Commit Graph

110 Commits (0d7e2dc92305ce218ca943c39d27e8218fd0a054)

Author SHA1 Message Date
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
freddygv bf51021c07 Use split wildcard partition name
2 years ago
freddygv b544ce6485 Add ACL enforcement to peering endpoints
2 years ago
Freddy f99df57840
[OSS] Add new peering ACL rule (#13848)
2 years ago
Matt Keeler 5105835cb2
Allow the /v1/internal/acl/authorize endpoint to authorize the “peering” resource (#13646)
2 years ago
Dan Upton e00e3a0bc3
Move ACLResolveResult into acl/resolver package (#13467)
2 years ago
Chris S. Kim bb832e2bba
Add SourcePeer fields to relevant Intentions types (#13390)
3 years ago
freddygv 647c57a416 Add agent cache-type for TrustBundleListByService
3 years ago
Freddy 4e215dc411
[OSS] Add upsert handling for receiving CheckServiceNode (#13061)
3 years ago
Dan Upton a668c36930
acl: gRPC login and logout endpoints (#12935)
3 years ago
R.B. Boyer f507f62f3c
peering: initial sync (#12842)
3 years ago
Mark Anderson 897ba08cfd add new entmeta stuff.
3 years ago
R.B. Boyer d06183ba7f
syncing changes back from enterprise (#12701)
3 years ago
Mark Anderson 667fac8db1
Fixups for error messages from ACL Errors (#12620)
3 years ago
Riddhi Shah 95362cc5ea ACL pkg updates to support Agentless RPCs
3 years ago
Mark Anderson fa63aed1fa
Add source of authority annotations to the PermissionDeniedError output. (#12567)
3 years ago
Mark Anderson aaefe15613
Bulk acl message fixup oss (#12470)
3 years ago
Mark Anderson 1a16f7ee70 Refactor to make ACL errors more structured. (#12308)
3 years ago
R.B. Boyer b60d89e7ef bulk rewrite using this script
3 years ago
R.B. Boyer 31f6f55bbe test: normalize require.New and assert.New syntax
3 years ago
freddygv ed6076db26 Rename partition-exports to exported-services
3 years ago
R.B. Boyer 1e02460bd1
re-run gofmt on 1.17 (#11579)
3 years ago
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors
3 years ago
Daniel Nephin 7c679c11e6 acl: remove Policy.ID and Policy.Revision
3 years ago
freddygv 43360eb216 Rework acl exports interface
3 years ago
freddygv 0a4ff4bb91 Prefer concrete policyAuthorizer type
3 years ago
freddygv 22bdf279d1 Update NodeRead for partition-exports
3 years ago
Kyle Havlovitz 65c9109396 acl: pass PartitionInfo through ent ACLConfig
3 years ago
Kyle Havlovitz d03f849e49 acl: Expand ServiceRead logic to look at service-exports for cross-partition
3 years ago
Daniel Nephin 8e9773e20b acl: remove ACL.GetPolicy endpoint and resolve legacy acls
3 years ago
Daniel Nephin cd4e70b34c acl: fix default authorizer for down_policy
3 years ago
R.B. Boyer ca73abdea1
acl: fix intention:*:write checks (#11061)
3 years ago
Kyle Havlovitz a20ba21e29 acl: rename merge context update() -> fill()
3 years ago
Kyle Havlovitz a14950025a
Merge pull request #10984 from hashicorp/mesh-resource
3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983)
3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource
3 years ago
Daniel Nephin 5b2e5882b4 acl: move check for Intention.DestinationName into Authorizer
3 years ago
Daniel Nephin a10283a313 acl: remove t.Parallel
4 years ago
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099)
4 years ago
Warren 40f080576e
Small typo in docstring (#8280)
4 years ago
Matt Keeler 51c3a605ad
Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc
5 years ago
Matt Keeler 1dba94311a
Add helper for generating better permission denied errors
5 years ago
Daniel Nephin 068b43df90 Enable gofmt simplify
5 years ago
Jono Sosulska c554ba9e10
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
5 years ago
Freddy cb77fc6d01
Add managed service provider token (#7218)
5 years ago
Matt Keeler 8bd34e126f
Intentions ACL enforcement updates (#7028)
5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup
5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext
5 years ago
Matt Keeler 8f0ab0129e
Miscellaneous Fixes (#6896)
5 years ago
Matt Keeler deb91f3d3c
[Feature] API: Add a internal endpoint to query for ACL authori… (#6888)
5 years ago