Fix policy deletion with commas in quoted fields (#1733)#1739
Open
Jbansal2 wants to merge 1 commit into
Open
Conversation
This fixes an issue where policies with commas in quoted fields (e.g., ABAC conditions) were not being deleted correctly in batch operations. Root Cause: - Policy hash keys were generated using comma as separator via strings.Join(rule, ',') - This created hash collisions when policy fields contained commas - Example: ['alice', 'data,file', 'read'] and ['alice', 'data', 'file', 'read'] produced the same hash key 'alice,data,file,read' Solution: - Introduced policyKey() helper function that uses ASCII Unit Separator (\x1f) - This character is designed for field separation and won't appear in policy data - Updated all policy operations to use policyKey() instead of strings.Join() Changes: - model/policy.go: Added policyKey() and replaced all hash key generation - Added comprehensive tests demonstrating the fix - All existing tests pass (216 tests) Fixes apache#1733
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This fixes an issue where policies with commas in quoted fields (e.g., ABAC conditions) were not being deleted correctly in batch operations.
Root Cause:
Solution:
Changes:
Fixes #1733