Skip to content

Commit

Permalink
chore: ensure sufficient permission before fetching cluster info
Browse files Browse the repository at this point in the history
  • Loading branch information
@sergeyberezansky
sergeyberezansky committed Oct 13, 2024
1 parent a361d16 commit 3b958be
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions pkg/wekafs/apiclient/apiclient.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -648,18 +648,19 @@ func (a *ApiClient) Login(ctx context.Context) error {
_ = a.updateTokensExpiryInterval(ctx)
}
a.refreshTokenExpiryDate = time.Now().Add(time.Duration(a.refreshTokenExpiryInterval) * time.Second)
if err := a.fetchClusterInfo(ctx); err != nil {
logger.Error().Err(err).Msg("Failed to fetch information from Weka cluster on login")
return err
}
logger.Debug().Msg("Successfully connected to cluster API")

err = a.ensureSufficientPermissions(ctx)
if err != nil {
logger.Error().Err(err).Msg("Failed to ensure sufficient permissions for supplied credentials. Cannot continue")
return err
}

if err := a.fetchClusterInfo(ctx); err != nil {
logger.Error().Err(err).Msg("Failed to fetch information from Weka cluster on login")
return err
}
logger.Debug().Msg("Successfully connected to cluster API")

if a.Credentials.AutoUpdateEndpoints {
if err := a.UpdateApiEndpoints(ctx); err != nil {
logger.Error().Err(err).Msg("Failed to update actual API endpoints")
Expand Down Expand Up @@ -799,7 +800,7 @@ func (c *Credentials) String() string {

func (a *ApiClient) HasCSIPermissions() bool {
if a.ApiUserRole != "" {
return a.ApiUserRole == ApiUserRoleCSI || a.ApiUserRole == ApiUserRoleClusterAdmin || a.ApiUserRole == ApiUserRoleOrgAdmin && a.ApiOrgId != 0
return a.ApiUserRole == ApiUserRoleCSI || a.ApiUserRole == ApiUserRoleClusterAdmin || a.ApiUserRole == ApiUserRoleOrgAdmin
}
return false
}
Expand Down

0 comments on commit 3b958be

Please sign in to comment.