From 3558f839577effe9e4f5b3fcd995c12de7869738 Mon Sep 17 00:00:00 2001 From: Samuel Davidson Date: Mon, 29 Oct 2018 11:05:45 -0700 Subject: [PATCH] Revert "Improve multi-authorizer errors" This reverts commit 1c012f1c4966dfe6124192abafeba892ae9510a0. --- pkg/auth/authorizer/abac/abac.go | 2 +- plugin/pkg/auth/authorizer/rbac/rbac.go | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/pkg/auth/authorizer/abac/abac.go b/pkg/auth/authorizer/abac/abac.go index fc3a9dfcf9b..86e7f8ed3e0 100644 --- a/pkg/auth/authorizer/abac/abac.go +++ b/pkg/auth/authorizer/abac/abac.go @@ -227,7 +227,7 @@ func (pl policyList) Authorize(a authorizer.Attributes) (authorizer.Decision, st return authorizer.DecisionAllow, "", nil } } - return authorizer.DecisionNoOpinion, "no ABAC policy matched", nil + return authorizer.DecisionNoOpinion, "No policy matched.", nil // TODO: Benchmark how much time policy matching takes with a medium size // policy file, compared to other steps such as encoding/decoding. // Then, add Caching only if needed. diff --git a/plugin/pkg/auth/authorizer/rbac/rbac.go b/plugin/pkg/auth/authorizer/rbac/rbac.go index 1701bbc3176..a0f173c393b 100644 --- a/plugin/pkg/auth/authorizer/rbac/rbac.go +++ b/plugin/pkg/auth/authorizer/rbac/rbac.go @@ -121,8 +121,6 @@ func (r *RBACAuthorizer) Authorize(requestAttributes authorizer.Attributes) (aut reason := "" if len(ruleCheckingVisitor.errors) > 0 { reason = fmt.Sprintf("RBAC: %v", utilerrors.NewAggregate(ruleCheckingVisitor.errors)) - } else { - reason = "no RBAC policy matched" } return authorizer.DecisionNoOpinion, reason, nil }