allow users to be defined with @ in v1 (#2495)

* allow users to be defined with @ in v1 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove integration test rewrite hack Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove test rewrite hack Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add @ to integration tests Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * a bit to agressive removeals Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * fix last test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2025-12-24 03:46:23 +00:00 · 2025-03-30 13:19:05 +02:00
parent f52f15ff08
commit e3521be705
12 changed files with 76 additions and 150 deletions
--- a/integration/route_test.go
+++ b/integration/route_test.go
@@ -796,7 +796,7 @@ func TestEnableDisableAutoApprovedRoute(t *testing.T) {
 				},
 			},
 			TagOwners: map[string][]string{
-				"tag:approve": {"user1"},
+				"tag:approve": {"user1@"},
 			},
 			AutoApprovers: policyv1.AutoApprovers{
 				Routes: map[string][]string{
@@ -901,7 +901,7 @@ func TestAutoApprovedSubRoute2068(t *testing.T) {
 					},
 				},
 				TagOwners: map[string][]string{
-					"tag:approve": {user},
+					"tag:approve": {user + "@"},
 				},
 				AutoApprovers: policyv1.AutoApprovers{
 					Routes: map[string][]string{
@@ -964,7 +964,7 @@ func TestSubnetRouteACL(t *testing.T) {
 	}, hsic.WithTestName("clienableroute"), hsic.WithACLPolicy(
 		&policyv1.ACLPolicy{
 			Groups: policyv1.Groups{
-				"group:admins": {user},
+				"group:admins": {user + "@"},
 			},
 			ACLs: []policyv1.ACL{
 				{