Handle case where there are no matching ids for all actions passed to (#46646)

This commit is contained in:
Karl Persson 2022-03-16 16:31:33 +01:00 committed by GitHub
parent 2727e2503f
commit 943a8508a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 0 deletions

View File

@ -69,6 +69,10 @@ func Filter(user *models.SignedInUser, sqlID, prefix string, actions ...string)
}
}
if len(ids) == 0 {
return denyQuery, nil
}
query := strings.Builder{}
query.WriteRune(' ')
query.WriteString(sqlID)

View File

@ -117,6 +117,18 @@ func TestFilter_Datasources(t *testing.T) {
expectedDataSources: []string{"ds:3", "ds:7", "ds:8"},
expectErr: false,
},
{
desc: "expect no data sources when scopes does not match",
sqlID: "data_source.id",
prefix: "datasources",
actions: []string{"datasources:read", "datasources:write"},
permissions: map[string][]string{
"datasources:read": {"datasources:id:3", "datasources:id:7", "datasources:id:8"},
"datasources:write": {"datasources:id:10"},
},
expectedDataSources: []string{},
expectErr: false,
},
}
// set sqlIDAcceptList before running tests