status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-02-16 23:57:07 +00:00
Code Issues Projects Releases Wiki Activity

state: remove support for updating legacy ACL tokens

Browse Source
This commit is contained in:
Daniel Nephin 2021-10-05 12:13:04 -04:00
parent 0784a31e85
commit 65d48e5042
2 changed files with 1 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
agent/consul/state/acl.go
View File

@ -498,11 +498,7 @@ func aclTokenSetTxn(tx WriteTxn, idx uint64, token *structs.ACLToken, opts ACLTo
} }
if opts.Legacy && original != nil { if opts.Legacy && original != nil {
if original.UsesNonLegacyFields() { return fmt.Errorf("legacy tokens can not be modified")
return fmt.Errorf("failed inserting acl token: cannot use legacy endpoint to modify a non-legacy token")
}
token.AccessorID = original.AccessorID
} }
if err := aclTokenUpsertValidateEnterprise(tx, token, original); err != nil { if err := aclTokenUpsertValidateEnterprise(tx, token, original); err != nil {

12
agent/structs/acl.go
View File

@ -412,18 +412,6 @@ func (t *ACLToken) HasExpirationTime() bool {
return t.ExpirationTime != nil && !t.ExpirationTime.IsZero() return t.ExpirationTime != nil && !t.ExpirationTime.IsZero()
} }
// TODO(ACL-Legacy-Compat): remove
func (t *ACLToken) UsesNonLegacyFields() bool {
return len(t.Policies) > 0 ||
len(t.ServiceIdentities) > 0 ||
len(t.NodeIdentities) > 0 ||
len(t.Roles) > 0 ||
t.Type == "" ||
t.HasExpirationTime() ||
t.ExpirationTTL != 0 ||
t.AuthMethod != ""
}
func (t *ACLToken) EnterpriseMetadata() *EnterpriseMeta { func (t *ACLToken) EnterpriseMetadata() *EnterpriseMeta {
return &t.EnterpriseMeta return &t.EnterpriseMeta
} }