Commit graph

35 commits

Author SHA1 Message Date
Jeff Mitchell ab5014534e Clone policy permissions and then use existing values rather than policy values for modifications (#2826)
Should fix #2804
2017-06-07 13:49:51 -04:00
Brian Kassouf e62f5dbc31 Allowed/Denied parameters support for globs (#2438)
* Add check for globbed strings

* Add tests for the acl globbing

* Fix bad test case
2017-03-03 14:50:55 -08:00
Jeff Mitchell 7f0a99e8eb Add max/min wrapping TTL ACL statements (#2411) 2017-02-27 14:42:00 -05:00
Brian Kassouf dd5b541db6 Added test for the empty values array case 2017-02-21 16:02:00 -08:00
Brian Kassouf 9ec8dd3d17 PR feedback 2017-02-21 15:02:39 -08:00
Brian Kassouf 1c5264c66c ToLower parameter strings 2017-02-16 17:50:10 -08:00
Brian Kassouf 07799f665d Simplify the merging of two policies 2017-02-16 16:30:08 -08:00
Brian Kassouf 7229bdfd38 Remove debug code 2017-02-16 16:14:30 -08:00
Brian Kassouf 136730cb01 Update logic to fix a few edge cases: 2017-02-16 15:20:11 -08:00
Brian Kassouf 8d880f5181 Remove duplicate test case 2017-02-15 22:38:33 -08:00
Brian Kassouf 24d8710233 Fix the issue of returning on the first paramater check. Added tests for this case. 2017-02-15 22:13:18 -08:00
Jeff Mitchell da9e62bc24 Remove "permissions" from ACL 2017-02-15 21:12:26 -05:00
Brian Kassouf e1424c631e Add logic to merge the two arrays and refactor the test around merging 2017-01-20 11:16:46 -08:00
Brian Kassouf 1580296ae5 Update tests to check parsing of types 2017-01-19 18:13:39 -08:00
Brian Kassouf 5ccb3e052b Add tests for boolean values 2017-01-19 17:41:02 -08:00
Brian Kassouf f3870061ee fix some of the tests and rename allowed/dissallowed paramaters 2017-01-19 16:40:19 -08:00
Brian Kassouf 25b49b8bae Add test cases for map and integer types 2017-01-18 17:11:25 -08:00
Brian Kassouf be10ef9d42 Use deepequals and write tests for the allow/disallow values 2017-01-17 16:40:21 -08:00
mwoolsey 907e735541 Permissions were changed from a structure to and array of interfaces. Code optimization for acl.go. Fixed bug where multiple parameters would allow if second or following parameters were denied and there was a wildcard in allow. 2016-12-06 18:14:15 -08:00
lemondrank c63d9e9f24 added AllowOperation tests 2016-11-07 12:28:41 -08:00
ChaseLEngel a847caa4ae Moved Operations out of test cases variable. 2016-11-07 12:08:17 -08:00
ChaseLEngel e349d64dbc Finished merge testing. 2016-11-06 15:16:08 -08:00
mwoolsey 42e0ecb0b8 narrowed the problem to: the Permissions struct in the TestPolicyMerge method is not being initialized 2016-11-06 13:38:25 -08:00
mwoolsey 2add5dbf3a Started the testing on merged pathCapabilites 2016-11-01 21:27:33 -07:00
ChaseLEngel 482ed0a659 Add merge testcases 2016-11-01 19:48:00 -07:00
lemondrank 975ac72822 started acl_test updates 2016-10-30 15:09:45 -07:00
ChaseLEngel 2ea4caeffb Update acl and policy tests to use Permissions. 2016-10-21 23:45:39 -07:00
vishalnayak 9947b33498 Added tests for disallowed_policies 2016-08-02 15:21:15 -04:00
vishalnayak aab24113b0 test cases for capabilities endpoint 2016-03-05 00:03:55 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities.
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell f3ce90164f WriteOperation -> UpdateOperation 2016-01-08 13:03:03 -05:00
Armon Dadgar 3d2fa8818e vault: adding another ACL test 2015-07-05 17:34:34 -06:00
Armon Dadgar 05b3fa836e vault: Handle exact vs glob match, deny has highest precedence 2015-07-05 17:31:30 -06:00
Armon Dadgar 51ce336753 vault: Adding PolicyStore 2015-03-18 12:17:03 -07:00
Armon Dadgar 99abc11ec5 vault: Adding ACL representation 2015-03-17 18:31:20 -07:00