Update MSP token and filtering (#7431)

This commit is contained in:
Freddy 2020-03-11 12:08:49 -06:00 committed by GitHub
parent 8fbd812be9
commit 709932f088
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions

View File

@ -226,7 +226,7 @@ func (s *Server) ResolveTokenToIdentityAndAuthorizer(token string) (structs.ACLI
// ResolveTokenIdentityAndDefaultMeta retrieves an identity and authorizer for the caller, // ResolveTokenIdentityAndDefaultMeta retrieves an identity and authorizer for the caller,
// and populates the EnterpriseMeta based on the AuthorizerContext. // and populates the EnterpriseMeta based on the AuthorizerContext.
func (s *Server) ResolveTokenIdentityAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (structs.ACLIdentity, acl.Authorizer, error) { func (s *Server) ResolveTokenIdentityAndDefaultMeta(token string, entMeta *structs.EnterpriseMeta, authzContext *acl.AuthorizerContext) (structs.ACLIdentity, acl.Authorizer, error) {
identity, authz, err := s.acls.ResolveTokenToIdentityAndAuthorizer(token) identity, authz, err := s.ResolveTokenToIdentityAndAuthorizer(token)
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }
@ -252,6 +252,9 @@ func (s *Server) ResolveTokenAndDefaultMeta(token string, entMeta *structs.Enter
} }
func (s *Server) filterACL(token string, subj interface{}) error { func (s *Server) filterACL(token string, subj interface{}) error {
if id, authz := s.ResolveEntTokenToIdentityAndAuthorizer(token); id != nil && authz != nil {
return s.acls.filterACLWithAuthorizer(authz, subj)
}
return s.acls.filterACL(token, subj) return s.acls.filterACL(token, subj)
} }