VAULT-6614 Enable role based quotas for lease-count quotas (OSS) (#16157)

* VAULT-6613 add DetermineRoleFromLoginRequest function to Core * Fix body handling * Role resolution for rate limit quotas * VAULT-6613 update precedence test * Add changelog * VAULT-6614 start of changes for roles in LCQs * Expiration changes for leases * Add role information to RequestAuth * VAULT-6614 Test updates * VAULT-6614 Add expiration test with roles * VAULT-6614 fix comment * VAULT-6614 Protobuf on OSS * VAULT-6614 Add rlock to determine role code * VAULT-6614 Try lock instead of rlock * VAULT-6614 back to rlock while I think about this more * VAULT-6614 Additional safety for nil dereference * VAULT-6614 Use %q over %s * VAULT-6614 Add overloading to plugin backends * VAULT-6614 RLocks instead * VAULT-6614 Fix return for backend factory
2025-10-29 17:52:32 +00:00 · 2022-07-05 13:02:00 -04:00
parent c30e2cb2e1
commit 614cee3178
28 changed files with 399 additions and 110 deletions
--- a/http/util.go
+++ b/http/util.go
@@ -64,7 +64,7 @@ func rateLimitQuotaWrapping(handler http.Handler, core *vault.Core) http.Handler
 			Type:          quotas.TypeRateLimit,
 			Path:          path,
 			MountPath:     mountPath,
-			Role:          core.DetermineRoleFromLoginRequest(mountPath, bodyBytes, r.Context()),
+			Role:          core.DetermineRoleFromLoginRequestFromBytes(mountPath, bodyBytes, r.Context()),
 			NamespacePath: ns.Path,
 			ClientAddress: parseRemoteIPAddress(r),
 		})