status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-02-10 04:45:05 +00:00
Code Issues Projects Releases Wiki Activity
consul/agent
History
Daniel Nephin c718de730b acl: remove special handling of services in txn_endpoint 
Follow up to: https://github.com/hashicorp/consul/pull/10738#discussion_r680190210

Previously we were passing an Authorizer that would always allow the
operation, then later checking the authorization using vetServiceTxnOp.

On the surface this seemed strange, but I think it was actually masking
a bug as well. Over time `servicePreApply` was changed to add additional
authorization for `service.Proxy.DestinationServiceName`, but because
we were passing a nil Authorizer, that authorization was not handled on
the txn_endpoint.

`TxnServiceOp.FillAuthzContext` has some special handling in enterprise,
so we need to make sure to continue to use that from the Txn endpoint.

This commit removes the `vetServiceTxnOp` function, and passes in the
`FillAuthzContext` function so that `servicePreApply` can be used by
both the catalog and txn endpoints. This should be much less error prone
and prevent bugs like this in the future.
2021-08-04 18:32:20 -04:00
..
ae
auto-config
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
cache
cache-types
connect: include optional partition prefixes in SPIFFE identifiers (#10507)
2021-06-25 16:47:47 -05:00
checks
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
config
Add OSS changes for specifying audit log permission mode
2021-07-30 09:58:11 -07:00
connect
check expiry date of the root/intermediate before using it to sign a leaf (#10500)
2021-07-13 12:15:06 -04:00
consul
acl: remove special handling of services in txn_endpoint
2021-08-04 18:32:20 -04:00
debug
dns
Add DNS recursor strategy option (#10611)
2021-07-19 15:22:51 -07:00
exec
grpc
sync changes to oss files made in enterprise (#10670)
2021-07-22 13:58:08 -05:00
local
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
metadata
Refactor of serf feature flag tags.
2021-05-20 12:57:06 -04:00
mock
pool
proxycfg
Log the correlation ID when blocking queries fire (#10689)
2021-07-23 16:36:17 -06:00
router
routine-leak-checker
Preparation for changing where license management is done.
2021-05-24 10:19:31 -04:00
rpc/subscribe
acl: remove many instances of authz == nil
2021-07-30 13:58:35 -04:00
rpcclient/health
streaming: set a default timeout
2021-07-28 17:50:00 -04:00
structs
acl: move check for Intention.DestinationName into Authorizer
2021-08-04 18:06:44 -04:00
submatview
streaming: support X-Cache-Hit header
2021-06-28 17:29:23 -04:00
systemd
token
uiserver
auto-updated agent/uiserver/bindata_assetfs.go from commit 8ad1ab9c0
2021-08-04 16:47:13 +00:00
xds
acl: use acl.ManangeAll when ACLs are disabled
2021-07-30 12:58:24 -04:00
acl_endpoint_legacy_test.go
acl_endpoint_legacy.go
acl_endpoint_test.go
Add support for returning ACL secret IDs for accessors with acl:write (#10546)
2021-07-08 15:13:08 -07:00
acl_endpoint.go
acl: remove authz == nil checks
2021-07-30 13:58:35 -04:00
acl_test.go
agent: remove unused agent methods
2021-07-30 13:58:35 -04:00
acl.go
agent: remove unused agent methods
2021-07-30 13:58:35 -04:00
agent_endpoint_test.go
Merge pull request #10737 from hashicorp/dnephin/remove-authorizer-nil-checks
2021-08-04 17:39:34 -04:00
agent_endpoint.go
acl: remove acl == nil checks
2021-07-30 14:28:19 -04:00
agent_oss.go
Preparation for changing where license management is done.
2021-05-24 10:19:31 -04:00
agent_test.go
checks: Add Interval and Timeout to API response (#10717)
2021-08-03 15:26:49 -07:00
agent.go
