auth: ensure RoleGrantPermission is compatible with older versions

etcd-io · Mar 22, 2020 · bbe4750 · bbe4750
1 parent 0eee733
commit bbe4750
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 12 deletions.
diff --git a/auth/store.go b/auth/store.go
@@ -800,16 +800,6 @@ func (as *authStore) RoleGrantPermission(r *pb.AuthRoleGrantPermissionRequest) (
 	})
 
 	if idx < len(role.KeyPermission) && bytes.Equal(role.KeyPermission[idx].Key, r.Perm.Key) && bytes.Equal(role.KeyPermission[idx].RangeEnd, r.Perm.RangeEnd) {
-		if role.KeyPermission[idx].PermType == r.Perm.PermType {
-			as.lg.Warn(
-				"ignored grant permission request to a role, existing permission",
-				zap.String("role-name", r.Name),
-				zap.ByteString("key", r.Perm.Key),
-				zap.ByteString("range-end", r.Perm.RangeEnd),
-				zap.String("permission-type", authpb.Permission_Type_name[int32(r.Perm.PermType)]),
-			)
-			return &pb.AuthRoleGrantPermissionResponse{}, nil
-		}
 		// update existing permission
 		role.KeyPermission[idx].PermType = r.Perm.PermType
 	} else {

diff --git a/auth/store_test.go b/auth/store_test.go
@@ -458,8 +458,10 @@ func TestRoleGrantPermissionRevision(t *testing.T) {
 	}
 	newRevision := as.Revision()
 
-	if oldRevision != newRevision {
-		t.Errorf("expected revision diff is 0, got %d", newRevision-oldRevision)
+	diff := newRevision - oldRevision
+
+	if diff != 1 {
+		t.Errorf("expected revision diff is 1, got %d", diff)
 	}
 }