Commit Graph

123 Commits (aaf63f63735fa64f32b4c20e073e8ff516368f31)

Author SHA1 Message Date
Dan Upton a37a441991
server: wire up in-process Resource Service (#16978)
2 years ago
Ronald 4b2137c2fa
Add copyright headers for acl, api and bench folders (#16706)
2 years ago
skpratt db2bd404bf
Synthesize anonymous token pre-bootstrap when needed (#16200)
2 years ago
skpratt 6f0b226b0d
ACL error improvements: incomplete bootstrapping and non-existent token (#16105)
2 years ago
skpratt 9199e99e21
Update token language to distinguish Accessor and Secret ID usage (#16044)
2 years ago
skpratt a010902978
Remove legacy acl policies (#15922)
2 years ago
skpratt ad43846755
Remove legacy acl tokens (#15947)
2 years ago
Thomas Eckert 13da1a5285
Native API Gateway Config Entries (#15897)
2 years ago
Chris S. Kim a7b34d50fc
Output user-friendly name for anonymous token (#15884)
2 years ago
Dhia Ayachi f04f88e4b9
add missing code and fix enterprise specific code (#15375)
2 years ago
Dhia Ayachi 225ae55e83
Leadership transfer cmd (#14132)
2 years ago
Freddy c58f86a00f
Fixup authz for data imported from peers (#15347)
2 years ago
malizz b51f0e25e9
update ACLs for cluster peering (#15317)
2 years ago
Chris S. Kim bde57c0dd0 Regenerate files according to 1.19.2 formatter
2 years ago
freddygv bf51021c07 Use split wildcard partition name
2 years ago
freddygv b544ce6485 Add ACL enforcement to peering endpoints
2 years ago
Freddy f99df57840
[OSS] Add new peering ACL rule (#13848)
2 years ago
Matt Keeler 5105835cb2
Allow the /v1/internal/acl/authorize endpoint to authorize the “peering” resource (#13646)
2 years ago
Dan Upton e00e3a0bc3
Move ACLResolveResult into acl/resolver package (#13467)
2 years ago
Chris S. Kim bb832e2bba
Add SourcePeer fields to relevant Intentions types (#13390)
3 years ago
freddygv 647c57a416 Add agent cache-type for TrustBundleListByService
3 years ago
Freddy 4e215dc411
[OSS] Add upsert handling for receiving CheckServiceNode (#13061)
3 years ago
Dan Upton a668c36930
acl: gRPC login and logout endpoints (#12935)
3 years ago
R.B. Boyer f507f62f3c
peering: initial sync (#12842)
3 years ago
Mark Anderson 897ba08cfd add new entmeta stuff.
3 years ago
R.B. Boyer d06183ba7f
syncing changes back from enterprise (#12701)
3 years ago
Mark Anderson 667fac8db1
Fixups for error messages from ACL Errors (#12620)
3 years ago
Riddhi Shah 95362cc5ea ACL pkg updates to support Agentless RPCs
3 years ago
Mark Anderson fa63aed1fa
Add source of authority annotations to the PermissionDeniedError output. (#12567)
3 years ago
Mark Anderson aaefe15613
Bulk acl message fixup oss (#12470)
3 years ago
Mark Anderson 1a16f7ee70 Refactor to make ACL errors more structured. (#12308)
3 years ago
R.B. Boyer b60d89e7ef bulk rewrite using this script
3 years ago
R.B. Boyer 31f6f55bbe test: normalize require.New and assert.New syntax
3 years ago
freddygv ed6076db26 Rename partition-exports to exported-services
3 years ago
R.B. Boyer 1e02460bd1
re-run gofmt on 1.17 (#11579)
3 years ago
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors
3 years ago
Daniel Nephin 7c679c11e6 acl: remove Policy.ID and Policy.Revision
3 years ago
freddygv 43360eb216 Rework acl exports interface
3 years ago
freddygv 0a4ff4bb91 Prefer concrete policyAuthorizer type
3 years ago
freddygv 22bdf279d1 Update NodeRead for partition-exports
3 years ago
Kyle Havlovitz 65c9109396 acl: pass PartitionInfo through ent ACLConfig
3 years ago
Kyle Havlovitz d03f849e49 acl: Expand ServiceRead logic to look at service-exports for cross-partition
3 years ago
Daniel Nephin 8e9773e20b acl: remove ACL.GetPolicy endpoint and resolve legacy acls
3 years ago
Daniel Nephin cd4e70b34c acl: fix default authorizer for down_policy
3 years ago
R.B. Boyer ca73abdea1
acl: fix intention:*:write checks (#11061)
3 years ago
Kyle Havlovitz a20ba21e29 acl: rename merge context update() -> fill()
3 years ago
Kyle Havlovitz a14950025a
Merge pull request #10984 from hashicorp/mesh-resource
3 years ago
Dhia Ayachi bc0e4f2f46
partition dicovery chains (#10983)
3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource
3 years ago
Daniel Nephin 5b2e5882b4 acl: move check for Intention.DestinationName into Authorizer
3 years ago