github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Apply suggestions from code review 

Co-authored-by: Paul Glass <pglass@hashicorp.com>
pull/18345/head
Jeremy Jacobson 2023-07-31 13:31:27 -07:00 committed by GitHub
parent d54e3a9939
commit 9878915cee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.changelog/18319.txt
View File

@ -1,4 +1,6 @@
```release-note:improvement ```release-note:improvement
acl: added builtin ACL policy that provides global read-only access (builtin/global-read-only) acl: added builtin ACL policy that provides global read-only access (builtin/global-read-only)
```
```release-note:improvement
acl: allow for a single slash character in policy names acl: allow for a single slash character in policy names
``` ```

6
agent/consul/leader.go
View File

@ -469,7 +469,11 @@ func (s *Server) initializeACLs(ctx context.Context) error {
return nil return nil
} }
func (s *Server) initializePolicy(newPolicy structs.ACLPolicy) error { // writeBuiltinACLPolicy writes the given built-in policy to Raft if the policy
// is not found or if the policy rules have been changed. The name and
// description of a built-in policy are user-editable and must be preserved
// during updates. This function must only be called in a primary datacenter.
func (s *Server) writeBuiltinACLPolicy(newPolicy structs.ACLPolicy) error {
_, policy, err := s.fsm.State().ACLPolicyGetByID(nil, newPolicy.ID, structs.DefaultEnterpriseMetaInDefaultPartition()) _, policy, err := s.fsm.State().ACLPolicyGetByID(nil, newPolicy.ID, structs.DefaultEnterpriseMetaInDefaultPartition())
if err != nil { if err != nil {
return fmt.Errorf("failed to get the builtin %s policy", newPolicy.Name) return fmt.Errorf("failed to get the builtin %s policy", newPolicy.Name)