From bac4fe0799a372ba1245db642f3f6cd1f1d02669 Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Mon, 14 Mar 2016 17:15:07 -0400
Subject: [PATCH 1/4] Rename id to path and path to file_path, print audit
 backend paths

---
 api/sys_audit.go                       |  1 +
 builtin/audit/file/backend.go          |  4 ++--
 command/audit_enable.go                | 14 +++++++-------
 command/audit_list.go                  |  4 ++--
 vault/logical_system.go                |  1 +
 website/source/docs/audit/file.html.md |  8 ++++----
 6 files changed, 17 insertions(+), 15 deletions(-)

diff --git a/api/sys_audit.go b/api/sys_audit.go
index bf688541e3..6fbe1ef228 100644
--- a/api/sys_audit.go
+++ b/api/sys_audit.go
@@ -78,6 +78,7 @@ func (c *Sys) DisableAudit(path string) error {
 // documentation. Please refer to that documentation for more details.
 
 type Audit struct {
+	Path        string
 	Type        string
 	Description string
 	Options     map[string]string
diff --git a/builtin/audit/file/backend.go b/builtin/audit/file/backend.go
index 813603ab1f..ccb3935d33 100644
--- a/builtin/audit/file/backend.go
+++ b/builtin/audit/file/backend.go
@@ -18,9 +18,9 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 		return nil, fmt.Errorf("nil salt")
 	}
 
-	path, ok := conf.Config["path"]
+	path, ok := conf.Config["file_path"]
 	if !ok {
-		return nil, fmt.Errorf("path is required")
+		return nil, fmt.Errorf("file_path is required")
 	}
 
 	// Check if hashing of accessor is disabled
diff --git a/command/audit_enable.go b/command/audit_enable.go
index 5f7b6a6e80..3e95889fe9 100644
--- a/command/audit_enable.go
+++ b/command/audit_enable.go
@@ -19,10 +19,10 @@ type AuditEnableCommand struct {
 }
 
 func (c *AuditEnableCommand) Run(args []string) int {
-	var desc, id string
+	var desc, path string
 	flags := c.Meta.FlagSet("audit-enable", FlagSetDefault)
 	flags.StringVar(&desc, "description", "", "")
-	flags.StringVar(&id, "id", "", "")
+	flags.StringVar(&path, "path", "", "")
 	flags.Usage = func() { c.Ui.Error(c.Help()) }
 	if err := flags.Parse(args); err != nil {
 		return 1
@@ -37,8 +37,8 @@ func (c *AuditEnableCommand) Run(args []string) int {
 	}
 
 	auditType := args[0]
-	if id == "" {
-		id = auditType
+	if path == "" {
+		path = auditType
 	}
 
 	// Build the options
@@ -67,7 +67,7 @@ func (c *AuditEnableCommand) Run(args []string) int {
 		return 1
 	}
 
-	err = client.Sys().EnableAudit(id, auditType, desc, opts)
+	err = client.Sys().EnableAudit(path, auditType, desc, opts)
 	if err != nil {
 		c.Ui.Error(fmt.Sprintf(
 			"Error enabling audit backend: %s", err))
@@ -75,7 +75,7 @@ func (c *AuditEnableCommand) Run(args []string) int {
 	}
 
 	c.Ui.Output(fmt.Sprintf(
-		"Successfully enabled audit backend '%s'!", auditType))
+		"Successfully enabled audit backend '%s' with path '%s'!", auditType, path))
 	return 0
 }
 
@@ -103,7 +103,7 @@ Audit Enable Options:
   -description=<desc>     A human-friendly description for the backend. This
                           shows up only when querying the enabled backends.
 
-  -id=<id>                Specify a unique ID for this audit backend. This
+  -path=<path>            Specify a unique path for this audit backend. This
                           is purely for referencing this audit backend. By
                           default this will be the backend type.
 
diff --git a/command/audit_list.go b/command/audit_list.go
index 398b6c8d26..36e70ac365 100644
--- a/command/audit_list.go
+++ b/command/audit_list.go
@@ -47,7 +47,7 @@ func (c *AuditListCommand) Run(args []string) int {
 	}
 	sort.Strings(paths)
 
-	columns := []string{"Type | Description | Options"}
+	columns := []string{"Path | Type | Description | Options"}
 	for _, path := range paths {
 		audit := audits[path]
 		opts := make([]string, 0, len(audit.Options))
@@ -56,7 +56,7 @@ func (c *AuditListCommand) Run(args []string) int {
 		}
 
 		columns = append(columns, fmt.Sprintf(
-			"%s | %s | %s", audit.Type, audit.Description, strings.Join(opts, " ")))
+			"%s | %s | %s | %s", audit.Path, audit.Type, audit.Description, strings.Join(opts, " ")))
 	}
 
 	c.Ui.Output(columnize.SimpleFormat(columns))
diff --git a/vault/logical_system.go b/vault/logical_system.go
index f4bf4aac56..f8bacb915a 100644
--- a/vault/logical_system.go
+++ b/vault/logical_system.go
@@ -932,6 +932,7 @@ func (b *SystemBackend) handleAuditTable(
 	}
 	for _, entry := range b.Core.audit.Entries {
 		info := map[string]interface{}{
+			"path":        entry.Path,
 			"type":        entry.Type,
 			"description": entry.Description,
 			"options":     entry.Options,
diff --git a/website/source/docs/audit/file.html.md b/website/source/docs/audit/file.html.md
index 8c0a1db963..7d093db9a9 100644
--- a/website/source/docs/audit/file.html.md
+++ b/website/source/docs/audit/file.html.md
@@ -25,13 +25,13 @@ information is first hashed before logging in the audit logs.
 Audit `file` backend can be enabled by the following command.
 
 ```
-$ vault audit-enable file path=/var/log/vault_audit.log
+$ vault audit-enable file file_path=/var/log/vault_audit.log
 ```
 
-Any number of `file` audit logs can be created by enabling it with different `id`s.
+Any number of `file` audit logs can be created by enabling it with different `path`s.
 
 ```
-$ vault audit-enable -id="vault_audit_1" file path=/home/user/vault_audit.log
+$ vault audit-enable -path="vault_audit_1" file file_path=/home/user/vault_audit.log
 ```
 
 Note the difference between `audit-enable` command options and the `file` backend
@@ -43,7 +43,7 @@ Following are the configuration options available for the backend.
   <dd>
     <ul>
       <li>
-        <span class="param">path</span>
+        <span class="param">file_path</span>
         <span class="param-flags">required</span>
             The path to where the audit log will be written. If this
             path exists, the audit backend will append to it.

From ab6132bc907f853f6059a1d834f6c3a9ac2a01b8 Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Mon, 14 Mar 2016 18:33:51 -0400
Subject: [PATCH 2/4] Rename 'name' as 'path' in audit API docs

---
 website/source/docs/http/sys-audit-hash.html.md | 2 +-
 website/source/docs/http/sys-audit.html.md      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/source/docs/http/sys-audit-hash.html.md b/website/source/docs/http/sys-audit-hash.html.md
index 07c44590b8..d4dcc8c374 100644
--- a/website/source/docs/http/sys-audit-hash.html.md
+++ b/website/source/docs/http/sys-audit-hash.html.md
@@ -27,7 +27,7 @@ description: |-
   <dd>POST</dd>
 
   <dt>URL</dt>
-  <dd>`/sys/audit-hash/<name>`</dd>
+  <dd>`/sys/audit-hash/<path>`</dd>
 
   <dt>Parameters</dt>
   <dd>
diff --git a/website/source/docs/http/sys-audit.html.md b/website/source/docs/http/sys-audit.html.md
index 5863c80b23..51ccabc48d 100644
--- a/website/source/docs/http/sys-audit.html.md
+++ b/website/source/docs/http/sys-audit.html.md
@@ -54,7 +54,7 @@ description: |-
   <dd>PUT</dd>
 
   <dt>URL</dt>
-  <dd>`/sys/audit/<name>`</dd>
+  <dd>`/sys/audit/<path>`</dd>
 
   <dt>Parameters</dt>
   <dd>
@@ -96,7 +96,7 @@ description: |-
   <dd>DELETE</dd>
 
   <dt>URL</dt>
-  <dd>`/sys/audit/<name>`</dd>
+  <dd>`/sys/audit/<path>`</dd>
 
   <dt>Parameters</dt>
   <dd>None

From 8718b0e133eb160480b880bf5bcf5eeeeb1bc154 Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Mon, 14 Mar 2016 18:40:12 -0400
Subject: [PATCH 3/4] Fix broken test case

---
 http/sys_audit_test.go       | 3 ++-
 vault/logical_system_test.go | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/http/sys_audit_test.go b/http/sys_audit_test.go
index 010f4bb06e..ec9557ecf0 100644
--- a/http/sys_audit_test.go
+++ b/http/sys_audit_test.go
@@ -23,6 +23,7 @@ func TestSysAudit(t *testing.T) {
 	var actual map[string]interface{}
 	expected := map[string]interface{}{
 		"noop/": map[string]interface{}{
+			"path":        "noop/",
 			"type":        "noop",
 			"description": "",
 			"options":     map[string]interface{}{},
@@ -31,7 +32,7 @@ func TestSysAudit(t *testing.T) {
 	testResponseStatus(t, resp, 200)
 	testResponseBody(t, resp, &actual)
 	if !reflect.DeepEqual(actual, expected) {
-		t.Fatalf("bad: %#v", actual)
+		t.Fatalf("bad: expected:\n%#v actual:\n%#v\n", expected, actual)
 	}
 }
 
diff --git a/vault/logical_system_test.go b/vault/logical_system_test.go
index 633079dafc..375582bcde 100644
--- a/vault/logical_system_test.go
+++ b/vault/logical_system_test.go
@@ -635,6 +635,7 @@ func TestSystemBackend_auditTable(t *testing.T) {
 
 	exp := map[string]interface{}{
 		"foo/": map[string]interface{}{
+			"path":        "foo/",
 			"type":        "noop",
 			"description": "testing",
 			"options": map[string]string{

From 4d28fa38c4002dd1be90f5f5acec2a661886fb87 Mon Sep 17 00:00:00 2001
From: vishalnayak <vishalnayakv@gmail.com>
Date: Tue, 15 Mar 2016 20:05:51 -0400
Subject: [PATCH 4/4] Read from 'path' to retain backward compatibility

---
 builtin/audit/file/backend.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/builtin/audit/file/backend.go b/builtin/audit/file/backend.go
index ccb3935d33..52a6733521 100644
--- a/builtin/audit/file/backend.go
+++ b/builtin/audit/file/backend.go
@@ -20,7 +20,10 @@ func Factory(conf *audit.BackendConfig) (audit.Backend, error) {
 
 	path, ok := conf.Config["file_path"]
 	if !ok {
-		return nil, fmt.Errorf("file_path is required")
+		path, ok = conf.Config["path"]
+		if !ok {
+			return nil, fmt.Errorf("file_path is required")
+		}
 	}
 
 	// Check if hashing of accessor is disabled