-
Bug
-
Resolution: Done
-
Undefined
-
None
-
None
-
None
-
False
-
-
False
-
Release Note Not Required
-
-
-
RHDH Sprint 3252
[1985653927] Upstream Reporter: Patrick Knight
Upstream issue status: Closed
Upstream description:
Describe the bug
When there is a restart of the server and the policies-csv-file and database.enabled fields are set, the CSV policy will repopulate the database with the original permission policies.
Expected Behavior
This opens up a question on how we should handle cases where there is a CSV file included and the Database enabled.
Should we only allow for one or the other to prevent the potential of the database being repopulated with the CSV file on restart
or
Should we save back into the CSV file if it is included (Personally, I like this approach as this can be useful whenever a database is not present)
What are the steps to reproduce this bug?
- Create an RBAC policy CSV with the permission p, user:default/<YOUR_USERNAME>, catalog-entity, read, deny
- Set policies-csv-file and database.enabled fields in the app-config
- Start server
- Update the permission policy to p, user:default/<YOUR_USERNAME>, catalog-entity, read, allow
- Restart server
- Notice that there are now two permission policies in the database:
p, user:default/<YOUR_USERNAME>, catalog-entity, read, allow # Updated permission policy p, user:default/<YOUR_USERNAME>, catalog-entity, read, deny # Permission policy from the CSVVersions of software used and environment
Upstream URL: https://github.com/janus-idp/backstage-plugins/issues/924
- links to