github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ENT to OSS sync (#11703)

pull/11708/head
Chris S. Kim 3 years ago committed by GitHub
parent
db91cbf484
commit
54e4d1b7b2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      agent/acl_endpoint_test.go
  2. 4
      agent/consul/intention_endpoint.go
  3. 9
      agent/consul/status_endpoint_test.go

2
agent/acl_endpoint_test.go
Unescape View File

@ -2151,7 +2151,7 @@ func TestACL_Authorize(t *testing.T) {
false, // agent:write
false, // event:read
false, // event:write
true, // intention:read
true, // intentions:read
false, // intention:write
false, // key:read
false, // key:list

4
agent/consul/intention_endpoint.go
Unescape View File

@ -605,10 +605,10 @@ func (s *Intention) Match(args *structs.IntentionQueryRequest, reply *structs.In
}
var authzContext acl.AuthorizerContext
// Go through each entry to ensure we have intention:read for the resource.
// Go through each entry to ensure we have intentions:read for the resource.
// TODO - should we do this instead of filtering the result set? This will only allow
// queries for which the token has intention:read permissions on the requested side
// queries for which the token has intentions:read permissions on the requested side
// of the service. Should it instead return all matches that it would be able to list.
// if so we should remove this and call filterACL instead. Based on how this is used
// its probably fine. If you have intention read on the source just do a source type

9
agent/consul/status_endpoint_test.go
Unescape View File

@ -7,12 +7,13 @@ import (
"testing"
"time"
msgpackrpc "github.com/hashicorp/net-rpc-msgpackrpc"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/agent/pool"
"github.com/hashicorp/consul/agent/structs"
"github.com/hashicorp/consul/testrpc"
"github.com/hashicorp/consul/tlsutil"
msgpackrpc "github.com/hashicorp/net-rpc-msgpackrpc"
"github.com/stretchr/testify/require"
)
func rpcClient(t *testing.T, s *Server) rpc.ClientCodec {
@ -24,7 +25,9 @@ func rpcClient(t *testing.T, s *Server) rpc.ClientCodec {
// Write the Consul RPC byte to set the mode
conn.Write([]byte{byte(pool.RPCConsul)})
return msgpackrpc.NewCodecFromHandle(true, true, conn, structs.MsgpackHandle)
codec := msgpackrpc.NewCodecFromHandle(true, true, conn, structs.MsgpackHandle)
t.Cleanup(func() { codec.Close() })
return codec
}
func insecureRPCClient(s *Server, c tlsutil.Config) (rpc.ClientCodec, error) {

Write Preview
Loading…
Cancel
Save