Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

etcdctl/role: reject non-canonical permission path

Browse Source 
Non-canonical permission path is useless because the path received
by auth is always canonical, which is due to our ServeMux always
redirects request to canonical path().

This helps users to detect path permission setting error early.

Ref: http://godoc.org/net/http#ServeMux
This commit is contained in:
Yicheng Qin 2015-08-18 08:13:17 -07:00
parent b5ec7f543a
commit fab3feab66
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
etcdctl/command/role_commands.go
View File

@ -23,6 +23,7 @@ import (
"github.com/coreos/etcd/Godeps/_workspace/src/github.com/codegangsta/cli"
"github.com/coreos/etcd/Godeps/_workspace/src/golang.org/x/net/context"
"github.com/coreos/etcd/client"
"github.com/coreos/etcd/pkg/pathutil"
)
func NewRoleCommands() cli.Command {
@ -152,6 +153,10 @@ func roleGrantRevoke(c *cli.Context, grant bool) {
fmt.Fprintln(os.Stderr, "No path specified; please use `-path`")
os.Exit(1)
}
if pathutil.CanonicalURLPath(path) != path {
fmt.Fprintf(os.Stderr, "Not canonical path; please use `-path=%s`\n", pathutil.CanonicalURLPath(path))
os.Exit(1)
}
read := c.Bool("read")
write := c.Bool("write")