Don't return policy in provisioner JSON

2 years ago · 628d7448de
parent 2fbdf7d5b0
commit 628d7448de
3 changed files with 5 additions and 5 deletions
--- a/api/read/read.go
+++ b/api/read/read.go
@ -34,7 +34,7 @@ func ProtoJSON(r io.Reader, m proto.Message) error {
 }

 // ProtoJSONWithCheck reads JSON from the request body and stores it in the value
-// pointed to by v.
+// pointed to by v. Returns false if an error was written; true if not.
 func ProtoJSONWithCheck(w http.ResponseWriter, r io.Reader, m proto.Message) bool {
 	data, err := io.ReadAll(r)
 	if err != nil {
--- a/authority/provisioner/options.go
+++ b/authority/provisioner/options.go
@ -61,10 +61,10 @@ type X509Options struct {
 	TemplateData json.RawMessage `json:"templateData,omitempty"`

 	// AllowedNames contains the SANs the provisioner is authorized to sign
-	AllowedNames *policy.X509NameOptions
+	AllowedNames *policy.X509NameOptions `json:"-"`

 	// DeniedNames contains the SANs the provisioner is not authorized to sign
-	DeniedNames *policy.X509NameOptions
+	DeniedNames *policy.X509NameOptions `json:"-"`
 }

 // HasTemplate returns true if a template is defined in the provisioner options.
--- a/authority/provisioner/ssh_options.go
+++ b/authority/provisioner/ssh_options.go
@ -37,10 +37,10 @@ type SSHOptions struct {
 	TemplateData json.RawMessage `json:"templateData,omitempty"`

 	// User contains SSH user certificate options.
-	User *policy.SSHUserCertificateOptions
+	User *policy.SSHUserCertificateOptions `json:"-"`

 	// Host contains SSH host certificate options.
-	Host *policy.SSHHostCertificateOptions
+	Host *policy.SSHHostCertificateOptions `json:"-"`
 }

 // GetAllowedUserNameOptions returns the SSHNameOptions that are