fix(acl): fix issue with groups in excludeCorretlyTaggedNodes

This commit fix issue #563
2022-08-04 10:42:47 +02:00 · 2022-08-04 10:42:47 +02:00 · babf9470c2
commit babf9470c2
parent f9c4d577e2
2 changed files with 64 additions and 7 deletions
--- a/acls.go
+++ b/acls.go
@ -367,7 +367,7 @@ func expandAlias(

 	// if alias is a namespace
 	nodes := filterMachinesByNamespace(machines, alias)
-	nodes = excludeCorrectlyTaggedNodes(aclPolicy, nodes, alias)
+	nodes = excludeCorrectlyTaggedNodes(aclPolicy, nodes, alias, stripEmailDomain)

 	for _, n := range nodes {
 		ips = append(ips, n.IPAddresses.ToStringSlice()...)
@ -405,10 +405,13 @@ func excludeCorrectlyTaggedNodes(
 	aclPolicy ACLPolicy,
 	nodes []Machine,
 	namespace string,
+	stripEmailDomain bool,
 ) []Machine {
 	out := []Machine{}
 	tags := []string{}
 	for tag, ns := range aclPolicy.TagOwners {
+		owners, _ := expandTagOwners(aclPolicy, namespace, stripEmailDomain)
+		ns = append(owners, namespace)
 		if contains(ns, namespace) {
 			tags = append(tags, tag)
 		}