consul/agent
Mark Anderson 676ea58bc4
Refactor config checks oss (#12550)
Currently the config_entry.go subsystem delegates authorization decisions via the ConfigEntry interface CanRead and CanWrite code. Unfortunately this returns a true/false value and loses the details of the source.

This is not helpful, especially since it the config subsystem can be more complex to understand, since it covers so many domains.

This refactors CanRead/CanWrite to return a structured error message (PermissionDenied or the like) with more details about the reason for denial.

Part of #12241

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-11 13:45:51 -08:00
..
ae sdk: add TestLogLevel for setting log level in tests 2022-02-03 13:42:28 -05:00
auto-config Rename `Master` and `AgentMaster` fields in config protobuf (#11764) 2021-12-07 19:59:38 +00:00
cache bulk rewrite using this script 2022-01-20 10:46:23 -06:00
cache-types bulk rewrite using this script 2022-01-20 10:46:23 -06:00
checks catalog: compare node names case insensitively in more places (#12444) 2022-02-24 16:54:47 -06:00
config Add the `connect.enable_serverless_plugin` configuration option. 2022-03-11 09:16:00 -05:00
configentry server: suppress spurious blocking query returns where multiple config entries are involved (#12362) 2022-02-25 15:46:34 -06:00
connect ca: require that tests that use Vault are named correctly 2022-02-28 16:13:53 -05:00
consul Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
debug bulk rewrite using this script 2022-01-20 10:46:23 -06:00
dns Add DNS recursor strategy option (#10611) 2021-07-19 15:22:51 -07:00
exec re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
grpc Merge remote-tracking branch 'origin/main' into serve-panic-recovery 2021-12-07 16:30:41 -05:00
local missed this test adjustment (#12331) 2022-02-14 11:39:00 -06:00
metadata partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
mock
pool Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
proxycfg proxycfg: change how various proxycfg test helpers for making ConfigSnapshot copies works to be more correct and less error prone (#12531) 2022-03-07 11:47:14 -06:00
router sdk: add TestLogLevel for setting log level in tests 2022-02-03 13:42:28 -05:00
routine-leak-checker Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
rpc/subscribe streaming: split event buffer by key (#12080) 2022-01-28 12:27:00 +00:00
rpcclient/health agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
structs Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
submatview grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#11099) 2021-09-22 13:14:26 -05:00
systemd
token agent/token: rename `agent_master` to `agent_recovery` (internally) (#11744) 2021-12-07 12:12:47 +00:00
uiserver auto-updated agent/uiserver/bindata_assetfs.go from commit 73b6687c5 2022-02-21 12:27:52 +00:00
xds Merge pull request #12539 from hashicorp/make-xds-lib 2022-03-11 09:21:10 -05:00
acl.go Bulk acl message fixup oss (#12470) 2022-03-10 18:48:27 -08:00
acl_endpoint.go Parse datacenter from request (#12370) 2022-02-17 16:41:27 -05:00
acl_endpoint_legacy.go http: update legacy ACL endpoints to return an error 2021-08-17 13:09:29 -04:00
acl_endpoint_legacy_test.go agent: Ensure partition is considered in agent endpoints (#11427) 2021-10-26 15:20:57 -04:00
acl_endpoint_test.go Parse datacenter from request (#12370) 2022-02-17 16:41:27 -05:00
acl_oss.go agent: support `X-Consul-Results-Filtered-By-ACLs` header in agent-local endpoints (#11610) 2021-12-03 20:36:28 +00:00
acl_test.go sdk: add TestLogLevel for setting log level in tests 2022-02-03 13:42:28 -05:00
agent.go checks: populate interval and timeout when registering services (#11138) 2022-02-18 12:05:33 -08:00
agent_endpoint.go Bulk acl message fixup oss (#12470) 2022-03-10 18:48:27 -08:00
agent_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
agent_endpoint_test.go acl: return a resposne from ResolveToken that includes the ACLIdentity 2022-01-22 14:33:09 -05:00
agent_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
agent_test.go checks: populate interval and timeout when registering services (#11138) 2022-02-18 12:05:33 -08:00
apiserver.go
apiserver_test.go
catalog_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
catalog_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
catalog_endpoint_test.go catalog: compare node names case insensitively in more places (#12444) 2022-02-24 16:54:47 -06:00
check.go
config_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
config_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
connect_auth.go Bulk acl message fixup oss (#12470) 2022-03-10 18:48:27 -08:00
connect_ca_endpoint.go add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
connect_ca_endpoint_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
