fix: handle empty aclPolicy for integration tests

2025-10-28 10:51:44 +01:00 · 2022-05-04 22:56:55 +02:00 · 2022-05-04 22:56:55 +02:00 · dc8c20e002
commit dc8c20e002
parent 68417cc888
4 changed files with 31 additions and 9 deletions
--- a/cmd/headscale/cli/nodes.go
+++ b/cmd/headscale/cli/nodes.go
@ -68,7 +68,8 @@ func init() {
 	if err != nil {
 		log.Fatalf(err.Error())
 	}
-	tagCmd.Flags().StringSliceP("tags", "t", []string{}, "List of tags to add to the node")
+	tagCmd.Flags().
+		StringSliceP("tags", "t", []string{}, "List of tags to add to the node")
 	nodeCmd.AddCommand(tagCmd)
 }

--- a/grpcv1.go
+++ b/grpcv1.go
@ -268,7 +268,7 @@ func (api headscaleV1APIServer) ListMachines(
 	for index, machine := range machines {
 		m := machine.toProto()
 		validTags, invalidTags := getTags(
-			*api.h.aclPolicy,
+			api.h.aclPolicy,
 			machine,
 			api.h.cfg.OIDC.StripEmaildomain,
 		)
--- a/machine.go
+++ b/machine.go
@ -659,14 +659,18 @@ func (machine *Machine) toProto() *v1.Machine {

 // getTags will return the tags of the current machine.
 func getTags(
-	aclPolicy ACLPolicy,
+	aclPolicy *ACLPolicy,
 	machine Machine,
 	stripEmailDomain bool,
 ) (validTags []string, invalidTags []string) {
+	if aclPolicy == nil {
+		return
+	}
+	fmt.Println(aclPolicy)
 	validTagMap := make(map[string]bool)
 	invalidTagMap := make(map[string]bool)
 	for _, tag := range machine.HostInfo.RequestTags {
-		owners, err := expandTagOwners(aclPolicy, tag, stripEmailDomain)
+		owners, err := expandTagOwners(*aclPolicy, tag, stripEmailDomain)
 		if errors.Is(err, errInvalidTag) {
 			invalidTagMap[tag] = true

--- a/machine_test.go
+++ b/machine_test.go
@ -279,7 +279,7 @@ func (s *Suite) TestSerdeAddressStrignSlice(c *check.C) {

 func Test_getTags(t *testing.T) {
 	type args struct {
-		aclPolicy        ACLPolicy
+		aclPolicy        *ACLPolicy
 		machine          Machine
 		stripEmailDomain bool
 	}
@ -292,7 +292,7 @@ func Test_getTags(t *testing.T) {
 		{
 			name: "valid tag one machine",
 			args: args{
-				aclPolicy: ACLPolicy{
+				aclPolicy: &ACLPolicy{
 					TagOwners: TagOwners{
 						"tag:valid": []string{"joe"},
 					},
@ -313,7 +313,7 @@ func Test_getTags(t *testing.T) {
 		{
 			name: "invalid tag and valid tag one machine",
 			args: args{
-				aclPolicy: ACLPolicy{
+				aclPolicy: &ACLPolicy{
 					TagOwners: TagOwners{
 						"tag:valid": []string{"joe"},
 					},
@ -334,7 +334,7 @@ func Test_getTags(t *testing.T) {
 		{
 			name: "multiple invalid and identical tags, should return only one invalid tag",
 			args: args{
-				aclPolicy: ACLPolicy{
+				aclPolicy: &ACLPolicy{
 					TagOwners: TagOwners{
 						"tag:valid": []string{"joe"},
 					},
@ -359,7 +359,7 @@ func Test_getTags(t *testing.T) {
 		{
 			name: "only invalid tags",
 			args: args{
-				aclPolicy: ACLPolicy{
+				aclPolicy: &ACLPolicy{
 					TagOwners: TagOwners{
 						"tag:valid": []string{"joe"},
 					},
@ -377,6 +377,23 @@ func Test_getTags(t *testing.T) {
 			wantValid:   nil,
 			wantInvalid: []string{"tag:invalid", "very-invalid"},
 		},
+		{
+			name: "empty ACLPolicy should return empty tags and should not panic",
+			args: args{
+				aclPolicy: nil,
+				machine: Machine{
+					Namespace: Namespace{
+						Name: "joe",
+					},
+					HostInfo: HostInfo{
+						RequestTags: []string{"tag:invalid", "very-invalid"},
+					},
+				},
+				stripEmailDomain: false,
+			},
+			wantValid:   nil,
+			wantInvalid: nil,
+		},
 	}
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {