From e24fa79aab53254791faf8f775a18c293d429cac Mon Sep 17 00:00:00 2001
From: Armon Dadgar <armon.dadgar@gmail.com>
Date: Sun, 20 Aug 2017 21:39:36 -0700
Subject: [PATCH] agent: thread ACLs for Job Register

---
 api/api.go                         |  6 ++++++
 api/jobs.go                        |  3 +++
 command/agent/job_endpoint.go      |  4 +++-
 command/agent/job_endpoint_test.go | 30 ++++++++++++++++++++++++++++++
 4 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/api/api.go b/api/api.go
index 2c957695c..d1edef30a 100644
--- a/api/api.go
+++ b/api/api.go
@@ -41,6 +41,9 @@ type QueryOptions struct {
 
 	// Set HTTP parameters on the query.
 	Params map[string]string
+
+	// SecretID is the secret ID of an ACL token
+	SecretID string
 }
 
 // WriteOptions are used to parameterize a write
@@ -48,6 +51,9 @@ type WriteOptions struct {
 	// Providing a datacenter overwrites the region provided
 	// by the Config
 	Region string
+
+	// SecretID is the secret ID of an ACL token
+	SecretID string
 }
 
 // QueryMeta is used to return meta data about a query
diff --git a/api/jobs.go b/api/jobs.go
index da0efa42d..4bba48cf9 100644
--- a/api/jobs.go
+++ b/api/jobs.go
@@ -729,6 +729,9 @@ func (j *Job) AddPeriodicConfig(cfg *PeriodicConfig) *Job {
 type WriteRequest struct {
 	// The target region for this write
 	Region string
+
+	// SecretID is the secret ID of an ACL token
+	SecretID string
 }
 
 // JobValidateRequest is used to validate a job
diff --git a/command/agent/job_endpoint.go b/command/agent/job_endpoint.go
index 75a67ae36..87a066f6a 100644
--- a/command/agent/job_endpoint.go
+++ b/command/agent/job_endpoint.go
@@ -349,6 +349,7 @@ func (s *HTTPServer) jobUpdate(resp http.ResponseWriter, req *http.Request,
 		return nil, CodedError(400, "Job ID does not match name")
 	}
 	s.parseRegion(req, &args.Region)
+	s.parseToken(req, &args.SecretID)
 
 	sJob := ApiJobToStructJob(args.Job)
 
@@ -357,7 +358,8 @@ func (s *HTTPServer) jobUpdate(resp http.ResponseWriter, req *http.Request,
 		EnforceIndex:   args.EnforceIndex,
 		JobModifyIndex: args.JobModifyIndex,
 		WriteRequest: structs.WriteRequest{
-			Region: args.WriteRequest.Region,
+			Region:   args.WriteRequest.Region,
+			SecretID: args.WriteRequest.SecretID,
 		},
 	}
 	var out structs.JobRegisterResponse
diff --git a/command/agent/job_endpoint_test.go b/command/agent/job_endpoint_test.go
index 7e0857216..4ba90041d 100644
--- a/command/agent/job_endpoint_test.go
+++ b/command/agent/job_endpoint_test.go
@@ -171,6 +171,36 @@ func TestHTTP_JobsRegister(t *testing.T) {
 	})
 }
 
+func TestHTTP_JobsRegister_ACL(t *testing.T) {
+	t.Parallel()
+	httpACLTest(t, nil, func(s *TestAgent) {
+		// Create the job
+		job := api.MockJob()
+		args := api.JobRegisterRequest{
+			Job: job,
+			WriteRequest: api.WriteRequest{
+				Region: "global",
+			},
+		}
+		buf := encodeReq(args)
+
+		// Make the HTTP request
+		req, err := http.NewRequest("PUT", "/v1/jobs", buf)
+		if err != nil {
+			t.Fatalf("err: %v", err)
+		}
+		respW := httptest.NewRecorder()
+		setToken(req, s.Token)
+
+		// Make the request
+		obj, err := s.Server.JobsRequest(respW, req)
+		if err != nil {
+			t.Fatalf("err: %v", err)
+		}
+		assert.NotNil(t, obj)
+	})
+}
+
 func TestHTTP_JobsRegister_Defaulting(t *testing.T) {
 	t.Parallel()
 	httpTest(t, nil, func(s *TestAgent) {