diff --git a/management/server/posture_checks.go b/management/server/posture_checks.go index 851d4d31f..6677a8247 100644 --- a/management/server/posture_checks.go +++ b/management/server/posture_checks.go @@ -70,10 +70,15 @@ func (am *DefaultAccountManager) SavePostureChecks(ctx context.Context, accountI return status.Errorf(status.PreconditionFailed, "Posture check name should be unique") } + updateAccountPeers := false action := activity.PostureCheckCreated if exists { action = activity.PostureCheckUpdated - account.Network.IncSerial() + + updateAccountPeers, _ = isPostureCheckLinkedToPolicy(account, postureChecks.ID) + if updateAccountPeers { + account.Network.IncSerial() + } } if err = am.Store.SaveAccount(ctx, account); err != nil { @@ -81,7 +86,7 @@ func (am *DefaultAccountManager) SavePostureChecks(ctx context.Context, accountI } am.StoreEvent(ctx, userID, postureChecks.ID, accountID, action, postureChecks.EventMeta()) - if exists { + if updateAccountPeers { am.updateAccountPeers(ctx, account) } @@ -170,13 +175,9 @@ func (am *DefaultAccountManager) deletePostureChecks(account *Account, postureCh return nil, status.Errorf(status.NotFound, "posture checks with ID %s doesn't exist", postureChecksID) } - // check policy links - for _, policy := range account.Policies { - for _, id := range policy.SourcePostureChecks { - if id == postureChecksID { - return nil, status.Errorf(status.PreconditionFailed, "posture checks have been linked to policy: %s", policy.Name) - } - } + // Check if posture check is linked to any policy + if isLinked, linkedPolicy := isPostureCheckLinkedToPolicy(account, postureChecksID); isLinked { + return nil, status.Errorf(status.PreconditionFailed, "posture checks have been linked to policy: %s", linkedPolicy.Name) } postureChecks := account.PostureChecks[postureChecksIdx] @@ -239,3 +240,12 @@ func addPolicyPostureChecks(account *Account, policy *Policy, peerPostureChecks } } } + +func isPostureCheckLinkedToPolicy(account *Account, postureChecksID string) (bool, *Policy) { + for _, policy := range account.Policies { + if slices.Contains(policy.SourcePostureChecks, postureChecksID) { + return true, policy + } + } + return false, nil +}