consul/agent/structs
Mark Anderson 676ea58bc4
Refactor config checks oss (#12550)
Currently the config_entry.go subsystem delegates authorization decisions via the ConfigEntry interface CanRead and CanWrite code. Unfortunately this returns a true/false value and loses the details of the source.

This is not helpful, especially since it the config subsystem can be more complex to understand, since it covers so many domains.

This refactors CanRead/CanWrite to return a structured error message (PermissionDenied or the like) with more details about the reason for denial.

Part of #12241

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-11 13:45:51 -08:00
..
acl.go acl: return a resposne from ResolveToken that includes the ACLIdentity 2022-01-22 14:33:09 -05:00
acl_cache.go acl: remove ACL.GetPolicy endpoint and resolve legacy acls 2021-09-29 14:33:19 -04:00
acl_cache_test.go test: Remove t.Parallel() from agent/structs tests 2020-05-08 14:06:10 -04:00
acl_oss.go Cross port of ent #1383 (#11726) 2021-12-03 10:20:25 -08:00
acl_test.go acl: remove Policy.ID and Policy.Revision 2021-11-05 15:43:52 -04:00
auto_encrypt.go tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597) 2019-06-27 22:22:07 +02:00
autopilot.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
autopilot_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
catalog.go agent: ensure that most agent behavior correctly respects partition configuration (#10880) 2021-08-19 15:09:42 -05:00
catalog_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
check_definition.go preload json values in structs to determine defaults 2021-10-10 17:52:26 -04:00
check_definition_test.go add http2 ping health checks (#8431) 2021-04-09 15:12:10 -04:00
check_type.go preload json values in structs to determine defaults 2021-10-10 17:52:26 -04:00
config_entry.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_discoverychain.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_discoverychain_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_entry_discoverychain_test.go Remove support for failover to partition 2021-12-06 12:32:24 -07:00
config_entry_exports.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_gateways.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_gateways_test.go Fix some more Enterprise Normalization issues affecting tests 2021-09-23 10:12:37 +01:00
config_entry_intentions.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_intentions_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_entry_intentions_test.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
config_entry_mesh.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
config_entry_mesh_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_entry_oss.go Prevent partition-exports entry from OSS usage 2021-11-29 11:24:16 -07:00
config_entry_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
config_entry_test.go Refactor config checks oss (#12550) 2022-03-11 13:45:51 -08:00
connect.go connect: include optional partition prefixes in SPIFFE identifiers (#10507) 2021-06-25 16:47:47 -05:00
connect_ca.go ca: examine the full chain in newCARoot 2022-02-17 18:21:30 -05:00
connect_ca_test.go add root_cert_ttl option for consul connect, vault ca providers (#11428) 2021-11-02 11:02:10 -07:00
connect_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
connect_proxy_config.go proxycfg: introduce explicit UpstreamID in lieu of bare string (#12125) 2022-01-20 10:12:04 -06:00
connect_proxy_config_oss.go proxycfg: introduce explicit UpstreamID in lieu of bare string (#12125) 2022-01-20 10:12:04 -06:00
connect_proxy_config_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
discovery_chain.go Header manip for split legs plumbing 2021-09-10 21:09:24 +01:00
discovery_chain_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
errors.go Special case the error returned when we have a Raft leader but are not tracking it in the ServerLookup (#9487) 2021-01-04 14:05:23 -05:00
federation_state.go wan federation via mesh gateways (#6884) 2020-03-09 15:59:02 -05:00
identity.go state: convert services.node and checks.node indexes 2021-03-16 13:00:31 -04:00
intention.go acl: fix intention:*:write checks (#11061) 2021-09-16 11:08:45 -05:00
intention_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
intention_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
operator.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
prepared_query.go Catalog + Namespace OSS changes. (#7219) 2020-02-10 10:40:44 -05:00
prepared_query_test.go structs: add two cache completeness tests types that implement cache.Request 2021-05-31 16:54:41 -04:00
protobuf_compat.go Groundwork for exposing when queries are filtered by ACLs (#11569) 2021-12-03 17:11:26 +00:00
sanitize_oss.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
service_definition.go Add failures_before_warning to checks (#10969) 2021-09-14 12:47:52 -04:00
service_definition_test.go bulk rewrite using this script 2022-01-20 10:46:23 -06:00
snapshot.go
structs.go catalog: compare node names case insensitively in more places (#12444) 2022-02-24 16:54:47 -06:00
structs_filtering_test.go Sync enterprise changes to oss (#10994) 2021-09-08 11:59:30 -04:00
structs_oss.go acl: ensure that the agent recovery token is properly partitioned (#11782) 2021-12-08 17:11:55 -06:00
structs_oss_test.go re-run gofmt on 1.17 (#11579) 2021-11-16 12:04:01 -06:00
structs_test.go catalog: compare node names case insensitively in more places (#12444) 2022-02-24 16:54:47 -06:00
system_metadata.go Add virtual IP generation for term gateway backed services 2022-01-12 12:08:49 -08:00
testing.go Vendor in rpc mono repo for net/rpc fork, go-msgpack, msgpackrpc. (#12311) 2022-02-14 09:45:45 -08:00
testing_catalog.go xds: prefer fed state gateway definitions if they're fresher (#11522) 2021-11-09 16:45:36 +00:00
testing_connect_proxy_config.go oss portion of ent #1069 (#10883) 2021-08-20 12:57:45 -04:00
testing_intention.go Cleanup unnecessary normalizing method (#11169) 2021-09-28 15:31:12 -04:00
testing_service_definition.go
txn.go connect: intentions are now managed as a new config entry kind "service-intentions" (#8834) 2020-10-06 13:24:05 -05:00