github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-05 03:03:40 +00:00
Code Issues Projects Releases Wiki Activity

prevent update handler being called on disallowed CreateOnUpdate

Browse Source
This commit is contained in:
Kevin
2020-06-07 13:13:53 +00:00
parent 4cc44fbef6
commit bd961781d7
3 changed files with 52 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
test/integration/auth/node_test.go
View File

@@ -480,7 +480,7 @@ func TestNodeAuthorizer(t *testing.T) {
expectNotFound(t, deleteNode2MirrorPod(node1Client))
expectNotFound(t, createNode2MirrorPodEviction(node1Client))
expectForbidden(t, createNode2(node1Client))
expectForbidden(t, updateNode2Status(node1Client))
expectNotFound(t, updateNode2Status(node1Client))
expectForbidden(t, deleteNode2(node1Client))
// related object requests from node2 fail
@@ -500,6 +500,8 @@ func TestNodeAuthorizer(t *testing.T) {
expectAllowed(t, updateNode2Status(node2Client))
// self deletion is not allowed
expectForbidden(t, deleteNode2(node2Client))
// modification of another node's status is not allowed
expectForbidden(t, updateNode2Status(node1Client))
// clean up node2
expectAllowed(t, deleteNode2(superuserClient))