open-consul/agent/consul
Freddy f7eeffb98d
Use anonymousToken when querying by secret ID (#11813)
Co-authored-by: Chris S. Kim <ckim@hashicorp.com>
Co-authored-by: Dan Upton <daniel@floppy.co>

This query has been incorrectly querying by accessor ID since New ACLs
were added. However, the legacy token compat allowed this to continue to
work, since it made a fallback query for the anonymousToken ID.

PR #11184 removed this legacy token query, which means that the query by
accessor ID is now the only check for the anonymous token's existence.

This PR updates the GetBySecret call to use the secret ID of the token.
2021-12-13 10:56:09 -07:00
..
authmethod testing: remove unnecessary calls to freeport 2021-11-29 12:19:43 -05:00
discoverychain Remove support for failover to partition 2021-12-06 12:32:24 -07:00
fsm Merge pull request #11721 from hashicorp/dnephin/ca-export-fsm-operation 2021-12-08 17:49:00 -05:00
prepared_query various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
state various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
stream state: adjust streaming event generation to account for partitioned nodes (#10860) 2021-08-17 16:49:26 -05:00
testdata
usagemetrics Rename partition-exports to exported-services 2021-12-03 17:47:31 -07:00
wanfed grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
acl.go various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
acl_authmethod.go
acl_authmethod_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_authmethod_test.go
acl_client.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_endpoint_legacy.go acl: remove most of the rest of structs/acl_legacy.go 2021-10-25 17:20:06 -04:00
acl_endpoint_oss.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
acl_oss.go various partition related todos (#11822) 2021-12-13 11:43:33 -06:00
acl_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_replication.go acl: remove legacy ACL replication 2021-09-03 12:42:06 -04:00
acl_replication_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
acl_replication_types.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
acl_server.go rename helper method to reflect the non-deprecated terminology (#11509) 2021-11-05 13:51:50 -05:00
acl_server_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
acl_test.go agent/token: rename `agent_master` to `agent_recovery` (internally) (#11744) 2021-12-07 12:12:47 +00:00
acl_token_exp.go rename helper method to reflect the non-deprecated terminology (#11509) 2021-11-05 13:51:50 -05:00
acl_token_exp_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
auto_config_backend.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_backend_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_endpoint.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_config_endpoint_test.go auto-config: ensure the feature works properly with partitions (#11699) 2021-12-01 13:32:34 -06:00
auto_encrypt_endpoint.go rpc: remove unnecessary arg to ForwardRPC 2021-05-06 13:30:07 -04:00
auto_encrypt_endpoint_test.go server: remove defaulting of PrimaryDatacenter 2021-08-06 18:45:24 -04:00
autopilot.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
autopilot_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
autopilot_test.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
catalog_endpoint.go Godocs updates for catalog endpoints (#11716) 2021-12-07 10:18:28 -05:00
catalog_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
client.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
client_serf.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
client_test.go testing: use the new freeport interfaces 2021-11-27 15:39:46 -05:00
cluster_test.go
config.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
config_endpoint.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_replication.go Clean up additional refs to partition exports 2021-12-04 15:16:40 -07:00
config_replication_test.go Move ent config test to ent file 2021-11-29 12:15:17 -07:00
config_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
connect_ca_endpoint.go Use stored entmeta to fill authzContext 2021-10-14 08:57:40 -06:00
connect_ca_endpoint_test.go ca: remove duplicate WaitFor function 2021-12-08 18:42:52 -05:00
coordinate_endpoint.go acl: Fill authzContext from token in Coordinate endpoints (#11688) 2021-11-30 13:17:41 -05:00
coordinate_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
discovery_chain_endpoint.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
discovery_chain_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
enterprise_client_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
enterprise_config_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
enterprise_server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
enterprise_server_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
federation_state_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
federation_state_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
federation_state_replication.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
federation_state_replication_test.go
filter.go acl: some acl authz refactors for nodes (#10909) 2021-08-25 13:43:11 -05:00
filter_test.go acl: remove id and revision from Policy constructors 2021-11-05 15:45:08 -04:00
flood.go
gateway_locator.go
gateway_locator_test.go
health_endpoint.go health: support `ResultsFilteredByACLs` flag/header (#11602) 2021-12-03 17:31:32 +00:00
