Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

VAULT-8719 Support data array for alias clash error response so UI/machines can understand error #17459

Merged
merged 4 commits into from
Oct 17, 2022

Conversation

VioletHynes
Copy link
Contributor

Note that I did need to do a little black magic here. The response as read by the logical framework is the same (nil response, non-nil error), but raw API requests give the full data array. This seems like a pretty good solution to me, as it doesn't return both a resp and an error to the logical framework, but I'm open to other thoughts and opinions and as to whether or not this is the right kind of black magic.

The approach is broadly extensible, in the sense that we can follow the same method again in the future, too.

The body of a response after this change will look a little like this (in the case of a double clash):

{
   "errors":[
      "3 errors occurred:\n\t* toEntity and at least one fromEntity have aliases with the same mount accessor, repeat the merge request specifying exactly one fromEntity, clashes: \n\t* mountAccessor: auth_github_41e995e1, toEntity ID: f41ba0e4-4492-04a5-e850-0715c39d600c, fromEntity ID: 12239930-f672-37ab-cd3d-668b79c51043, conflicting toEntity alias ID: a24f4921-27e6-e9dd-8a5a-e08ade178e49, conflicting fromEntity alias ID: 920efcfc-9406-a5c7-3061-283e3935fcc4\n\t* mountAccessor: auth_userpass_c13afd8e, toEntity ID: f41ba0e4-4492-04a5-e850-0715c39d600c, fromEntity ID: 79fcbd36-c92d-60ba-bd3e-af9836311eea, conflicting toEntity alias ID: 2d6617ee-4dd6-8445-c818-7b484e95b433, conflicting fromEntity alias ID: dc843aed-df0e-49d7-0ab7-e0b105d7b5db\n\n"
   ],
   "data":[
      {
         "alias":"bob-github",
         "entity":"bob-smith",
         "entity_id":"f41ba0e4-4492-04a5-e850-0715c39d600c",
         "mount":"github",
         "mount_path":"auth/github/"
      },
      {
         "alias":"clara",
         "entity":"clara-smith",
         "entity_id":"12239930-f672-37ab-cd3d-668b79c51043",
         "mount":"github",
         "mount_path":"auth/github/"
      },
      {
         "alias":"bob",
         "entity":"bob-smith",
         "entity_id":"f41ba0e4-4492-04a5-e850-0715c39d600c",
         "mount":"userpass",
         "mount_path":"auth/userpass/"
      },
      {
         "alias":"alice",
         "entity":"alice-smith",
         "entity_id":"79fcbd36-c92d-60ba-bd3e-af9836311eea",
         "mount":"userpass",
         "mount_path":"auth/userpass/"
      }
   ]
}

@VioletHynes VioletHynes marked this pull request as ready for review October 7, 2022 15:10
@VioletHynes

This comment was marked as outdated.

sdk/logical/response.go Outdated Show resolved Hide resolved
vault/identity_store_util.go Show resolved Hide resolved
vault/identity_store_entities.go Show resolved Hide resolved
@VioletHynes VioletHynes merged commit 487275f into main Oct 17, 2022
@VioletHynes VioletHynes deleted the violethynes/VAULT-8719 branch October 17, 2022 18:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants