backport of commit dfdbb4f

johanbrandhorst · johanbrandhorst · commit 897ce1c20aaf · 2024-11-14T22:46:16.000Z
diff --git a/internal/auth/oidc/repository_managed_group_members.go b/internal/auth/oidc/repository_managed_group_members.go
@@ -111,7 +111,7 @@ func (r *Repository) SetManagedGroupMemberships(ctx context.Context, am *AuthMet
 				msgs = append(msgs, &mgOplogMsg)
 			}
 
-			currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader))
+			currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1))
 			if err != nil {
 				return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships before deletion"))
 			}
@@ -181,7 +181,7 @@ func (r *Repository) SetManagedGroupMemberships(ctx context.Context, am *AuthMet
 				}
 			}
 
-			currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader))
+			currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1))
 			if err != nil {
 				return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships after set"))
 			}
diff --git a/internal/auth/oidc/service_callback.go b/internal/auth/oidc/service_callback.go
@@ -193,7 +193,7 @@ func Callback(
 	}
 
 	// Get the set of all managed groups so we can filter
-	mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId())
+	mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId(), WithLimit(-1))
 	if err != nil {
 		return "", errors.Wrap(ctx, err, op)
 	}
diff --git a/internal/auth/oidc/service_callback_test.go b/internal/auth/oidc/service_callback_test.go
@@ -675,7 +675,8 @@ func Test_ManagedGroupFiltering(t *testing.T) {
 		return iam.NewRepository(ctx, rw, rw, kmsCache)
 	}
 	repoFn := func() (*Repository, error) {
-		return NewRepository(ctx, rw, rw, kmsCache)
+		// Set a low limit to test that the managed group listing overrides the limit
+		return NewRepository(ctx, rw, rw, kmsCache, WithLimit(1))
 	}
 	atRepoFn := func() (*authtoken.Repository, error) {
 		return authtoken.NewRepository(ctx, rw, rw, kmsCache)
@@ -819,7 +820,7 @@ func Test_ManagedGroupFiltering(t *testing.T) {
 			tp.SetExpectedState(state)
 
 			// Set the filters on the MGs for this test. First we need to get the current versions.
-			currMgs, ttime, err := repo.ListManagedGroups(ctx, testAuthMethod.PublicId)
+			currMgs, ttime, err := repo.ListManagedGroups(ctx, testAuthMethod.PublicId, WithLimit(-1))
 			require.NoError(err)
 			// Transaction timestamp should be within ~10 seconds of now
 			assert.True(time.Now().Before(ttime.Add(10 * time.Second)))
@@ -860,7 +861,7 @@ func Test_ManagedGroupFiltering(t *testing.T) {
 				assert.Contains(key.(map[string]any)["payload"], "auth_token_end")
 			}
 			// Ensure that we get the expected groups
-			memberships, err := repo.ListManagedGroupMembershipsByMember(ctx, account.PublicId)
+			memberships, err := repo.ListManagedGroupMembershipsByMember(ctx, account.PublicId, WithLimit(-1))
 			require.NoError(err)
 			assert.Equal(len(tt.matchingMgs), len(memberships))
 			var matchingIds []string

Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ func (r Repository) SetManagedGroupMemberships(ctx context.Context, am AuthMet`
`111`	`111`	`msgs = append(msgs, &mgOplogMsg)`
`112`	`112`	`}`
`113`	`113`
`114`		`- currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader))`
	`114`	`+ currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1))`
`115`	`115`	`if err != nil {`
`116`	`116`	`return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships before deletion"))`
`117`	`117`	`}`
`@@ -181,7 +181,7 @@ func (r Repository) SetManagedGroupMemberships(ctx context.Context, am AuthMet`
`181`	`181`	`}`
`182`	`182`	`}`
`183`	`183`
`184`		`- currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader))`
	`184`	`+ currentMemberships, err = r.ListManagedGroupMembershipsByMember(ctx, acct.PublicId, WithReader(reader), WithLimit(-1))`
`185`	`185`	`if err != nil {`
`186`	`186`	`return errors.Wrap(ctx, err, op, errors.WithMsg("unable to retrieve current managed group memberships after set"))`
`187`	`187`	`}`
Original file line number	Diff line number	Diff line change
`@@ -193,7 +193,7 @@ func Callback(`
`193`	`193`	`}`
`194`	`194`
`195`	`195`	`// Get the set of all managed groups so we can filter`
`196`		`- mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId())`
	`196`	`+ mgs, _, err := r.ListManagedGroups(ctx, am.GetPublicId(), WithLimit(-1))`
`197`	`197`	`if err != nil {`
`198`	`198`	`return "", errors.Wrap(ctx, err, op)`
`199`	`199`	`}`