Commit Graph

90 Commits (1eb31784687b92f9c80aea37614b2a9dffe6870a)

Author SHA1 Message Date
freddygv ed6076db26 Rename partition-exports to exported-services
3 years ago
R.B. Boyer 1e02460bd1
re-run gofmt on 1.17 (#11579)
3 years ago
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors
3 years ago
Daniel Nephin 7c679c11e6 acl: remove Policy.ID and Policy.Revision
3 years ago
freddygv 43360eb216 Rework acl exports interface
3 years ago
freddygv 0a4ff4bb91 Prefer concrete policyAuthorizer type
3 years ago
freddygv 22bdf279d1 Update NodeRead for partition-exports
3 years ago
Kyle Havlovitz 65c9109396 acl: pass PartitionInfo through ent ACLConfig
3 years ago
Kyle Havlovitz d03f849e49 acl: Expand ServiceRead logic to look at service-exports for cross-partition
3 years ago
Daniel Nephin 8e9773e20b acl: remove ACL.GetPolicy endpoint and resolve legacy acls
3 years ago
Daniel Nephin cd4e70b34c acl: fix default authorizer for down_policy
3 years ago
R.B. Boyer ca73abdea1
acl: fix intention:*:write checks (#11061)
3 years ago
Kyle Havlovitz a20ba21e29 acl: rename merge context update() -> fill()
3 years ago
Kyle Havlovitz a14950025a
Merge pull request #10984 from hashicorp/mesh-resource
3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983)
3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource
3 years ago
Daniel Nephin 5b2e5882b4 acl: move check for Intention.DestinationName into Authorizer
3 years ago
Daniel Nephin a10283a313 acl: remove t.Parallel
4 years ago
R.B. Boyer 6ba776b4f3
agent: protect the ui metrics proxy endpoint behind ACLs (#9099)
4 years ago
Warren 40f080576e
Small typo in docstring (#8280)
4 years ago
Matt Keeler 51c3a605ad
Merge pull request #8035 from hashicorp/feature/auto-config/server-rpc
5 years ago
Matt Keeler 1dba94311a
Add helper for generating better permission denied errors
5 years ago
Daniel Nephin 068b43df90 Enable gofmt simplify
5 years ago
Jono Sosulska c554ba9e10
Replace whitelist/blacklist terminology with allowlist/denylist (#7971)
5 years ago
Freddy cb77fc6d01
Add managed service provider token (#7218)
5 years ago
Matt Keeler 8bd34e126f
Intentions ACL enforcement updates (#7028)
5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup
5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext
5 years ago
Matt Keeler 8f0ab0129e
Miscellaneous Fixes (#6896)
5 years ago
Matt Keeler deb91f3d3c
[Feature] API: Add a internal endpoint to query for ACL authori… (#6888)
5 years ago
Matt Keeler 79f78632e1
Update the ACL Resolver to allow for Consul Enterprise specific hooks. (#6687)
5 years ago
Matt Keeler e4ea9b0a96
Updates to allow for Namespacing ACL resources in Consul Enterp… (#6675)
5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620)
5 years ago
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t
6 years ago
Matt Keeler f88d1ccc36
Handle rules translation when coming from the JSON compat HCL (#5662)
6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791)
6 years ago
Matt Keeler fbb1a7a52b Rewrite all of acl_test.go
6 years ago
Matt Keeler 883c5dd001 Fix ACL enforcement
6 years ago
Mitchell Hashimoto 5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow
7 years ago
Mitchell Hashimoto ac72a0c5fd
agent: ACL checks for authorize, default behavior
7 years ago
Mitchell Hashimoto a621afe72c
agent/consul: convert intention ACLs to testify/assert
7 years ago
Mitchell Hashimoto 193f93107a
acl: implement IntentionRead/Write methods on ACL interface
7 years ago
Mitchell Hashimoto 437cc76af5
acl: parsing intentions in service block
7 years ago
Josh Soref 94835a2715 Spelling (#3958)
7 years ago
James Phillips 575d70aaa7
Cleans up some drift between the OSS and Enterprise trees.
7 years ago
Preetha Appan 26accb3b8a Only allow 'list' policies within 'key' policy definitions. Consolidated two similar tests into one and fixed alignment.
7 years ago
Preetha Appan 51a04ec87d Introduces new 'list' permission that applies to KV store recursive reads, and enforced only when opted in.
7 years ago
Preetha Appan d7e27e67c1 Introduce Code Policy validation via sentinel, with a noop implementation
7 years ago
Frank Schröder a3934c263c acl: consolidate error handling (#3401)
7 years ago
游远 ffcd2b1fc8 fix UnitTest in acl
7 years ago