func (b *CubbyholeBackend) handleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	if req.ClientToken == "" {
		return nil, fmt.Errorf("[ERR] cubbyhole list: Client token empty")
	}

	// Right now we only handle directories, so ensure it ends with /; however,
	// some physical backends may not handle the "/" case properly, so only add
	// it if we're not listing the root
	path := req.Path
	if path != "" && !strings.HasSuffix(path, "/") {
		path = path + "/"
	}

	// List the keys at the prefix given by the request
	keys, err := req.Storage.List(req.ClientToken + "/" + path)
	if err != nil {
		return nil, err
	}

	// Strip the token
	strippedKeys := make([]string, len(keys))
	for i, key := range keys {
		strippedKeys[i] = strings.TrimPrefix(key, req.ClientToken+"/")
	}

	// Generate the response
	return logical.ListResponse(strippedKeys), nil
}
Beispiel #2
0
func (b *CubbyholeBackend) handleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	if req.ClientToken == "" {
		return nil, fmt.Errorf("[ERR] cubbyhole list: Client token empty")
	}

	// Right now we only handle directories, so ensure it ends with / We also
	// check if it's empty so we don't end up doing a listing on '<client
	// token>//'
	path := req.Path
	if path != "" && !strings.HasSuffix(path, "/") {
		path = path + "/"
	}

	// List the keys at the prefix given by the request
	keys, err := req.Storage.List(req.ClientToken + "/" + path)
	if err != nil {
		return nil, err
	}

	// Strip the token
	strippedKeys := make([]string, len(keys))
	for i, key := range keys {
		strippedKeys[i] = strings.TrimPrefix(key, req.ClientToken+"/")
	}

	// Generate the response
	return logical.ListResponse(strippedKeys), nil
}
Beispiel #3
0
func (p *PathMap) pathList(req *logical.Request, d *FieldData) (*logical.Response, error) {
	rootPath := fmt.Sprintf("struct/%s/", req.Path)
	keys, err := req.Storage.List(rootPath)
	if err != nil {
		return nil, err
	}

	var out []string
	for _, key := range keys {
		val, err := p.pathStruct(key, false).Get(req.Storage)

		if err != nil {
			return nil, err
		}

		app, ok := val["key"].(string)
		if !ok {
			return nil, fmt.Errorf("Could not decode app")
		}

		out = append(out, app)
	}

	return logical.ListResponse(out), nil
}
Beispiel #4
0
func (b *backend) pathRoleList(req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	entries, err := req.Storage.List("roles/")
	if err != nil {
		return nil, err
	}

	return logical.ListResponse(entries), nil
}
Beispiel #5
0
func (b *backend) pathGroupList(
	req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	groups, err := req.Storage.List("group/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(groups), nil
}
Beispiel #6
0
func (b *backend) pathFetchCertList(req *logical.Request, data *framework.FieldData) (response *logical.Response, retErr error) {
	entries, err := req.Storage.List("certs/")
	if err != nil {
		return nil, err
	}

	return logical.ListResponse(entries), nil
}
Beispiel #7
0
func (b *backend) pathUserList(
	req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	users, err := req.Storage.List("user/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(users), nil
}
Beispiel #8
0
func (b *backend) pathCertList(
	req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	certs, err := req.Storage.List("cert/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(certs), nil
}
// pathWhitelistIdentitiesList is used to list all the instance IDs that are present
// in the identity whitelist. This will list both valid and expired entries.
func (b *backend) pathWhitelistIdentitiesList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	identities, err := req.Storage.List("whitelist/identity/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(identities), nil
}
Beispiel #10
0
func (p *PathMap) pathList(
	req *logical.Request, d *FieldData) (*logical.Response, error) {
	keys, err := req.Storage.List(req.Path)
	if err != nil {
		return nil, err
	}

	return logical.ListResponse(keys), nil
}
Beispiel #11
0
// handlePolicyList handles the "policy" endpoint to provide the enabled policies
func (b *SystemBackend) handlePolicyList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	// Get all the configured policies
	policies, err := b.Core.policy.ListPolicies()

	// Add the special "root" policy
	policies = append(policies, "root")
	return logical.ListResponse(policies), err
}
Beispiel #12
0
// pathRoleList is used to list all the AMI IDs registered with Vault.
func (b *backend) pathRoleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	b.roleMutex.RLock()
	defer b.roleMutex.RUnlock()

	roles, err := req.Storage.List("role/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(roles), nil
}
// pathCertificatesList is used to list all the AWS public certificates registered with Vault.
func (b *backend) pathCertificatesList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	b.configMutex.RLock()
	defer b.configMutex.RUnlock()

	certs, err := req.Storage.List("config/certificate/")
	if err != nil {
		return nil, err
	}
	return logical.ListResponse(certs), nil
}
Beispiel #14
0
func (b *PassthroughBackend) handleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	// List the keys at the prefix given by the request
	keys, err := req.Storage.List(req.Path)
	if err != nil {
		return nil, err
	}

	// Generate the response
	return logical.ListResponse(keys), nil
}
Beispiel #15
0
func (ts *TokenStore) tokenStoreRoleList(
	req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	entries, err := ts.view.List(rolesPrefix)
	if err != nil {
		return nil, err
	}

	ret := make([]string, len(entries))
	for i, entry := range entries {
		ret[i] = strings.TrimPrefix(entry, rolesPrefix)
	}

	return logical.ListResponse(ret), nil
}
Beispiel #16
0
// handlePolicyList handles the "policy" endpoint to provide the enabled policies
func (b *SystemBackend) handlePolicyList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	// Get all the configured policies
	policies, err := b.Core.policyStore.ListPolicies()

	// Add the special "root" policy
	policies = append(policies, "root")
	resp := logical.ListResponse(policies)

	// Backwords compatibility
	resp.Data["policies"] = resp.Data["keys"]

	return resp, err
}
func (b *PassthroughBackend) handleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	// Right now we only handle directories, so ensure it ends with /; however,
	// some physical backends may not handle the "/" case properly, so only add
	// it if we're not listing the root
	path := req.Path
	if path != "" && !strings.HasSuffix(path, "/") {
		path = path + "/"
	}

	// List the keys at the prefix given by the request
	keys, err := req.Storage.List(path)
	if err != nil {
		return nil, err
	}

	// Generate the response
	return logical.ListResponse(keys), nil
}
Beispiel #18
0
func (b *CubbyholeBackend) handleList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	if req.ClientToken == "" {
		return nil, fmt.Errorf("[ERR] cubbyhole list: Client token empty")
	}
	// List the keys at the prefix given by the request
	keys, err := req.Storage.List(req.ClientToken + "/" + req.Path)
	if err != nil {
		return nil, err
	}

	strippedKeys := []string{}
	for _, key := range keys {
		strippedKeys = append(strippedKeys, strings.TrimPrefix(key, req.ClientToken+"/"))
	}

	// Generate the response
	return logical.ListResponse(strippedKeys), nil
}
// Lists all the blacklisted role tags.
func (b *backend) pathRoletagBlacklistsList(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	b.blacklistMutex.RLock()
	defer b.blacklistMutex.RUnlock()

	tags, err := req.Storage.List("blacklist/roletag/")
	if err != nil {
		return nil, err
	}

	// Tags are base64 encoded before indexing to avoid problems
	// with the path separators being present in the tag.
	// Reverse it before returning the list response.
	for i, keyB64 := range tags {
		if key, err := base64.StdEncoding.DecodeString(keyB64); err != nil {
			return nil, err
		} else {
			// Overwrite the result with the decoded string.
			tags[i] = string(key)
		}
	}
	return logical.ListResponse(tags), nil
}