-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FIX Use trustee instead of trustor to validate trust token #251
Conversation
It seems to me that not only change trustor by trustee user is enough to fix the bug, since extract roles now does not extract nothing, since trust behavior is not like assignment role behavior
|
the role to be checked is already into trust, you may be it's already extracted In this case
role is 3c7e51da93dc484596c7f396f4a2d315 |
The problem is not whether I need it or not but whether the current extraction mechanism will work when applied to trust tokens. If it works like that, we can use it as it is and change it in the future if we have a good reason to do it. If we do not, better to use the same mechanism for both systems. |
IMHO current role extraction mechanism could not be applied to trust tokens. |
Fixed in e34257f |
It seems that works fine, allowing when is possible and denning when not. But if I wait 1 minute an retry the same op the result is different: This is OK
This is OK
This is NO OK.
Maybe a cache issue? |
Sure, it seems to be. I'll check it and fix it monday morning.
|
Be careful... this PR probably has been auto-closed when develop was removed, but it may have valuable commits. The solution is to merge develop into bug/trustTokenUsingTrustor and re-launch the PR againts master (a link to the old PR is usually a good idea, to review the comments there). |
Fixes #250