Open yuvalavra opened 10 months ago
Because of a bug here - https://github.com/PaloAltoNetworks/rbac-police/blob/1ec5d029f008e29869572157c9645ce6c21399c8/pkg/eval/eval.go#L302-L306 , disabling group violations would inadvertently cause user violations to be skipped as well.
So while ./rbac-police eval lib --violations users,groups and ./rbac-police eval lib --violations all worked as expected, ./rbac-police** eval lib --violations users wouldn't evaluate users.
./rbac-police eval lib --violations users,groups
./rbac-police eval lib --violations all
./rbac-police** eval lib --violations users
Because of a bug here - https://github.com/PaloAltoNetworks/rbac-police/blob/1ec5d029f008e29869572157c9645ce6c21399c8/pkg/eval/eval.go#L302-L306 , disabling group violations would inadvertently cause user violations to be skipped as well.
So while
./rbac-police eval lib --violations users,groups
and./rbac-police eval lib --violations all
worked as expected,./rbac-police** eval lib --violations users
wouldn't evaluate users.