-
Notifications
You must be signed in to change notification settings - Fork 216
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MGMT-19297: Handle user_name, org_id correctly when AUTH_TYPE RHSSO used #7005
base: master
Are you sure you want to change the base?
Conversation
Presently there is a bug in the way we handle AUTH_TYPE RHSSO while fetching the events list. A join is performed between infra_envs and either hosts or clusters, this leads to some ambiguity around column names in WHERE clauses. Specifically the fields `user_name` and `org_id`, combinations of which appear in hosts, clusters and infra_envs. This change applies the authorization check by turning the final database query into a subquery and then filtering on the returned user_name, org_id columns in the subquery.
@paul-maidment: This pull request references MGMT-19297 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
Skipping CI for Draft Pull Request. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: paul-maidment The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@paul-maidment: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Presently there is a bug in the way we handle AUTH_TYPE RHSSO while fetching the events list.
A join is performed between infra_envs and either hosts or clusters, this leads to some ambiguity around column names in WHERE clauses.
Specifically the fields
user_name
andorg_id
, combinations of which appear in hosts, clusters and infra_envs.This change applies the authorization check by turning the final database query into a subquery and then filtering on the returned user_name, org_id columns in the subquery.
List all the issues related to this PR
What environments does this code impact?
How was this code tested?
Checklist
docs
, README, etc)Reviewers Checklist