kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-06 10:25:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3350 from hashicorp/f-acl-status-members

Browse Source 
Status.Members ACL enforcement
This commit is contained in:
Michael Schurter
2017-10-11 16:32:25 -07:00
committed by GitHub
parent 6bff1f6743 4856705459
commit 1e66f1aed9
3 changed files with 89 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
command/agent/agent_endpoint.go
View File

@@ -119,28 +119,11 @@ func (s *HTTPServer) AgentMembersRequest(resp http.ResponseWriter, req *http.Req
return nil, CodedError(405, ErrInvalidMethod)
}
var secret string
s.parseToken(req, &secret)
var aclObj *acl.ACL
var err error
if client := s.agent.Client(); client != nil {
aclObj, err = client.ResolveToken(secret)
} else {
aclObj, err = s.agent.Server().ResolveToken(secret)
}
if err != nil {
return nil, err
}
// Check node read permissions
if aclObj != nil && !aclObj.AllowNodeRead() {
return nil, structs.ErrPermissionDenied
}
args := &structs.GenericRequest{}
if s.parse(resp, req, &args.Region, &args.QueryOptions) {
return nil, nil
}
var out structs.ServerMembersResponse
if err := s.agent.RPC("Status.Members", args, &out); err != nil {
return nil, err