2015-08-27 15:51:35 +00:00
|
|
|
package logical
|
|
|
|
|
|
|
|
import "time"
|
|
|
|
|
2015-08-27 17:36:44 +00:00
|
|
|
// SystemView exposes system configuration information in a safe way
|
|
|
|
// for logical backends to consume
|
|
|
|
type SystemView interface {
|
2015-08-27 16:14:03 +00:00
|
|
|
// DefaultLeaseTTL returns the default lease TTL set in Vault configuration
|
2015-09-10 19:09:34 +00:00
|
|
|
DefaultLeaseTTL() time.Duration
|
2015-08-27 16:14:03 +00:00
|
|
|
|
|
|
|
// MaxLeaseTTL returns the max lease TTL set in Vault configuration; backend
|
|
|
|
// authors should take care not to issue credentials that last longer than
|
|
|
|
// this value, as Vault will revoke them
|
2015-09-10 19:09:34 +00:00
|
|
|
MaxLeaseTTL() time.Duration
|
2015-09-18 23:59:06 +00:00
|
|
|
|
2015-09-21 14:04:03 +00:00
|
|
|
// SudoPrivilege returns true if given path has sudo privileges
|
|
|
|
// for the given client token
|
|
|
|
SudoPrivilege(path string, token string) bool
|
2016-01-22 22:01:22 +00:00
|
|
|
|
|
|
|
// Returns true if the mount is tainted. A mount is tainted if it is in the
|
|
|
|
// process of being unmounted. This should only be used in special
|
|
|
|
// circumstances; a primary use-case is as a guard in revocation functions.
|
|
|
|
// If revocation of a backend's leases fails it can keep the unmounting
|
|
|
|
// process from being successful. If the reason for this failure is not
|
|
|
|
// relevant when the mount is tainted (for instance, saving a CRL to disk
|
|
|
|
// when the stored CRL will be removed during the unmounting process
|
|
|
|
// anyways), we can ignore the errors to allow unmounting to complete.
|
|
|
|
Tainted() bool
|
2015-08-27 17:36:44 +00:00
|
|
|
}
|
|
|
|
|
2015-08-27 18:25:07 +00:00
|
|
|
type StaticSystemView struct {
|
2015-09-01 22:29:30 +00:00
|
|
|
DefaultLeaseTTLVal time.Duration
|
|
|
|
MaxLeaseTTLVal time.Duration
|
2015-09-19 21:53:24 +00:00
|
|
|
SudoPrivilegeVal bool
|
2016-01-22 22:01:22 +00:00
|
|
|
TaintedVal bool
|
2015-08-27 17:36:44 +00:00
|
|
|
}
|
|
|
|
|
2015-09-10 19:09:34 +00:00
|
|
|
func (d StaticSystemView) DefaultLeaseTTL() time.Duration {
|
|
|
|
return d.DefaultLeaseTTLVal
|
2015-08-27 17:36:44 +00:00
|
|
|
}
|
|
|
|
|
2015-09-10 19:09:34 +00:00
|
|
|
func (d StaticSystemView) MaxLeaseTTL() time.Duration {
|
|
|
|
return d.MaxLeaseTTLVal
|
2015-08-27 15:51:35 +00:00
|
|
|
}
|
2015-09-18 23:59:06 +00:00
|
|
|
|
2015-09-21 14:04:03 +00:00
|
|
|
func (d StaticSystemView) SudoPrivilege(path string, token string) bool {
|
2015-09-19 21:53:24 +00:00
|
|
|
return d.SudoPrivilegeVal
|
2015-09-18 23:59:06 +00:00
|
|
|
}
|
2016-01-22 22:01:22 +00:00
|
|
|
|
|
|
|
func (d StaticSystemView) Tainted() bool {
|
|
|
|
return d.TaintedVal
|
|
|
|
}
|