diff --git a/audit/format_json_test.go b/audit/format_json_test.go index a3f8270a3d..df8a86fc61 100644 --- a/audit/format_json_test.go +++ b/audit/format_json_test.go @@ -20,7 +20,7 @@ func TestFormatJSON_formatRequest(t *testing.T) { "auth, request": { &logical.Auth{ClientToken: "foo", Policies: []string{"root"}}, &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "/foo", Connection: &logical.Connection{ RemoteAddr: "127.0.0.1", diff --git a/builtin/credential/app-id/backend_test.go b/builtin/credential/app-id/backend_test.go index c5efd79d56..18e75f8044 100644 --- a/builtin/credential/app-id/backend_test.go +++ b/builtin/credential/app-id/backend_test.go @@ -110,7 +110,7 @@ func TestBackend_upgradeToSalted(t *testing.T) { func testAccStepMapAppId(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/app-id/foo", Data: map[string]interface{}{ "value": "foo,bar", @@ -120,7 +120,7 @@ func testAccStepMapAppId(t *testing.T) logicaltest.TestStep { func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/app-id/foo", Data: map[string]interface{}{ "display_name": "tubbin", @@ -131,7 +131,7 @@ func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep { func testAccStepMapUserId(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/user-id/42", Data: map[string]interface{}{ "value": "foo", @@ -148,7 +148,7 @@ func testAccStepDeleteUserId(t *testing.T) logicaltest.TestStep { func testAccStepMapUserIdCidr(t *testing.T, cidr string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/user-id/42", Data: map[string]interface{}{ "value": "foo", @@ -159,7 +159,7 @@ func testAccStepMapUserIdCidr(t *testing.T, cidr string) logicaltest.TestStep { func testAccLogin(t *testing.T, display string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "app_id": "foo", @@ -181,7 +181,7 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep { } return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "app_id": "foo", @@ -197,7 +197,7 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep { func testAccLoginInvalid(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "app_id": "foo", @@ -212,7 +212,7 @@ func testAccLoginInvalid(t *testing.T) logicaltest.TestStep { func testAccLoginDeleted(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "app_id": "foo", diff --git a/builtin/credential/app-id/path_login.go b/builtin/credential/app-id/path_login.go index 064109b999..5e03b2f89f 100644 --- a/builtin/credential/app-id/path_login.go +++ b/builtin/credential/app-id/path_login.go @@ -28,7 +28,7 @@ func pathLogin(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLogin, + logical.UpdateOperation: b.pathLogin, }, HelpSynopsis: pathLoginSyn, diff --git a/builtin/credential/cert/backend_test.go b/builtin/credential/cert/backend_test.go index 4d4b69670d..0f6b5a8712 100644 --- a/builtin/credential/cert/backend_test.go +++ b/builtin/credential/cert/backend_test.go @@ -105,7 +105,7 @@ func TestBackend_untrusted(t *testing.T) { func testAccStepAddCRL(t *testing.T, crl []byte, connState tls.ConnectionState) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "crls/test", ConnState: &connState, Data: map[string]interface{}{ @@ -146,7 +146,7 @@ func testAccStepDeleteCRL(t *testing.T, connState tls.ConnectionState) logicalte func testAccStepLogin(t *testing.T, connState tls.ConnectionState) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Unauthenticated: true, ConnState: &connState, @@ -163,7 +163,7 @@ func testAccStepLogin(t *testing.T, connState tls.ConnectionState) logicaltest.T func testAccStepLoginDefaultLease(t *testing.T, connState tls.ConnectionState) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Unauthenticated: true, ConnState: &connState, @@ -180,7 +180,7 @@ func testAccStepLoginDefaultLease(t *testing.T, connState tls.ConnectionState) l func testAccStepLoginInvalid(t *testing.T, connState tls.ConnectionState) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Unauthenticated: true, ConnState: &connState, @@ -197,7 +197,7 @@ func testAccStepLoginInvalid(t *testing.T, connState tls.ConnectionState) logica func testAccStepCert( t *testing.T, name string, cert []byte, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "certs/" + name, Data: map[string]interface{}{ "certificate": string(cert), @@ -211,7 +211,7 @@ func testAccStepCert( func testAccStepCertLease( t *testing.T, name string, cert []byte, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "certs/" + name, Data: map[string]interface{}{ "certificate": string(cert), @@ -225,7 +225,7 @@ func testAccStepCertLease( func testAccStepCertTTL( t *testing.T, name string, cert []byte, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "certs/" + name, Data: map[string]interface{}{ "certificate": string(cert), @@ -239,7 +239,7 @@ func testAccStepCertTTL( func testAccStepCertNoLease( t *testing.T, name string, cert []byte, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "certs/" + name, Data: map[string]interface{}{ "certificate": string(cert), diff --git a/builtin/credential/cert/path_certs.go b/builtin/credential/cert/path_certs.go index 5e7046f5d1..c59429c5cb 100644 --- a/builtin/credential/cert/path_certs.go +++ b/builtin/credential/cert/path_certs.go @@ -51,7 +51,7 @@ Defaults to system/backend default TTL time.`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.pathCertDelete, logical.ReadOperation: b.pathCertRead, - logical.WriteOperation: b.pathCertWrite, + logical.UpdateOperation: b.pathCertWrite, }, HelpSynopsis: pathCertHelpSyn, diff --git a/builtin/credential/cert/path_crls.go b/builtin/credential/cert/path_crls.go index d55047e322..d0e1f0ea2a 100644 --- a/builtin/credential/cert/path_crls.go +++ b/builtin/credential/cert/path_crls.go @@ -33,7 +33,7 @@ using the same name as specified here.`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.pathCRLDelete, logical.ReadOperation: b.pathCRLRead, - logical.WriteOperation: b.pathCRLWrite, + logical.UpdateOperation: b.pathCRLWrite, }, HelpSynopsis: pathCRLsHelpSyn, diff --git a/builtin/credential/cert/path_login.go b/builtin/credential/cert/path_login.go index 617cddaa27..6f876df4b9 100644 --- a/builtin/credential/cert/path_login.go +++ b/builtin/credential/cert/path_login.go @@ -22,7 +22,7 @@ func pathLogin(b *backend) *framework.Path { Pattern: "login", Fields: map[string]*framework.FieldSchema{}, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLogin, + logical.UpdateOperation: b.pathLogin, }, } } diff --git a/builtin/credential/github/backend_test.go b/builtin/credential/github/backend_test.go index 76cbf751ee..f748c9c8f1 100644 --- a/builtin/credential/github/backend_test.go +++ b/builtin/credential/github/backend_test.go @@ -62,7 +62,7 @@ func TestBackend_Config(t *testing.T) { func testLoginWrite(t *testing.T, d map[string]interface{}, expectedTTL int64, expectFail bool) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", ErrorOk: true, Data: d, @@ -82,7 +82,7 @@ func testLoginWrite(t *testing.T, d map[string]interface{}, expectedTTL int64, e func testConfigWrite(t *testing.T, d map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config", Data: d, } @@ -134,7 +134,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config", Data: map[string]interface{}{ "organization": os.Getenv("GITHUB_ORG"), @@ -144,7 +144,7 @@ func testAccStepConfig(t *testing.T) logicaltest.TestStep { func testAccStepConfigWithBaseURL(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config", Data: map[string]interface{}{ "organization": os.Getenv("GITHUB_ORG"), @@ -155,7 +155,7 @@ func testAccStepConfigWithBaseURL(t *testing.T) logicaltest.TestStep { func testAccMap(t *testing.T, k string, v string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/teams/" + k, Data: map[string]interface{}{ "value": v, @@ -165,7 +165,7 @@ func testAccMap(t *testing.T, k string, v string) logicaltest.TestStep { func testAccLogin(t *testing.T, keys []string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "token": os.Getenv("GITHUB_TOKEN"), diff --git a/builtin/credential/github/path_config.go b/builtin/credential/github/path_config.go index f89c616eeb..b7d957f1ed 100644 --- a/builtin/credential/github/path_config.go +++ b/builtin/credential/github/path_config.go @@ -35,7 +35,7 @@ API-compatible authentication server.`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathConfigWrite, + logical.UpdateOperation: b.pathConfigWrite, }, } } diff --git a/builtin/credential/github/path_login.go b/builtin/credential/github/path_login.go index cc46aafaf4..01031cb56a 100644 --- a/builtin/credential/github/path_login.go +++ b/builtin/credential/github/path_login.go @@ -20,7 +20,7 @@ func pathLogin(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLogin, + logical.UpdateOperation: b.pathLogin, }, } } diff --git a/builtin/credential/ldap/backend_test.go b/builtin/credential/ldap/backend_test.go index 009419dc1c..73c0f5c733 100644 --- a/builtin/credential/ldap/backend_test.go +++ b/builtin/credential/ldap/backend_test.go @@ -57,7 +57,7 @@ func TestBackend_groupCrud(t *testing.T) { func testAccStepConfigUrl(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config", Data: map[string]interface{}{ // Online LDAP test server @@ -72,7 +72,7 @@ func testAccStepConfigUrl(t *testing.T) logicaltest.TestStep { func testAccStepGroup(t *testing.T, group string, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "groups/" + group, Data: map[string]interface{}{ "policies": policies, @@ -131,7 +131,7 @@ func TestBackend_userCrud(t *testing.T) { func testAccStepUser(t *testing.T, user string, groups string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "users/" + user, Data: map[string]interface{}{ "groups": groups, @@ -176,7 +176,7 @@ func testAccStepDeleteUser(t *testing.T, user string) logicaltest.TestStep { func testAccStepLogin(t *testing.T, user string, pass string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login/" + user, Data: map[string]interface{}{ "password": pass, diff --git a/builtin/credential/ldap/path_config.go b/builtin/credential/ldap/path_config.go index 18d6347b13..eca4e5e8e8 100644 --- a/builtin/credential/ldap/path_config.go +++ b/builtin/credential/ldap/path_config.go @@ -53,7 +53,7 @@ func pathConfig(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathConfigRead, - logical.WriteOperation: b.pathConfigWrite, + logical.UpdateOperation: b.pathConfigWrite, }, HelpSynopsis: pathConfigHelpSyn, diff --git a/builtin/credential/ldap/path_groups.go b/builtin/credential/ldap/path_groups.go index 4c928f0675..44a0449e99 100644 --- a/builtin/credential/ldap/path_groups.go +++ b/builtin/credential/ldap/path_groups.go @@ -25,7 +25,7 @@ func pathGroups(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.pathGroupDelete, logical.ReadOperation: b.pathGroupRead, - logical.WriteOperation: b.pathGroupWrite, + logical.UpdateOperation: b.pathGroupWrite, }, HelpSynopsis: pathGroupHelpSyn, diff --git a/builtin/credential/ldap/path_login.go b/builtin/credential/ldap/path_login.go index 492b0f52a8..01d6efcc50 100644 --- a/builtin/credential/ldap/path_login.go +++ b/builtin/credential/ldap/path_login.go @@ -25,7 +25,7 @@ func pathLogin(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLogin, + logical.UpdateOperation: b.pathLogin, }, HelpSynopsis: pathLoginSyn, diff --git a/builtin/credential/ldap/path_users.go b/builtin/credential/ldap/path_users.go index 38eb9b38d8..7f03a8becd 100644 --- a/builtin/credential/ldap/path_users.go +++ b/builtin/credential/ldap/path_users.go @@ -25,7 +25,7 @@ func