coordinate_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
coordinate_endpoint_test.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
delegate_mock_test.go acl: remove unused methods on fakes, and add changelog 2022-01-31 17:53:53 -05:00
denylist.go
denylist_test.go
discovery_chain_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
discovery_chain_endpoint_test.go Remove useInDatacenter from disco chain requests 2021-10-26 23:35:21 -06:00
dns.go dns: add endpoint for querying service virtual IPs 2021-12-02 16:40:28 -08:00
dns_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
dns_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
enterprise_delegate_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
event_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
event_endpoint_test.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
federation_state_endpoint.go URL-encode/decode resource names for HTTP API part 3 (#12103) 2022-01-26 13:12:42 -05:00
health_endpoint.go URL-encode/decode resource names for HTTP API part 5 (#12297) 2022-02-14 10:47:06 -05:00
health_endpoint_test.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
http.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
http_decode_test.go add test cases for h2ping_use_tls default behavior 2021-10-09 17:12:52 -04:00
http_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
http_oss_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
http_register.go cleanup: Clarify deprecated legacy intention endpoints (#11635) 2021-11-23 19:32:18 -05:00
http_test.go testing: fix test failures caused by new log level 2022-02-03 17:07:39 -05:00
intentions_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
intentions_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
intentions_endpoint_test.go agent: Reject partitions in legacy intention endpoints (#11181) 2021-10-01 13:18:57 -04:00
keyring.go Allows keyring operations on client agents 2022-02-24 17:24:57 +00:00
keyring_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
kvs_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
kvs_endpoint_test.go Add content type headers to raw KV responses 2021-04-14 16:20:22 -04:00
metrics.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
metrics_test.go Add tests for cert expiry metrics 2021-10-28 14:38:57 -04:00
nodeid.go
nodeid_test.go
notify.go
notify_test.go
operator_endpoint.go partitions: various refactors to support partitioning the serf LAN pool (#11568) 2021-11-15 09:51:14 -06:00
operator_endpoint_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
operator_endpoint_test.go Fix defaults for autopilot config update 2021-07-06 18:39:40 -04:00
prepared_query_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
prepared_query_endpoint_test.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
reload.go
remote_exec.go
remote_exec_test.go Remove references to "master" ACL tokens in tests (#11751) 2021-12-07 12:48:50 +00:00
retry_join.go agent: refactor the agent delegate interface to be partition friendly (#11429) 2021-10-26 15:08:55 -05:00
retry_join_test.go
service_checks_test.go
service_manager.go oss portion of ent #1069 (#10883) 2021-08-20 12:57:45 -04:00
service_manager_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
session_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
session_endpoint_test.go
setup.go agent: move agent tls metric monitor to a more appropriate place 2021-10-27 16:26:09 -04:00
setup_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
sidecar_service.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
sidecar_service_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
signal_unix.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
signal_windows.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
snapshot_endpoint.go
snapshot_endpoint_test.go
status_endpoint.go
status_endpoint_test.go
streaming_test.go regenerate expired certs (#11462) 2021-11-01 11:40:16 -04:00
testagent.go testing: fix test failures caused by new log level 2022-02-03 17:07:39 -05:00
testagent_test.go
translate_addr.go
txn_endpoint.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
txn_endpoint_test.go Change error-handling across handlers. (#12225) 2022-01-31 11:17:35 -05:00
ui_endpoint.go Bulk acl message fixup oss (#12470) 2022-03-10 18:48:27 -08:00
ui_endpoint_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
ui_endpoint_test.go Support for connect native services in topology view. (#12098) 2022-02-16 16:51:54 -05:00
user_event.go Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
user_event_test.go Update 4 non-acl tests that used the legacy ACL.Apply 2021-09-21 17:57:29 -04:00
util.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
util_test.go Remove some usage of md5 from the system (#11491) 2021-11-04 13:07:54 -07:00
watch_handler.go
watch_handler_test.go