VAULT-6433: Add namespace path to MFA read/list endpoints (#16911)

* VAULT-6433 Add namespace_path to MFA endpoints

* VAULT-6433 add changelog

* VAULT-6433 Return error in case of error

* VAULT-6433 Make logic a bit more concise
This commit is contained in:
Violet Hynes 2022-08-29 09:11:25 -04:00 committed by GitHub
parent dbf762b488
commit 8c9c1d2b2a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 0 deletions

3
changelog/16911.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:improvement
api/mfa: Add namespace path to the MFA read/list endpoint
```

View File

@ -138,6 +138,14 @@ func TestLoginMFA_Method_CRUD(t *testing.T) {
t.Fatal("expected response id to match existing method id but it didn't") t.Fatal("expected response id to match existing method id but it didn't")
} }
if resp.Data["namespace_id"] != "root" {
t.Fatalf("namespace id was not root, it was %s", resp.Data["namespace_id"])
}
if resp.Data["namespace_path"] != "" {
t.Fatalf("namespace path was not empty, it was %s", resp.Data["namespace_path"])
}
// listing should show it // listing should show it
resp, err = client.Logical().List(myPath) resp, err = client.Logical().List(myPath)
if err != nil { if err != nil {

View File

@ -1361,6 +1361,11 @@ func (b *LoginMFABackend) mfaLoginEnforcementConfigByNameAndNamespace(name, name
func (b *LoginMFABackend) mfaLoginEnforcementConfigToMap(eConfig *mfa.MFAEnforcementConfig) (map[string]interface{}, error) { func (b *LoginMFABackend) mfaLoginEnforcementConfigToMap(eConfig *mfa.MFAEnforcementConfig) (map[string]interface{}, error) {
resp := make(map[string]interface{}) resp := make(map[string]interface{})
resp["name"] = eConfig.Name resp["name"] = eConfig.Name
ns, err := b.namespacer.NamespaceByID(context.Background(), eConfig.NamespaceID)
if ns == nil || err != nil {
return nil, err
}
resp["namespace_path"] = ns.Path
resp["namespace_id"] = eConfig.NamespaceID resp["namespace_id"] = eConfig.NamespaceID
resp["mfa_method_ids"] = append([]string{}, eConfig.MFAMethodIDs...) resp["mfa_method_ids"] = append([]string{}, eConfig.MFAMethodIDs...)
resp["auth_method_accessors"] = append([]string{}, eConfig.AuthMethodAccessors...) resp["auth_method_accessors"] = append([]string{}, eConfig.AuthMethodAccessors...)
@ -1417,6 +1422,11 @@ func (b *MFABackend) mfaConfigToMap(mConfig *mfa.Config) (map[string]interface{}
respData["id"] = mConfig.ID respData["id"] = mConfig.ID
respData["name"] = mConfig.Name respData["name"] = mConfig.Name
respData["namespace_id"] = mConfig.NamespaceID respData["namespace_id"] = mConfig.NamespaceID
ns, err := b.namespacer.NamespaceByID(context.Background(), mConfig.NamespaceID)
if ns == nil || err != nil {
return nil, err
}
respData["namespace_path"] = ns.Path
return respData, nil return respData, nil
} }