Add policy CRUD, cert management, and web UI updates

- Add PUT /v1/policy/rule endpoint for updating policy rules; expose full policy CRUD through the web UI with a dedicated policy page - Add certificate revoke, delete, and get-cert to CA engine and wire REST + gRPC routes; fix missing interceptor registrations - Update ARCHITECTURE.md to reflect v2 gRPC as the active implementation, document ACME endpoints, correct CA permission levels, and add policy/cert management route tables - Add POLICY.md documenting the priority-based ACL engine design - Add web/templates/policy.html for policy management UI Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-15 19:41:11 -07:00
parent 02ee538213
commit fbd6d1af04
17 changed files with 1055 additions and 58 deletions
--- a/internal/webserver/cert_detail_test.go
+++ b/internal/webserver/cert_detail_test.go
@@ -110,6 +110,20 @@ func (m *mockVault) DeleteCert(ctx context.Context, token, mount, serial string)
 	return nil
 }

+func (m *mockVault) ListPolicies(ctx context.Context, token string) ([]PolicyRule, error) {
+	return nil, nil
+}
+
+func (m *mockVault) GetPolicy(ctx context.Context, token, id string) (*PolicyRule, error) {
+	return nil, nil
+}
+
+func (m *mockVault) CreatePolicy(ctx context.Context, token string, rule PolicyRule) (*PolicyRule, error) {
+	return nil, nil
+}
+
+func (m *mockVault) DeletePolicy(ctx context.Context, token, id string) error { return nil }
+
 func (m *mockVault) Close() error { return nil }

 // ---- handleTGZDownload tests ----