/// <summary>
/// Builds a policy for the full admins of the vault.
/// </summary>
/// <returns></returns>
internal async Task <bool> BuildAdminPolicy()
{
// Create the Permission Paths
// FullAdmins will have full control to the HashPath
VaultPolicyPathItem hashPath = new VaultPolicyPathItem(true, VAULT_HASH_NAME, "/*");
hashPath.CRUDAllowed = true;
// FullAdmins will have full control to the AppKey Vault
VaultPolicyPathItem appPath = new VaultPolicyPathItem(true, VAULT_KEYCRYPT_NAME, "/*");
appPath.CRUDAllowed = true;
// Now create the policy
VaultPolicyContainer adminContainer = new VaultPolicyContainer("FullAdmin");
adminContainer.AddPolicyPathObject(hashPath);
adminContainer.AddPolicyPathObject(appPath);
bool success = await _vaultSystemBackend.SysPoliciesACLCreate(adminContainer);
List <string> adminPolicies = new List <string>();
adminPolicies.Add(adminContainer.Name);
// Associate the Admin Active Directory group to the policy.
success = await _ldapAuthEngine.CreateGroupToPolicyMapping("_IT-SystemEngineers", adminPolicies);
List <string> groups = await _ldapAuthEngine.ListGroups();
return(success);
}
public async Task Group_List_Success()
{
List <string> groups = await _ldapAuthEngine.ListGroups();
throw new NotImplementedException();
}
