15 Commits (358c35ef708567032f8bdcc216db95dff6d5b71b)

Author SHA1 Message Date
skpratt 6f0b226b0d
ACL error improvements: incomplete bootstrapping and non-existent token (#16105) 2 years ago
skpratt ad43846755
Remove legacy acl tokens (#15947) 2 years ago
Thomas Eckert 13da1a5285
Native API Gateway Config Entries (#15897) 2 years ago
Chris S. Kim a7b34d50fc
Output user-friendly name for anonymous token (#15884) 2 years ago
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter 2 years ago
Mark Anderson 667fac8db1
Fixups for error messages from ACL Errors (#12620) 3 years ago
Mark Anderson fa63aed1fa
Add source of authority annotations to the PermissionDeniedError output. (#12567) 3 years ago
Mark Anderson aaefe15613
Bulk acl message fixup oss (#12470) 3 years ago
Mark Anderson 1a16f7ee70 Refactor to make ACL errors more structured. (#12308) 3 years ago
Matt Keeler 1dba94311a
Add helper for generating better permission denied errors 5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup 5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620) 5 years ago
Jack Pearkes 36ebca1fd0 Fix to prevent allowing recursive KV deletions when we shouldn’t 6 years ago
Matt Keeler 18b29c45c4
New ACLs (#4791) 6 years ago
Matt Keeler 883c5dd001 Fix ACL enforcement 6 years ago
Mitchell Hashimoto 5a47a53c70
acl: IntentionDefault => IntentionDefaultAllow 7 years ago
Mitchell Hashimoto ac72a0c5fd
agent: ACL checks for authorize, default behavior 7 years ago
Mitchell Hashimoto 193f93107a
acl: implement IntentionRead/Write methods on ACL interface 7 years ago
Josh Soref 94835a2715 Spelling (#3958) 7 years ago
James Phillips 575d70aaa7
Cleans up some drift between the OSS and Enterprise trees. 7 years ago
Preetha Appan 51a04ec87d Introduces new 'list' permission that applies to KV store recursive reads, and enforced only when opted in. 7 years ago
Preetha Appan d7e27e67c1 Introduce Code Policy validation via sentinel, with a noop implementation 7 years ago
James Phillips 022baeea13
Adds support to the ACL package for agent policies. 8 years ago
James Phillips 60d4322c49
Adds support to ACL package for session policies. 8 years ago
James Phillips 7fa4ab3fd1
Adds support to ACL package for node policies. 8 years ago
James Phillips 9b4f316b21
Sorts all the ACl policy handlers for easier navigation (no functional changes). 8 years ago
James Phillips c01a3871c9 Adds support for snapshots and restores. (#2396) 8 years ago
James Phillips e5850d8a26
Adds new consul operator endpoint, CLI, and ACL and some basic Raft commands. 8 years ago
James Phillips 67de77482e Creates new "prepared-query" ACL type and new token capture behavior. 9 years ago
James Phillips ce0881a99a Adds a new management ACL for prepared queries. 9 years ago
Dale Wijnand 5a28ebcaa3 Fix a bunch of typos. 9 years ago
Ryan Uber 7e50a457d9 acl: allow omitting keyring policy, add tests 10 years ago
Ryan Uber 47a33e3f1a acl: keyring policy uses a flat string 10 years ago
Ryan Uber 1b8051a783 acl: initial pass at keyring ACLs 10 years ago
Ryan Uber 0c624350eb acl: support for user events 10 years ago
Maciej Bryński 11425734d5 Consul prefix services ACLs 10 years ago
Armon Dadgar 8ff08819c8 acl: Expose service policy checks 10 years ago
Armon Dadgar 705c6cdb86 acl: Support checking write permissions on a prefix 10 years ago
Armon Dadgar 78580a733e acl: Avoid infinite recursion... 10 years ago
Armon Dadgar c2153843c6 acl: Support ACL checks, adding new root policy 10 years ago
Armon Dadgar 5c0da3a4d7 acl: Simplify parent ACL, adding root policies 10 years ago
Armon Dadgar 468c8c3013 acl: Use only a single Radix tree per ACL 10 years ago
Armon Dadgar 7a1d778474 acl: First pass 10 years ago