Fix authz plugin: add RWMutex to defaultRegistry#2
Merged
Conversation
…ccess The defaultRegistry map was unprotected against concurrent reads and writes. This adds a sync.RWMutex to protect: - set(): Write lock when registering modules - GetEnforcer(): Read lock when looking up modules Fixes race condition in authz step module registration and lookups.
…e conflict workflow v0.2.2 pulled in gorm.io/plugin/dbresolver@v1.3.0 which references a removed field (PreparedSQL) in the current gorm version, causing CI build failures. Upgrading to v0.2.18 removes this transitive dependency conflict. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
….3.0 gorm.io/plugin/dbresolver@v1.3.0 references PreparedSQL field that was removed from gorm.PreparedStmtDB, causing go vet and build to fail. CI's go mod tidy pulls this version transitively via casbin/gorm-adapter/v3. Replace it with v1.5.3 which is compatible with current gorm. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…endency casbin/casbin/v2 v2.104.0 caused CI's go mod tidy to pull in casbin/gorm-adapter/v3 v3.24.0, which depends on: - gorm.io/plugin/dbresolver@v1.3.0 (uses removed PreparedSQL field → build fail) - glebarez/sqlite (duplicate "sqlite" driver registration → test panic) casbin v2.135.0 does not trigger the gorm-adapter fetch. Removes the replace directive for dbresolver since it's no longer needed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
intel352
force-pushed
the
fix/ws08-authz-mutex
branch
from
3a90bdd to
9529bce
Compare
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…e driver registration The gorm.io/driver/sqlite package and modernc.org/sqlite both register the "sqlite" database/sql driver, causing a panic in tests with -race. Custom sqliteDialector uses modernc.org/sqlite directly via database/sql. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add internal/gorm_adapter.go: minimal casbin persist.Adapter using gorm, replacing casbin/gorm-adapter/v3 to eliminate glebarez/sqlite dependency - Remove now-unnecessary replace directive for gorm.io/plugin/dbresolver (gorm-adapter is fully removed, so dbresolver is no longer in the graph) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
sync.RWMutextodefaultRegistryinstep_authz_check.goto protect concurrent reads and writesset()acquires a write lock when registering modules;GetEnforcer()acquires a read lock when looking up modulesTest plan
go build ./...passesgo test ./...passes (ok github.com/GoCodeAlone/workflow-plugin-authz/internal)-raceflag would no longer trigger data race detector on registry access🤖 Generated with Claude Code