From 38cb4d86e4d2eaeac90843859d67bcb436a79e93 Mon Sep 17 00:00:00 2001
From: abhishek9686 <abhi281342@gmail.com>
Date: Mon, 4 Nov 2024 12:46:08 +0400
Subject: [PATCH] return clone of map

---
 logic/acls/common.go            | 5 +++--
 logic/acls/nodeacls/retrieve.go | 7 +++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/logic/acls/common.go b/logic/acls/common.go
index 9296e3b80..bb35123a3 100644
--- a/logic/acls/common.go
+++ b/logic/acls/common.go
@@ -2,6 +2,7 @@ package acls
 
 import (
 	"encoding/json"
+	"maps"
 	"sync"
 
 	"github.com/gravitl/netmaker/database"
@@ -133,7 +134,7 @@ func fetchACLContainer(containerID ContainerID) (ACLContainer, error) {
 	defer AclMutex.RUnlock()
 	if servercfg.CacheEnabled() {
 		if aclContainer, ok := fetchAclContainerFromCache(containerID); ok {
-			return aclContainer, nil
+			return maps.Clone(aclContainer), nil
 		}
 	}
 	aclJson, err := fetchACLContainerJson(ContainerID(containerID))
@@ -147,7 +148,7 @@ func fetchACLContainer(containerID ContainerID) (ACLContainer, error) {
 	if servercfg.CacheEnabled() {
 		storeAclContainerInCache(containerID, currentNetworkACL)
 	}
-	return currentNetworkACL, nil
+	return maps.Clone(currentNetworkACL), nil
 }
 
 // fetchACLContainerJson - fetch the current ACL of given container except in json string
diff --git a/logic/acls/nodeacls/retrieve.go b/logic/acls/nodeacls/retrieve.go
index 195ac4971..4411c5b22 100644
--- a/logic/acls/nodeacls/retrieve.go
+++ b/logic/acls/nodeacls/retrieve.go
@@ -21,9 +21,8 @@ func AreNodesAllowed(networkID NetworkID, node1, node2 NodeID) bool {
 	}
 	var allowed bool
 	acls.AclMutex.Lock()
-	currNetAclCopy := maps.Clone(currentNetworkACL)
-	currNetworkACLNode1 := currNetAclCopy[acls.AclID(node1)]
-	currNetworkACLNode2 := currNetAclCopy[acls.AclID(node2)]
+	currNetworkACLNode1 := currentNetworkACL[acls.AclID(node1)]
+	currNetworkACLNode2 := currentNetworkACL[acls.AclID(node2)]
 	acls.AclMutex.Unlock()
 	allowed = currNetworkACLNode1.IsAllowed(acls.AclID(node2)) && currNetworkACLNode2.IsAllowed(acls.AclID(node1))
 	return allowed
@@ -69,5 +68,5 @@ func FetchAllACLs(networkID NetworkID) (acls.ACLContainer, error) {
 	if err != nil {
 		return nil, err
 	}
-	return currentNetworkACL, nil
+	return maps.Clone(currentNetworkACL), nil
 }