boundary

Commit Graph

Author	SHA1	Message	Date
Jeff Mitchell	fc664eb35f	Improve grant validation (#3081 ) This adds several relationships into the resource package that are then made use of to improve the grant validation that runs during Parse. By understanding mappings between ID and resource type the validation checks can far better align with actual allowed grant formats so we can find several common misunderstandings before they simply result in an authorization failure. In the future some of these functions could be used in the logic in the actual ACL checks but it's not currently necessary and I don't want to lump that change in with this. Note that the tests have not meaningfully changed, but they _have_ had to be updated because the stricter validation is actually catching issues.	3 years ago
Jeff Mitchell	b76b24a4ad	Move prefixes for many packages into the globals package (#3069 ) This is a prerequisite for some enhancements to grant validation	3 years ago
Johan Brandhorst-Satzkorn	3c29308673	chore: Add license headers to all files	3 years ago
Johan Brandhorst-Satzkorn	61c90c5623	Add grant parsing fuzz test (#2534 ) * testing(perms): Add Parse fuzz test I ran this for a few minutes and it didn't discover anything catastrophic. * Add roundtrip tests * Fix invalid unicode parsing, empty output fields * Do the unicode conversion once on input * Remove incorrect fix for empty output fields * Allow empty output_fields This is the same behavior as output_fields=, * Add tests back, make JSON behaviour consistent * Rework the output fields mechanism to fix some bugs such as properly handling no fields * Change signature of Fields Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>	3 years ago
Irena Rindos	b26814a3cc	move user variables into globals (#2580 ) * move user variables into globals	4 years ago
Irena Rindos	946dab487e	enable recovery user to list targets and sessions (#2576 ) * enable recovery user to list targets and sessions	4 years ago
Jeff Mitchell	cede1aec93	Add initial templating support to Vault credential libraries (#2569 ) (#2575 ) Add initial templating support to Vault credential libraries This adds support for templating various account and user values into Vault dynamic credential library POST bodies and GET/POST paths. It also unifies how parameters are used in grants, with backwards compatibility.	4 years ago
Johan Brandhorst-Satzkorn	f57454b6b9	Rewrite interface{} to any (#2535 ) * chore: Rewrite interface{} to any * Add ignore revs	4 years ago
Timothy Messier	2b994f3005	fix(perms): Properly resolve "only self" for permissions (#2448 ) When generating permissions from the grants, if a single grant was limited to the set of "self" actions, the permission would be marked as only self, even if additional grants were given for non-self actions. This would result in the generated permissions being more limiting then they should be based on the grants. This only impacts the sessions list endpoint. It would result in users that have been granted access to list other user's sessions to be unable to see these results in the list results.	4 years ago
Irena Rindos	18dff62b7b	Merge BYOW GA branch to main (#2398 ) * feat(workers): Add ability to read and reinitialize cert authority (#2312) * feat(workers): Return Release Version on worker list and read (#2377) * feat(cli): Read and reinitialize worker certificate authority (#2387)	4 years ago
Timothy Messier	1e1e5a5ff5	doc(perms): Clarify some details in godoc for ListPermissions	4 years ago
Timothy Messier	05b3d2917b	feat(perms): Add UserPermissions This is used to associate a user with a set of permissions which is necessary for repositories that need honor the OnlySelf aspect of a Permission.	4 years ago
Hugo Vieira	9ee5a9f713	feat(perms): Derive permissions list from user grants	4 years ago
Jeff Mitchell	01fb949d0b	Add controller-led worker auth flow (#2413 ) This adds an action to the API that allows pulling out an activation token that can be given to a worker in its config (directly or via env or file). The worker can pass this along with its normal request in place of its normal nonce and the server will automatically accept it. Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com>	4 years ago
Jeff Mitchell	704d68848c	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
Louis Ruch	58d546cdd4	feat(credential): Add static credential store and username_password credential	4 years ago
Jeff Mitchell	5d3facf561	Merge remote-tracking branch 'origin/main' into llb-byow	4 years ago
Jeff Mitchell	d6362f9e5e	Restrict anonymous user capabilities (#2156 )	4 years ago
Jim	fdf43fc4fe	feature (worker): add CreateWorker(...) service (aka API) (#2143 )	4 years ago
Jeff Mitchell	c59d0df611	Add worker creation ACLs (#2138 ) This is a bit more than simply adding the action; we had some checks to ensure that list/create could only happen/not happen in some cases and those had to be modified to account for subactions.	4 years ago
Jeff Mitchell	48ac8b8f0b	Merge branch 'main' into plugin-hostcatalogs	5 years ago
Jim	f63ca1313c	feature (kms/audit): Add base audit key type (#1651 ) * feature (db): Add the ability to enable debug output for a connection * refactor: Use scope.Global instead of "global" * feature (db/migrations): Add kms audit keys Add schema changes to support a new DEK for audit crypto operations. * feature (kms/audit): Add audit key type All the bits required to define a new DEK concrete type for operating on audit entries. * refactor (db): Remove deprecated migration unit tests. We added a new audit DEK to kms.CreateKeysTx(...). Unfortunately, unit tests like TestMigrations_UserDimension, Test_PrimaryAuthMethodChanges and TestMigrations_CredentialDimension have an indirect dependency on a specific historical set of DEKs via an indirect call kms.CreateKeysTx. This of course fails because the new DEK's tables is not a part of pinned migration versions that these tests depend on.	5 years ago
