github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
consul/agent/structs
History
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620) 
* ACL Authorizer overhaul

To account for upcoming features every Authorization function can now take an extra *acl.EnterpriseAuthorizerContext. These are unused in OSS and will always be nil.

Additionally the acl package has received some thorough refactoring to enable all of the extra Consul Enterprise specific authorizations including moving sentinel enforcement into the stubbed structs. The Authorizer funcs now return an acl.EnforcementDecision instead of a boolean. This improves the overall interface as it makes multiple Authorizers easily chainable as they now indicate whether they had an authoritative decision or should use some other defaults. A ChainedAuthorizer was added to handle this Authorizer enforcement chain and will never itself return a non-authoritative decision.

* Include stub for extra enterprise rules in the global management policy

* Allow for an upgrade of the global-management policy
 		2019-10-15 16:58:50 -04:00
..
acl.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
acl_cache.go acl: adding support for kubernetes auth provider login (#5600) 2019-04-26 14:49:25 -05:00
acl_cache_test.go acl: adding support for kubernetes auth provider login (#5600) 2019-04-26 14:49:25 -05:00
acl_legacy.go acl: ACL Tokens can now be assigned an optional set of service identities (#5390) 2019-04-26 14:48:04 -05:00
acl_legacy_test.go New ACLs (#4791) 2018-10-19 12:04:07 -04:00
acl_oss.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
acl_test.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
auto_encrypt.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
catalog.go agent: remove ConnectProxyServiceName 2018-06-14 09:41:49 -07:00
check_definition.go Checks to passing/critical only after reaching a consecutive success/failure threshold (#5739) 2019-10-14 21:49:49 +01:00
check_definition_test.go agent: fix formatting 2018-11-07 02:16:03 -08:00
check_type.go Checks to passing/critical only after reaching a consecutive success/failure threshold (#5739) 2019-10-14 21:49:49 +01:00
config_entry.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
config_entry_discoverychain.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
config_entry_discoverychain_test.go ACL Authorizer overhaul (#6620) 2019-10-15 16:58:50 -04:00
config_entry_test.go connect: introduce ExternalSNI field on service-defaults (#6324) 2019-08-19 12:19:44 -05:00
connect.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
connect_ca.go connect: connect CA Roots in secondary datacenters should use a SigningKeyID derived from their local intermediate (#6513) 2019-09-26 11:54:14 -05:00
connect_ca_test.go connect: tame thundering herd of CSRs on CA rotation (#5228) 2019-01-22 17:19:36 +00:00
connect_proxy_config.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
connect_proxy_config_test.go connect: reconcile how upstream configuration works with discovery chains (#6225) 2019-08-01 22:03:34 -05:00
discovery_chain.go connect: ensure time.Duration fields retain their human readable forms in the API (#6348) 2019-08-19 15:31:05 -05:00
errors.go Distinguish between DC not existing and not being available (#6399) 2019-09-03 09:46:24 -06:00
intention.go Include a content hash of the intention for use during replication 2019-07-01 16:28:30 -04:00
intention_test.go agent/consul: set precedence value on struct itself 2018-06-25 12:24:16 -07:00
operator.go Move autopilot to a standalone package 2017-12-11 16:45:33 -08:00
prepared_query.go Improve Connect with Prepared Queries (#5291) 2019-02-04 09:36:51 -05:00
prepared_query_test.go agent: move agent/consul/structs to agent/structs 2017-08-09 14:32:12 +02:00
protobuf_compat.go Expand the QueryOptions and QueryMeta interfaces (#6545) 2019-09-26 09:55:02 -04:00
sanitize_oss.go Update to use a consulent build tag instead of just ent (#5759) 2019-05-01 11:11:27 -04:00
service_definition.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
service_definition_test.go connect: remove managed proxies (#6220) 2019-08-09 15:19:30 -04:00
snapshot.go agent: move agent/consul/structs to agent/structs 2017-08-09 14:32:12 +02:00
structs.go Expand the QueryOptions and QueryMeta interfaces (#6545) 2019-09-26 09:55:02 -04:00
structs_filtering_test.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
structs_test.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
testing_catalog.go Expose HTTP-based paths through Connect proxy (#6446) 2019-09-25 20:55:52 -06:00
testing_connect_proxy_config.go Add -sidecar-for and new /agent/service/:service_id endpoint (#4691) 2018-10-10 16:55:34 +01:00
testing_intention.go agent: use testing intention to get valid intentions 2018-06-14 09:41:43 -07:00
testing_service_definition.go Add Proxy Upstreams to Service Definition (#4639) 2018-10-10 16:55:34 +01:00
txn.go txn: update existing txn api docs with new operations 2019-01-15 16:54:07 -08:00