Fix lookupCache to work when idp has more users (#1321)

2024-10-05 17:52:09 +02:00 · 2023-11-20 16:47:11 +01:00 · 2023-11-20 16:47:11 +01:00 · afece95ae5
commit afece95ae5
parent d78b7e5d93
1 changed files with 10 additions and 12 deletions
--- a/management/server/account.go
+++ b/management/server/account.go
@ -1082,9 +1082,6 @@ func (am *DefaultAccountManager) loadAccount(_ context.Context, accountID interf
 		if user.IsServiceUser {
 			continue
 		}
-		if user.Issued == UserIssuedIntegration {
-			continue
-		}
 		datum, ok := dataMap[user.Id]
 		if !ok {
 			log.Warnf("user %s not found in IDP", user.Id)
@ -1191,19 +1188,20 @@ func (am *DefaultAccountManager) lookupCache(accountUsers map[string]struct{}, a
 		userDataMap[datum.ID] = struct{}{}
 	}

-	// check whether we need to reload the cache
-	// the accountUsers ID list is the source of truth and all the users should be in the cache
-	reload := len(accountUsers) != len(data)
+	// the accountUsers ID list of non integration users from store, we check if cache has all of them
+	// as result of for loop knownUsersCount will have number of users are not presented in the cashed
+	knownUsersCount := len(accountUsers)
 	for user := range accountUsers {
-		if _, ok := userDataMap[user]; !ok {
-			reload = true
-			log.Debugf("idp cache doesn't have user %s", user)
-			break
+		if _, ok := userDataMap[user]; ok {
+			knownUsersCount--
+			continue
 		}
+		log.Debugf("cache doesn't know about %s user", user)
 	}

-	if reload {
-		log.Debugf("reload cache, len(accountUsers) = %d, len(data) = %d", len(accountUsers), len(data))
+	// if we know users that are not yet in cache more likely cache is outdated
+	if knownUsersCount > 0 {
+		log.Debugf("cache doesn't know about %d users from store, reloading", knownUsersCount)
 		// reload cache once avoiding loops
 		data, err = am.refreshCache(accountID)
 		if err != nil {