scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 11:38:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add separate path for capabilities-self to enable ACL

Browse Source
This commit is contained in:
vishalnayak
2016-03-17 22:52:03 -04:00
parent 0ac4aa123d
commit 289a2a2661
2 changed files with 22 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
http/handler.go
View File

@@ -44,10 +44,7 @@ func Handler(core *vault.Core) http.Handler {
} }
func sysCapabilitiesCallback(req *logical.Request) error { func sysCapabilitiesCallback(req *logical.Request) error {
if req.Path == "sys/capabilities-self" { req.Data["token"] = req.ClientToken
req.Path = "sys/capabilities"
req.Data["token"] = req.ClientToken
}
return nil return nil
} }

21
vault/logical_system.go
View File

@@ -82,6 +82,27 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend
HelpSynopsis: strings.TrimSpace(sysHelp["capabilities"][0]), HelpSynopsis: strings.TrimSpace(sysHelp["capabilities"][0]),
HelpDescription: strings.TrimSpace(sysHelp["capabilities"][0]), HelpDescription: strings.TrimSpace(sysHelp["capabilities"][0]),
}, },
&framework.Path{
Pattern: "capabilities-self$",
Fields: map[string]*framework.FieldSchema{
"token": &framework.FieldSchema{
Type: framework.TypeString,
Description: "Token for which capabilities are being queried.",
},
"path": &framework.FieldSchema{
Type: framework.TypeString,
Description: "Path on which capabilities are being queried.",
},
},
Callbacks: map[logical.Operation]framework.OperationFunc{
logical.UpdateOperation: b.handleCapabilities,
},
HelpSynopsis: strings.TrimSpace(sysHelp["capabilities"][0]),
HelpDescription: strings.TrimSpace(sysHelp["capabilities"][0]),
},
&framework.Path{ &framework.Path{
Pattern: "rekey/backup$", Pattern: "rekey/backup$",