From 0a3936164ed66c8c98863f197b8c8400eb02236e Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Wed, 5 Aug 2020 15:02:30 -0400 Subject: [PATCH] Fix role management for users and groups --- .../confluent/config/configmanager.py | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/confluent_server/confluent/config/configmanager.py b/confluent_server/confluent/config/configmanager.py index b6be9f1d..9a9ae4e5 100644 --- a/confluent_server/confluent/config/configmanager.py +++ b/confluent_server/confluent/config/configmanager.py @@ -1423,6 +1423,14 @@ class ConfigManager(object): groupname = confluent.util.stringify(groupname) if groupname in self._cfgstore['usergroups']: raise Exception("Duplicate groupname requested") + for candrole in _validroles: + if candrole.lower().startswith(role.lower()): + role = candrole + break + if role not in _validroles: + raise ValueError( + 'Unrecognized role "{0}" (valid roles: {1})'.format( + role, ','.join(_validroles))) self._cfgstore['usergroups'][groupname] = {'role': role} _mark_dirtykey('usergroups', groupname, self.tenant) self._bg_sync_to_file() @@ -1525,7 +1533,15 @@ class ConfigManager(object): name = confluent.util.stringify(name) if name in self._cfgstore['users']: raise Exception("Duplicate username requested") - self._cfgstore['users'][name] = {'id': uid} + for candrole in _validroles: + if candrole.lower().startswith(role.lower()): + role = candrole + break + if role not in _validroles: + raise ValueError( + 'Unrecognized role "{0}" (valid roles: {1})'.format( + role, ','.join(_validroles))) + self._cfgstore['users'][name] = {'id': uid, 'role': role} if displayname is not None: self._cfgstore['users'][name]['displayname'] = displayname _cfgstore['main']['idmap'][uid] = {