open-vault/vault/dynamic_system_view.go

package vault

import (
	"time"

	"github.com/hashicorp/vault/logical"
)

type dynamicSystemView struct {
	core       *Core
	mountEntry *MountEntry
}

func (d dynamicSystemView) DefaultLeaseTTL() time.Duration {
	def, _ := d.fetchTTLs()
	return def
}

func (d dynamicSystemView) MaxLeaseTTL() time.Duration {
	_, max := d.fetchTTLs()
	return max
}

func (d dynamicSystemView) SudoPrivilege(path string, token string) bool {
	// Resolve the token policy
	te, err := d.core.tokenStore.Lookup(token)
	if err != nil {
		d.core.logger.Error("core: failed to lookup token", "error", err)
		return false
	}

	// Ensure the token is valid
	if te == nil {
		d.core.logger.Error("entry not found for given token")
		return false
	}

	// Construct the corresponding ACL object
	acl, err := d.core.policyStore.ACL(te.Policies...)
	if err != nil {
		d.core.logger.Error("failed to retrieve ACL for token's policies", "token_policies", te.Policies, "error", err)
		return false
	}

	// The operation type isn't important here as this is run from a path the
	// user has already been given access to; we only care about whether they
	// have sudo
  req := new(logical.Request)
  req.Operation = logical.ReadOperation
  req.Path = path
	_, rootPrivs := acl.AllowOperation(req)
	return rootPrivs
}

// TTLsByPath returns the default and max TTLs corresponding to a particular
// mount point, or the system default
func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {
	def = d.core.defaultLeaseTTL
	max = d.core.maxLeaseTTL

	if d.mountEntry.Config.DefaultLeaseTTL != 0 {
		def = d.mountEntry.Config.DefaultLeaseTTL
	}
	if d.mountEntry.Config.MaxLeaseTTL != 0 {
		max = d.mountEntry.Config.MaxLeaseTTL
	}

	return
}

// Tainted indicates that the mount is in the process of being removed
func (d dynamicSystemView) Tainted() bool {
	return d.mountEntry.Tainted
}

// CachingDisabled indicates whether to use caching behavior
func (d dynamicSystemView) CachingDisabled() bool {
	return d.core.cachingDisabled
}

// Checks if this is a primary Vault instance.
func (d dynamicSystemView) ReplicationState() logical.ReplicationState {
	var state logical.ReplicationState
	d.core.clusterParamsLock.RLock()
	state = d.core.replicationState
	d.core.clusterParamsLock.RUnlock()
	return state
}
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`package vault`

Create more granular ACL capabilities. This commit splits ACL policies into more fine-grained capabilities. This both drastically simplifies the checking code and makes it possible to support needed workflows that are not possible with the previous method. It is backwards compatible; policies containing a "policy" string are simply converted to a set of capabilities matching previous behavior. Fixes #724 (and others). 2016-01-07 20:10:05 +00:00			`import (`
			`"time"`

			`"github.com/hashicorp/vault/logical"`
			`)`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00
			`type dynamicSystemView struct {`
Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`core *Core`
			`mountEntry *MountEntry`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) DefaultLeaseTTL() time.Duration {`
			`def, _ := d.fetchTTLs()`
			`return def`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) MaxLeaseTTL() time.Duration {`
			`_, max := d.fetchTTLs()`
			`return max`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`func (d dynamicSystemView) SudoPrivilege(path string, token string) bool {`
			`// Resolve the token policy`
			`te, err := d.core.tokenStore.Lookup(token)`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`if err != nil {`
Convert to logxi 2016-08-19 20:45:17 +00:00			`d.core.logger.Error("core: failed to lookup token", "error", err)`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`return false`
			`}`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00
			`// Ensure the token is valid`
			`if te == nil {`
Convert to logxi 2016-08-19 20:45:17 +00:00			`d.core.logger.Error("entry not found for given token")`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`return false`
			`}`

			`// Construct the corresponding ACL object`
Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 16:52:26 +00:00			`acl, err := d.core.policyStore.ACL(te.Policies...)`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`if err != nil {`
Convert to logxi 2016-08-19 20:45:17 +00:00			`d.core.logger.Error("failed to retrieve ACL for token's policies", "token_policies", te.Policies, "error", err)`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`return false`
			`}`

Create more granular ACL capabilities. This commit splits ACL policies into more fine-grained capabilities. This both drastically simplifies the checking code and makes it possible to support needed workflows that are not possible with the previous method. It is backwards compatible; policies containing a "policy" string are simply converted to a set of capabilities matching previous behavior. Fixes #724 (and others). 2016-01-07 20:10:05 +00:00			`// The operation type isn't important here as this is run from a path the`
			`// user has already been given access to; we only care about whether they`
			`// have sudo`
Changed AllowOperation to take logical.Request 2016-10-16 23:29:52 +00:00			`req := new(logical.Request)`
			`req.Operation = logical.ReadOperation`
			`req.Path = path`
			`_, rootPrivs := acl.AllowOperation(req)`
Create more granular ACL capabilities. This commit splits ACL policies into more fine-grained capabilities. This both drastically simplifies the checking code and makes it possible to support needed workflows that are not possible with the previous method. It is backwards compatible; policies containing a "policy" string are simply converted to a set of capabilities matching previous behavior. Fixes #724 (and others). 2016-01-07 20:10:05 +00:00			`return rootPrivs`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`}`

Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`// TTLsByPath returns the default and max TTLs corresponding to a particular`
			`// mount point, or the system default`
Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`def = d.core.defaultLeaseTTL`
			`max = d.core.maxLeaseTTL`

Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`if d.mountEntry.Config.DefaultLeaseTTL != 0 {`
			`def = d.mountEntry.Config.DefaultLeaseTTL`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`
Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`if d.mountEntry.Config.MaxLeaseTTL != 0 {`
			`max = d.mountEntry.Config.MaxLeaseTTL`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

			`return`
			`}`
Allow backends to see taint status. This can be seen via System(). In the PKI backend, if the CA is reconfigured but not fully (e.g. an intermediate CSR is generated but no corresponding cert set) and there are already leases (issued certs), the CRL is unable to be built. As a result revocation fails. But in this case we don't actually need revocation to be successful since the CRL is useless after unmounting. By checking taint status we know if we can simply fast-path out of revocation with a success in this case. Fixes #946 2016-01-22 22:01:22 +00:00
			`// Tainted indicates that the mount is in the process of being removed`
			`func (d dynamicSystemView) Tainted() bool {`
			`return d.mountEntry.Tainted`
			`}`
Plumb disabling caches through the policy store 2016-04-21 13:52:42 +00:00
Make a non-caching but still locking variant of transit for when caches are disabled 2016-04-21 20:32:06 +00:00			`// CachingDisabled indicates whether to use caching behavior`
			`func (d dynamicSystemView) CachingDisabled() bool {`
			`return d.core.cachingDisabled`
Plumb disabling caches through the policy store 2016-04-21 13:52:42 +00:00			`}`
Rejig dynamic system view to build without tags 2017-01-12 20:13:47 +00:00
			`// Checks if this is a primary Vault instance.`
Port over some work to make the system views a bit nicer 2017-01-13 19:51:10 +00:00			`func (d dynamicSystemView) ReplicationState() logical.ReplicationState {`
			`var state logical.ReplicationState`
			`d.core.clusterParamsLock.RLock()`
			`state = d.core.replicationState`
			`d.core.clusterParamsLock.RUnlock()`
			`return state`
Rejig dynamic system view to build without tags 2017-01-12 20:13:47 +00:00			`}`