diff --git a/client/acl.go b/client/acl.go index 89c065214..719dbb998 100644 --- a/client/acl.go +++ b/client/acl.go @@ -82,7 +82,7 @@ func (c *Client) ResolveToken(secretID string) (*acl.ACL, error) { return nil, err } if token == nil { - return nil, structs.TokenNotFound + return nil, structs.ErrTokenNotFound } // Check if this is a management token diff --git a/client/acl_test.go b/client/acl_test.go index a98c532a2..9a791e9fc 100644 --- a/client/acl_test.go +++ b/client/acl_test.go @@ -159,6 +159,6 @@ func TestClient_ACL_ResolveToken(t *testing.T) { // Test bad token out4, err := c1.ResolveToken(structs.GenerateUUID()) - assert.Equal(t, structs.TokenNotFound, err) + assert.Equal(t, structs.ErrTokenNotFound, err) assert.Nil(t, out4) } diff --git a/nomad/acl.go b/nomad/acl.go index 46b17ee20..93fd6fb64 100644 --- a/nomad/acl.go +++ b/nomad/acl.go @@ -46,7 +46,7 @@ func resolveTokenFromSnapshotCache(snap *state.StateSnapshot, cache *lru.TwoQueu return nil, err } if token == nil { - return nil, structs.TokenNotFound + return nil, structs.ErrTokenNotFound } } diff --git a/nomad/acl_test.go b/nomad/acl_test.go index 259f5b7dc..b83e6687c 100644 --- a/nomad/acl_test.go +++ b/nomad/acl_test.go @@ -43,7 +43,7 @@ func TestResolveACLToken(t *testing.T) { // Attempt resolution of unknown token. Should fail. randID := structs.GenerateUUID() aclObj, err = resolveTokenFromSnapshotCache(snap, cache, randID) - assert.Equal(t, structs.TokenNotFound, err) + assert.Equal(t, structs.ErrTokenNotFound, err) assert.Nil(t, aclObj) // Attempt resolution of management token. Should get singleton. diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index eba0e04b3..eb3e51d65 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -34,8 +34,10 @@ import ( ) var ( - ErrNoLeader = fmt.Errorf("No cluster leader") - ErrNoRegionPath = fmt.Errorf("No path to region") + ErrNoLeader = fmt.Errorf("No cluster leader") + ErrNoRegionPath = fmt.Errorf("No path to region") + ErrTokenNotFound = errors.New("ACL token not found") + ErrPermissionDenied = errors.New("Permission denied") // validPolicyName is used to validate a policy name validPolicyName = regexp.MustCompile("^[a-zA-Z0-9-]{1,128}$") @@ -5440,9 +5442,6 @@ type ACLPolicyUpsertRequest struct { WriteRequest } -// TokenNotFound indicates the Token was not found -var TokenNotFound = errors.New("ACL token not found") - // ACLToken represents a client token which is used to Authenticate type ACLToken struct { AccessorID string // Public Accessor ID (UUID)