Remove unneeded changes

couchbase · Feb 7, 2024 · 14e338e · 14e338e
1 parent d32404e
commit 14e338e
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 16 deletions.
diff --git a/auth/auth.go b/auth/auth.go
@@ -391,26 +391,13 @@ func CalculateHistory(LogCtx context.Context, invalSeq uint64, invalGrants ch.Ti
 	if currentHistory == nil {
 		currentHistory = map[string]GrantHistory{}
 	}
-	base.InfofCtx(LogCtx, base.KeyCRUD, " %s,  %s, %s, %s", invalGrants.String(), newGrants.String(), currentHistory, viewChannels.String())
 
 	// Iterate over invalidated grants
-	if invalGrants != nil {
-		invalGrants.Add(newGrants)
-	}
 	for previousName, previousInfo := range invalGrants {
 
 		// Check if the invalidated grant exists in the new set
 		// If principal still has access to this grant then we don't need to build any history for it so skip
-		//if !viewChannels.Contains(previousName) && currentHistoryForGrant.AdminAssigned != false {
-		//	base.InfofCtx(LogCtx, base.KeyCRUD, "First IF")
-		//	currentHistoryForGrant.AdminAssigned = true
-		//} else {
-		//	base.InfofCtx(LogCtx, base.KeyCRUD, "second IF")
-		//	currentHistoryForGrant.AdminAssigned = false
-		//	currentHistory[previousName] = currentHistoryForGrant
-		//}
 		if _, ok := newGrants[previousName]; ok {
-			base.InfofCtx(LogCtx, base.KeyCRUD, "previous channel %s, CONTINUING", previousName)
 			continue
 		}
 
@@ -428,16 +415,13 @@ func CalculateHistory(LogCtx context.Context, invalSeq uint64, invalGrants ch.Ti
 			StartSeq: previousInfo.Sequence,
 			EndSeq:   invalSeq,
 		})
-
-		base.InfofCtx(LogCtx, base.KeyCRUD, "previous channel %s, admin assigned %s", previousName, currentHistoryForGrant.AdminAssigned, viewChannels.String(), newGrants.String(), invalGrants.String())
 		currentHistory[previousName] = currentHistoryForGrant
 	}
 
 	return currentHistory
 }
 
 func (auth *Authenticator) calculateAndPruneHistory(princName string, invalSeq uint64, invalGrants ch.TimedSet, newGrants ch.TimedSet, currentHistory TimedSetHistory, viewChannels ch.TimedSet) TimedSetHistory {
-	base.InfofCtx(auth.LogCtx, base.KeyCRUD, "calculateAndPruneHistory //////")
 
 	currentHistory = CalculateHistory(auth.LogCtx, invalSeq, invalGrants, newGrants, currentHistory, viewChannels)
 	if prunedHistory := currentHistory.PruneHistory(auth.ClientPartitionWindow); len(prunedHistory) > 0 {

diff --git a/rest/diagnostic_api.go b/rest/diagnostic_api.go
@@ -58,6 +58,7 @@ func (h *handler) handleGetAllChannels() error {
 		collAccessAll := role.GetCollectionsAccess()
 		resp.AdminRoleGrants[roleName] = make(map[string]map[string]auth.GrantHistory)
 		resp.DynamicRoleGrants[roleName] = make(map[string]map[string]auth.GrantHistory)
+
 		for scopeName, collections := range collAccessAll {
 			for collectionName, collectionAccess := range collections {
 				resp.AdminRoleGrants[roleName][scopeName+"."+collectionName] = make(map[string]auth.GrantHistory)
@@ -89,6 +90,46 @@ func (h *handler) handleGetAllChannels() error {
 			}
 		}
 	}
+	for roleName, roleHist := range user.RoleHistory() {
+		role, err := h.db.Authenticator(h.ctx()).GetRole(roleName)
+		if err != nil {
+			return err
+		}
+		if role == nil {
+			continue
+		}
+		collAccessAll := role.GetCollectionsAccess()
+		resp.AdminRoleGrants[roleName] = make(map[string]map[string]auth.GrantHistory)
+		resp.DynamicRoleGrants[roleName] = make(map[string]map[string]auth.GrantHistory)
+
+		for scopeName, collections := range collAccessAll {
+			for collectionName, collectionAccess := range collections {
+				resp.AdminRoleGrants[roleName][scopeName+"."+collectionName] = make(map[string]auth.GrantHistory)
+				resp.DynamicRoleGrants[roleName][scopeName+"."+collectionName] = make(map[string]auth.GrantHistory)
+				maps.Clear(dynamicRoleChannelTimedHistory)
+				maps.Clear(adminRoleChannelTimedHistory)
+				// loop over current role channels
+				for channel, _ := range collectionAccess.Channels() {
+					if _, ok := user.ExplicitRoles()[roleName]; ok {
+						adminRoleChannelTimedHistory[channel] = roleHist
+					} else {
+						dynamicRoleChannelTimedHistory[channel] = roleHist
+					}
+				}
+				// loop over previous role channels
+				for channel, chanHistory := range collectionAccess.ChannelHistory() {
+					if _, ok := user.ExplicitRoles()[roleName]; ok {
+						adminRoleChannelTimedHistory[channel] = chanHistory
+					} else {
+						dynamicRoleChannelTimedHistory[channel] = chanHistory
+					}
+				}
+
+				resp.AdminRoleGrants[roleName][scopeName+"."+collectionName] = adminRoleChannelTimedHistory
+				resp.DynamicRoleGrants[roleName][scopeName+"."+collectionName] = dynamicRoleChannelTimedHistory
+			}
+		}
+	}
 
 	adminChannelTimedHistory := map[string]auth.GrantHistory{}
 	dynamicChannelTimedHistory := map[string]auth.GrantHistory{}