mirror of https://github.com/hashicorp/consul
commit
397e9cd459
|
@ -461,8 +461,7 @@ func NewServerLogger(config *Config, logger *log.Logger, tokens *token.Store) (*
|
|||
s.Shutdown()
|
||||
return nil, err
|
||||
}
|
||||
|
||||
|
||||
|
||||
// Initialize Autopilot. This must happen before starting leadership monitoring
|
||||
// as establishing leadership could attempt to use autopilot and cause a panic.
|
||||
s.initAutopilot(config)
|
||||
|
@ -514,6 +513,7 @@ func (s *Server) setupRaft() error {
|
|||
MaxPool: 3,
|
||||
Timeout: 10 * time.Second,
|
||||
ServerAddressProvider: serverAddressProvider,
|
||||
Logger: s.logger,
|
||||
}
|
||||
|
||||
trans := raft.NewNetworkTransportWithConfig(transConfig)
|
||||
|
|
|
@ -13,7 +13,7 @@ type TokenPoliciesIndex struct {
|
|||
func (s *TokenPoliciesIndex) FromObject(obj interface{}) (bool, [][]byte, error) {
|
||||
token, ok := obj.(*structs.ACLToken)
|
||||
if !ok {
|
||||
return false, nil, fmt.Errorf("object is not an ACLTokenPolicyLink")
|
||||
return false, nil, fmt.Errorf("object is not an ACLToken")
|
||||
}
|
||||
|
||||
links := token.Policies
|
||||
|
@ -641,14 +641,13 @@ func (s *Store) aclPolicySetTxn(tx *memdb.Txn, idx uint64, policy *structs.ACLPo
|
|||
return ErrMissingACLPolicyName
|
||||
}
|
||||
|
||||
var policyMatch *structs.ACLPolicy
|
||||
existing, err := tx.First("acl-policies", "id", policy.ID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed acl policy lookup: %v", err)
|
||||
}
|
||||
|
||||
if existing != nil {
|
||||
policyMatch = existing.(*structs.ACLPolicy)
|
||||
policyMatch := existing.(*structs.ACLPolicy)
|
||||
|
||||
if policy.ID == structs.ACLPolicyGlobalManagementID {
|
||||
// Only the name and description are modifiable
|
||||
|
|
|
@ -21,20 +21,20 @@ var (
|
|||
// is attempted with an empty session ID.
|
||||
ErrMissingSessionID = errors.New("Missing session ID")
|
||||
|
||||
// ErrMissingACLTokenSecret is returned when an token set is called on
|
||||
// an token with an empty SecretID.
|
||||
// ErrMissingACLTokenSecret is returned when a token set is called on a
|
||||
// token with an empty SecretID.
|
||||
ErrMissingACLTokenSecret = errors.New("Missing ACL Token SecretID")
|
||||
|
||||
// ErrMissingACLTokenAccessor is returned when an token set is called on
|
||||
// an token with an empty AccessorID.
|
||||
// ErrMissingACLTokenAccessor is returned when a token set is called on a
|
||||
// token with an empty AccessorID.
|
||||
ErrMissingACLTokenAccessor = errors.New("Missing ACL Token AccessorID")
|
||||
|
||||
// ErrMissingACLPolicyID is returned when an policy set is called on
|
||||
// an policy with an empty ID.
|
||||
// ErrMissingACLPolicyID is returned when a policy set is called on a
|
||||
// policy with an empty ID.
|
||||
ErrMissingACLPolicyID = errors.New("Missing ACL Policy ID")
|
||||
|
||||
// ErrMissingACLPolicyName is returned when an policy set is called on
|
||||
// an policy with an empty Name.
|
||||
// ErrMissingACLPolicyName is returned when a policy set is called on a
|
||||
// policy with an empty Name.
|
||||
ErrMissingACLPolicyName = errors.New("Missing ACL Policy Name")
|
||||
|
||||
// ErrMissingQueryID is returned when a Query set is called on
|
||||
|
|
|
@ -41,7 +41,7 @@ func (c *cmd) init() {
|
|||
c.flags = flag.NewFlagSet("", flag.ContinueOnError)
|
||||
c.flags.BoolVar(&c.showMeta, "meta", false, "Indicates that policy metadata such "+
|
||||
"as the content hash and raft indices should be shown for each entry")
|
||||
c.flags.StringVar(&c.name, "name", "", "The new policies name. This flag is required.")
|
||||
c.flags.StringVar(&c.name, "name", "", "The new policy's name. This flag is required.")
|
||||
c.flags.StringVar(&c.description, "description", "", "A description of the policy")
|
||||
c.flags.Var((*flags.AppendSliceValue)(&c.datacenters), "valid-datacenter", "Datacenter "+
|
||||
"that the policy should be valid within. This flag may be specified multiple times")
|
||||
|
|
|
@ -82,7 +82,7 @@ Usage: `consul acl policy create [options] [args]`
|
|||
* `-meta` - Indicates that policy metadata such as the content hash and raft
|
||||
indices should be shown for each entry.
|
||||
|
||||
* `-name=<string>` - The new policies name. This flag is required.
|
||||
* `-name=<string>` - The new policy's name. This flag is required.
|
||||
|
||||
* `-rules=<string>` - The policy rules. May be prefixed with '@' to indicate that the
|
||||
value is a file path to load the rules from. '-' may also be given
|
||||
|
|
Loading…
Reference in New Issue