handled no record found during connect cluster with no org setting set (#168)

Signed-off-by: mabhi <abhijit.mukherjee@infracloud.io>
2026-05-17 05:47:04 +00:00 · 2023-02-27 15:06:57 +05:30
parent 74f1928e45
commit de448a8cb3
1 changed files with 10 additions and 3 deletions
--- a/pkg/sentry/authz/authz.go
+++ b/pkg/sentry/authz/authz.go
@@ -320,6 +320,7 @@ func GetAuthorization(ctx context.Context, req *sentryrpc.GetUserAuthorizationRe
 	var rolePrevilage int
 	var highestRole string
 	var enforceOrgAdminOnlySecretAccess, isOrgAdmin bool
+	const defaultSaValiditySeconds = 28800

 	resp = new(sentryrpc.GetUserAuthorizationResponse)

@@ -329,13 +330,19 @@ func GetAuthorization(ctx context.Context, req *sentryrpc.GetUserAuthorizationRe
 	orgID := cnAttr.OrganizationID
 	partnerID := cnAttr.PartnerID
 	// fetch at org level
-	ks, err := kss.Get(ctx, orgID, "", cnAttr.IsSSO)
-	if err != nil {
+	kubeSetting, err := kss.Get(ctx, orgID, "", cnAttr.IsSSO)
+	if err == constants.ErrNotFound {
+		// set default org level settings
+		kubeSetting = &sentry.KubeconfigSetting{
+			SaValiditySeconds: defaultSaValiditySeconds,
+		}
+
+	} else if err != nil {
 		_log.Errorf("unable to fetch k8s service as per org level kubectl settings for orgID:%s %v", orgID, cnAttr.IsSSO)
 		return nil, fmt.Errorf("unable to fetch k8s service %s", err.Error())
 	}

-	expiryTime := time.Now().Add(time.Second * time.Duration(ks.SaValiditySeconds)).Unix()
+	expiryTime := time.Now().Add(time.Second * time.Duration(kubeSetting.SaValiditySeconds)).Unix()
 	fmtSaValidityDuration := strconv.FormatInt(expiryTime, 10)
 	if cnAttr.SystemUser {
 		return getSystemUserAuthz(cnAttr, fmtSaValidityDuration)