mirror of
https://github.com/netbirdio/netbird.git
synced 2024-10-05 01:32:05 +02:00
Fix race condition with JWT group sync (#1486)
This PR fixes the issue that caused JWT group membership not being store Therefore causing many event logs and inconsistency
This commit is contained in:
parent
131d9f1bc7
commit
d4194cba6a
@ -1544,7 +1544,19 @@ func (am *DefaultAccountManager) GetAccountFromToken(claims jwtclaims.Authorizat
|
|||||||
log.Infof("overriding JWT Domain and DomainCategory claims since single account mode is enabled")
|
log.Infof("overriding JWT Domain and DomainCategory claims since single account mode is enabled")
|
||||||
}
|
}
|
||||||
|
|
||||||
account, err := am.getAccountWithAuthorizationClaims(claims)
|
newAcc, err := am.getAccountWithAuthorizationClaims(claims)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
unlock := am.Store.AcquireAccountLock(newAcc.Id)
|
||||||
|
alreadyUnlocked := false
|
||||||
|
defer func() {
|
||||||
|
if !alreadyUnlocked {
|
||||||
|
unlock()
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
account, err := am.Store.GetAccount(newAcc.Id)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
@ -1593,6 +1605,8 @@ func (am *DefaultAccountManager) GetAccountFromToken(claims jwtclaims.Authorizat
|
|||||||
log.Errorf("failed to save account: %v", err)
|
log.Errorf("failed to save account: %v", err)
|
||||||
} else {
|
} else {
|
||||||
am.updateAccountPeers(account)
|
am.updateAccountPeers(account)
|
||||||
|
unlock()
|
||||||
|
alreadyUnlocked = true
|
||||||
for _, g := range addNewGroups {
|
for _, g := range addNewGroups {
|
||||||
if group := account.GetGroup(g); group != nil {
|
if group := account.GetGroup(g); group != nil {
|
||||||
am.StoreEvent(user.Id, user.Id, account.Id, activity.GroupAddedToUser,
|
am.StoreEvent(user.Id, user.Id, account.Id, activity.GroupAddedToUser,
|
||||||
|
Loading…
Reference in New Issue
Block a user