Warn on upper case in policy name (#14670)
* Warn on upper case in policy name * Rename name variable to be less confusing * Use more general solution for other string issues * Clarify changelog * Remove unnecessary check * Don't throw CLI warning until after past errors * Add before and after names with quotes to show spacing changes
This commit is contained in:
parent
7c8e6676c0
commit
f9372145dd
3
changelog/14670.txt
Normal file
3
changelog/14670.txt
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:improvement
|
||||||
|
cli/vault: warn when policy name contains upper-case letter
|
||||||
|
```
|
|
@ -91,7 +91,8 @@ func (c *PolicyWriteCommand) Run(args []string) int {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Policies are normalized to lowercase
|
// Policies are normalized to lowercase
|
||||||
name := strings.TrimSpace(strings.ToLower(args[0]))
|
policyName := args[0]
|
||||||
|
formattedName := strings.TrimSpace(strings.ToLower(policyName))
|
||||||
path := strings.TrimSpace(args[1])
|
path := strings.TrimSpace(args[1])
|
||||||
|
|
||||||
// Get the policy contents, either from stdin of a file
|
// Get the policy contents, either from stdin of a file
|
||||||
|
@ -119,11 +120,15 @@ func (c *PolicyWriteCommand) Run(args []string) int {
|
||||||
}
|
}
|
||||||
rules := buf.String()
|
rules := buf.String()
|
||||||
|
|
||||||
if err := client.Sys().PutPolicy(name, rules); err != nil {
|
if err := client.Sys().PutPolicy(formattedName, rules); err != nil {
|
||||||
c.UI.Error(fmt.Sprintf("Error uploading policy: %s", err))
|
c.UI.Error(fmt.Sprintf("Error uploading policy: %s", err))
|
||||||
return 2
|
return 2
|
||||||
}
|
}
|
||||||
|
|
||||||
c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", name))
|
if policyName != formattedName {
|
||||||
|
c.UI.Warn(fmt.Sprintf("Policy name was converted from \"%s\" to \"%s\"", policyName, formattedName))
|
||||||
|
}
|
||||||
|
|
||||||
|
c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", formattedName))
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
|
@ -2435,14 +2435,19 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
name := data.Get("name").(string)
|
||||||
policy := &Policy{
|
policy := &Policy{
|
||||||
Name: strings.ToLower(data.Get("name").(string)),
|
Name: strings.ToLower(name),
|
||||||
Type: policyType,
|
Type: policyType,
|
||||||
namespace: ns,
|
namespace: ns,
|
||||||
}
|
}
|
||||||
if policy.Name == "" {
|
if policy.Name == "" {
|
||||||
return logical.ErrorResponse("policy name must be provided in the URL"), nil
|
return logical.ErrorResponse("policy name must be provided in the URL"), nil
|
||||||
}
|
}
|
||||||
|
if name != policy.Name {
|
||||||
|
resp = &logical.Response{}
|
||||||
|
resp.AddWarning(fmt.Sprintf("policy name was converted to %s", policy.Name))
|
||||||
|
}
|
||||||
|
|
||||||
policy.Raw = data.Get("policy").(string)
|
policy.Raw = data.Get("policy").(string)
|
||||||
if policy.Raw == "" && policyType == PolicyTypeACL && strings.HasPrefix(req.Path, "policy") {
|
if policy.Raw == "" && policyType == PolicyTypeACL && strings.HasPrefix(req.Path, "policy") {
|
||||||
|
@ -2485,6 +2490,7 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
|
||||||
if err := b.Core.policyStore.SetPolicy(ctx, policy); err != nil {
|
if err := b.Core.policyStore.SetPolicy(ctx, policy); err != nil {
|
||||||
return handleError(err)
|
return handleError(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return resp, nil
|
return resp, nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue