Skip to content
This repository has been archived by the owner on Nov 19, 2023. It is now read-only.

Use case insensitive equals in IAM revoke. #191

Merged
merged 1 commit into from
Jun 15, 2020
Merged

Use case insensitive equals in IAM revoke. #191

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 1 addition & 1 deletion cloudfunctions/iam/revoke/revoke_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ func TestIAMRevoke(t *testing.T) {
folderIDs: []string{"folderID"},
projectIDs: []string{},
externalMembers: []string{"user:tom@gmail.com"},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

its the external users (finding) that allows caps. initial users on the iam policy are alway slower

$ gcloud projects get-iam-policy tom-foo | grep gmail
  - user:my-email@gmail.com

image

initialMembers: []string{"user:test@test.com", "user:tom@gmail.com", "user:existing@gmail.com"},
initialMembers: []string{"user:test@test.com", "user:Tom@gmail.com", "user:existing@gmail.com"},
allowed: []string{},
expectedMembers: []string{"user:test@test.com", "user:existing@gmail.com"},
ancestry: services.CreateAncestors([]string{"project/projectID", "folder/folderID", "organization/organizationID"}),
Expand Down
2 changes: 1 addition & 1 deletion services/resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ func (r *Resource) removeUsersFromPolicy(policy *crm.Policy, users []string) *cr
isUser := strings.HasPrefix(member, "user:")
found := false
for _, user := range users {
if user == member {
if strings.EqualFold(user, member) {
found = true
break
}
Expand Down