refactor: try to move policy files to /etc/authzd/

author: mo khan <mo@mokhan.ca> 2025-06-26 15:30:41 -0600
committer: mo khan <mo@mokhan.ca> 2025-06-26 15:30:41 -0600
commit: 187c02e9bf32f152cbca9fd5790f4a6070dbb37d (patch)
tree: 77a8cefe9c95d4f67522d02f0247194c3b39f173 /etc/authzd/policy0.cedar
parent: 91a989b761f97a70e76031988cf570ad5d209f47 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/etc/authzd/policy0.cedar b/etc/authzd/policy0.cedar
new file mode 100644
index 00000000..e01182c5
--- /dev/null
+++ b/etc/authzd/policy0.cedar
@@ -0,0 +1,19 @@
+permit(principal, action == Action::"check", resource)
+when {
+    context has bearer_token &&
+    context.bearer_token == "valid-token"
+};
+
+permit(principal, action == Action::"check", resource)
+when {
+    context has path &&
+    (context.path like "*.css" ||
+     context.path like "*.js" ||
+     context.path like "*.ico" ||
+     context.path like "*.png" ||
+     context.path like "*.jpg" ||
+     context.path like "*.jpeg" ||
+     context.path like "*.gif" ||
+     context.path like "*.bmp" ||
+     context.path like "*.html")
+};
author	mo khan <mo@mokhan.ca>	2025-06-26 15:30:41 -0600
committer	mo khan <mo@mokhan.ca>	2025-06-26 15:30:41 -0600
commit	187c02e9bf32f152cbca9fd5790f4a6070dbb37d (patch)
tree	77a8cefe9c95d4f67522d02f0247194c3b39f173 /etc/authzd/policy0.cedar
parent	91a989b761f97a70e76031988cf570ad5d209f47 (diff)