streaming: set a default timeout
2021-07-28 17:50:00 -04:00
apiserver_test.go
apiserver.go
catalog_endpoint_test.go
catalog_endpoint.go
http: add partition query param parsing
2021-07-14 12:07:38 -07:00
check.go
config_endpoint_test.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
config_endpoint.go
connect_auth.go
acl: remove acl == nil checks
2021-07-30 14:28:19 -04:00
connect_ca_endpoint_test.go
ca: remove unused RotationPeriod field
2021-07-05 19:15:44 -04:00
connect_ca_endpoint.go
Format certificates properly (rfc7468) with a trailing new line (#10411)
2021-06-30 20:48:29 -04:00
coordinate_endpoint_test.go
coordinate_endpoint.go
denylist_test.go
denylist.go
discovery_chain_endpoint_test.go
discovery_chain_endpoint.go
dns_oss.go
dns_test.go
Add DNS recursor strategy option (#10611)
2021-07-19 15:22:51 -07:00
dns.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
enterprise_delegate_oss.go
event_endpoint_test.go
event_endpoint.go
acl: Remove the remaining authz == nil checks
2021-07-30 14:55:35 -04:00
federation_state_endpoint.go
health_endpoint_test.go
streaming: fix enable of streaming in the client
2021-06-28 17:23:14 -04:00
health_endpoint.go
http_decode_test.go
http_oss_test.go
http_oss.go
http: add partition query param parsing
2021-07-14 12:07:38 -07:00
http_register.go
debug: use the new metrics stream in debug command
2021-07-26 17:53:32 -04:00
http_test.go
agent: fix two data race in agent tests
2021-07-14 18:58:16 -04:00
http.go
acl: use acl.ManangeAll when ACLs are disabled
2021-07-30 12:58:24 -04:00
intentions_endpoint_oss_test.go
intentions_endpoint_test.go
intentions_endpoint.go
keyring_test.go
keyring.go
kvs_endpoint_test.go
kvs_endpoint.go
nodeid_test.go
nodeid.go
notify_test.go
notify.go
operator_endpoint_oss.go
operator_endpoint_test.go
Fix defaults for autopilot config update
2021-07-06 18:39:40 -04:00
operator_endpoint.go
Fix defaults for autopilot config update
2021-07-06 18:39:40 -04:00
prepared_query_endpoint_test.go
prepared_query_endpoint.go
reload.go
remote_exec_test.go
remote_exec.go
retry_join_test.go
retry_join.go
service_checks_test.go
service_manager_test.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
service_manager.go
Avoid panic on concurrent writes to cached service config map (#10647)
2021-07-20 10:09:29 -06:00
session_endpoint_test.go
session_endpoint.go
setup_oss.go
Move some things around to allow for license updating via config reload
2021-05-25 09:57:50 -04:00
setup.go
debug: use the new metrics stream in debug command
2021-07-26 17:53:32 -04:00
sidecar_service_test.go
agent: update proxy upstreams to inherit namespace from service (#10688)
2021-07-26 17:12:29 -04:00
sidecar_service.go
agent: update proxy upstreams to inherit namespace from service (#10688)
2021-07-26 17:12:29 -04:00
signal_unix.go
signal_windows.go
snapshot_endpoint_test.go
snapshot_endpoint.go
status_endpoint_test.go
status_endpoint.go
streaming_test.go
streaming: fix enable of streaming in the client
2021-06-28 17:23:14 -04:00
testagent_test.go
testagent.go
agent: fix a data race in DNS tests
2021-07-14 18:58:16 -04:00
translate_addr.go
txn_endpoint_test.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
txn_endpoint.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
ui_endpoint_oss_test.go
ui_endpoint_test.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
ui_endpoint.go
acl: Remove the remaining authz == nil checks
2021-07-30 14:55:35 -04:00
user_event_test.go
user_event.go
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
2021-07-22 13:20:45 -05:00
util_test.go
util.go
watch_handler_test.go
watch_handler.go