108 Commits (02d3ce103973a599c8545f03fbf34b1f793d5427)

Author SHA1 Message Date
freddygv b544ce6485 Add ACL enforcement to peering endpoints 2 years ago
Freddy f99df57840
[OSS] Add new peering ACL rule (#13848) 2 years ago
Matt Keeler 5105835cb2
Allow the /v1/internal/acl/authorize endpoint to authorize the “peering” resource (#13646) 2 years ago
Dan Upton e00e3a0bc3
Move ACLResolveResult into acl/resolver package (#13467) 2 years ago
Chris S. Kim bb832e2bba
Add SourcePeer fields to relevant Intentions types (#13390) 2 years ago
freddygv 647c57a416 Add agent cache-type for TrustBundleListByService 3 years ago
Freddy 4e215dc411
[OSS] Add upsert handling for receiving CheckServiceNode (#13061) 3 years ago
Dan Upton a668c36930
acl: gRPC login and logout endpoints (#12935) 3 years ago
R.B. Boyer f507f62f3c
peering: initial sync (#12842) 3 years ago
Mark Anderson 897ba08cfd add new entmeta stuff. 3 years ago
R.B. Boyer d06183ba7f
syncing changes back from enterprise (#12701) 3 years ago
Mark Anderson 667fac8db1
Fixups for error messages from ACL Errors (#12620) 3 years ago
Riddhi Shah 95362cc5ea ACL pkg updates to support Agentless RPCs 3 years ago
Mark Anderson fa63aed1fa
Add source of authority annotations to the PermissionDeniedError output. (#12567) 3 years ago
Mark Anderson aaefe15613
Bulk acl message fixup oss (#12470) 3 years ago
Mark Anderson 1a16f7ee70 Refactor to make ACL errors more structured. (#12308) 3 years ago
R.B. Boyer b60d89e7ef bulk rewrite using this script 3 years ago
R.B. Boyer 31f6f55bbe test: normalize require.New and assert.New syntax 3 years ago
freddygv ed6076db26 Rename partition-exports to exported-services 3 years ago
R.B. Boyer 1e02460bd1
re-run gofmt on 1.17 (#11579) 3 years ago
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors 3 years ago
Daniel Nephin 7c679c11e6 acl: remove Policy.ID and Policy.Revision 3 years ago
freddygv 43360eb216 Rework acl exports interface 3 years ago
freddygv 0a4ff4bb91 Prefer concrete policyAuthorizer type 3 years ago
freddygv 22bdf279d1 Update NodeRead for partition-exports 3 years ago
Kyle Havlovitz 65c9109396 acl: pass PartitionInfo through ent ACLConfig 3 years ago
Kyle Havlovitz d03f849e49 acl: Expand ServiceRead logic to look at service-exports for cross-partition 3 years ago
Daniel Nephin 8e9773e20b acl: remove ACL.GetPolicy endpoint and resolve legacy acls 3 years ago
Daniel Nephin cd4e70b34c acl: fix default authorizer for down_policy 3 years ago
R.B. Boyer ca73abdea1
acl: fix intention:*:write checks (#11061) 3 years ago
Kyle Havlovitz a20ba21e29 acl: rename merge context update() -> fill() 3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983) 3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource 3 years ago
Daniel Nephin 5b2e5882b4 acl: move check for Intention.DestinationName into Authorizer 3 years ago
Daniel Nephin a10283a313 acl: remove t.Parallel 4 years ago
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099) 4 years ago
Warren 40f080576e
Small typo in docstring (#8280) 4 years ago
Matt Keeler 1dba94311a
Add helper for generating better permission denied errors 4 years ago
Daniel Nephin 068b43df90 Enable gofmt simplify 4 years ago
Jono Sosulska c554ba9e10
Replace whitelist/blacklist terminology with allowlist/denylist (#7971) 5 years ago
Freddy cb77fc6d01
Add managed service provider token (#7218) 5 years ago
Matt Keeler 8bd34e126f
Intentions ACL enforcement updates (#7028) 5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup 5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext 5 years ago
Matt Keeler 8f0ab0129e
Miscellaneous Fixes (#6896) 5 years ago
Matt Keeler deb91f3d3c
[Feature] API: Add a internal endpoint to query for ACL authori… (#6888) 5 years ago
Matt Keeler 79f78632e1
Update the ACL Resolver to allow for Consul Enterprise specific hooks. (#6687) 5 years ago
Matt Keeler e4ea9b0a96
Updates to allow for Namespacing ACL resources in Consul Enterp… (#6675) 5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620) 5 years ago
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t 6 years ago