[TT-10109] Fix policy lookup map distortion #5730
Conversation
|
API Changes no api changes detected |
Apply Sweep Rules to your PR?
|
PR Analysis
PR Feedback
How to use
|
|
API tests result: success ✅ |
furkansenharputlu
force-pushed
the
fix/jwt-path-based-permission
branch
from
6c6b153 to
9635eb6
Compare
furkansenharputlu
force-pushed
the
fix/jwt-path-based-permission
branch
from
9635eb6 to
9e32ecc
Compare
furkansenharputlu
force-pushed
the
fix/jwt-path-based-permission
branch
from
9e32ecc to
577f2b8
Compare
|
API tests result: success ✅ |
|
API tests result: success ✅ |
|
API tests result: success ✅ |
gateway/middleware.go
Outdated
| @@ -420,6 +421,11 @@ func (t BaseMiddleware) ApplyPolicies(session *user.SessionState) error { | |||
|
|
|||
| return err | |||
| } | |||
|
|
|||
| policyInBytes, _ := json.Marshal(originalPolicy) | |||
There was a problem hiding this comment.
It will be very slow, we will need to find another solution
|
API tests result: success ✅ |
furkansenharputlu
force-pushed
the
fix/jwt-path-based-permission
branch
from
d71f887 to
50b6d3a
Compare
furkansenharputlu
force-pushed
the
fix/jwt-path-based-permission
branch
from
50b6d3a to
0d9857d
Compare
|
SonarCloud Quality Gate failed.
|
|
API tests result: success ✅ |
|
API tests result: success ✅ |
|
/release to release-5.2 |
|
Working on it! Note that it can take a few minutes. |
|
/release to release-5-lts |
https://tyktech.atlassian.net/browse/TT-10109 The policy lookup map is distorted by `ApplyPolicies` function so it ends up wrong path base permission values in the session object. See how it gets the original policy object and changes values inside it: https://github.com/TykTechnologies/tyk/blob/6c6b1535921543d2e2f34d65bbba7d67baffb547/gateway/middleware.go#L493 (cherry picked from commit d18ea51)
|
@furkansenharputlu Succesfully merged PR |
|
Working on it! Note that it can take a few minutes. |
https://tyktech.atlassian.net/browse/TT-10109 The policy lookup map is distorted by `ApplyPolicies` function so it ends up wrong path base permission values in the session object. See how it gets the original policy object and changes values inside it: https://github.com/TykTechnologies/tyk/blob/6c6b1535921543d2e2f34d65bbba7d67baffb547/gateway/middleware.go#L493 (cherry picked from commit d18ea51)
|
@furkansenharputlu Succesfully merged PR |
…5730) [TT-10109] Fix policy lookup map distortion (#5730) https://tyktech.atlassian.net/browse/TT-10109 The policy lookup map is distorted by `ApplyPolicies` function so it ends up wrong path base permission values in the session object. See how it gets the original policy object and changes values inside it: https://github.com/TykTechnologies/tyk/blob/6c6b1535921543d2e2f34d65bbba7d67baffb547/gateway/middleware.go#L493
…#5730) [TT-10109] Fix policy lookup map distortion (#5730) https://tyktech.atlassian.net/browse/TT-10109 The policy lookup map is distorted by `ApplyPolicies` function so it ends up wrong path base permission values in the session object. See how it gets the original policy object and changes values inside it: https://github.com/TykTechnologies/tyk/blob/6c6b1535921543d2e2f34d65bbba7d67baffb547/gateway/middleware.go#L493
#5754) …stortion (#5730)" This reverts commit 1cf05fb. <!-- Provide a general summary of your changes in the Title above --> ## Description <!-- Describe your changes in detail --> ## Related Issue <!-- This project only accepts pull requests related to open issues. --> <!-- If suggesting a new feature or change, please discuss it in an issue first. --> <!-- If fixing a bug, there should be an issue describing it with steps to reproduce. --> <!-- OSS: Please link to the issue here. Tyk: please create/link the JIRA ticket. --> ## Motivation and Context <!-- Why is this change required? What problem does it solve? --> ## How This Has Been Tested <!-- Please describe in detail how you tested your changes --> <!-- Include details of your testing environment, and the tests --> <!-- you ran to see how your change affects other areas of the code, etc. --> <!-- This information is helpful for reviewers and QA. --> ## Screenshots (if appropriate) ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If there are no documentation updates required, mark the item as checked. --> <!-- Raise up any additional concerns not covered by the checklist. --> - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why
#5755) …ortion (#5730)" This reverts commit c6dc825. <!-- Provide a general summary of your changes in the Title above --> ## Description <!-- Describe your changes in detail --> ## Related Issue <!-- This project only accepts pull requests related to open issues. --> <!-- If suggesting a new feature or change, please discuss it in an issue first. --> <!-- If fixing a bug, there should be an issue describing it with steps to reproduce. --> <!-- OSS: Please link to the issue here. Tyk: please create/link the JIRA ticket. --> ## Motivation and Context <!-- Why is this change required? What problem does it solve? --> ## How This Has Been Tested <!-- Please describe in detail how you tested your changes --> <!-- Include details of your testing environment, and the tests --> <!-- you ran to see how your change affects other areas of the code, etc. --> <!-- This information is helpful for reviewers and QA. --> ## Screenshots (if appropriate) ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If there are no documentation updates required, mark the item as checked. --> <!-- Raise up any additional concerns not covered by the checklist. --> - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why
https://tyktech.atlassian.net/browse/TT-10109
The policy lookup map is distorted by
ApplyPoliciesfunction so it ends up wrong path base permission values in the session object.See how it gets the original policy object and changes values inside it:
tyk/gateway/middleware.go
Line 493 in 6c6b153