checkKeyValid() should return owner true for rootCreds #13422
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Description
checkKeyValid() should return owner true for rootCreds
Motivation and Context
Looks like policy restriction was not working properly
for normal users when they are not svc or STS accounts.
svc accounts are now properly fixed to get
right permissions when its inherited, so
we do not have to set 'owner = true'
sts accounts have always been using right
permissions, do not need an explicit lookup
regular users always have proper policy mapping
How to test this PR?
Nothing special just create a user and add a policy with the latest
master branch - following snippet shouldn't work.
Types of changes
Checklist: