acl: use wildcard partition in metrics proxy ui endpoint

This commit is contained in:
Kyle Havlovitz 2021-12-10 15:58:17 -08:00
parent 5fee1ff93e
commit 018693b6ee
1 changed files with 3 additions and 2 deletions

View File

@ -631,9 +631,10 @@ func (s *HTTPHandlers) UIMetricsProxy(resp http.ResponseWriter, req *http.Reques
//
// In enterprise it requires this _in all namespaces_ too.
//
// TODO(partitions,acls): need to revisit this
// In enterprise it requires this _in all namespaces and partitions_ too.
var authzContext acl.AuthorizerContext
entMeta.WithWildcardNamespace().FillAuthzContext(&authzContext)
wildcardEntMeta := structs.WildcardEnterpriseMetaInPartition(structs.WildcardSpecifier)
wildcardEntMeta.FillAuthzContext(&authzContext)
if authz.NodeReadAll(&authzContext) != acl.Allow || authz.ServiceReadAll(&authzContext) != acl.Allow {
return nil, acl.ErrPermissionDenied