Backport of Warn on upper case in policy name into release/1.10.x (#1…

…4715) * backport of commit 5e23bfc * backport of commit 6a105b2 * backport of commit 296d744 * backport of commit b1c7f95 * backport of commit 9efc7f0 * backport of commit e5f4408 * backport of commit 7677a06 * Add a space to get github status to retrigger Co-authored-by: Valerie Conklin <val@hashicorp.com>
hashicorp · Mar 24, 2022 · c7def07 · c7def07
1 parent 8184b56
commit c7def07
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 4 deletions.
diff --git a/changelog/14670.txt b/changelog/14670.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+cli/vault: warn when policy name contains upper-case letter 
+```
diff --git a/command/policy_write.go b/command/policy_write.go
@@ -91,7 +91,8 @@ func (c *PolicyWriteCommand) Run(args []string) int {
 	}
 
 	// Policies are normalized to lowercase
-	name := strings.TrimSpace(strings.ToLower(args[0]))
+	policyName := args[0]
+	formattedName := strings.TrimSpace(strings.ToLower(policyName))
 	path := strings.TrimSpace(args[1])
 
 	// Get the policy contents, either from stdin of a file
@@ -119,11 +120,15 @@ func (c *PolicyWriteCommand) Run(args []string) int {
 	}
 	rules := buf.String()
 
-	if err := client.Sys().PutPolicy(name, rules); err != nil {
+	if err := client.Sys().PutPolicy(formattedName, rules); err != nil {
 		c.UI.Error(fmt.Sprintf("Error uploading policy: %s", err))
 		return 2
 	}
 
-	c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", name))
+	if policyName != formattedName {
+		c.UI.Warn(fmt.Sprintf("Policy name was converted from \"%s\" to \"%s\"", policyName, formattedName))
+	}
+
+	c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", formattedName))
 	return 0
 }
diff --git a/vault/logical_system.go b/vault/logical_system.go
@@ -2435,14 +2435,19 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
 			return nil, err
 		}
 
+		name := data.Get("name").(string)
 		policy := &Policy{
-			Name:      strings.ToLower(data.Get("name").(string)),
+			Name:      strings.ToLower(name),
 			Type:      policyType,
 			namespace: ns,
 		}
 		if policy.Name == "" {
 			return logical.ErrorResponse("policy name must be provided in the URL"), nil
 		}
+		if name != policy.Name {
+			resp = &logical.Response{}
+			resp.AddWarning(fmt.Sprintf("policy name was converted to %s", policy.Name))
+		}
 
 		policy.Raw = data.Get("policy").(string)
 		if policy.Raw == "" && policyType == PolicyTypeACL && strings.HasPrefix(req.Path, "policy") {
@@ -2485,6 +2490,7 @@ func (b *SystemBackend) handlePoliciesSet(policyType PolicyType) framework.Opera
 		if err := b.Core.policyStore.SetPolicy(ctx, policy); err != nil {
 			return handleError(err)
 		}
+
 		return resp, nil
 	}
 }