allow users to be defined with @ in v1 (#2495)

* allow users to be defined with @ in v1 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove integration test rewrite hack Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove test rewrite hack Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add @ to integration tests Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * a bit to agressive removeals Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * fix last test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2025-03-30 13:19:05 +02:00 · 2025-03-30 13:19:05 +02:00 · e3521be705
commit e3521be705
parent f52f15ff08
12 changed files with 76 additions and 150 deletions
--- a/integration/ssh_test.go
+++ b/integration/ssh_test.go
@ -26,7 +26,7 @@ var retry = func(times int, sleepInterval time.Duration,
 	var stderr string
 	var err error

-	for attempts := 0; attempts < times; attempts++ {
+	for range times {
 		tempResult, tempStderr, err := doWork()

 		result += tempResult
@ -94,7 +94,7 @@ func TestSSHOneUserToAll(t *testing.T) {
 	scenario := sshScenario(t,
 		&policyv1.ACLPolicy{
 			Groups: map[string][]string{
-				"group:integration-test": {"user1"},
+				"group:integration-test": {"user1@"},
 			},
 			ACLs: []policyv1.ACL{
 				{
@ -159,7 +159,7 @@ func TestSSHMultipleUsersAllToAll(t *testing.T) {
 	scenario := sshScenario(t,
 		&policyv1.ACLPolicy{
 			Groups: map[string][]string{
-				"group:integration-test": {"user1", "user2"},
+				"group:integration-test": {"user1@", "user2@"},
 			},
 			ACLs: []policyv1.ACL{
 				{
@ -212,7 +212,7 @@ func TestSSHNoSSHConfigured(t *testing.T) {
 	scenario := sshScenario(t,
 		&policyv1.ACLPolicy{
 			Groups: map[string][]string{
-				"group:integration-test": {"user1"},
+				"group:integration-test": {"user1@"},
 			},
 			ACLs: []policyv1.ACL{
 				{
@ -254,7 +254,7 @@ func TestSSHIsBlockedInACL(t *testing.T) {
 	scenario := sshScenario(t,
 		&policyv1.ACLPolicy{
 			Groups: map[string][]string{
-				"group:integration-test": {"user1"},
+				"group:integration-test": {"user1@"},
 			},
 			ACLs: []policyv1.ACL{
 				{
@ -303,8 +303,8 @@ func TestSSHUserOnlyIsolation(t *testing.T) {
 	scenario := sshScenario(t,
 		&policyv1.ACLPolicy{
 			Groups: map[string][]string{
-				"group:ssh1": {"user1"},
-				"group:ssh2": {"user2"},
+				"group:ssh1": {"user1@"},
+				"group:ssh2": {"user2@"},
 			},
 			ACLs: []policyv1.ACL{
 				{