scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create more granular ACL capabilities.

Browse Source 
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
This commit is contained in:
Jeff Mitchell
2016-01-07 15:10:05 -05:00
parent 45e32756ea
commit f3ef23318d
25 changed files with 655 additions and 275 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
logical/request.go
View File

@@ -121,8 +121,9 @@ type Operation string
const (
// The operations below are called per path
ReadOperation Operation = "read"
UpdateOperation = "write"
CreateOperation Operation = "create"
ReadOperation = "read"
UpdateOperation = "update"
DeleteOperation = "delete"
ListOperation = "list"
HelpOperation = "help"
@@ -133,6 +134,10 @@ const (
RollbackOperation = "rollback"
)
func (o Operation) String() string {
return string(o)
}
var (
// ErrUnsupportedOperation is returned if the operation is not supported
// by the logical backend.