Commit graph

21 commits

Author SHA1 Message Date
hashicorp-copywrite[bot] 005636afa0 [COMPLIANCE] Add Copyright and License Headers 2023-04-10 15:36:59 +00:00
James Rasell 8295d0e516
acl: add validation to binding rule selector on upsert. (#16210)
* acl: add validation to binding rule selector on upsert.

* docs: add more information on binding rule selector escaping.
2023-02-17 15:38:55 +01:00
Seth Hoenig cd75858f4a
api: purge testify and pretty dependencies (#15627)
* api: swap testify for test (acl)

* api: swap testify for test (agent)

 Please enter the commit message for your changes. Lines starting

* api: swap testify for test (allocations)

* api: swap testify for test (api)

* api: swap testify for test (compose)

* api: swap testify for test (constraint)

* api: swap testify for test (consul)

* api: swap testify for test (csi)

* api: swap testify for test (evaluations)

* api: swap testify for test (event stream)

* api: swap testify for test (fs)

* api: swap testify for test (ioutil)

* api: swap testify for test (jobs)

* api: swap testify for test (keyring)

* api: swap testify for test (operator_ent)

* api: swap testify for test (operator_metrics)

* api: swap testify for test (operator)

* api: swap testify for test (quota)

* api: swap testify for test (resources)

* api: swap testify for test (fix operator_metrics)

* api: swap testify for test (scaling)

* api: swap testify for test (search)

* api: swap testify for test (sentinel)

* api: swap testify for test (services)

* api: swap testify for test (status)

* api: swap testify for test (system)

* api: swap testify for test (tasks)

* api: swap testify for test (utils)

* api: swap testify for test (variables)

* api: remove dependencies on testify and pretty
2023-01-01 12:57:26 -06:00
James Rasell 95c9ffa505
ACL: add ACL binding rule RPC and HTTP API handlers. (#15529)
This change add the RPC ACL binding rule handlers. These handlers
are responsible for the creation, updating, reading, and deletion
of binding rules.

The write handlers are feature gated so that they can only be used
when all federated servers are running the required version.

The HTTP API handlers and API SDK have also been added where
required. This allows the endpoints to be called from the API by users
and clients.
2022-12-15 09:18:55 +01:00
Piotr Kazmierczak 0eccd3286c
acl: sso auth methods RPC/API/CLI should return created or updated objects (#15410)
Currently CRUD code that operates on SSO auth methods does not return created or updated object upon creation/update. This is bad UX and inconsistent behavior compared to other ACL objects like roles, policies or tokens.

This PR fixes it.

Relates to #13120
2022-11-29 07:36:36 +01:00
James Rasell 726d419da1
acl: replicate auth-methods from federated cluster leaders. (#15366) 2022-11-28 09:20:24 +01:00
James Rasell 32dfa431f3
sso: add ACL auth-method HTTP API CRUD endpoints (#15338)
* core: remove custom auth-method TTLS and use ACL token TTLS.

* agent: add ACL auth-method HTTP endpoints for CRUD actions.

* api: add ACL auth-method client.
2022-11-23 09:38:02 +01:00
James Rasell 1f877bac1c
acl: fix encoding expiration time in ACL token list API. (#14542) 2022-09-12 15:50:35 +02:00
James Rasell 7a0798663d
acl: fix a bug where roles could be duplicated by name.
An ACL roles name must be unique, however, a bug meant multiple
roles of the same same could be created. This fixes that problem
with checks in the RPC handler and state store.
2022-08-25 09:20:43 +01:00
James Rasell f5d8cb2d90
api: add ACL role linking to ACL tokens. 2022-08-17 14:45:32 +01:00
James Rasell 8724974683
api: add ACL Role API implementation for CRUD actions. 2022-08-11 08:44:37 +01:00
James Rasell f6d12a3c00
acl: enable configuration and visualisation of token expiration for users (#13846)
* api: add ACL token expiry params to HTTP API

* cli: allow setting and displaying ACL token expiry
2022-07-20 10:06:23 +02:00
Lance Haig 4bf27d743d
Allow Operator Generated bootstrap token (#12520) 2022-06-03 07:37:24 -04:00
Seth Hoenig 3943dd1e16 ci: use serial testing for api in CI
This is a followup to running tests in serial in CI.
Since the API package cannot import anything outside of api/,
copy the ci.Parallel function into api/internal/testutil, and
have api tests use that.
2022-03-17 08:35:01 -05:00
Tim Gross 75878f978e HTTP API support for 'nomad ui -login'
Endpoints for requesting and exchanging one-time tokens via the HTTP
API. Includes documentation updates.
2021-03-10 08:17:56 -05:00
Alex Dadgar dd3920d681 Self token lookup 2017-10-13 13:12:20 -07:00
Armon Dadgar d49bc49274 api: full CRUD for ACL token API 2017-09-04 13:09:34 -07:00
Armon Dadgar 4512094058 api: support token listing 2017-09-04 13:09:34 -07:00
Armon Dadgar 1e9f19ef40 api: support querying policies 2017-09-04 13:09:34 -07:00
Armon Dadgar 41249d9b6a api: support policy delete 2017-09-04 13:09:34 -07:00
Armon Dadgar 147471ffbf api: Adding support for ACL tokens 2017-09-04 13:09:34 -07:00