luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Rename config entry ACL methods

This commit is contained in:
Kyle Havlovitz 2019-04-22 23:55:11 -07:00
parent 2cffe4894f
commit e64d1b8016
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
agent/consul/config_endpoint.go
View File

@ -36,7 +36,7 @@ func (c *ConfigEntry) Apply(args *structs.ConfigEntryRequest, reply *struct{}) e
if err != nil {
return err
}
if rule != nil && !args.Entry.VerifyWriteACL(rule) {
if rule != nil && !args.Entry.CanWrite(rule) {
return acl.ErrPermissionDenied
}
@ -69,7 +69,7 @@ func (c *ConfigEntry) Get(args *structs.ConfigEntryQuery, reply *structs.Indexed
if err != nil {
return err
}
if rule != nil && !lookupEntry.VerifyReadACL(rule) {
if rule != nil && !lookupEntry.CanRead(rule) {
return acl.ErrPermissionDenied
}
@ -119,7 +119,7 @@ func (c *ConfigEntry) List(args *structs.ConfigEntryQuery, reply *structs.Indexe
// Filter the entries returned by ACL permissions.
filteredEntries := make([]structs.ConfigEntry, 0, len(entries))
for _, entry := range entries {
if rule != nil && !entry.VerifyReadACL(rule) {
if rule != nil && !entry.CanRead(rule) {
continue
}
filteredEntries = append(filteredEntries, entry)
@ -149,7 +149,7 @@ func (c *ConfigEntry) Delete(args *structs.ConfigEntryRequest, reply *struct{})
if err != nil {
return err
}
if rule != nil && !args.Entry.VerifyWriteACL(rule) {
if rule != nil && !args.Entry.CanWrite(rule) {
return acl.ErrPermissionDenied
}

14
agent/structs/config_entry.go
View File

@ -26,10 +26,10 @@ type ConfigEntry interface {
Normalize() error
Validate() error
// VerifyReadACL and VerifyWriteACL return whether or not the given Authorizer
// CanRead and CanWrite return whether or not the given Authorizer
// has permission to read or write to the config entry, respectively.
VerifyReadACL(acl.Authorizer) bool
VerifyWriteACL(acl.Authorizer) bool
CanRead(acl.Authorizer) bool
CanWrite(acl.Authorizer) bool
GetRaftIndex() *RaftIndex
}
@ -76,11 +76,11 @@ func (e *ServiceConfigEntry) Validate() error {
return nil
}
func (e *ServiceConfigEntry) VerifyReadACL(rule acl.Authorizer) bool {
func (e *ServiceConfigEntry) CanRead(rule acl.Authorizer) bool {
return rule.ServiceRead(e.Name)
}
func (e *ServiceConfigEntry) VerifyWriteACL(rule acl.Authorizer) bool {
func (e *ServiceConfigEntry) CanWrite(rule acl.Authorizer) bool {
return rule.ServiceWrite(e.Name, nil)
}
@ -140,11 +140,11 @@ func (e *ProxyConfigEntry) Validate() error {
return nil
}
func (e *ProxyConfigEntry) VerifyReadACL(rule acl.Authorizer) bool {
func (e *ProxyConfigEntry) CanRead(rule acl.Authorizer) bool {
return true
}
func (e *ProxyConfigEntry) VerifyWriteACL(rule acl.Authorizer) bool {
func (e *ProxyConfigEntry) CanWrite(rule acl.Authorizer) bool {
return rule.OperatorWrite()
}