334,7 @@ func Test_getTags(t *testing.T) { { name: "multiple invalid and identical tags, should return only one invalid tag", args: args{ - aclPolicy: ACLPolicy{ + aclPolicy: &ACLPolicy{ TagOwners: TagOwners{ "tag:valid": []string{"joe"}, }, @@ -359,7 +359,7 @@ func Test_getTags(t *testing.T) { { name: "only invalid tags", args: args{ - aclPolicy: ACLPolicy{ + aclPolicy: &ACLPolicy{ TagOwners: TagOwners{ "tag:valid": []string{"joe"}, }, @@ -377,6 +377,23 @@ func Test_getTags(t *testing.T) { wantValid: nil, wantInvalid: []string{"tag:invalid", "very-invalid"}, }, + { + name: "empty ACLPolicy should return empty tags and should not panic", + args: args{ + aclPolicy: nil, + machine: Machine{ + Namespace: Namespace{ + Name: "joe", + }, + HostInfo: HostInfo{ + RequestTags: []string{"tag:invalid", "very-invalid"}, + }, + }, + stripEmailDomain: false, + }, + wantValid: nil, + wantInvalid: nil, + }, } for _, test := range tests { t.Run(test.name, func(t *testing.T) {