mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-05 20:36:26 +02:00
Code Issues Projects Releases Wiki Activity

events: Allow subscribing to events in namespaces (#19134)

Browse Source
This commit is contained in:
Tom Proctor 2023-02-10 19:02:42 +00:00 committed by GitHub
parent 34b3d0406d
commit ef765d3761
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/events.go
View File

@ -81,8 +81,8 @@ func handleEventsSubscribe(core *vault.Core) http.Handler {
}
prefix := "/v1/sys/events/subscribe/"
if ns.ID != "root" {
prefix = fmt.Sprintf("/v1/%s/sys/events/subscribe/", ns.Path)
if ns.ID != namespace.RootNamespaceID {
prefix = fmt.Sprintf("/v1/%ssys/events/subscribe/", ns.Path)
}
eventTypeStr := strings.TrimSpace(strings.TrimPrefix(r.URL.Path, prefix))
if eventTypeStr == "" {

5
http/handler.go
View File

@ -26,7 +26,6 @@ import (
"github.com/hashicorp/go-secure-stdlib/parseutil"
"github.com/hashicorp/go-sockaddr"
"github.com/hashicorp/go-uuid"
"github.com/hashicorp/vault/helper/experiments"
"github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/internalshared/configutil"
"github.com/hashicorp/vault/sdk/helper/consts"
@ -177,10 +176,6 @@ func handler(props *vault.HandlerProperties) http.Handler {
mux.Handle("/v1/sys/storage/raft/join", handleSysRaftJoin(core))
mux.Handle("/v1/sys/internal/ui/feature-flags", handleSysInternalFeatureFlags(core))
if core.IsExperimentEnabled(experiments.VaultExperimentEventsAlpha1) {
mux.Handle("/v1/sys/events/subscribe/", handleEventsSubscribe(core))
}
for _, path := range injectDataIntoTopRoutes {
mux.Handle(path, handleRequestForwarding(core, handleLogicalWithInjector(core)))
}

19
http/logical.go
View File

@ -14,6 +14,7 @@ import (
"time"
uuid "github.com/hashicorp/go-uuid"
"github.com/hashicorp/vault/helper/experiments"
"github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/sdk/helper/consts"
"github.com/hashicorp/vault/sdk/logical"
@ -346,6 +347,24 @@ func handleLogicalInternal(core *vault.Core, injectDataIntoTopLevel bool, noForw
return
}
// Websockets need to be handled at HTTP layer instead of logical requests.
if core.IsExperimentEnabled(experiments.VaultExperimentEventsAlpha1) {
ns, err := namespace.FromContext(r.Context())
if err != nil {
respondError(w, http.StatusInternalServerError, err)
return
}
nsPath := ns.Path
if ns.ID == namespace.RootNamespaceID {
nsPath = ""
}
if strings.HasPrefix(r.URL.Path, fmt.Sprintf("/v1/%ssys/events/subscribe/", nsPath)) {
handler := handleEventsSubscribe(core)
handler.ServeHTTP(w, r)
return
}
}
// Make the internal request. We attach the connection info
// as well in case this is an authentication request that requires
// it. Vault core handles stripping this if we need to. This also