From 949289e094090757576f9251019e10d53af7a663 Mon Sep 17 00:00:00 2001 From: Mitya_Eremeev Date: Tue, 14 Sep 2021 15:37:31 +0300 Subject: Rules in policy directory files can be deleted. Policy directory files can only add new rules or update existing rules in cache, but cannot return back loaded rules in memory to their default value. This incorrect behavior was fixed in the patch. Member "_loaded_files" of class Enforcer should keep list of loaded policy config files paths. In fact if the same file is changed many times then the same file path is added many times. If a file is deleted it's path not deleted from "_loaded_files". The member is very misleading and is not used in code. So this member was deleted in the patch because of above mentioned resons. Change-Id: I9ede38d8cf2ae968d3d8c0b1240bd6a51e6aa931 Closes-Bug: 1943584 --- releasenotes/notes/bug-1943584-fc74f9205039883c.yaml | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 releasenotes/notes/bug-1943584-fc74f9205039883c.yaml (limited to 'releasenotes') diff --git a/releasenotes/notes/bug-1943584-fc74f9205039883c.yaml b/releasenotes/notes/bug-1943584-fc74f9205039883c.yaml new file mode 100644 index 0000000..57e8d87 --- /dev/null +++ b/releasenotes/notes/bug-1943584-fc74f9205039883c.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + [`bug 1943584 `_] + If file in policy directory was emptied, rules were not re-calculated. The + only workaround was to restart an application. Now rules are re-calculated + "on the fly", without app restart. -- cgit v1.2.1