health_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
helper_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
intention_endpoint.go intention: support `ResultsFilteredByACLs` flag/header (#11612) 2021-12-03 20:35:54 +00:00
intention_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
internal_endpoint.go internal: support `ResultsFilteredByACLs` flag/header (#11643) 2021-12-03 23:04:24 +00:00
internal_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
issue_test.go
kvs_endpoint.go kv: support `ResultsFilteredByACLs` in list/list keys (#11593) 2021-12-03 17:31:48 +00:00
kvs_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader.go Use anonymousToken when querying by secret ID (#11813) 2021-12-13 10:56:09 -07:00
leader_connect.go Exit before starting the vip check routine if possible 2021-12-10 14:30:50 -08:00
leader_connect_ca.go ca: fix flakes in RenewIntermediate tests 2021-12-08 18:42:52 -05:00
leader_connect_ca_test.go ca: fix flakes in RenewIntermediate tests 2021-12-08 18:42:52 -05:00
leader_connect_test.go ca: prune some unnecessary lookups in the tests 2021-12-08 18:42:52 -05:00
leader_federation_state_ae.go agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669) 2021-07-22 13:20:45 -05:00
leader_federation_state_ae_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader_intentions.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
leader_intentions_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
leader_intentions_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
leader_metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
leader_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
leader_test.go Use anonymousToken when querying by secret ID (#11813) 2021-12-13 10:56:09 -07:00
logging.go
logging_test.go
merge.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
merge_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_oss_test.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
merge_test.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
operator_autopilot_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
operator_autopilot_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
operator_endpoint.go
operator_raft_endpoint.go acl: use authz consistently as the variable name for an acl.Authorizer 2021-08-17 12:14:10 -04:00
operator_raft_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
options.go grpc: ensure that streaming gRPC requests work over mesh gateway based wan federation (#10838) 2021-08-24 16:28:44 -05:00
options_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
prepared_query_endpoint.go query: support `ResultsFilteredByACLs` in query list endpoint (#11620) 2021-12-03 23:04:09 +00:00
prepared_query_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
raft_rpc.go rpc: authorize raft requests (#10925) 2021-08-26 15:04:32 -07:00
replication.go Refactor of serf feature flag tags. 2021-05-20 12:57:06 -04:00
replication_test.go Move some things around to allow for license updating via config reload 2021-05-25 09:57:50 -04:00
rpc.go rpc: Unset partition before forwarding to remote datacenter (#11758) 2021-12-08 11:02:14 -08:00
rpc_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
rtt.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
rtt_test.go
segment_oss.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
serf_filter.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
serf_test.go
server.go leader: move the virtual IP version check into a goroutine 2021-12-09 17:00:33 -08:00
server_connect.go ca: accept only the cluster ID to SpiffeIDSigningForCluster 2021-11-16 16:57:21 -05:00
server_lookup.go
server_lookup_test.go
server_oss.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
server_register.go connect: update centralized upstreams representation in service-defaults (#10015) 2021-04-15 14:21:44 -05:00
server_serf.go light refactors to support making partitions and serf-based wan federation are mutually exclusive (#11755) 2021-12-06 13:18:02 -06:00
server_test.go test: test server should auto cleanup (#11779) 2021-12-08 13:26:06 -06:00
session_endpoint.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
session_timers.go
session_timers_test.go
session_ttl.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
session_ttl_test.go port oss changes (#11736) 2021-12-03 17:23:55 -05:00
snapshot_endpoint.go Groundwork for exposing when queries are filtered by ACLs (#11569) 2021-12-03 17:11:26 +00:00
snapshot_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
stats_fetcher.go
stats_fetcher_test.go
status_endpoint.go
status_endpoint_test.go ENT to OSS sync (#11703) 2021-12-01 14:56:10 -05:00
subscribe_backend.go grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
subscribe_backend_test.go subscribe: attempt to fix a flaky test 2021-10-27 15:09:09 -04:00
system_metadata.go Handle FSM.Apply errors in raftApply 2021-04-20 13:29:29 -04:00
system_metadata_test.go consul: add virtual IP generation for connect services 2021-12-02 15:42:47 -08:00
txn_endpoint.go txn: support `ResultsFilteredByACLs` flag in `Read` endpoint (#11632) 2021-12-03 20:41:03 +00:00
txn_endpoint_test.go Rename `ACLMasterToken` => `ACLInitialManagementToken` (#11746) 2021-12-07 12:39:28 +00:00
util.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
util_test.go acl: remove legacy ACL upgrades from Server 2021-09-29 15:19:23 -04:00