luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
10,008 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

25 Commits

Author SHA1 Message Date
Jeff Mitchell 3dfa30acb4 Add ability to use path wildcard segments (#6164) 
* Path globbing

* Add glob support at the beginning

* Ensure when evaluating an ACL that our path never has a leading slash. This already happens in the normal request path but not in tests; putting it here provides it for tests and extra safety in case the request path changes

* Simplify the algorithm, we don't really need to validate the prefix first as glob won't apply if it doesn't

* Add path segment wildcarding

* Disable path globbing for now

* Remove now-unneeded test

* Remove commented out globbing bits

* Remove more holdover glob bits

* Rename k var to something more clear
 2019-02-14 18:31:43 -08:00
Jeff Mitchell 6d22f3fc2e minor linting change 2019-01-23 17:19:06 -05:00
Jeff Mitchell c5d8391c38
Prefix path rename (#6089) 
* Rename Prefix -> Path in internal struct

* Update test
 2019-01-23 15:04:49 -05:00
Jeff Mitchell a11f2a3ba2
Rename glob -> prefix in ACL internals (#6086) 
Really, it's a prefix
 2019-01-23 13:55:40 -05:00
vishalnayak c6faa3ee28 Add a comment to retain misspelling 2018-11-13 13:30:42 -05:00
vishalnayak a96641c86f Fix TestPolicy_ParseBadPath 2018-11-13 13:22:56 -05:00
Vishal Nayak b4836575fb
Test for issue 5729 (#5750) 
* Test for 5729

* Remove unneeded space

Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com>
 2018-11-13 11:16:10 -05:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Calvin Leung Huang fb81016252
Fix output-related tests (#4288) 
* Fix command tests

* More test fixes

* Use backticks to escape quoted strings

* More test fixes

* Fix mismatched error output failures

* Fix mismatched error output failures
 2018-04-05 20:43:29 -04:00
Chris Hoffman 3d8d887676
Add ability to require parameters in ACLs (#3510) 2017-11-02 07:18:49 -04:00
Jeff Mitchell 47dae8ffc7 Sync 2017-10-23 14:59:37 -04:00
Jeff Mitchell 7f0a99e8eb Add max/min wrapping TTL ACL statements (#2411) 2017-02-27 14:42:00 -05:00
Jeff Mitchell da9e62bc24 Remove "permissions" from ACL 2017-02-15 21:12:26 -05:00
Brian Kassouf 1580296ae5 Update tests to check parsing of types 2017-01-19 18:13:39 -08:00
Brian Kassouf f3870061ee fix some of the tests and rename allowed/dissallowed paramaters 2017-01-19 16:40:19 -08:00
mwoolsey 907e735541 Permissions were changed from a structure to and array of interfaces. Code optimization for acl.go. Fixed bug where multiple parameters would allow if second or following parameters were denied and there was a wildcard in allow. 2016-12-06 18:14:15 -08:00
mwoolsey bcd0618623 updated testing on a policy to cover parameters in the policy 2016-10-28 10:18:31 -07:00
ChaseLEngel 2ea4caeffb Update acl and policy tests to use Permissions. 2016-10-21 23:45:39 -07:00
Seth Vargo ad7049eed1 Parse policy HCL syntax and keys 2016-03-10 15:25:25 -05:00
Jeff Mitchell 9717ca5931 Strip leading paths in policies. 
It appears to be a common mistake, but they won't ever match.

Fixes #1167
 2016-03-03 11:32:48 -05:00
Jeff Mitchell 87fba5dad0 Convert map to bitmap 2016-01-12 17:08:10 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities. 
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
 2016-01-08 13:05:14 -05:00
Armon Dadgar eda88c18ff vault: Adding precedence logic for conflicting policy 2015-07-05 17:30:19 -06:00
Armon Dadgar 27d01270c8 vault: look for glob character in policy 2015-07-05 14:58:38 -07:00
Armon Dadgar ddab671bf4 vault: Adding policy parsing 2015-03-17 15:53:29 -07:00