From f9372145ddbe8358cb4b4fab298def11afe878ed Mon Sep 17 00:00:00 2001
From: VAL <val@hashicorp.com>
Date: Thu, 24 Mar 2022 13:29:11 -0700
Subject: [PATCH] Warn on upper case in policy name (#14670)

* Warn on upper case in policy name

* Rename name variable to be less confusing

* Use more general solution for other string issues

* Clarify changelog

* Remove unnecessary check

* Don't throw CLI warning until after past errors

* Add before and after names with quotes to show spacing changes
---
 changelog/14670.txt     |  3 +++
 command/policy_write.go | 11 ++++++++---
 vault/logical_system.go |  8 +++++++-
 3 files changed, 18 insertions(+), 4 deletions(-)
 create mode 100644 changelog/14670.txt

diff --git a/changelog/14670.txt b/changelog/14670.txt
new file mode 100644
index 000000000..c054f552e
--- /dev/null
+++ b/changelog/14670.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+cli/vault: warn when policy name contains upper-case letter
+```
\ No newline at end of file
diff --git a/command/policy_write.go b/command/policy_write.go
index 50a1ccf4c..538414bc5 100644
--- a/command/policy_write.go
+++ b/command/policy_write.go
@@ -91,7 +91,8 @@ func (c *PolicyWriteCommand) Run(args []string) int {
 	}
 
 	// Policies are normalized to lowercase
-	name := strings.TrimSpace(strings.ToLower(args[0]))
+	policyName := args[0]
+	formattedName := strings.TrimSpace(strings.ToLower(policyName))
 	path := strings.TrimSpace(args[1])
 
 	// Get the policy contents, either from stdin of a file
@@ -119,11 +120,15 @@ func (c *PolicyWriteCommand) Run(args []string) int {
 	}
 	rules := buf.String()
 
-	if err := client.Sys().PutPolicy(name, rules); err != nil {
+	if err := client.Sys().PutPolicy(formattedName, rules); err != nil {
 		c.UI.Error(fmt.Sprintf("Error uploading policy: %s", err))
 		return 2
 	}
 
-	c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", name))
+	if policyName != formattedName {
+		c.UI.Warn(fmt.Sprintf("Policy name was converted from \"%s\" to \"%s\"", policyName, formattedName))
+	}
+
+	c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", formattedName))
 	return 0
 }
diff --git a/vault/logical_system.go b/vault/logical_system.go
index 9ca785d18..a57989200 100644
--- a/vault/logical_system.go
+++ b/vault/logical_system.go
@@ -2435,14 +2435,19 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
 			return nil, err
 		}
 
+		name := data.Get("name").(string)
 		policy := &Policy{
-			Name:      strings.ToLower(data.Get("name").(string)),
+			Name:      strings.ToLower(name),
 			Type:      policyType,
 			namespace: ns,
 		}
 		if policy.Name == "" {
 			return logical.ErrorResponse("policy name must be provided in the URL"), nil
 		}
+		if name != policy.Name {
+			resp = &logical.Response{}
+			resp.AddWarning(fmt.Sprintf("policy name was converted to %s", policy.Name))
+		}
 
 		policy.Raw = data.Get("policy").(string)
 		if policy.Raw == "" && policyType == PolicyTypeACL && strings.HasPrefix(req.Path, "policy") {
@@ -2485,6 +2490,7 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
 		if err := b.Core.policyStore.SetPolicy(ctx, policy); err != nil {
 			return handleError(err)
 		}
+
 		return resp, nil
 	}
 }