Jeff Mitchell
47dae8ffc7
Sync
2017-10-23 14:59:37 -04:00
Jeff Mitchell
7f0a99e8eb
Add max/min wrapping TTL ACL statements ( #2411 )
2017-02-27 14:42:00 -05:00
Jeff Mitchell
da9e62bc24
Remove "permissions" from ACL
2017-02-15 21:12:26 -05:00
Brian Kassouf
1580296ae5
Update tests to check parsing of types
2017-01-19 18:13:39 -08:00
Brian Kassouf
f3870061ee
fix some of the tests and rename allowed/dissallowed paramaters
2017-01-19 16:40:19 -08:00
mwoolsey
907e735541
Permissions were changed from a structure to and array of interfaces. Code optimization for acl.go. Fixed bug where multiple parameters would allow if second or following parameters were denied and there was a wildcard in allow.
2016-12-06 18:14:15 -08:00
mwoolsey
bcd0618623
updated testing on a policy to cover parameters in the policy
2016-10-28 10:18:31 -07:00
ChaseLEngel
2ea4caeffb
Update acl and policy tests to use Permissions.
2016-10-21 23:45:39 -07:00
Seth Vargo
ad7049eed1
Parse policy HCL syntax and keys
2016-03-10 15:25:25 -05:00
Jeff Mitchell
9717ca5931
Strip leading paths in policies.
...
It appears to be a common mistake, but they won't ever match.
Fixes #1167
2016-03-03 11:32:48 -05:00
Jeff Mitchell
87fba5dad0
Convert map to bitmap
2016-01-12 17:08:10 -05:00
Jeff Mitchell
4f4ddbf017
Create more granular ACL capabilities.
...
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.
Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Armon Dadgar
eda88c18ff
vault: Adding precedence logic for conflicting policy
2015-07-05 17:30:19 -06:00
Armon Dadgar
27d01270c8
vault: look for glob character in policy
2015-07-05 14:58:38 -07:00
Armon Dadgar
ddab671bf4
vault: Adding policy parsing
2015-03-17 15:53:29 -07:00