Jeff Mitchell
ab5014534e
Clone policy permissions and then use existing values rather than policy values for modifications ( #2826 )
...
Should fix #2804
2017-06-07 13:49:51 -04:00
Brian Kassouf
e62f5dbc31
Allowed/Denied parameters support for globs ( #2438 )
...
* Add check for globbed strings
* Add tests for the acl globbing
* Fix bad test case
2017-03-03 14:50:55 -08:00
Jeff Mitchell
7f0a99e8eb
Add max/min wrapping TTL ACL statements ( #2411 )
2017-02-27 14:42:00 -05:00
Brian Kassouf
dd5b541db6
Added test for the empty values array case
2017-02-21 16:02:00 -08:00
Brian Kassouf
9ec8dd3d17
PR feedback
2017-02-21 15:02:39 -08:00
Brian Kassouf
1c5264c66c
ToLower parameter strings
2017-02-16 17:50:10 -08:00
Brian Kassouf
07799f665d
Simplify the merging of two policies
2017-02-16 16:30:08 -08:00
Brian Kassouf
7229bdfd38
Remove debug code
2017-02-16 16:14:30 -08:00
Brian Kassouf
136730cb01
Update logic to fix a few edge cases:
2017-02-16 15:20:11 -08:00
Brian Kassouf
8d880f5181
Remove duplicate test case
2017-02-15 22:38:33 -08:00
Brian Kassouf
24d8710233
Fix the issue of returning on the first paramater check. Added tests for this case.
2017-02-15 22:13:18 -08:00
Jeff Mitchell
da9e62bc24
Remove "permissions" from ACL
2017-02-15 21:12:26 -05:00
Brian Kassouf
e1424c631e
Add logic to merge the two arrays and refactor the test around merging
2017-01-20 11:16:46 -08:00
Brian Kassouf
1580296ae5
Update tests to check parsing of types
2017-01-19 18:13:39 -08:00
Brian Kassouf
5ccb3e052b
Add tests for boolean values
2017-01-19 17:41:02 -08:00
Brian Kassouf
f3870061ee
fix some of the tests and rename allowed/dissallowed paramaters
2017-01-19 16:40:19 -08:00
Brian Kassouf
25b49b8bae
Add test cases for map and integer types
2017-01-18 17:11:25 -08:00
Brian Kassouf
be10ef9d42
Use deepequals and write tests for the allow/disallow values
2017-01-17 16:40:21 -08:00
mwoolsey
907e735541
Permissions were changed from a structure to and array of interfaces. Code optimization for acl.go. Fixed bug where multiple parameters would allow if second or following parameters were denied and there was a wildcard in allow.
2016-12-06 18:14:15 -08:00
lemondrank
c63d9e9f24
added AllowOperation tests
2016-11-07 12:28:41 -08:00
ChaseLEngel
a847caa4ae
Moved Operations out of test cases variable.
2016-11-07 12:08:17 -08:00
ChaseLEngel
e349d64dbc
Finished merge testing.
2016-11-06 15:16:08 -08:00
mwoolsey
42e0ecb0b8
narrowed the problem to: the Permissions struct in the TestPolicyMerge method is not being initialized
2016-11-06 13:38:25 -08:00
mwoolsey
2add5dbf3a
Started the testing on merged pathCapabilites
2016-11-01 21:27:33 -07:00
ChaseLEngel
482ed0a659
Add merge testcases
2016-11-01 19:48:00 -07:00
lemondrank
975ac72822
started acl_test updates
2016-10-30 15:09:45 -07:00
ChaseLEngel
2ea4caeffb
Update acl and policy tests to use Permissions.
2016-10-21 23:45:39 -07:00
vishalnayak
9947b33498
Added tests for disallowed_policies
2016-08-02 15:21:15 -04:00
vishalnayak
aab24113b0
test cases for capabilities endpoint
2016-03-05 00:03:55 -05:00
Jeff Mitchell
4f4ddbf017
Create more granular ACL capabilities.
...
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.
Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
Armon Dadgar
3d2fa8818e
vault: adding another ACL test
2015-07-05 17:34:34 -06:00
Armon Dadgar
05b3fa836e
vault: Handle exact vs glob match, deny has highest precedence
2015-07-05 17:31:30 -06:00
Armon Dadgar
51ce336753
vault: Adding PolicyStore
2015-03-18 12:17:03 -07:00
Armon Dadgar
99abc11ec5
vault: Adding ACL representation
2015-03-17 18:31:20 -07:00