Todd	a4ea99047f	Remove Prefix Id and Plugin Name fields (#1563 ) * Remove Prefix Id and Plugin Name fields. Creating catalogs now require either the plugin id or the name of the plugin resource (but not both). Host Catalogs and Host Sets API resources now have a read only plugin field populated with plugin info. Host Catalogs have a plugin id field as a top level field.	5 years ago
Jeff Mitchell	92809b733a	Fix unknown permission issue with credential-store (#1524 ) This also affected credential libraries and managed groups. It seems that any end-to-end tests of these grants currently had them included in wildcards instead of individually, but these types were never added to the valid list for resources. Additionally, credential store wasn't added as a valid top level type for pinning purposes.	5 years ago
Jeff Mitchell	781871c30d	Properly accept grant format type=<type>;output_fields=<of> (#1474 ) Although we document that this is allowed, and the ACL code handles it, some of the validation code did not. This would cause a semi intermittent problem because that validation code is used only in some code paths; specifically we skip it (for now) to avoid erroring out on some deprecated grant string formats when reading grants from the DB, but we use it to error out when validating incoming grants.	5 years ago
Jeff Mitchell	e3012afb4f	Add primary auth method ID to default output fields, fix display bug (#1441 )	5 years ago
s-christoff	6b78108ecf	Update primary error functions to take a context, deprecate old functions (#1358 ) * add new error funcs which take a ctx and deprecate existing funcs * use context where available when writing error events * remove circular internal/errors pkg dep * suppress some chatty errors using errors.WithoutEvent() * convert auth oidc funcs to take context where needed to write events Co-authored-by: Jim <jlambert@hashicorp.com>	5 years ago
Jim	70ad081e39	Events: convert from hclog to events (#1409 )	5 years ago
Jeff Mitchell	054c0aa538	Update password generated account IDs (#1290 )	5 years ago
Jeff Mitchell	b513f21153	Add test for GrantsForUser (#1287 ) * Start of test * Add a test for existing GrantsForUser functionality. The test has randomization built in to allocate users across groups and both users and groups across roles. It tracks which users and groups have been assigned to which roles, then ensures that GrantsForUser returns the correct set of roles for a given user. This required modifying the CTE in GrantsForUser to return role_id as well. This doesn't test managed groups yet, that will come in a follow-on PR.	5 years ago
Jeff Mitchell	22d5c88a0b	Add Output Fields support (#1192 )	5 years ago
Jeff Mitchell	e6af51943d	Add read:self and delete:self to auth tokens and add logout command (#1162 )	5 years ago
Jeff Mitchell	412018fbb4	Update misleading Authenticated bool with new name and explanation. (#1111 )	5 years ago
Jeff Mitchell	aa570f4e48	Honor child scope list permissions when recursing (#1016 ) Current behavior is that you need list grant on the parent scope when recursively listing, and this is sufficient. This is good for administrative workflows but can be unintuitive for resources that only exist at a project level. This change allows permissions on the child scope to also be taken into account, so that you can start a recursive list from a parent scope without direct list support on that scope but still get back child scopes for which list access is granted. This also fixes a bug where visibility of a scope for recursive listing would be based on whether the user had list resources for roles within that scope instead of for the resource type in question.	5 years ago
Jeff Mitchell	cb3980cb8c	Remove list:self from main (#915 ) * Remove list:self from main As per futher discussions, we won't be supporting this, in favor of simply read:self and cancel:self (since listing now already filters out items on which you have no permissions). This doesn't remove list:self entirely from the code base as much of that will simply be converted to read:self and cancel:self -- that will be in a later PR. However, with this removed if we want to release we won't expose an API publicly that isn't going to stick around.	5 years ago
Jeff Mitchell	1afa3a4b6c	Disallow an invalid grant format (#914 )	5 years ago
Jeff Mitchell	0629526319	Add read/list/cancel:self actions and support for ACL subactions. (#882 ) Update perms table in anticipation of session support for these.	5 years ago
Louis Ruch	84656dbfea	ICU-747,ICU-748/refactor internal/oplog and internal/perms to use domain errors (#854 ) * Refactor internal/oplog to domain errors * Refactor internal/perms * Update changelog	5 years ago
Jeff Mitchell	b5d84495a3	Fix IDs being lowercased in role grants (#839 ) Fix IDs being lowercased in role grants Fixes #794	5 years ago
Jeff Mitchell	9237d6f787	Rename authorize to authorize-session (#531 ) As pointed out by Rob, this makes it clearer what the action actually is. We were sort of torn on it before, but I've definitely come around to it.	6 years ago
Todd Knight	f76d5aed9f	Additional validation for add\|set\|remove methods. (#527 )	6 years ago
Jeff Mitchell	43c2deddff	Add permissions concepts and the beginning of the perms table (#526 )	6 years ago
Jeff Mitchell	fa700dc002	Add account ID templating (#518 ) * Remove default role and create via the same mechanism as other initial resources	6 years ago
Jeff Mitchell	6ddfe407a3	Update allowed formats of ACL strings (#508 )	6 years ago
Jeff Mitchell	cefea936c3	Update ACLs to allow type=*. (#504 )	6 years ago
Jeff Mitchell	a38f40606e	Create default roles in scopes to allow authentication and listing scopes/auth methods (#502 )	6 years ago
Jeff Mitchell	33b0021547	Add Sessions CLI command and add session cleanup to worker (#388 )	6 years ago
Jeff Mitchell	07a7e9750a	Tie together the database-driven session handling with the worker and add relevant CLI comands (#370 )	6 years ago
Jeff Mitchell	73a38b1433	Remove some unneeded resource types and fix the resource typing for default role in global scope (#256 )	6 years ago
Jeff Mitchell	6661117d4c	The name. The name. The name!	6 years ago

1 2

59 Commits (181f0f180603a78a54cecdaa64dfd93e5f40cda2)