pathUsers(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.pathUserDelete, logical.ReadOperation: b.pathUserRead, - logical.WriteOperation: b.pathUserWrite, + logical.UpdateOperation: b.pathUserWrite, }, HelpSynopsis: pathUserHelpSyn, diff --git a/builtin/credential/userpass/backend_test.go b/builtin/credential/userpass/backend_test.go index 70d69dbff0..1e47c5702c 100644 --- a/builtin/credential/userpass/backend_test.go +++ b/builtin/credential/userpass/backend_test.go @@ -91,7 +91,7 @@ func TestBackend_userCrud(t *testing.T) { func testUsersWrite(t *testing.T, user string, data map[string]interface{}, expectError bool) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "users/" + user, Data: data, ErrorOk: true, @@ -106,7 +106,7 @@ func testUsersWrite(t *testing.T, user string, data map[string]interface{}, expe func testLoginWrite(t *testing.T, user string, data map[string]interface{}, expectError bool) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login/" + user, Data: data, ErrorOk: true, @@ -121,7 +121,7 @@ func testLoginWrite(t *testing.T, user string, data map[string]interface{}, expe func testAccStepLogin(t *testing.T, user string, pass string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login/" + user, Data: map[string]interface{}{ "password": pass, @@ -135,7 +135,7 @@ func testAccStepLogin(t *testing.T, user string, pass string) logicaltest.TestSt func testAccStepUser( t *testing.T, name string, password string, policies string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "users/" + name, Data: map[string]interface{}{ "password": password, diff --git a/builtin/credential/userpass/path_login.go b/builtin/credential/userpass/path_login.go index 5b200f2346..e3695e0319 100644 --- a/builtin/credential/userpass/path_login.go +++ b/builtin/credential/userpass/path_login.go @@ -25,7 +25,7 @@ func pathLogin(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLogin, + logical.UpdateOperation: b.pathLogin, }, HelpSynopsis: pathLoginSyn, diff --git a/builtin/credential/userpass/path_users.go b/builtin/credential/userpass/path_users.go index 52f05801d2..abf4a44751 100644 --- a/builtin/credential/userpass/path_users.go +++ b/builtin/credential/userpass/path_users.go @@ -43,7 +43,7 @@ func pathUsers(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: b.pathUserDelete, logical.ReadOperation: b.pathUserRead, - logical.WriteOperation: b.pathUserWrite, + logical.UpdateOperation: b.pathUserWrite, }, HelpSynopsis: pathUserHelpSyn, diff --git a/builtin/logical/aws/backend_test.go b/builtin/logical/aws/backend_test.go index 71b719bac0..03c605cd3c 100644 --- a/builtin/logical/aws/backend_test.go +++ b/builtin/logical/aws/backend_test.go @@ -71,7 +71,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/root", Data: map[string]interface{}{ "access_key": os.Getenv("AWS_ACCESS_KEY_ID"), @@ -121,7 +121,7 @@ func testAccStepReadUser(t *testing.T, name string) logicaltest.TestStep { func testAccStepWritePolicy(t *testing.T, name string, policy string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/" + name, Data: map[string]interface{}{ "policy": testPolicy, diff --git a/builtin/logical/aws/path_config_lease.go b/builtin/logical/aws/path_config_lease.go index 5b7d1a38b4..87b02f7a23 100644 --- a/builtin/logical/aws/path_config_lease.go +++ b/builtin/logical/aws/path_config_lease.go @@ -25,7 +25,7 @@ func pathConfigLease(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathLeaseRead, - logical.WriteOperation: b.pathLeaseWrite, + logical.UpdateOperation: b.pathLeaseWrite, }, HelpSynopsis: pathConfigLeaseHelpSyn, diff --git a/builtin/logical/aws/path_config_root.go b/builtin/logical/aws/path_config_root.go index d4de86d739..0d1d1d5906 100644 --- a/builtin/logical/aws/path_config_root.go +++ b/builtin/logical/aws/path_config_root.go @@ -26,7 +26,7 @@ func pathConfigRoot() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathConfigRootWrite, + logical.UpdateOperation: pathConfigRootWrite, }, HelpSynopsis: pathConfigRootHelpSyn, diff --git a/builtin/logical/aws/path_roles.go b/builtin/logical/aws/path_roles.go index 683bcbf48d..f052fbde9f 100644 --- a/builtin/logical/aws/path_roles.go +++ b/builtin/logical/aws/path_roles.go @@ -27,7 +27,7 @@ func pathRoles() *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.DeleteOperation: pathRolesDelete, logical.ReadOperation: pathRolesRead, - logical.WriteOperation: pathRolesWrite, + logical.UpdateOperation: pathRolesWrite, }, HelpSynopsis: pathRolesHelpSyn, diff --git a/builtin/logical/cassandra/backend_test.go b/builtin/logical/cassandra/backend_test.go index 892fe29db3..0505a25bc0 100644 --- a/builtin/logical/cassandra/backend_test.go +++ b/builtin/logical/cassandra/backend_test.go @@ -49,7 +49,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/connection", Data: map[string]interface{}{ "hosts": os.Getenv("CASSANDRA_HOST"), @@ -61,7 +61,7 @@ func testAccStepConfig(t *testing.T) logicaltest.TestStep { func testAccStepRole(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/test", Data: map[string]interface{}{ "creation_cql": testRole, diff --git a/builtin/logical/cassandra/path_config_connection.go b/builtin/logical/cassandra/path_config_connection.go index 1c485b6f49..b4ebd70760 100644 --- a/builtin/logical/cassandra/path_config_connection.go +++ b/builtin/logical/cassandra/path_config_connection.go @@ -59,7 +59,7 @@ take precedence.`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathConnectionRead, - logical.WriteOperation: b.pathConnectionWrite, + logical.UpdateOperation: b.pathConnectionWrite, }, HelpSynopsis: pathConfigConnectionHelpSyn, diff --git a/builtin/logical/cassandra/path_roles.go b/builtin/logical/cassandra/path_roles.go index 9de6e5d31b..d87c35c24d 100644 --- a/builtin/logical/cassandra/path_roles.go +++ b/builtin/logical/cassandra/path_roles.go @@ -65,7 +65,7 @@ one hour`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathRoleRead, - logical.WriteOperation: b.pathRoleCreate, + logical.UpdateOperation: b.pathRoleCreate, logical.DeleteOperation: b.pathRoleDelete, }, diff --git a/builtin/logical/consul/backend_test.go b/builtin/logical/consul/backend_test.go index bf4a7560c2..1a0f801dcc 100644 --- a/builtin/logical/consul/backend_test.go +++ b/builtin/logical/consul/backend_test.go @@ -153,7 +153,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig( t *testing.T, config map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/access", Data: config, } @@ -235,7 +235,7 @@ func testAccStepReadManagementToken( func testAccStepWritePolicy(t *testing.T, name string, policy string, lease string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/" + name, Data: map[string]interface{}{ "policy": base64.StdEncoding.EncodeToString([]byte(policy)), @@ -246,7 +246,7 @@ func testAccStepWritePolicy(t *testing.T, name string, policy string, lease stri func testAccStepWriteManagementPolicy(t *testing.T, name string, lease string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/" + name, Data: map[string]interface{}{ "token_type": "management", diff --git a/builtin/logical/consul/path_config.go b/builtin/logical/consul/path_config.go index cc9befe309..920cd6ecf7 100644 --- a/builtin/logical/consul/path_config.go +++ b/builtin/logical/consul/path_config.go @@ -31,7 +31,7 @@ func pathConfigAccess() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathConfigAccessWrite, + logical.UpdateOperation: pathConfigAccessWrite, }, } } diff --git a/builtin/logical/consul/path_roles.go b/builtin/logical/consul/path_roles.go index b59fa560b1..69ddb6e430 100644 --- a/builtin/logical/consul/path_roles.go +++ b/builtin/logical/consul/path_roles.go @@ -41,7 +41,7 @@ Defaults to 'client'.`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: pathRolesRead, - logical.WriteOperation: pathRolesWrite, + logical.UpdateOperation: pathRolesWrite, logical.DeleteOperation: pathRolesDelete, }, } diff --git a/builtin/logical/mysql/backend_test.go b/builtin/logical/mysql/backend_test.go index 6045b39d66..684e63bf6d 100644 --- a/builtin/logical/mysql/backend_test.go +++ b/builtin/logical/mysql/backend_test.go @@ -64,7 +64,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/connection", Data: map[string]interface{}{ "value": os.Getenv("MYSQL_DSN"), @@ -74,7 +74,7 @@ func testAccStepConfig(t *testing.T) logicaltest.TestStep { func testAccStepRole(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/web", Data: map[string]interface{}{ "sql": testRole, @@ -139,7 +139,7 @@ func testAccStepReadRole(t *testing.T, name string, sql string) logicaltest.Test func testAccStepWriteLease(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/lease", Data: map[string]interface{}{ "lease": "1h5m", diff --git a/builtin/logical/mysql/path_config_connection.go b/builtin/logical/mysql/path_config_connection.go index 358654c737..d072d09a63 100644 --- a/builtin/logical/mysql/path_config_connection.go +++ b/builtin/logical/mysql/path_config_connection.go @@ -30,7 +30,7 @@ func pathConfigConnection(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathConnectionWrite, + logical.UpdateOperation: b.pathConnectionWrite, }, HelpSynopsis: pathConfigConnectionHelpSyn, diff --git a/builtin/logical/mysql/path_config_lease.go b/builtin/logical/mysql/path_config_lease.go index 0ad390d94d..3f2fee97a1 100644 --- a/builtin/logical/mysql/path_config_lease.go +++ b/builtin/logical/mysql/path_config_lease.go @@ -25,7 +25,7 @@ func pathConfigLease(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathLeaseRead, - logical.WriteOperation: b.pathLeaseWrite, + logical.UpdateOperation: b.pathLeaseWrite, }, HelpSynopsis: pathConfigLeaseHelpSyn, diff --git a/builtin/logical/mysql/path_roles.go b/builtin/logical/mysql/path_roles.go index 92dab6cbea..76d04bae37 100644 --- a/builtin/logical/mysql/path_roles.go +++ b/builtin/logical/mysql/path_roles.go @@ -25,7 +25,7 @@ func pathRoles(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathRoleRead, - logical.WriteOperation: b.pathRoleCreate, + logical.UpdateOperation: b.pathRoleCreate, logical.DeleteOperation: b.pathRoleDelete, }, diff --git a/builtin/logical/pki/backend_test.go b/builtin/logical/pki/backend_test.go index 44abe137d5..c02f8fa2ec 100644 --- a/builtin/logical/pki/backend_test.go +++ b/builtin/logical/pki/backend_test.go @@ -168,7 +168,7 @@ func TestBackend_RSARoles(t *testing.T) { Backend: b, Steps: []logicaltest.TestStep{ logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: map[string]interface{}{ "pem_bundle": rsaCAKey + rsaCACert, @@ -211,7 +211,7 @@ func TestBackend_ECRoles(t *testing.T) { Backend: b, Steps: []logicaltest.TestStep{ logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: map[string]interface{}{ "pem_bundle": ecCAKey + ecCACert, @@ -340,7 +340,7 @@ func generateURLSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s ret := []logicaltest.TestStep{ logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/generate/exported", Data: map[string]interface{}{ "common_name": "Root Cert", @@ -349,7 +349,7 @@ func generateURLSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/urls", Data: map[string]interface{}{ "issuing_certificates": strings.Join(expected.IssuingCertificates, ","), @@ -380,7 +380,7 @@ func generateURLSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/sign-intermediate", Data: map[string]interface{}{ "common_name": "Intermediate Cert", @@ -450,7 +450,7 @@ func generateCSRSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s ret := []logicaltest.TestStep{ logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/generate/exported", Data: