feat(policy-RBAC): ensure RBAC policy overrides existing RBAC settings [R8S-777] (#1718)

This commit is contained in:
Ali
2026-02-10 23:44:44 +13:00
committed by GitHub
parent a1208974ac
commit 49e623dfeb
7 changed files with 590 additions and 204 deletions
@@ -202,14 +202,6 @@ func (handler *Handler) updateEndpointGroup(tx dataservices.DataStoreTx, endpoin
endpointsChanged = true
}
}
// Update user authorizations when endpoints are added/removed from the group
// since group membership affects access control
if endpointsChanged {
if err := handler.AuthorizationService.UpdateUsersAuthorizationsTx(tx); err != nil {
return nil, httperror.InternalServerError("Unable to update user authorizations", err)
}
}
}
// Reconcile endpoints in the group if tags changed (but endpoints weren't already reconciled)