Merge pull request #3176 from gravitl/NET-1737

NET-1737: use cloned copy of acl object

logic/acls/common.go

@@ -2,6 +2,7 @@ package acls
 
 import (
 	"encoding/json"
+	"maps"
 	"sync"
 
 	"github.com/gravitl/netmaker/database"
@@ -133,7 +134,7 @@ func fetchACLContainer(containerID ContainerID) (ACLContainer, error) {
 	defer AclMutex.RUnlock()
 	if servercfg.CacheEnabled() {
 		if aclContainer, ok := fetchAclContainerFromCache(containerID); ok {
-			return aclContainer, nil
+			return maps.Clone(aclContainer), nil
 		}
 	}
 	aclJson, err := fetchACLContainerJson(ContainerID(containerID))
@@ -147,7 +148,7 @@ func fetchACLContainer(containerID ContainerID) (ACLContainer, error) {
 	if servercfg.CacheEnabled() {
 		storeAclContainerInCache(containerID, currentNetworkACL)
 	}
-	return currentNetworkACL, nil
+	return maps.Clone(currentNetworkACL), nil
 }
 
 // fetchACLContainerJson - fetch the current ACL of given container except in json string

logic/acls/nodeacls/retrieve.go

@@ -3,6 +3,7 @@ package nodeacls
 import (
 	"encoding/json"
 	"fmt"
+	"maps"
 	"sync"
 
 	"github.com/gravitl/netmaker/logic/acls"
@@ -67,5 +68,5 @@ func FetchAllACLs(networkID NetworkID) (acls.ACLContainer, error) {
 	if err != nil {
 		return nil, err
 	}
-	return currentNetworkACL, nil
+	return maps.Clone(currentNetworkACL), nil
 }