Clean up unncessary conditional. Add explicit auth/ tests for empty credentials/anonymous case

2 years ago · 8921ee002e
parent 7cceb822a4
commit 8921ee002e
2 changed files with 12 additions and 6 deletions
--- a/auth/credential_store_test.go
+++ b/auth/credential_store_test.go
@ -227,10 +227,19 @@ func Test_AuthPermsAA(t *testing.T) {
 	if store.AA("nonexistent", "password1", "foo") {
 		t.Fatalf("nonexistent authenticated and authorized for foo")
 	}
+
 	if !store.AA("nonexistent", "password1", "qux") {
 		t.Fatalf("nonexistent not authenticated and authorized for qux")
 	}

+	// explicit check of anonymous user
+	if !store.AA("", "", "qux") {
+		t.Fatalf("anonymous incorrectly not authorized")
+	}
+	if store.AA("", "", "foo") {
+		t.Fatalf("anonymous incorrectly authorized")
+	}
+
 	if !store.AA("username1", "password1", "foo") {
 		t.Fatalf("username1 not authenticated and authorized for foo")
 	}
--- a/cluster/service.go
+++ b/cluster/service.go
@ -182,12 +182,9 @@ func (s *Service) checkCommandPerm(c *Command, perm string) bool {
 		return true
 	}

-	var username string
-	var password string
-	if c.Credentials == nil {
-		username = ""
-		password = ""
-	} else {
+	username := ""
+	password := ""
+	if c.Credentials != nil {
 		username = c.Credentials.GetUsername()
 		password = c.Credentials.GetPassword()
 	}