From c9385129aef29fd52ef26150a77247de32954987 Mon Sep 17 00:00:00 2001 From: freddygv Date: Thu, 9 Apr 2020 16:35:52 -0600 Subject: [PATCH] Require service:read to read terminating-gateway config --- agent/structs/config_entry_gateways.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/structs/config_entry_gateways.go b/agent/structs/config_entry_gateways.go index ca05fc65d9..46f365d41b 100644 --- a/agent/structs/config_entry_gateways.go +++ b/agent/structs/config_entry_gateways.go @@ -264,7 +264,7 @@ func (e *TerminatingGatewayConfigEntry) CanRead(authz acl.Authorizer) bool { var authzContext acl.AuthorizerContext e.FillAuthzContext(&authzContext) - return authz.OperatorRead(&authzContext) == acl.Allow + return authz.ServiceRead(e.Name, &authzContext) == acl.Allow } func (e *TerminatingGatewayConfigEntry) CanWrite(authz acl.Authorizer) bool {