From afece95ae599de146e42587d078a2d7de1414cf0 Mon Sep 17 00:00:00 2001 From: Yury Gargay Date: Mon, 20 Nov 2023 16:47:11 +0100 Subject: [PATCH] Fix lookupCache to work when idp has more users (#1321) --- management/server/account.go | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/management/server/account.go b/management/server/account.go index 1a457823870..8f9b1e151f9 100644 --- a/management/server/account.go +++ b/management/server/account.go @@ -1082,9 +1082,6 @@ func (am *DefaultAccountManager) loadAccount(_ context.Context, accountID interf if user.IsServiceUser { continue } - if user.Issued == UserIssuedIntegration { - continue - } datum, ok := dataMap[user.Id] if !ok { log.Warnf("user %s not found in IDP", user.Id) @@ -1191,19 +1188,20 @@ func (am *DefaultAccountManager) lookupCache(accountUsers map[string]struct{}, a userDataMap[datum.ID] = struct{}{} } - // check whether we need to reload the cache - // the accountUsers ID list is the source of truth and all the users should be in the cache - reload := len(accountUsers) != len(data) + // the accountUsers ID list of non integration users from store, we check if cache has all of them + // as result of for loop knownUsersCount will have number of users are not presented in the cashed + knownUsersCount := len(accountUsers) for user := range accountUsers { - if _, ok := userDataMap[user]; !ok { - reload = true - log.Debugf("idp cache doesn't have user %s", user) - break + if _, ok := userDataMap[user]; ok { + knownUsersCount-- + continue } + log.Debugf("cache doesn't know about %s user", user) } - if reload { - log.Debugf("reload cache, len(accountUsers) = %d, len(data) = %d", len(accountUsers), len(data)) + // if we know users that are not yet in cache more likely cache is outdated + if knownUsersCount > 0 { + log.Debugf("cache doesn't know about %d users from store, reloading", knownUsersCount) // reload cache once avoiding loops data, err = am.refreshCache(accountID) if err != nil {