diff --git a/.changelog/13787.txt b/.changelog/13787.txt new file mode 100644 index 0000000000..0682d70c44 --- /dev/null +++ b/.changelog/13787.txt @@ -0,0 +1,3 @@ +```release-note:bug +cli: when `acl token read` is used with the `-self` and `-expanded` flags, return an error instead of panicking +``` diff --git a/command/acl/token/read/token_read.go b/command/acl/token/read/token_read.go index 4e66d9ea76..e5a3b87b0d 100644 --- a/command/acl/token/read/token_read.go +++ b/command/acl/token/read/token_read.go @@ -92,6 +92,13 @@ func (c *cmd) Run(args []string) int { return 1 } } else { + // TODO: consider updating this CLI command and underlying HTTP API endpoint + // to support expanded read of a "self" token, which is a much better user workflow. + if c.expanded { + c.UI.Error("Cannot use both -expanded and -self. Instead, use -expanded and -id=.") + return 1 + } + t, _, err = client.ACL().TokenReadSelf(nil) if err != nil { c.UI.Error(fmt.Sprintf("Error reading token: %v", err))