map[string]interface{}{ "common_name": "Root Cert", @@ -460,7 +460,7 @@ func generateCSRSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/sign-intermediate", Data: map[string]interface{}{ "use_csr_values": true, @@ -471,7 +471,7 @@ func generateCSRSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/generate/exported", Data: map[string]interface{}{ "common_name": "Root Cert", @@ -481,7 +481,7 @@ func generateCSRSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/sign-intermediate", Data: map[string]interface{}{ "use_csr_values": true, @@ -536,7 +536,7 @@ func generateCSRSteps(t *testing.T, caCert, caKey string, intdata, reqdata map[s func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, intdata, reqdata map[string]interface{}) []logicaltest.TestStep { ret := []logicaltest.TestStep{ logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: map[string]interface{}{ "pem_bundle": caKey + caCert, @@ -544,7 +544,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/crl", Data: map[string]interface{}{ "expiry": "16h", @@ -614,7 +614,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Ensure that both parts of the PEM bundle are required // Here, just the cert logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: map[string]interface{}{ "pem_bundle": caCert, @@ -624,7 +624,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Here, just the key logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: map[string]interface{}{ "pem_bundle": caKey, @@ -683,7 +683,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Test a bunch of generation stuff logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/generate/exported", Data: map[string]interface{}{ "common_name": "Root Cert", @@ -698,7 +698,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "intermediate/generate/exported", Data: map[string]interface{}{ "common_name": "Intermediate Cert", @@ -712,7 +712,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Re-load the root key in so we can sign it logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: reqdata, Check: func(resp *logical.Response) error { @@ -726,7 +726,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/sign-intermediate", Data: reqdata, Check: func(resp *logical.Response) error { @@ -743,7 +743,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // First load in this way to populate the private key logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: reqdata, Check: func(resp *logical.Response) error { @@ -754,7 +754,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Now test setting the intermediate, signed CA cert logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "intermediate/set-signed", Data: reqdata, Check: func(resp *logical.Response) error { @@ -764,7 +764,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "revoke", Data: reqdata, }, @@ -794,7 +794,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Do it all again, with EC keys and DER format logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/generate/exported", Data: map[string]interface{}{ "common_name": "Root Cert", @@ -822,7 +822,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "intermediate/generate/exported", Data: map[string]interface{}{ "format": "der", @@ -848,7 +848,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: reqdata, Check: func(resp *logical.Response) error { @@ -862,7 +862,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "root/sign-intermediate", Data: reqdata, Check: func(resp *logical.Response) error { @@ -879,7 +879,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // First load in this way to populate the private key logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/ca", Data: reqdata, Check: func(resp *logical.Response) error { @@ -890,7 +890,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int // Now test setting the intermediate, signed CA cert logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "intermediate/set-signed", Data: reqdata, Check: func(resp *logical.Response) error { @@ -900,7 +900,7 @@ func generateCATestingSteps(t *testing.T, caCert, caKey, otherCaCert string, int }, logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "revoke", Data: reqdata, }, @@ -950,18 +950,18 @@ func generateRoleSteps(t *testing.T, useCSRs bool) []logicaltest.TestStep { ret := []logicaltest.TestStep{} roleTestStep := logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/test", } var issueTestStep logicaltest.TestStep if useCSRs { issueTestStep = logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sign/test", } } else { issueTestStep = logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "issue/test", } } diff --git a/builtin/logical/pki/path_config_ca.go b/builtin/logical/pki/path_config_ca.go index 586c321e62..8e4799d708 100644 --- a/builtin/logical/pki/path_config_ca.go +++ b/builtin/logical/pki/path_config_ca.go @@ -22,7 +22,7 @@ endpoint, just the signed certificate.`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathCAWrite, + logical.UpdateOperation: b.pathCAWrite, }, HelpSynopsis: pathConfigCAHelpSyn, diff --git a/builtin/logical/pki/path_config_crl.go b/builtin/logical/pki/path_config_crl.go index 72de0e78ca..aadc8cc5eb 100644 --- a/builtin/logical/pki/path_config_crl.go +++ b/builtin/logical/pki/path_config_crl.go @@ -27,7 +27,7 @@ valid; defaults to 72 hours`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathCRLRead, - logical.WriteOperation: b.pathCRLWrite, + logical.UpdateOperation: b.pathCRLWrite, }, HelpSynopsis: pathConfigCRLHelpSyn, diff --git a/builtin/logical/pki/path_config_urls.go b/builtin/logical/pki/path_config_urls.go index d6723f1e90..7f525101bd 100644 --- a/builtin/logical/pki/path_config_urls.go +++ b/builtin/logical/pki/path_config_urls.go @@ -34,7 +34,7 @@ for the OCSP servers attribute`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathWriteURL, + logical.UpdateOperation: b.pathWriteURL, logical.ReadOperation: b.pathReadURL, }, diff --git a/builtin/logical/pki/path_intermediate.go b/builtin/logical/pki/path_intermediate.go index b4401abe42..929ffe2769 100644 --- a/builtin/logical/pki/path_intermediate.go +++ b/builtin/logical/pki/path_intermediate.go @@ -14,7 +14,7 @@ func pathGenerateIntermediate(b *backend) *framework.Path { Pattern: "intermediate/generate/" + framework.GenericNameRegex("exported"), Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathGenerateIntermediate, + logical.UpdateOperation: b.pathGenerateIntermediate, }, HelpSynopsis: pathGenerateIntermediateHelpSyn, @@ -42,7 +42,7 @@ endpoint.`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathSetSignedIntermediate, + logical.UpdateOperation: b.pathSetSignedIntermediate, }, HelpSynopsis: pathSetSignedIntermediateHelpSyn, diff --git a/builtin/logical/pki/path_issue_sign.go b/builtin/logical/pki/path_issue_sign.go index 65b49a8616..c6da42c943 100644 --- a/builtin/logical/pki/path_issue_sign.go +++ b/builtin/logical/pki/path_issue_sign.go @@ -15,7 +15,7 @@ func pathIssue(b *backend) *framework.Path { Pattern: "issue/" + framework.GenericNameRegex("role"), Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathIssue, + logical.UpdateOperation: b.pathIssue, }, HelpSynopsis: pathIssueHelpSyn, @@ -32,7 +32,7 @@ func pathSign(b *backend) *framework.Path { Pattern: "sign/" + framework.GenericNameRegex("role"), Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathSign, + logical.UpdateOperation: b.pathSign, }, HelpSynopsis: pathSignHelpSyn, @@ -55,7 +55,7 @@ func pathSignVerbatim(b *backend) *framework.Path { Pattern: "sign-verbatim/" + framework.GenericNameRegex("role"), Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathSignVerbatim, + logical.UpdateOperation: b.pathSignVerbatim, }, HelpSynopsis: pathSignHelpSyn, diff --git a/builtin/logical/pki/path_revoke.go b/builtin/logical/pki/path_revoke.go index d8ad223b87..280fa7cefc 100644 --- a/builtin/logical/pki/path_revoke.go +++ b/builtin/logical/pki/path_revoke.go @@ -20,7 +20,7 @@ hyphen-separated octal`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathRevokeWrite, + logical.UpdateOperation: b.pathRevokeWrite, }, HelpSynopsis: pathRevokeHelpSyn, diff --git a/builtin/logical/pki/path_roles.go b/builtin/logical/pki/path_roles.go index 61b3d3ba6c..2a557a4ea8 100644 --- a/builtin/logical/pki/path_roles.go +++ b/builtin/logical/pki/path_roles.go @@ -146,7 +146,7 @@ Names. Defaults to true.`, Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathRoleRead, - logical.WriteOperation: b.pathRoleCreate, + logical.UpdateOperation: b.pathRoleCreate, logical.DeleteOperation: b.pathRoleDelete, }, diff --git a/builtin/logical/pki/path_root.go b/builtin/logical/pki/path_root.go index bd1f571dd4..d4dee5a6e9 100644 --- a/builtin/logical/pki/path_root.go +++ b/builtin/logical/pki/path_root.go @@ -15,7 +15,7 @@ func pathGenerateRoot(b *backend) *framework.Path { Pattern: "root/generate/" + framework.GenericNameRegex("exported"), Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathCAGenerateRoot, + logical.UpdateOperation: b.pathCAGenerateRoot, }, HelpSynopsis: pathGenerateRootHelpSyn, @@ -34,7 +34,7 @@ func pathSignIntermediate(b *backend) *framework.Path { Pattern: "root/sign-intermediate", Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathCASignIntermediate, + logical.UpdateOperation: b.pathCASignIntermediate, }, HelpSynopsis: pathSignIntermediateHelpSyn, diff --git a/builtin/logical/postgresql/backend_test.go b/builtin/logical/postgresql/backend_test.go index 93e93e276a..e34b6dc34d 100644 --- a/builtin/logical/postgresql/backend_test.go +++ b/builtin/logical/postgresql/backend_test.go @@ -52,7 +52,7 @@ func testAccPreCheck(t *testing.T) { func testAccStepConfig(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/connection", Data: map[string]interface{}{ "value": os.Getenv("PG_URL"), @@ -62,7 +62,7 @@ func testAccStepConfig(t *testing.T) logicaltest.TestStep { func testAccStepRole(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/web", Data: map[string]interface{}{ "sql": testRole, diff --git a/builtin/logical/postgresql/path_config_connection.go b/builtin/logical/postgresql/path_config_connection.go index 707791e4b2..6a27328d6a 100644 --- a/builtin/logical/postgresql/path_config_connection.go +++ b/builtin/logical/postgresql/path_config_connection.go @@ -30,7 +30,7 @@ func pathConfigConnection(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathConnectionWrite, + logical.UpdateOperation: b.pathConnectionWrite, }, HelpSynopsis: pathConfigConnectionHelpSyn, diff --git a/builtin/logical/postgresql/path_config_lease.go b/builtin/logical/postgresql/path_config_lease.go index 3d352c71b0..b8798bdf7b 100644 --- a/builtin/logical/postgresql/path_config_lease.go +++ b/builtin/logical/postgresql/path_config_lease.go @@ -25,7 +25,7 @@ func pathConfigLease(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathLeaseRead, - logical.WriteOperation: b.pathLeaseWrite, + logical.UpdateOperation: b.pathLeaseWrite, }, HelpSynopsis: pathConfigLeaseHelpSyn, diff --git a/builtin/logical/postgresql/path_roles.go b/builtin/logical/postgresql/path_roles.go index 4c9cac694b..6647211eef 100644 --- a/builtin/logical/postgresql/path_roles.go +++ b/builtin/logical/postgresql/path_roles.go @@ -24,7 +24,7 @@ func pathRoles(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathRoleRead, - logical.WriteOperation: b.pathRoleCreate, + logical.UpdateOperation: b.pathRoleCreate, logical.DeleteOperation: b.pathRoleDelete, }, diff --git a/builtin/logical/ssh/backend_test.go