vishalnayak
9946a2d8b5
refactoring changes due to acl.Capabilities
2016-03-04 18:55:48 -05:00
vishalnayak
9217c49184
Adding acl.Capabilities to do the path matching
2016-03-04 12:04:26 -05:00
Jeff Mitchell
7394f97439
Fix out-of-date comment
2016-03-03 13:37:51 -05:00
Jeff Mitchell
f9bbe0fb04
Use logical operations instead of strings for comparison
2016-01-12 21:16:31 -05:00
Jeff Mitchell
4253299dfe
Store uint32s in radix
2016-01-12 17:24:01 -05:00
Jeff Mitchell
e58705b34c
Cleanup
2016-01-12 17:10:48 -05:00
Jeff Mitchell
87fba5dad0
Convert map to bitmap
2016-01-12 17:08:10 -05:00
Jeff Mitchell
ce5bd64244
Clean up HelpOperation
2016-01-12 14:34:49 -05:00
Jeff Mitchell
4f4ddbf017
Create more granular ACL capabilities.
...
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.
Fixes #724 (and others).
2016-01-08 13:05:14 -05:00
Jeff Mitchell
f3ce90164f
WriteOperation -> UpdateOperation
2016-01-08 13:03:03 -05:00
Armon Dadgar
05b3fa836e
vault: Handle exact vs glob match, deny has highest precedence
2015-07-05 17:31:30 -06:00
Armon Dadgar
fe402cdd87
vault: ignore a nil policy object, as it has no permissions
2015-03-24 15:49:17 -07:00
Armon Dadgar
99abc11ec5
vault: Adding ACL representation
2015-03-17 18:31:20 -07:00