open-vault/vault/dynamic_system_view.go

package vault

import (
	"time"

	"github.com/hashicorp/vault/logical"
)

type dynamicSystemView struct {
	core       *Core
	mountEntry *MountEntry
}

func (d dynamicSystemView) DefaultLeaseTTL() time.Duration {
	def, _ := d.fetchTTLs()
	return def
}

func (d dynamicSystemView) MaxLeaseTTL() time.Duration {
	_, max := d.fetchTTLs()
	return max
}

func (d dynamicSystemView) SudoPrivilege(path string, token string) bool {
	// Resolve the token policy
	te, err := d.core.tokenStore.Lookup(token)
	if err != nil {
		d.core.logger.Printf("[ERR] core: failed to lookup token: %v", err)
		return false
	}

	// Ensure the token is valid
	if te == nil {
		d.core.logger.Printf("[ERR] entry not found for token: %s", token)
		return false
	}

	// Construct the corresponding ACL object
	acl, err := d.core.policyStore.ACL(te.Policies...)
	if err != nil {
		d.core.logger.Printf("[ERR] failed to retrieve ACL for policies [%#v]: %s", te.Policies, err)
		return false
	}

	// The operation type isn't important here as this is run from a path the
	// user has already been given access to; we only care about whether they
	// have sudo
	_, rootPrivs := acl.AllowOperation(logical.ReadOperation, path)
	return rootPrivs
}

// TTLsByPath returns the default and max TTLs corresponding to a particular
// mount point, or the system default
func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {
	def = d.core.defaultLeaseTTL
	max = d.core.maxLeaseTTL

	if d.mountEntry.Config.DefaultLeaseTTL != 0 {
		def = d.mountEntry.Config.DefaultLeaseTTL
	}
	if d.mountEntry.Config.MaxLeaseTTL != 0 {
		max = d.mountEntry.Config.MaxLeaseTTL
	}

	return
}
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`package vault`

Create more granular ACL capabilities. This commit splits ACL policies into more fine-grained capabilities. This both drastically simplifies the checking code and makes it possible to support needed workflows that are not possible with the previous method. It is backwards compatible; policies containing a "policy" string are simply converted to a set of capabilities matching previous behavior. Fixes #724 (and others). 2016-01-07 20:10:05 +00:00			`import (`
			`"time"`

			`"github.com/hashicorp/vault/logical"`
			`)`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00
			`type dynamicSystemView struct {`
Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`core *Core`
			`mountEntry *MountEntry`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) DefaultLeaseTTL() time.Duration {`
			`def, _ := d.fetchTTLs()`
			`return def`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) MaxLeaseTTL() time.Duration {`
			`_, max := d.fetchTTLs()`
			`return max`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`func (d dynamicSystemView) SudoPrivilege(path string, token string) bool {`
			`// Resolve the token policy`
			`te, err := d.core.tokenStore.Lookup(token)`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`if err != nil {`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`d.core.logger.Printf("[ERR] core: failed to lookup token: %v", err)`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`return false`
			`}`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00
			`// Ensure the token is valid`
			`if te == nil {`
			`d.core.logger.Printf("[ERR] entry not found for token: %s", token)`
			`return false`
			`}`

			`// Construct the corresponding ACL object`
Rename core's 'policy' to 'policyStore' for clarification 2015-11-06 16:52:26 +00:00			`acl, err := d.core.policyStore.ACL(te.Policies...)`
Take ClientToken instead of Policies 2015-09-21 14:04:03 +00:00			`if err != nil {`
			`d.core.logger.Printf("[ERR] failed to retrieve ACL for policies [%#v]: %s", te.Policies, err)`
			`return false`
			`}`

Create more granular ACL capabilities. This commit splits ACL policies into more fine-grained capabilities. This both drastically simplifies the checking code and makes it possible to support needed workflows that are not possible with the previous method. It is backwards compatible; policies containing a "policy" string are simply converted to a set of capabilities matching previous behavior. Fixes #724 (and others). 2016-01-07 20:10:05 +00:00			`// The operation type isn't important here as this is run from a path the`
			`// user has already been given access to; we only care about whether they`
			`// have sudo`
			`_, rootPrivs := acl.AllowOperation(logical.ReadOperation, path)`
			`return rootPrivs`
TokenStore: Provide access based on sudo permissions and not policy name 2015-09-18 23:59:06 +00:00			`}`

Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`// TTLsByPath returns the default and max TTLs corresponding to a particular`
			`// mount point, or the system default`
Remove error returns from sysview TTL calls 2015-09-10 19:09:34 +00:00			`func (d dynamicSystemView) fetchTTLs() (def, max time.Duration) {`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`def = d.core.defaultLeaseTTL`
			`max = d.core.maxLeaseTTL`

Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`if d.mountEntry.Config.DefaultLeaseTTL != 0 {`
			`def = d.mountEntry.Config.DefaultLeaseTTL`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`
Implement shallow cloning to allow MountEntry pointers to stay consistent when spread across router/core/system views 2015-09-10 02:17:49 +00:00			`if d.mountEntry.Config.MaxLeaseTTL != 0 {`
			`max = d.mountEntry.Config.MaxLeaseTTL`
Push a lot of logic into Router to make a bunch of it nicer and enable a lot of cleanup. Plumb config and calls to framework.Backend.Setup() into logical_system and elsewhere, including tests. 2015-09-04 20:58:12 +00:00			`}`

			`return`
			`}`