b/builtin/logical/ssh/backend_test.go index 472774f093..7f4d2de01b 100644 --- a/builtin/logical/ssh/backend_test.go +++ b/builtin/logical/ssh/backend_test.go @@ -311,7 +311,7 @@ func testConfigZeroAddressDelete(t *testing.T) logicaltest.TestStep { func testConfigZeroAddressWrite(t *testing.T, data map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "config/zeroaddress", Data: data, } @@ -343,7 +343,7 @@ func testConfigZeroAddressRead(t *testing.T, expected map[string]interface{}) lo func testVerifyWrite(t *testing.T, data map[string]interface{}, expected map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: fmt.Sprintf("verify"), Data: data, Check: func(resp *logical.Response) error { @@ -366,7 +366,7 @@ func testVerifyWrite(t *testing.T, data map[string]interface{}, expected map[str func testNamedKeysWrite(t *testing.T, name, key string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: fmt.Sprintf("keys/%s", name), Data: map[string]interface{}{ "key": key, @@ -383,7 +383,7 @@ func testNamedKeysDelete(t *testing.T) logicaltest.TestStep { func testLookupRead(t *testing.T, data map[string]interface{}, expected []string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "lookup", Data: data, Check: func(resp *logical.Response) error { @@ -400,7 +400,7 @@ func testLookupRead(t *testing.T, data map[string]interface{}, expected []string func testRoleWrite(t *testing.T, name string, data map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "roles/" + name, Data: data, } @@ -444,7 +444,7 @@ func testRoleDelete(t *testing.T, name string) logicaltest.TestStep { func testCredsWrite(t *testing.T, roleName string, data map[string]interface{}, expectError bool) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: fmt.Sprintf("creds/%s", roleName), Data: data, ErrorOk: true, diff --git a/builtin/logical/ssh/path_config_zeroaddress.go b/builtin/logical/ssh/path_config_zeroaddress.go index 63fdebc998..392ebcbd43 100644 --- a/builtin/logical/ssh/path_config_zeroaddress.go +++ b/builtin/logical/ssh/path_config_zeroaddress.go @@ -25,7 +25,7 @@ func pathConfigZeroAddress(b *backend) *framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathConfigZeroAddressWrite, + logical.UpdateOperation: b.pathConfigZeroAddressWrite, logical.ReadOperation: b.pathConfigZeroAddressRead, logical.DeleteOperation: b.pathConfigZeroAddressDelete, }, diff --git a/builtin/logical/ssh/path_creds_create.go b/builtin/logical/ssh/path_creds_create.go index 030e5af077..ede5a63855 100644 --- a/builtin/logical/ssh/path_creds_create.go +++ b/builtin/logical/ssh/path_creds_create.go @@ -34,7 +34,7 @@ func pathCredsCreate(b *backend) *framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathCredsCreateWrite, + logical.UpdateOperation: b.pathCredsCreateWrite, }, HelpSynopsis: pathCredsCreateHelpSyn, HelpDescription: pathCredsCreateHelpDesc, diff --git a/builtin/logical/ssh/path_keys.go b/builtin/logical/ssh/path_keys.go index 567f4fac6a..7d0b9b8b6b 100644 --- a/builtin/logical/ssh/path_keys.go +++ b/builtin/logical/ssh/path_keys.go @@ -27,7 +27,7 @@ func pathKeys(b *backend) *framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathKeysWrite, + logical.UpdateOperation: b.pathKeysWrite, logical.DeleteOperation: b.pathKeysDelete, }, HelpSynopsis: pathKeysSyn, diff --git a/builtin/logical/ssh/path_lookup.go b/builtin/logical/ssh/path_lookup.go index c903a99ffb..4424d02a9a 100644 --- a/builtin/logical/ssh/path_lookup.go +++ b/builtin/logical/ssh/path_lookup.go @@ -18,7 +18,7 @@ func pathLookup(b *backend) *framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathLookupWrite, + logical.UpdateOperation: b.pathLookupWrite, }, HelpSynopsis: pathLookupSyn, HelpDescription: pathLookupDesc, diff --git a/builtin/logical/ssh/path_roles.go b/builtin/logical/ssh/path_roles.go index 54399e1d8d..d433a5068b 100644 --- a/builtin/logical/ssh/path_roles.go +++ b/builtin/logical/ssh/path_roles.go @@ -134,7 +134,7 @@ func pathRoles(b *backend) *framework.Path { Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.pathRoleRead, - logical.WriteOperation: b.pathRoleWrite, + logical.UpdateOperation: b.pathRoleWrite, logical.DeleteOperation: b.pathRoleDelete, }, diff --git a/builtin/logical/ssh/path_verify.go b/builtin/logical/ssh/path_verify.go index d24cb04b70..66cadb777f 100644 --- a/builtin/logical/ssh/path_verify.go +++ b/builtin/logical/ssh/path_verify.go @@ -16,7 +16,7 @@ func pathVerify(b *backend) *framework.Path { }, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathVerifyWrite, + logical.UpdateOperation: b.pathVerifyWrite, }, HelpSynopsis: pathVerifyHelpSyn, HelpDescription: pathVerifyHelpDesc, diff --git a/builtin/logical/transit/backend_test.go b/builtin/logical/transit/backend_test.go index 5081644a24..3ed79d72bb 100644 --- a/builtin/logical/transit/backend_test.go +++ b/builtin/logical/transit/backend_test.go @@ -145,7 +145,7 @@ func TestBackend_basic_derived(t *testing.T) { func testAccStepWritePolicy(t *testing.T, name string, derived bool) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "keys/" + name, Data: map[string]interface{}{ "derived": derived, @@ -155,7 +155,7 @@ func testAccStepWritePolicy(t *testing.T, name string, derived bool) logicaltest func testAccStepAdjustPolicy(t *testing.T, name string, minVer int) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "keys/" + name + "/config", Data: map[string]interface{}{ "min_decryption_version": minVer, @@ -165,7 +165,7 @@ func testAccStepAdjustPolicy(t *testing.T, name string, minVer int) logicaltest. func testAccStepDisableDeletion(t *testing.T, name string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "keys/" + name + "/config", Data: map[string]interface{}{ "deletion_allowed": false, @@ -175,7 +175,7 @@ func testAccStepDisableDeletion(t *testing.T, name string) logicaltest.TestStep func testAccStepEnableDeletion(t *testing.T, name string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "keys/" + name + "/config", Data: map[string]interface{}{ "deletion_allowed": true, @@ -263,7 +263,7 @@ func testAccStepReadPolicy(t *testing.T, name string, expectNone, derived bool) func testAccStepEncrypt( t *testing.T, name, plaintext string, decryptData map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "encrypt/" + name, Data: map[string]interface{}{ "plaintext": base64.StdEncoding.EncodeToString([]byte(plaintext)), @@ -287,7 +287,7 @@ func testAccStepEncrypt( func testAccStepEncryptContext( t *testing.T, name, plaintext, context string, decryptData map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "encrypt/" + name, Data: map[string]interface{}{ "plaintext": base64.StdEncoding.EncodeToString([]byte(plaintext)), @@ -313,7 +313,7 @@ func testAccStepEncryptContext( func testAccStepDecrypt( t *testing.T, name, plaintext string, decryptData map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "decrypt/" + name, Data: decryptData, Check: func(resp *logical.Response) error { @@ -341,7 +341,7 @@ func testAccStepDecrypt( func testAccStepRewrap( t *testing.T, name string, decryptData map[string]interface{}, expectedVer int) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "rewrap/" + name, Data: decryptData, Check: func(resp *logical.Response) error { @@ -373,7 +373,7 @@ func testAccStepEncryptVX( t *testing.T, name, plaintext string, decryptData map[string]interface{}, ver int, encryptHistory map[int]map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "encrypt/" + name, Data: map[string]interface{}{ "plaintext": base64.StdEncoding.EncodeToString([]byte(plaintext)), @@ -417,7 +417,7 @@ func testAccStepLoadVX( func testAccStepDecryptExpectFailure( t *testing.T, name, plaintext string, decryptData map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "decrypt/" + name, Data: decryptData, ErrorOk: true, @@ -432,7 +432,7 @@ func testAccStepDecryptExpectFailure( func testAccStepRotate(t *testing.T, name string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "keys/" + name + "/rotate", } } @@ -449,7 +449,7 @@ func testAccStepWriteDatakey(t *testing.T, name string, data["bits"] = bits } return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "datakey/" + subPath + "/" + name, Data: data, Check: func(resp *logical.Response) error { @@ -485,7 +485,7 @@ func testAccStepWriteDatakey(t *testing.T, name string, func testAccStepDecryptDatakey(t *testing.T, name string, dataKeyInfo map[string]interface{}) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "decrypt/" + name, Data: dataKeyInfo, Check: func(resp *logical.Response) error { diff --git a/builtin/logical/transit/path_config.go b/builtin/logical/transit/path_config.go index d368c64b9a..d68726b4e8 100644 --- a/builtin/logical/transit/path_config.go +++ b/builtin/logical/transit/path_config.go @@ -29,7 +29,7 @@ to be decrypted.`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathConfigWrite, + logical.UpdateOperation: pathConfigWrite, }, HelpSynopsis: pathConfigHelpSyn, diff --git a/builtin/logical/transit/path_datakey.go b/builtin/logical/transit/path_datakey.go index b4499d45e6..2cec9f3e68 100644 --- a/builtin/logical/transit/path_datakey.go +++ b/builtin/logical/transit/path_datakey.go @@ -39,7 +39,7 @@ and 512 bits are supported. Defaults to 256.`, }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathDatakeyWrite, + logical.UpdateOperation: pathDatakeyWrite, }, HelpSynopsis: pathDatakeyHelpSyn, diff --git a/builtin/logical/transit/path_decrypt.go b/builtin/logical/transit/path_decrypt.go index 8ea94da554..d084d5d936 100644 --- a/builtin/logical/transit/path_decrypt.go +++ b/builtin/logical/transit/path_decrypt.go @@ -30,7 +30,7 @@ func pathDecrypt() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathDecryptWrite, + logical.UpdateOperation: pathDecryptWrite, }, HelpSynopsis: pathDecryptHelpSyn, diff --git a/builtin/logical/transit/path_encrypt.go b/builtin/logical/transit/path_encrypt.go index 7a402292dd..e9aa322ea9 100644 --- a/builtin/logical/transit/path_encrypt.go +++ b/builtin/logical/transit/path_encrypt.go @@ -30,7 +30,7 @@ func pathEncrypt() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathEncryptWrite, + logical.UpdateOperation: pathEncryptWrite, }, HelpSynopsis: pathEncryptHelpSyn, diff --git a/builtin/logical/transit/path_keys.go b/builtin/logical/transit/path_keys.go index 44d3f18ab7..4d1b286623 100644 --- a/builtin/logical/transit/path_keys.go +++ b/builtin/logical/transit/path_keys.go @@ -24,7 +24,7 @@ func pathKeys() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathPolicyWrite, + logical.UpdateOperation: pathPolicyWrite, logical.DeleteOperation: pathPolicyDelete, logical.ReadOperation: pathPolicyRead, }, diff --git a/builtin/logical/transit/path_rewrap.go b/builtin/logical/transit/path_rewrap.go index d6b48d0356..adac996b2a 100644 --- a/builtin/logical/transit/path_rewrap.go +++ b/builtin/logical/transit/path_rewrap.go @@ -30,7 +30,7 @@ func pathRewrap() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathRewrapWrite, + logical.UpdateOperation: pathRewrapWrite, }, HelpSynopsis: pathRewrapHelpSyn, diff --git a/builtin/logical/transit/path_rotate.go b/builtin/logical/transit/path_rotate.go index c557dc9278..f7b42dcfb2 100644 --- a/builtin/logical/transit/path_rotate.go +++ b/builtin/logical/transit/path_rotate.go @@ -18,7 +18,7 @@ func pathRotate() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathRotateWrite, + logical.UpdateOperation: pathRotateWrite, }, HelpSynopsis: pathRotateHelpSyn, diff --git a/helper/mfa/duo/path_duo_access.go b/helper/mfa/duo/path_duo_access.go