mirror of https://github.com/status-im/consul.git
acl: remove Server.ResolveTokenToIdentityAndAuthorizer
This method was an alias for ACLResolver.ResolveTokenToIdentityAndAuthorizer. By removing the method that does nothing the code becomes easier to trace.
This commit is contained in:
parent
cc4f155801
commit
6cf6e7c5fe
|
@ -224,7 +224,7 @@ func (s *Server) ResolveRoleFromID(roleID string) (bool, *structs.ACLRole, error
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) ResolveToken(token string) (acl.Authorizer, error) {
|
func (s *Server) ResolveToken(token string) (acl.Authorizer, error) {
|
||||||
_, authz, err := s.ResolveTokenToIdentityAndAuthorizer(token)
|
_, authz, err := s.acls.ResolveTokenToIdentityAndAuthorizer(token)
|
||||||
return authz, err
|
return authz, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -235,14 +235,10 @@ func (s *Server) ResolveTokenToIdentity(token string) (structs.ACLIdentity, erro
|
||||||
return s.acls.ResolveTokenToIdentity(token)
|
return s.acls.ResolveTokenToIdentity(token)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) ResolveTokenToIdentityAndAuthorizer(token string) (structs.ACLIdentity, acl.Authorizer, error) {
|
|
||||||
return s.acls.ResolveTokenToIdentityAndAuthorizer(token)
|
|
||||||
}
|
|
||||||
|
|
||||||
// ResolveTokenIdentityAndDefaultMeta retrieves an identity and authorizer for the caller,
|
// ResolveTokenIdentityAndDefaultMeta retrieves an identity and authorizer for the caller,
|
||||||
// and populates the EnterpriseMeta based on the AuthorizerContext.
|
// and populates the EnterpriseMeta based on the AuthorizerContext.
|
||||||
func (s *Server) ResolveTokenIdentityAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (structs.ACLIdentity, acl.Authorizer, error) {
|
func (s *Server) ResolveTokenIdentityAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (structs.ACLIdentity, acl.Authorizer, error) {
|
||||||
identity, authz, err := s.ResolveTokenToIdentityAndAuthorizer(token)
|
identity, authz, err := s.acls.ResolveTokenToIdentityAndAuthorizer(token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -440,7 +440,7 @@ func (m *Internal) KeyringOperation(
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check ACLs
|
// Check ACLs
|
||||||
identity, rule, err := m.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := m.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -17,7 +17,7 @@ func (op *Operator) AutopilotGetConfiguration(args *structs.DCSpecificRequest, r
|
||||||
}
|
}
|
||||||
|
|
||||||
// This action requires operator read access.
|
// This action requires operator read access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -49,7 +49,7 @@ func (op *Operator) AutopilotSetConfiguration(args *structs.AutopilotSetConfigRe
|
||||||
}
|
}
|
||||||
|
|
||||||
// This action requires operator write access.
|
// This action requires operator write access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -84,7 +84,7 @@ func (op *Operator) ServerHealth(args *structs.DCSpecificRequest, reply *structs
|
||||||
}
|
}
|
||||||
|
|
||||||
// This action requires operator read access.
|
// This action requires operator read access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -151,7 +151,7 @@ func (op *Operator) AutopilotState(args *structs.DCSpecificRequest, reply *autop
|
||||||
}
|
}
|
||||||
|
|
||||||
// This action requires operator read access.
|
// This action requires operator read access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
@ -81,7 +81,7 @@ func (op *Operator) RaftRemovePeerByAddress(args *structs.RaftRemovePeerRequest,
|
||||||
|
|
||||||
// This is a super dangerous operation that requires operator write
|
// This is a super dangerous operation that requires operator write
|
||||||
// access.
|
// access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -134,7 +134,7 @@ func (op *Operator) RaftRemovePeerByID(args *structs.RaftRemovePeerRequest, repl
|
||||||
|
|
||||||
// This is a super dangerous operation that requires operator write
|
// This is a super dangerous operation that requires operator write
|
||||||
// access.
|
// access.
|
||||||
identity, rule, err := op.srv.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
identity, rule, err := op.srv.acls.ResolveTokenToIdentityAndAuthorizer(args.Token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue