Commit graph

22 commits

Author SHA1 Message Date
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Chris Hoffman e2ed8d3d61
Fixing capabilities check for templated policies (#5250)
* fixing capabilities check for templated policies

* remove unnecessary change

* formatting
2018-09-04 14:18:59 -04:00
Vishal Nayak 0d8f424ab4
disallow token use if entity is invalid (#4791) 2018-06-19 12:57:19 -04:00
Brian Kassouf c7f9d185b0
Kv preflight (#4430)
* Update kv command to use a preflight check

* Make the existing ui endpoint return the allowed mounts

* Add kv subcommand tests

* Enable `-field` in `vault kv get/put` (#4426)

* Enable `-field` in `vault kv get/put`

Fixes #4424

* Unify nil value handling

* Use preflight helper

* Update vkv plugin

* Add all the mount info when authenticated

* Add fix the error message on put

* add metadata test

* No need to sort the capabilities

* Remove the kv client header

* kv patch command (#4432)

* Fix test

* Fix tests

* Use permission denied instead of entity disabled
2018-04-23 15:00:02 -07:00
Brian Kassouf 2f19de0305 Add context to storage backends and wire it through a lot of places (#3817) 2018-01-19 01:44:44 -05:00
Vishal Nayak e4e4a7ba67
Capabilities responds considering policies on entities and groups (#3522)
* Capabilities endpoint will now return considering policies on entities and groups

* refactor the policy derivation into a separate function

* Docs: Update docs to reflect the change in capabilities endpoint
2017-11-03 11:20:10 -04:00
Jeff Mitchell c144f95be0 Sync over 2017-10-23 16:43:07 -04:00
Jeff Mitchell f37b6492d1 More rep porting (#2391)
* More rep porting

* Add a bit more porting
2017-02-16 23:09:39 -05:00
vishalnayak 6831e2a8fd Sort the capabilities before returning 2016-03-18 12:40:17 -04:00
vishalnayak a5d79d587a Refactoring the capabilities function 2016-03-17 21:03:32 -04:00
vishalnayak 151c932875 AccessorID --> Accessor, accessor_id --> accessor 2016-03-09 06:23:31 -05:00
vishalnayak 913bbe7693 Error text corrections and minor refactoring 2016-03-08 22:27:24 -05:00
vishalnayak 62777c9f7e ErrUserInput --> StatusBadRequest 2016-03-08 21:47:24 -05:00
vishalnayak 8117996378 Implemented /sys/capabilities-accessor and a way for setting HTTP error code in all the responses 2016-03-08 19:14:29 -05:00
vishalnayak 08c40c9bba Introduced ErrUserInput to distinguish user error from server error 2016-03-07 22:16:09 -05:00
vishalnayak 3b463c2d4e use errwrap to check the type of error message, fix typos 2016-03-07 18:36:26 -05:00
vishalnayak 9946a2d8b5 refactoring changes due to acl.Capabilities 2016-03-04 18:55:48 -05:00
vishalnayak 9217c49184 Adding acl.Capabilities to do the path matching 2016-03-04 12:04:26 -05:00
vishalnayak 7fe871e60a Removing the 'Message' field 2016-03-04 10:36:03 -05:00
vishalnayak 816f1f8631 self review rework 2016-03-04 10:36:03 -05:00
vishalnayak 286e63a648 Handled root token use case 2016-03-04 10:36:03 -05:00
vishalnayak f1fd5247ad Add vault/capabilities.go 2016-03-04 10:36:02 -05:00