index 3b43233944..7537fd6b0d 100644 --- a/helper/mfa/duo/path_duo_access.go +++ b/helper/mfa/duo/path_duo_access.go @@ -34,7 +34,7 @@ func pathDuoAccess() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathDuoAccessWrite, + logical.UpdateOperation: pathDuoAccessWrite, }, HelpSynopsis: pathDuoAccessHelpSyn, diff --git a/helper/mfa/duo/path_duo_config.go b/helper/mfa/duo/path_duo_config.go index 406072dec1..381ca471c6 100644 --- a/helper/mfa/duo/path_duo_config.go +++ b/helper/mfa/duo/path_duo_config.go @@ -23,7 +23,7 @@ func pathDuoConfig() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: pathDuoConfigWrite, + logical.UpdateOperation: pathDuoConfigWrite, logical.ReadOperation: pathDuoConfigRead, }, diff --git a/helper/mfa/mfa.go b/helper/mfa/mfa.go index 2cb28381f9..5813906033 100644 --- a/helper/mfa/mfa.go +++ b/helper/mfa/mfa.go @@ -56,8 +56,8 @@ func wrapLoginPath(b *backend, loginPath *framework.Path) *framework.Path { Description: "Multi-factor auth method to use (optional)", } // wrap write callback to do MFA after auth - loginHandler := loginPath.Callbacks[logical.WriteOperation] - loginPath.Callbacks[logical.WriteOperation] = b.wrapLoginHandler(loginHandler) + loginHandler := loginPath.Callbacks[logical.UpdateOperation] + loginPath.Callbacks[logical.UpdateOperation] = b.wrapLoginHandler(loginHandler) return loginPath } diff --git a/helper/mfa/mfa_test.go b/helper/mfa/mfa_test.go index 197ed20b3e..0e4119c3ac 100644 --- a/helper/mfa/mfa_test.go +++ b/helper/mfa/mfa_test.go @@ -38,7 +38,7 @@ func testPathLogin() *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: testPathLoginHandler, + logical.UpdateOperation: testPathLoginHandler, }, } } @@ -92,7 +92,7 @@ func TestMFALoginDenied(t *testing.T) { func testAccStepEnableMFA(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "mfa_config", Data: map[string]interface{}{ "type": "test", @@ -102,7 +102,7 @@ func testAccStepEnableMFA(t *testing.T) logicaltest.TestStep { func testAccStepLogin(t *testing.T, username string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "method": "accept", @@ -115,7 +115,7 @@ func testAccStepLogin(t *testing.T, username string) logicaltest.TestStep { func testAccStepLoginDenied(t *testing.T, username string) logicaltest.TestStep { return logicaltest.TestStep{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "login", Data: map[string]interface{}{ "method": "deny", diff --git a/helper/mfa/path_mfa_config.go b/helper/mfa/path_mfa_config.go index 55a2619480..46be15cdfd 100644 --- a/helper/mfa/path_mfa_config.go +++ b/helper/mfa/path_mfa_config.go @@ -16,7 +16,7 @@ func pathMFAConfig(b *backend) *framework.Path { }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.pathMFAConfigWrite, + logical.UpdateOperation: b.pathMFAConfigWrite, logical.ReadOperation: b.pathMFAConfigRead, }, diff --git a/http/logical.go b/http/logical.go index 46df155fae..f30b4007a3 100644 --- a/http/logical.go +++ b/http/logical.go @@ -33,7 +33,7 @@ func handleLogical(core *vault.Core, dataOnly bool) http.Handler { case "POST": fallthrough case "PUT": - op = logical.WriteOperation + op = logical.UpdateOperation default: respondError(w, http.StatusMethodNotAllowed, nil) return @@ -41,7 +41,7 @@ func handleLogical(core *vault.Core, dataOnly bool) http.Handler { // Parse the request if we can var req map[string]interface{} - if op == logical.WriteOperation { + if op == logical.UpdateOperation { err := parseRequest(r, &req) if err == io.EOF { req = nil diff --git a/http/sys_policy.go b/http/sys_policy.go index 49ea7902c6..b6234c6836 100644 --- a/http/sys_policy.go +++ b/http/sys_policy.go @@ -127,7 +127,7 @@ func handleSysWritePolicy(core *vault.Core, w http.ResponseWriter, r *http.Reque } _, ok := request(core, w, r, requestAuth(r, &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sys/policy/" + path, Connection: getConnection(r), Data: map[string]interface{}{ diff --git a/logical/framework/backend_test.go b/logical/framework/backend_test.go index a110f8455b..e956f5ff50 100644 --- a/logical/framework/backend_test.go +++ b/logical/framework/backend_test.go @@ -94,14 +94,14 @@ func TestBackendHandleRequest_badwrite(t *testing.T) { "value": &FieldSchema{Type: TypeBool}, }, Callbacks: map[logical.Operation]OperationFunc{ - logical.WriteOperation: callback, + logical.UpdateOperation: callback, }, }, }, } _, err := b.HandleRequest(&logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "foo/bar", Data: map[string]interface{}{"value": "3false3"}, }) @@ -390,7 +390,7 @@ func TestBackendHandleRequest_unsupportedOperation(t *testing.T) { } _, err := b.HandleRequest(&logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "foo/bar", Data: map[string]interface{}{"value": "84"}, }) diff --git a/logical/framework/path_map.go b/logical/framework/path_map.go index b5c2369240..1d3bb96b8d 100644 --- a/logical/framework/path_map.go +++ b/logical/framework/path_map.go @@ -122,7 +122,7 @@ func (p *PathMap) Paths() []*Path { Fields: schema, Callbacks: map[logical.Operation]OperationFunc{ - logical.WriteOperation: p.pathSingleWrite, + logical.UpdateOperation: p.pathSingleWrite, logical.ReadOperation: p.pathSingleRead, logical.DeleteOperation: p.pathSingleDelete, }, diff --git a/logical/framework/path_map_test.go b/logical/framework/path_map_test.go index 30b20c9441..c80e710dda 100644 --- a/logical/framework/path_map_test.go +++ b/logical/framework/path_map_test.go @@ -14,7 +14,7 @@ func TestPathMap(t *testing.T) { // Write via HTTP _, err := b.HandleRequest(&logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/foo/a", Data: map[string]interface{}{ "value": "bar", @@ -136,7 +136,7 @@ func TestPathMap_Salted(t *testing.T) { // Write via HTTP _, err = b.HandleRequest(&logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "map/foo/a", Data: map[string]interface{}{ "value": "bar", diff --git a/logical/framework/path_struct.go b/logical/framework/path_struct.go index 3dc5f661d5..672dada130 100644 --- a/logical/framework/path_struct.go +++ b/logical/framework/path_struct.go @@ -64,7 +64,7 @@ func (p *PathStruct) Paths() []*Path { Fields: p.Schema, Callbacks: map[logical.Operation]OperationFunc{ - logical.WriteOperation: p.pathWrite, + logical.UpdateOperation: p.pathWrite, logical.DeleteOperation: p.pathDelete, }, diff --git a/logical/framework/path_struct_test.go b/logical/framework/path_struct_test.go index abdae1fdf0..48233d307f 100644 --- a/logical/framework/path_struct_test.go +++ b/logical/framework/path_struct_test.go @@ -21,7 +21,7 @@ func TestPathStruct(t *testing.T) { // Write via HTTP _, err := b.HandleRequest(&logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "bar", Data: map[string]interface{}{ "value": "baz", diff --git a/logical/request.go b/logical/request.go index 0b123c8119..7b6096eebe 100644 --- a/logical/request.go +++ b/logical/request.go @@ -122,7 +122,7 @@ type Operation string const ( // The operations below are called per path ReadOperation Operation = "read" - WriteOperation = "write" + UpdateOperation = "write" DeleteOperation = "delete" ListOperation = "list" HelpOperation = "help" diff --git a/logical/testing/testing.go b/logical/testing/testing.go index 106f5a984b..e720151cd2 100644 --- a/logical/testing/testing.go +++ b/logical/testing/testing.go @@ -206,7 +206,7 @@ func Test(t TestT, c TestCase) { if resp != nil && resp.Secret != nil { // Revoke this secret later revoke = append(revoke, &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sys/revoke/" + resp.Secret.LeaseID, }) } diff --git a/vault/acl.go b/vault/acl.go index 8154ba9f79..6343c68793 100644 --- a/vault/acl.go +++ b/vault/acl.go @@ -15,7 +15,7 @@ var ( // into the set of policies that allow the operation. permittedPolicyLevels = map[logical.Operation][]string{ logical.ReadOperation: readWriteSudo, - logical.WriteOperation: writeSudo, + logical.UpdateOperation: writeSudo, logical.DeleteOperation: writeSudo, logical.ListOperation: readWriteSudo, logical.HelpOperation: anyPolicy, diff --git a/vault/acl_test.go b/vault/acl_test.go index c1ddedfe0d..c886d2022a 100644 --- a/vault/acl_test.go +++ b/vault/acl_test.go @@ -17,7 +17,7 @@ func TestACL_Root(t *testing.T) { if !acl.RootPrivilege("sys/mount/foo") { t.Fatalf("expected root") } - if !acl.AllowOperation(logical.WriteOperation, "sys/mount/foo") { + if !acl.AllowOperation(logical.UpdateOperation, "sys/mount/foo") { t.Fatalf("expected permission") } } @@ -47,14 +47,14 @@ func TestACL_Single(t *testing.T) { {logical.HelpOperation, "root", true}, {logical.ReadOperation, "dev/foo", true}, - {logical.WriteOperation, "dev/foo", true}, + {logical.UpdateOperation, "dev/foo", true}, {logical.DeleteOperation, "stage/foo", true}, - {logical.WriteOperation, "stage/aws/foo", false}, - {logical.WriteOperation, "stage/aws/policy/foo", true}, + {logical.UpdateOperation, "stage/aws/foo", false}, + {logical.UpdateOperation, "stage/aws/policy/foo", true}, {logical.DeleteOperation, "prod/foo", false}, - {logical.WriteOperation, "prod/foo", false}, + {logical.UpdateOperation, "prod/foo", false}, {logical.ReadOperation, "prod/foo", true}, {logical.ListOperation, "prod/foo", true}, {logical.ReadOperation, "prod/aws/foo", false}, @@ -101,20 +101,20 @@ func testLayeredACL(t *testing.T, acl *ACL) { {logical.HelpOperation, "root", true}, {logical.ReadOperation, "dev/hide/foo", false}, - {logical.WriteOperation, "dev/hide/foo", false}, + {logical.UpdateOperation, "dev/hide/foo", false}, {logical.DeleteOperation, "stage/foo", true}, - {logical.WriteOperation, "stage/aws/foo", false}, - {logical.WriteOperation, "stage/aws/policy/foo", false}, + {logical.UpdateOperation, "stage/aws/foo", false}, + {logical.UpdateOperation, "stage/aws/policy/foo", false}, {logical.DeleteOperation, "prod/foo", true}, - {logical.WriteOperation, "prod/foo", true}, + {logical.UpdateOperation, "prod/foo", true}, {logical.ReadOperation, "prod/foo", true}, {logical.ListOperation, "prod/foo", true}, {logical.ReadOperation, "prod/aws/foo", false}, {logical.ReadOperation, "sys/status", false}, - {logical.WriteOperation, "sys/seal", true}, + {logical.UpdateOperation, "sys/seal", true}, } for _, tc := range tcases { diff --git a/vault/core.go b/vault/core.go index 025ce15028..ca10d422d9 100644 --- a/vault/core.go +++ b/vault/core.go @@ -1115,7 +1115,7 @@ func (c *Core) Seal(token string) (retErr error) { } // Validate the token is a root token - _, te, err := c.checkToken(logical.WriteOperation, "sys/seal", token) + _, te, err := c.checkToken(logical.UpdateOperation, "sys/seal", token) if te != nil { // Attempt to use the token (decrement num_uses) if err := c.tokenStore.UseToken(te); err != nil { diff --git a/vault/core_test.go b/vault/core_test.go index 87e50f6619..585ecb46fe 100644 --- a/vault/core_test.go +++ b/vault/core_test.go @@ -379,7 +379,7 @@ func TestCore_HandleRequest_Lease(t *testing.T) { c, _, root := TestCoreUnsealed(t) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -420,7 +420,7 @@ func TestCore_HandleRequest_Lease_MaxLength(t *testing.T) { c, _, root := TestCoreUnsealed(t) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -461,7 +461,7 @@ func TestCore_HandleRequest_Lease_DefaultLength(t *testing.T) { c, _, root := TestCoreUnsealed(t) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -502,7 +502,7 @@ func TestCore_HandleRequest_MissingToken(t *testing.T) { c, _, _ := TestCoreUnsealed(t) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -522,7 +522,7 @@ func TestCore_HandleRequest_InvalidToken(t *testing.T) { c, _, _ := TestCoreUnsealed(t) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -579,7 +579,7 @@ func TestCore_HandleRequest_RootPath_WithSudo(t *testing.T) { // Set the 'test' policy object to permit access to sys/policy req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sys/policy/test", // root protected! Data: map[string]interface{}{ "rules": `path "sys/policy" { policy = "sudo" }`, @@ -616,7 +616,7 @@ func TestCore_HandleRequest_PermissionDenied(t *testing.T) { testCoreMakeToken(t, c, root, "child", "", []string{"test"}) req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -637,7 +637,7 @@ func TestCore_HandleRequest_PermissionAllowed(t *testing.T) { // Set the 'test' policy object to permit access to secret/ req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sys/policy/test", Data: map[string]interface{}{ "rules": `path "secret/*" { policy = "write" }`, @@ -654,7 +654,7 @@ func TestCore_HandleRequest_PermissionAllowed(t *testing.T) { // Write should work now req = &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -681,7 +681,7 @@ func TestCore_HandleRequest_NoConnection(t *testing.T) { } // Enable the logical backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/mounts/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/mounts/foo") req.Data["type"] = "noop" req.Data["description"] = "foo" req.ClientToken = root @@ -714,7 +714,7 @@ func TestCore_HandleRequest_NoClientToken(t *testing.T) { } // Enable the logical backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/mounts/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/mounts/foo") req.Data["type"] = "noop" req.Data["description"] = "foo" req.ClientToken = root @@ -749,7 +749,7 @@ func TestCore_HandleRequest_ConnOnLogin(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -790,7 +790,7 @@ func TestCore_HandleLogin_Token(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -853,7 +853,7 @@ func TestCore_HandleRequest_AuditTrail(t *testing.T) { } // Enable the audit backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/audit/noop") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/audit/noop") req.Data["type"] = "noop" req.ClientToken = root resp, err := c.HandleRequest(req) @@ -863,7 +863,7 @@ func TestCore_HandleRequest_AuditTrail(t *testing.T) { // Make a request req = &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -935,7 +935,7 @@ func TestCore_HandleLogin_AuditTrail(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -944,7 +944,7 @@ func TestCore_HandleLogin_AuditTrail(t *testing.T) { } // Enable the audit backend - req = logical.TestRequest(t, logical.WriteOperation, "sys/audit/noop") + req = logical.TestRequest(t, logical.UpdateOperation, "sys/audit/noop") req.Data["type"] = "noop" req.ClientToken = root _, err = c.HandleRequest(req) @@ -998,7 +998,7 @@ func TestCore_HandleRequest_CreateToken_Lease(t *testing.T) { c, _, root := TestCoreUnsealed(t) // Create a new credential - req := logical.TestRequest(t, logical.WriteOperation, "auth/token/create") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/token/create") req.ClientToken = root req.Data["policies"] = []string{"foo"} resp, err := c.HandleRequest(req) @@ -1041,7 +1041,7 @@ func TestCore_HandleRequest_CreateToken_NoDefaultPolicy(t *testing.T) { c, _, root := TestCoreUnsealed(t) // Create a new credential - req := logical.TestRequest(t, logical.WriteOperation, "auth/token/create") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/token/create") req.ClientToken = root req.Data["policies"] = []string{"foo"} req.Data["no_default_policy"] = true @@ -1079,7 +1079,7 @@ func TestCore_LimitedUseToken(t *testing.T) { c, _, root := TestCoreUnsealed(t) // Create a new credential - req := logical.TestRequest(t, logical.WriteOperation, "auth/token/create") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/token/create") req.ClientToken = root req.Data["num_uses"] = "1" resp, err := c.HandleRequest(req) @@ -1089,7 +1089,7 @@ func TestCore_LimitedUseToken(t *testing.T) { // Put a secret req = &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/foo", Data: map[string]interface{}{ "foo": "bar", @@ -1297,7 +1297,7 @@ func testCore_Standby_Common(t *testing.T, inm physical.Backend, inmha physical. // Put a secret req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/foo", Data: map[string]interface{}{ "foo": "bar", @@ -1456,7 +1456,7 @@ func TestCore_HandleRequest_Login_InternalData(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -1500,7 +1500,7 @@ func TestCore_HandleRequest_InternalData(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/mounts/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/mounts/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -1543,7 +1543,7 @@ func TestCore_HandleLogin_ReturnSecret(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -1567,7 +1567,7 @@ func TestCore_RenewSameLease(t *testing.T) { // Create a leasable secret req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -1596,7 +1596,7 @@ func TestCore_RenewSameLease(t *testing.T) { original := resp.Secret.LeaseID // Renew the lease - req = logical.TestRequest(t, logical.WriteOperation, "sys/renew/"+resp.Secret.LeaseID) + req = logical.TestRequest(t, logical.UpdateOperation, "sys/renew/"+resp.Secret.LeaseID) req.ClientToken = root resp, err = c.HandleRequest(req) if err != nil { @@ -1615,7 +1615,7 @@ func TestCore_RenewToken_SingleRegister(t *testing.T) { // Create a new token req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "auth/token/create", Data: map[string]interface{}{ "lease": "1h", @@ -1629,7 +1629,7 @@ func TestCore_RenewToken_SingleRegister(t *testing.T) { newClient := resp.Auth.ClientToken // Renew the token - req = logical.TestRequest(t, logical.WriteOperation, "auth/token/renew/"+newClient) + req = logical.TestRequest(t, logical.UpdateOperation, "auth/token/renew/"+newClient) req.ClientToken = newClient resp, err = c.HandleRequest(req) if err != nil { @@ -1637,7 +1637,7 @@ func TestCore_RenewToken_SingleRegister(t *testing.T) { } // Revoke using the renew prefix - req = logical.TestRequest(t, logical.WriteOperation, "sys/revoke-prefix/auth/token/renew/") + req = logical.TestRequest(t, logical.UpdateOperation, "sys/revoke-prefix/auth/token/renew/") req.ClientToken = root resp, err = c.HandleRequest(req) if err != nil { @@ -1675,7 +1675,7 @@ func TestCore_EnableDisableCred_WithLease(t *testing.T) { } // Enable the credential backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/auth/foo") req.Data["type"] = "noop" req.ClientToken = root _, err := c.HandleRequest(req) @@ -1694,7 +1694,7 @@ func TestCore_EnableDisableCred_WithLease(t *testing.T) { // Create a leasable secret req = &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "secret/test", Data: map[string]interface{}{ "foo": "bar", @@ -1722,7 +1722,7 @@ func TestCore_EnableDisableCred_WithLease(t *testing.T) { } // Renew the lease - req = logical.TestRequest(t, logical.WriteOperation, "sys/renew/"+resp.Secret.LeaseID) + req = logical.TestRequest(t, logical.UpdateOperation, "sys/renew/"+resp.Secret.LeaseID) req.ClientToken = lresp.Auth.ClientToken _, err = c.HandleRequest(req) if err != nil { @@ -1748,7 +1748,7 @@ func TestCore_HandleRequest_MountPoint(t *testing.T) { } // Enable the logical backend - req := logical.TestRequest(t, logical.WriteOperation, "sys/mounts/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "sys/mounts/foo") req.Data["type"] = "noop" req.Data["description"] = "foo" req.ClientToken = root @@ -2121,7 +2121,7 @@ func TestCore_Standby_Rotate(t *testing.T) { // Rotate the encryption key req := &logical.Request{ - Operation: logical.WriteOperation, + Operation: logical.UpdateOperation, Path: "sys/rotate", ClientToken: root, } diff --git a/vault/logical_cubbyhole.go b/vault/logical_cubbyhole.go index 5532932e21..97c4602be2 100644 --- a/vault/logical_cubbyhole.go +++ b/vault/logical_cubbyhole.go @@ -21,7 +21,7 @@ func CubbyholeBackendFactory(conf *logical.BackendConfig) (logical.Backend, erro Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handleRead, - logical.WriteOperation: b.handleWrite, + logical.UpdateOperation: b.handleWrite, logical.DeleteOperation: b.handleDelete, logical.ListOperation: b.handleList, }, diff --git a/vault/logical_cubbyhole_test.go b/vault/logical_cubbyhole_test.go index ac5b645ef0..67e8c37e8e 100644 --- a/vault/logical_cubbyhole_test.go +++ b/vault/logical_cubbyhole_test.go @@ -20,7 +20,7 @@ func TestCubbyholeBackend_RootPaths(t *testing.T) { func TestCubbyholeBackend_Write(t *testing.T) { b := testCubbyholeBackend() - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") clientToken := uuid.GenerateUUID() req.ClientToken = clientToken storage := req.Storage @@ -45,7 +45,7 @@ func TestCubbyholeBackend_Write(t *testing.T) { func TestCubbyholeBackend_Read(t *testing.T) { b := testCubbyholeBackend() - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" storage := req.Storage clientToken := uuid.GenerateUUID() @@ -77,7 +77,7 @@ func TestCubbyholeBackend_Read(t *testing.T) { func TestCubbyholeBackend_Delete(t *testing.T) { b := testCubbyholeBackend() - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" storage := req.Storage clientToken := uuid.GenerateUUID() @@ -112,7 +112,7 @@ func TestCubbyholeBackend_Delete(t *testing.T) { func TestCubbyholeBackend_List(t *testing.T) { b := testCubbyholeBackend() - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") clientToken := uuid.GenerateUUID() req.Data["raw"] = "test" req.ClientToken = clientToken @@ -122,7 +122,7 @@ func TestCubbyholeBackend_List(t *testing.T) { t.Fatalf("err: %v", err) } - req = logical.TestRequest(t, logical.WriteOperation, "bar") + req = logical.TestRequest(t, logical.UpdateOperation, "bar") req.Data["raw"] = "baz" req.ClientToken = clientToken req.Storage = storage @@ -157,7 +157,7 @@ func TestCubbyholeIsolation(t *testing.T) { var storageB logical.Storage // Populate and test A entries - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.ClientToken = clientTokenA storageA = req.Storage req.Data["raw"] = "test" @@ -189,7 +189,7 @@ func TestCubbyholeIsolation(t *testing.T) { } // Populate and test B entries - req = logical.TestRequest(t, logical.WriteOperation, "bar") + req = logical.TestRequest(t, logical.UpdateOperation, "bar") req.ClientToken = clientTokenB storageB = req.Storage req.Data["raw"] = "baz" diff --git a/vault/logical_passthrough.go b/vault/logical_passthrough.go index f643d2ce1d..6d6e0e8f6f 100644 --- a/vault/logical_passthrough.go +++ b/vault/logical_passthrough.go @@ -47,7 +47,7 @@ func LeaseSwitchedPassthroughBackend(conf *logical.BackendConfig, leases bool) ( Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handleRead, - logical.WriteOperation: b.handleWrite, + logical.UpdateOperation: b.handleWrite, logical.DeleteOperation: b.handleDelete, logical.ListOperation: b.handleList, }, diff --git a/vault/logical_passthrough_test.go b/vault/logical_passthrough_test.go index 879dfd6496..73dec26271 100644 --- a/vault/logical_passthrough_test.go +++ b/vault/logical_passthrough_test.go @@ -23,7 +23,7 @@ func TestPassthroughBackend_RootPaths(t *testing.T) { func TestPassthroughBackend_Write(t *testing.T) { test := func(b logical.Backend) { - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" resp, err := b.HandleRequest(req) @@ -50,7 +50,7 @@ func TestPassthroughBackend_Write(t *testing.T) { func TestPassthroughBackend_Read(t *testing.T) { test := func(b logical.Backend, ttlType string, leased bool) { - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" req.Data[ttlType] = "1h" storage := req.Storage @@ -99,7 +99,7 @@ func TestPassthroughBackend_Read(t *testing.T) { func TestPassthroughBackend_Delete(t *testing.T) { test := func(b logical.Backend) { - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" storage := req.Storage @@ -135,7 +135,7 @@ func TestPassthroughBackend_Delete(t *testing.T) { func TestPassthroughBackend_List(t *testing.T) { test := func(b logical.Backend) { - req := logical.TestRequest(t, logical.WriteOperation, "foo") + req := logical.TestRequest(t, logical.UpdateOperation, "foo") req.Data["raw"] = "test" storage := req.Storage diff --git a/vault/logical_system.go b/vault/logical_system.go index 376c6e121c..5a540809ca 100644 --- a/vault/logical_system.go +++ b/vault/logical_system.go @@ -75,7 +75,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handleMountTuneRead, - logical.WriteOperation: b.handleMountTuneWrite, + logical.UpdateOperation: b.handleMountTuneWrite, }, HelpSynopsis: strings.TrimSpace(sysHelp["mount_tune"][0]), @@ -105,7 +105,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleMount, + logical.UpdateOperation: b.handleMount, logical.DeleteOperation: b.handleUnmount, }, @@ -139,7 +139,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleRemount, + logical.UpdateOperation: b.handleRemount, }, HelpSynopsis: strings.TrimSpace(sysHelp["remount"][0]), @@ -161,7 +161,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleRenew, + logical.UpdateOperation: b.handleRenew, }, HelpSynopsis: strings.TrimSpace(sysHelp["renew"][0]), @@ -179,7 +179,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleRevoke, + logical.UpdateOperation: b.handleRevoke, }, HelpSynopsis: strings.TrimSpace(sysHelp["revoke"][0]), @@ -197,7 +197,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleRevokePrefix, + logical.UpdateOperation: b.handleRevokePrefix, }, HelpSynopsis: strings.TrimSpace(sysHelp["revoke-prefix"][0]), @@ -234,7 +234,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleEnableAuth, + logical.UpdateOperation: b.handleEnableAuth, logical.DeleteOperation: b.handleDisableAuth, }, @@ -269,7 +269,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handlePolicyRead, - logical.WriteOperation: b.handlePolicySet, + logical.UpdateOperation: b.handlePolicySet, logical.DeleteOperation: b.handlePolicyDelete, }, @@ -292,7 +292,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleAuditHash, + logical.UpdateOperation: b.handleAuditHash, }, HelpSynopsis: strings.TrimSpace(sysHelp["audit-hash"][0]), @@ -333,7 +333,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleEnableAudit, + logical.UpdateOperation: b.handleEnableAudit, logical.DeleteOperation: b.handleDisableAudit, }, @@ -355,7 +355,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend Callbacks: map[logical.Operation]framework.OperationFunc{ logical.ReadOperation: b.handleRawRead, - logical.WriteOperation: b.handleRawWrite, + logical.UpdateOperation: b.handleRawWrite, logical.DeleteOperation: b.handleRawDelete, }, }, @@ -375,7 +375,7 @@ func NewSystemBackend(core *Core, config *logical.BackendConfig) logical.Backend Pattern: "rotate$", Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: b.handleRotate, + logical.UpdateOperation: b.handleRotate, }, HelpSynopsis: strings.TrimSpace(sysHelp["rotate"][0]), diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go index fdca81efa4..18e60cf1c1 100644 --- a/vault/logical_system_test.go +++ b/vault/logical_system_test.go @@ -75,7 +75,7 @@ func TestSystemBackend_mounts(t *testing.T) { func TestSystemBackend_mount(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "mounts/prod/secret/") + req := logical.TestRequest(t, logical.UpdateOperation, "mounts/prod/secret/") req.Data["type"] = "generic" resp, err := b.HandleRequest(req) @@ -90,7 +90,7 @@ func TestSystemBackend_mount(t *testing.T) { func TestSystemBackend_mount_invalid(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "mounts/prod/secret/") + req := logical.TestRequest(t, logical.UpdateOperation, "mounts/prod/secret/") req.Data["type"] = "nope" resp, err := b.HandleRequest(req) if err != logical.ErrInvalidRequest { @@ -130,7 +130,7 @@ func TestSystemBackend_unmount_invalid(t *testing.T) { func TestSystemBackend_remount(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "remount") + req := logical.TestRequest(t, logical.UpdateOperation, "remount") req.Data["from"] = "secret" req.Data["to"] = "foo" req.Data["config"] = structs.Map(MountConfig{}) @@ -146,7 +146,7 @@ func TestSystemBackend_remount(t *testing.T) { func TestSystemBackend_remount_invalid(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "remount") + req := logical.TestRequest(t, logical.UpdateOperation, "remount") req.Data["from"] = "unknown" req.Data["to"] = "foo" req.Data["config"] = structs.Map(MountConfig{}) @@ -162,7 +162,7 @@ func TestSystemBackend_remount_invalid(t *testing.T) { func TestSystemBackend_remount_system(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "remount") + req := logical.TestRequest(t, logical.UpdateOperation, "remount") req.Data["from"] = "sys" req.Data["to"] = "foo" resp, err := b.HandleRequest(req) @@ -178,7 +178,7 @@ func TestSystemBackend_renew(t *testing.T) { core, b, root := testCoreSystemBackend(t) // Create a key with a lease - req := logical.TestRequest(t, logical.WriteOperation, "secret/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo") req.Data["foo"] = "bar" req.ClientToken = root resp, err := core.HandleRequest(req) @@ -201,7 +201,7 @@ func TestSystemBackend_renew(t *testing.T) { } // Attempt renew - req2 := logical.TestRequest(t, logical.WriteOperation, "renew/"+resp.Secret.LeaseID) + req2 := logical.TestRequest(t, logical.UpdateOperation, "renew/"+resp.Secret.LeaseID) req2.Data["increment"] = "100s" resp2, err := b.HandleRequest(req2) if err != logical.ErrInvalidRequest { @@ -218,7 +218,7 @@ func TestSystemBackend_renew_invalidID(t *testing.T) { b := testSystemBackend(t) // Attempt renew - req := logical.TestRequest(t, logical.WriteOperation, "renew/foobarbaz") + req := logical.TestRequest(t, logical.UpdateOperation, "renew/foobarbaz") resp, err := b.HandleRequest(req) if err != logical.ErrInvalidRequest { t.Fatalf("err: %v", err) @@ -232,7 +232,7 @@ func TestSystemBackend_revoke(t *testing.T) { core, b, root := testCoreSystemBackend(t) // Create a key with a lease - req := logical.TestRequest(t, logical.WriteOperation, "secret/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo") req.Data["foo"] = "bar" req.Data["lease"] = "1h" req.ClientToken = root @@ -256,7 +256,7 @@ func TestSystemBackend_revoke(t *testing.T) { } // Attempt revoke - req2 := logical.TestRequest(t, logical.WriteOperation, "revoke/"+resp.Secret.LeaseID) + req2 := logical.TestRequest(t, logical.UpdateOperation, "revoke/"+resp.Secret.LeaseID) resp2, err := b.HandleRequest(req2) if err != nil { t.Fatalf("err: %v %#v", err, resp2) @@ -266,7 +266,7 @@ func TestSystemBackend_revoke(t *testing.T) { } // Attempt renew - req3 := logical.TestRequest(t, logical.WriteOperation, "renew/"+resp.Secret.LeaseID) + req3 := logical.TestRequest(t, logical.UpdateOperation, "renew/"+resp.Secret.LeaseID) resp3, err := b.HandleRequest(req3) if err != logical.ErrInvalidRequest { t.Fatalf("err: %v", err) @@ -280,7 +280,7 @@ func TestSystemBackend_revoke_invalidID(t *testing.T) { b := testSystemBackend(t) // Attempt renew - req := logical.TestRequest(t, logical.WriteOperation, "revoke/foobarbaz") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke/foobarbaz") resp, err := b.HandleRequest(req) if err != nil { t.Fatalf("err: %v", err) @@ -294,7 +294,7 @@ func TestSystemBackend_revokePrefix(t *testing.T) { core, b, root := testCoreSystemBackend(t) // Create a key with a lease - req := logical.TestRequest(t, logical.WriteOperation, "secret/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "secret/foo") req.Data["foo"] = "bar" req.Data["lease"] = "1h" req.ClientToken = root @@ -318,7 +318,7 @@ func TestSystemBackend_revokePrefix(t *testing.T) { } // Attempt revoke - req2 := logical.TestRequest(t, logical.WriteOperation, "revoke-prefix/secret/") + req2 := logical.TestRequest(t, logical.UpdateOperation, "revoke-prefix/secret/") resp2, err := b.HandleRequest(req2) if err != nil { t.Fatalf("err: %v %#v", err, resp2) @@ -328,7 +328,7 @@ func TestSystemBackend_revokePrefix(t *testing.T) { } // Attempt renew - req3 := logical.TestRequest(t, logical.WriteOperation, "renew/"+resp.Secret.LeaseID) + req3 := logical.TestRequest(t, logical.UpdateOperation, "renew/"+resp.Secret.LeaseID) resp3, err := b.HandleRequest(req3) if err != logical.ErrInvalidRequest { t.Fatalf("err: %v", err) @@ -363,7 +363,7 @@ func TestSystemBackend_enableAuth(t *testing.T) { return &NoopBackend{}, nil } - req := logical.TestRequest(t, logical.WriteOperation, "auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/foo") req.Data["type"] = "noop" resp, err := b.HandleRequest(req) @@ -377,7 +377,7 @@ func TestSystemBackend_enableAuth(t *testing.T) { func TestSystemBackend_enableAuth_invalid(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/foo") req.Data["type"] = "nope" resp, err := b.HandleRequest(req) if err != logical.ErrInvalidRequest { @@ -395,7 +395,7 @@ func TestSystemBackend_disableAuth(t *testing.T) { } // Register the backend - req := logical.TestRequest(t, logical.WriteOperation, "auth/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/foo") req.Data["type"] = "noop" b.HandleRequest(req) @@ -444,7 +444,7 @@ func TestSystemBackend_policyCRUD(t *testing.T) { // Create the policy rules := `path "foo/" { policy = "read" }` - req := logical.TestRequest(t, logical.WriteOperation, "policy/Foo") + req := logical.TestRequest(t, logical.UpdateOperation, "policy/Foo") req.Data["rules"] = rules resp, err := b.HandleRequest(req) if err != nil { @@ -533,7 +533,7 @@ func TestSystemBackend_enableAudit(t *testing.T) { }, nil } - req := logical.TestRequest(t, logical.WriteOperation, "audit/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo") req.Data["type"] = "noop" resp, err := b.HandleRequest(req) @@ -566,7 +566,7 @@ func TestSystemBackend_auditHash(t *testing.T) { }, nil } - req := logical.TestRequest(t, logical.WriteOperation, "audit/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo") req.Data["type"] = "noop" resp, err := b.HandleRequest(req) @@ -577,7 +577,7 @@ func TestSystemBackend_auditHash(t *testing.T) { t.Fatalf("bad: %v", resp) } - req = logical.TestRequest(t, logical.WriteOperation, "audit-hash/foo") + req = logical.TestRequest(t, logical.UpdateOperation, "audit-hash/foo") req.Data["input"] = "bar" resp, err = b.HandleRequest(req) @@ -598,7 +598,7 @@ func TestSystemBackend_auditHash(t *testing.T) { func TestSystemBackend_enableAudit_invalid(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "audit/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo") req.Data["type"] = "nope" resp, err := b.HandleRequest(req) if err != logical.ErrInvalidRequest { @@ -617,7 +617,7 @@ func TestSystemBackend_auditTable(t *testing.T) { }, nil } - req := logical.TestRequest(t, logical.WriteOperation, "audit/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo") req.Data["type"] = "noop" req.Data["description"] = "testing" req.Data["options"] = map[string]interface{}{ @@ -653,7 +653,7 @@ func TestSystemBackend_disableAudit(t *testing.T) { }, nil } - req := logical.TestRequest(t, logical.WriteOperation, "audit/foo") + req := logical.TestRequest(t, logical.UpdateOperation, "audit/foo") req.Data["type"] = "noop" req.Data["description"] = "testing" req.Data["options"] = map[string]interface{}{ @@ -711,7 +711,7 @@ func TestSystemBackend_rawRead(t *testing.T) { func TestSystemBackend_rawWrite_Protected(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "raw/"+keyringPath) + req := logical.TestRequest(t, logical.UpdateOperation, "raw/"+keyringPath) _, err := b.HandleRequest(req) if err != logical.ErrInvalidRequest { t.Fatalf("err: %v", err) @@ -721,7 +721,7 @@ func TestSystemBackend_rawWrite_Protected(t *testing.T) { func TestSystemBackend_rawWrite(t *testing.T) { c, b, _ := testCoreSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "raw/sys/policy/test") + req := logical.TestRequest(t, logical.UpdateOperation, "raw/sys/policy/test") req.Data["value"] = `path "secret/" { policy = "read" }` resp, err := b.HandleRequest(req) if err != nil { @@ -805,7 +805,7 @@ func TestSystemBackend_keyStatus(t *testing.T) { func TestSystemBackend_rotate(t *testing.T) { b := testSystemBackend(t) - req := logical.TestRequest(t, logical.WriteOperation, "rotate") + req := logical.TestRequest(t, logical.UpdateOperation, "rotate") resp, err := b.HandleRequest(req) if err != nil { t.Fatalf("err: %v", err) diff --git a/vault/token_store.go b/vault/token_store.go index e255a72965..f252c457e6 100644 --- a/vault/token_store.go +++ b/vault/token_store.go @@ -94,7 +94,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) Pattern: "create-orphan$", Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleCreateOrphan, + logical.UpdateOperation: t.handleCreateOrphan, }, HelpSynopsis: strings.TrimSpace(tokenCreateOrphanHelp), @@ -105,7 +105,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) Pattern: "create$", Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleCreate, + logical.UpdateOperation: t.handleCreate, }, HelpSynopsis: strings.TrimSpace(tokenCreateHelp), @@ -152,7 +152,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) Pattern: "revoke-self$", Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRevokeSelf, + logical.UpdateOperation: t.handleRevokeSelf, }, HelpSynopsis: strings.TrimSpace(tokenRevokeSelfHelp), @@ -170,7 +170,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRevokeTree, + logical.UpdateOperation: t.handleRevokeTree, }, HelpSynopsis: strings.TrimSpace(tokenRevokeHelp), @@ -188,7 +188,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRevokeOrphan, + logical.UpdateOperation: t.handleRevokeOrphan, }, HelpSynopsis: strings.TrimSpace(tokenRevokeOrphanHelp), @@ -206,7 +206,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRevokePrefix, + logical.UpdateOperation: t.handleRevokePrefix, }, HelpSynopsis: strings.TrimSpace(tokenRevokePrefixHelp), @@ -228,7 +228,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRenewSelf, + logical.UpdateOperation: t.handleRenewSelf, }, HelpSynopsis: strings.TrimSpace(tokenRenewSelfHelp), @@ -250,7 +250,7 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) }, Callbacks: map[logical.Operation]framework.OperationFunc{ - logical.WriteOperation: t.handleRenew, + logical.UpdateOperation: t.handleRenew, }, HelpSynopsis: strings.TrimSpace(tokenRenewHelp), diff --git a/vault/token_store_test.go b/vault/token_store_test.go index 32f973246c..c79b60bf7b 100644 --- a/vault/token_store_test.go +++ b/vault/token_store_test.go @@ -379,7 +379,7 @@ func TestTokenStore_RevokeSelf(t *testing.T) { t.Fatalf("err: %v", err) } - req := logical.TestRequest(t, logical.WriteOperation, "revoke-self") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke-self") req.ClientToken = ent1.ID resp, err := ts.HandleRequest(req) @@ -402,7 +402,7 @@ func TestTokenStore_RevokeSelf(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_DisplayName(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["display_name"] = "foo_bar.baz!" @@ -432,7 +432,7 @@ func TestTokenStore_HandleRequest_CreateToken_DisplayName(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_NumUses(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["num_uses"] = "1" @@ -463,7 +463,7 @@ func TestTokenStore_HandleRequest_CreateToken_NumUses(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_NumUses_Invalid(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["num_uses"] = "-1" @@ -476,7 +476,7 @@ func TestTokenStore_HandleRequest_CreateToken_NumUses_Invalid(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_NumUses_Restricted(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["num_uses"] = "1" @@ -496,7 +496,7 @@ func TestTokenStore_HandleRequest_CreateToken_NumUses_Restricted(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_NoPolicy(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root resp, err := ts.HandleRequest(req) @@ -525,7 +525,7 @@ func TestTokenStore_HandleRequest_CreateToken_NoPolicy(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_BadParent(t *testing.T) { _, ts, _ := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = "random" resp, err := ts.HandleRequest(req) @@ -540,7 +540,7 @@ func TestTokenStore_HandleRequest_CreateToken_BadParent(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["policies"] = []string{"foo"} @@ -556,7 +556,7 @@ func TestTokenStore_HandleRequest_CreateToken(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_RootID(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["id"] = "foobar" req.Data["policies"] = []string{"foo"} @@ -574,7 +574,7 @@ func TestTokenStore_HandleRequest_CreateToken_NonRootID(t *testing.T) { _, ts, root := mockTokenStore(t) testMakeToken(t, ts, root, "client", "", []string{"foo"}) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = "client" req.Data["id"] = "foobar" req.Data["policies"] = []string{"foo"} @@ -592,7 +592,7 @@ func TestTokenStore_HandleRequest_CreateToken_NonRoot_Subset(t *testing.T) { _, ts, root := mockTokenStore(t) testMakeToken(t, ts, root, "client", "", []string{"foo", "bar"}) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = "client" req.Data["policies"] = []string{"foo"} @@ -609,7 +609,7 @@ func TestTokenStore_HandleRequest_CreateToken_NonRoot_InvalidSubset(t *testing.T _, ts, root := mockTokenStore(t) testMakeToken(t, ts, root, "client", "", []string{"foo", "bar"}) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = "client" req.Data["policies"] = []string{"foo", "bar", "baz"} @@ -626,7 +626,7 @@ func TestTokenStore_HandleRequest_CreateToken_NonRoot_NoParent(t *testing.T) { _, ts, root := mockTokenStore(t) testMakeToken(t, ts, root, "client", "", []string{"foo"}) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = "client" req.Data["no_parent"] = true req.Data["policies"] = []string{"foo"} @@ -643,7 +643,7 @@ func TestTokenStore_HandleRequest_CreateToken_NonRoot_NoParent(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_Root_NoParent(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["no_parent"] = true req.Data["policies"] = []string{"foo"} @@ -665,7 +665,7 @@ func TestTokenStore_HandleRequest_CreateToken_Root_NoParent(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_PathBased_NoParent(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create-orphan") + req := logical.TestRequest(t, logical.UpdateOperation, "create-orphan") req.ClientToken = root req.Data["policies"] = []string{"foo"} @@ -686,7 +686,7 @@ func TestTokenStore_HandleRequest_CreateToken_PathBased_NoParent(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_Metadata(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["policies"] = []string{"foo"} meta := map[string]string{ @@ -712,7 +712,7 @@ func TestTokenStore_HandleRequest_CreateToken_Metadata(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_Lease(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["policies"] = []string{"foo"} req.Data["lease"] = "1h" @@ -735,7 +735,7 @@ func TestTokenStore_HandleRequest_CreateToken_Lease(t *testing.T) { func TestTokenStore_HandleRequest_CreateToken_TTL(t *testing.T) { _, ts, root := mockTokenStore(t) - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["policies"] = []string{"foo"} req.Data["ttl"] = "1h" @@ -760,7 +760,7 @@ func TestTokenStore_HandleRequest_Revoke(t *testing.T) { testMakeToken(t, ts, root, "child", "", []string{"root", "foo"}) testMakeToken(t, ts, "child", "sub-child", "", []string{"foo"}) - req := logical.TestRequest(t, logical.WriteOperation, "revoke/child") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke/child") resp, err := ts.HandleRequest(req) if err != nil { t.Fatalf("err: %v %v", err, resp) @@ -792,7 +792,7 @@ func TestTokenStore_HandleRequest_RevokeOrphan(t *testing.T) { testMakeToken(t, ts, root, "child", "", []string{"root", "foo"}) testMakeToken(t, ts, "child", "sub-child", "", []string{"foo"}) - req := logical.TestRequest(t, logical.WriteOperation, "revoke-orphan/child") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke-orphan/child") req.ClientToken = root resp, err := ts.HandleRequest(req) if err != nil { @@ -832,7 +832,7 @@ func TestTokenStore_HandleRequest_RevokeOrphan_NonRoot(t *testing.T) { t.Fatalf("bad: %v", out) } - req := logical.TestRequest(t, logical.WriteOperation, "revoke-orphan/child") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke-orphan/child") req.ClientToken = "child" resp, err := ts.HandleRequest(req) if err != logical.ErrInvalidRequest { @@ -912,7 +912,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) { } // Test last_renewal_time functionality - req = logical.TestRequest(t, logical.WriteOperation, "renew/client") + req = logical.TestRequest(t, logical.UpdateOperation, "renew/client") resp, err = ts.HandleRequest(req) if err != nil { t.Fatalf("err: %v %v", err, resp) @@ -957,7 +957,7 @@ func TestTokenStore_HandleRequest_RevokePrefix(t *testing.T) { t.Fatalf("err: %v", err) } - req := logical.TestRequest(t, logical.WriteOperation, "revoke-prefix/auth/github/") + req := logical.TestRequest(t, logical.UpdateOperation, "revoke-prefix/auth/github/") resp, err := ts.HandleRequest(req) if err != nil { t.Fatalf("err: %v %v", err, resp) @@ -1035,7 +1035,7 @@ func TestTokenStore_HandleRequest_Renew(t *testing.T) { originalExpire := auth.ExpirationTime() beforeRenew := time.Now().UTC() - req := logical.TestRequest(t, logical.WriteOperation, "renew/"+root.ID) + req := logical.TestRequest(t, logical.UpdateOperation, "renew/"+root.ID) req.Data["increment"] = "3600s" resp, err := ts.HandleRequest(req) if err != nil { @@ -1079,7 +1079,7 @@ func TestTokenStore_HandleRequest_RenewSelf(t *testing.T) { originalExpire := auth.ExpirationTime() beforeRenew := time.Now().UTC() - req := logical.TestRequest(t, logical.WriteOperation, "renew-self") + req := logical.TestRequest(t, logical.UpdateOperation, "renew-self") req.ClientToken = auth.ClientToken req.Data["increment"] = "3600s" resp, err := ts.HandleRequest(req) @@ -1098,7 +1098,7 @@ func TestTokenStore_HandleRequest_RenewSelf(t *testing.T) { } func testMakeToken(t *testing.T, ts *TokenStore, root, client, ttl string, policy []string) { - req := logical.TestRequest(t, logical.WriteOperation, "create") + req := logical.TestRequest(t, logical.UpdateOperation, "create") req.ClientToken = root req.Data["id"] = client req.Data["policies"] = policy @@ -1114,7 +1114,7 @@ func testMakeToken(t *testing.T, ts *TokenStore, root, client, ttl string, polic } func testCoreMakeToken(t *testing.T, c *Core, root, client, ttl string, policy []string) { - req := logical.TestRequest(t, logical.WriteOperation, "auth/token/create") + req := logical.TestRequest(t, logical.UpdateOperation, "auth/token/create") req.ClientToken = root req.Data["id"] = client req.Data["policies"] = policy