luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

add ns path to granting_policies (#20522)

This commit is contained in:
Pratyoy Mukhopadhyay 2023-05-04 15:08:22 -07:00 committed by GitHub
parent 949979dd14
commit 7b807a9bb0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 32 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
audit/format.go
View File

@ -152,6 +152,7 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config
reqEntry.Auth.PolicyResults.GrantingPolicies = append(reqEntry.Auth.PolicyResults.GrantingPolicies, PolicyInfo{ reqEntry.Auth.PolicyResults.GrantingPolicies = append(reqEntry.Auth.PolicyResults.GrantingPolicies, PolicyInfo{
Name: p.Name, Name: p.Name,
NamespaceId: p.NamespaceId, NamespaceId: p.NamespaceId,
NamespacePath: p.NamespacePath,
Type: p.Type, Type: p.Type,
}) })
} }
@ -369,6 +370,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
respEntry.Auth.PolicyResults.GrantingPolicies = append(respEntry.Auth.PolicyResults.GrantingPolicies, PolicyInfo{ respEntry.Auth.PolicyResults.GrantingPolicies = append(respEntry.Auth.PolicyResults.GrantingPolicies, PolicyInfo{
Name: p.Name, Name: p.Name,
NamespaceId: p.NamespaceId, NamespaceId: p.NamespaceId,
NamespacePath: p.NamespacePath,
Type: p.Type, Type: p.Type,
}) })
} }
@ -477,6 +479,7 @@ type AuditPolicyResults struct {
type PolicyInfo struct { type PolicyInfo struct {
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
NamespaceId string `json:"namespace_id,omitempty"` NamespaceId string `json:"namespace_id,omitempty"`
NamespacePath string `json:"namespace_path,omitempty"`
Type string `json:"type"` Type string `json:"type"`
} }

1
sdk/logical/auth.go
View File

@ -128,5 +128,6 @@ type PolicyResults struct {
type PolicyInfo struct { type PolicyInfo struct {
Name string `json:"name"` Name string `json:"name"`
NamespaceId string `json:"namespace_id"` NamespaceId string `json:"namespace_id"`
NamespacePath string `json:"namespace_path"`
Type string `json:"type"` Type string `json:"type"`
} }

1
vault/acl.go
View File

@ -343,6 +343,7 @@ func (a *ACL) AllowOperation(ctx context.Context, req *logical.Request, capCheck
ret.GrantingPolicies = []logical.PolicyInfo{{ ret.GrantingPolicies = []logical.PolicyInfo{{
Name: "root", Name: "root",
NamespaceId: "root", NamespaceId: "root",
NamespacePath: "",
Type: "acl", Type: "acl",
}} }}
return return

2
vault/acl_test.go
View File

@ -876,11 +876,13 @@ func TestACLGrantingPolicies(t *testing.T) {
policyInfo := logical.PolicyInfo{ policyInfo := logical.PolicyInfo{
Name: "granting_policy", Name: "granting_policy",
NamespaceId: "root", NamespaceId: "root",
NamespacePath: "",
Type: "acl", Type: "acl",
} }
mergedInfo := logical.PolicyInfo{ mergedInfo := logical.PolicyInfo{
Name: "granting_policy_merged", Name: "granting_policy_merged",
NamespaceId: "root", NamespaceId: "root",
NamespacePath: "",
Type: "acl", Type: "acl",
} }

1
vault/policy.go
View File

@ -271,6 +271,7 @@ func addGrantingPoliciesToMap(m map[uint32][]logical.PolicyInfo, policy *Policy,
m[capability] = append(m[capability], logical.PolicyInfo{ m[capability] = append(m[capability], logical.PolicyInfo{
Name: policy.Name, Name: policy.Name,
NamespaceId: policy.namespace.ID, NamespaceId: policy.namespace.ID,
NamespacePath: policy.namespace.Path,
Type: "acl", Type: "acl",
}) })
} }