acl: add some notes about removing legacy ACL system
This commit is contained in:
parent
e4c6bee7e6
commit
4f54d9708c
|
@ -178,7 +178,7 @@ func (a *ACL) aclPreCheck() error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Bootstrap is used to perform a one-time ACL bootstrap operation on
|
// BootstrapTokens is used to perform a one-time ACL bootstrap operation on
|
||||||
// a cluster to get the first management token.
|
// a cluster to get the first management token.
|
||||||
func (a *ACL) BootstrapTokens(args *structs.DCSpecificRequest, reply *structs.ACLToken) error {
|
func (a *ACL) BootstrapTokens(args *structs.DCSpecificRequest, reply *structs.ACLToken) error {
|
||||||
if err := a.aclPreCheck(); err != nil {
|
if err := a.aclPreCheck(); err != nil {
|
||||||
|
|
|
@ -563,6 +563,7 @@ func fixupRolePolicyLinks(tx ReadTxn, original *structs.ACLRole) (*structs.ACLRo
|
||||||
}
|
}
|
||||||
|
|
||||||
// ACLTokenSet is used to insert an ACL rule into the state store.
|
// ACLTokenSet is used to insert an ACL rule into the state store.
|
||||||
|
// Deprecated (ACL-Legacy-Compat)
|
||||||
func (s *Store) ACLTokenSet(idx uint64, token *structs.ACLToken, legacy bool) error {
|
func (s *Store) ACLTokenSet(idx uint64, token *structs.ACLToken, legacy bool) error {
|
||||||
tx := s.db.WriteTxn(idx)
|
tx := s.db.WriteTxn(idx)
|
||||||
defer tx.Abort()
|
defer tx.Abort()
|
||||||
|
@ -959,6 +960,7 @@ func (s *Store) expiresIndexName(local bool) string {
|
||||||
|
|
||||||
// ACLTokenDeleteBySecret is used to remove an existing ACL from the state store. If
|
// ACLTokenDeleteBySecret is used to remove an existing ACL from the state store. If
|
||||||
// the ACL does not exist this is a no-op and no error is returned.
|
// the ACL does not exist this is a no-op and no error is returned.
|
||||||
|
// Deprecated (ACL-Legacy-Compat)
|
||||||
func (s *Store) ACLTokenDeleteBySecret(idx uint64, secret string, entMeta *structs.EnterpriseMeta) error {
|
func (s *Store) ACLTokenDeleteBySecret(idx uint64, secret string, entMeta *structs.EnterpriseMeta) error {
|
||||||
return s.aclTokenDelete(idx, secret, "id", entMeta)
|
return s.aclTokenDelete(idx, secret, "id", entMeta)
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,12 +2,6 @@ package agent
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
registerEndpoint("/v1/acl/bootstrap", []string{"PUT"}, (*HTTPHandlers).ACLBootstrap)
|
registerEndpoint("/v1/acl/bootstrap", []string{"PUT"}, (*HTTPHandlers).ACLBootstrap)
|
||||||
registerEndpoint("/v1/acl/create", []string{"PUT"}, (*HTTPHandlers).ACLCreate)
|
|
||||||
registerEndpoint("/v1/acl/update", []string{"PUT"}, (*HTTPHandlers).ACLUpdate)
|
|
||||||
registerEndpoint("/v1/acl/destroy/", []string{"PUT"}, (*HTTPHandlers).ACLDestroy)
|
|
||||||
registerEndpoint("/v1/acl/info/", []string{"GET"}, (*HTTPHandlers).ACLGet)
|
|
||||||
registerEndpoint("/v1/acl/clone/", []string{"PUT"}, (*HTTPHandlers).ACLClone)
|
|
||||||
registerEndpoint("/v1/acl/list", []string{"GET"}, (*HTTPHandlers).ACLList)
|
|
||||||
registerEndpoint("/v1/acl/login", []string{"POST"}, (*HTTPHandlers).ACLLogin)
|
registerEndpoint("/v1/acl/login", []string{"POST"}, (*HTTPHandlers).ACLLogin)
|
||||||
registerEndpoint("/v1/acl/logout", []string{"POST"}, (*HTTPHandlers).ACLLogout)
|
registerEndpoint("/v1/acl/logout", []string{"POST"}, (*HTTPHandlers).ACLLogout)
|
||||||
registerEndpoint("/v1/acl/replication", []string{"GET"}, (*HTTPHandlers).ACLReplicationStatus)
|
registerEndpoint("/v1/acl/replication", []string{"GET"}, (*HTTPHandlers).ACLReplicationStatus)
|
||||||
|
@ -124,4 +118,12 @@ func init() {
|
||||||
registerEndpoint("/v1/status/peers", []string{"GET"}, (*HTTPHandlers).StatusPeers)
|
registerEndpoint("/v1/status/peers", []string{"GET"}, (*HTTPHandlers).StatusPeers)
|
||||||
registerEndpoint("/v1/snapshot", []string{"GET", "PUT"}, (*HTTPHandlers).Snapshot)
|
registerEndpoint("/v1/snapshot", []string{"GET", "PUT"}, (*HTTPHandlers).Snapshot)
|
||||||
registerEndpoint("/v1/txn", []string{"PUT"}, (*HTTPHandlers).Txn)
|
registerEndpoint("/v1/txn", []string{"PUT"}, (*HTTPHandlers).Txn)
|
||||||
|
|
||||||
|
// Deprecated ACL endpoints, they do nothing but return an error
|
||||||
|
registerEndpoint("/v1/acl/create", []string{"PUT"}, (*HTTPHandlers).ACLCreate)
|
||||||
|
registerEndpoint("/v1/acl/update", []string{"PUT"}, (*HTTPHandlers).ACLUpdate)
|
||||||
|
registerEndpoint("/v1/acl/destroy/", []string{"PUT"}, (*HTTPHandlers).ACLDestroy)
|
||||||
|
registerEndpoint("/v1/acl/info/", []string{"GET"}, (*HTTPHandlers).ACLGet)
|
||||||
|
registerEndpoint("/v1/acl/clone/", []string{"PUT"}, (*HTTPHandlers).ACLClone)
|
||||||
|
registerEndpoint("/v1/acl/list", []string{"GET"}, (*HTTPHandlers).ACLList)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue