diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-05 11:45:17 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-05 11:45:17 -0600 |
| commit | 3dbd58536a4c37a2cc3b18572ac9e46bbd19d718 (patch) | |
| tree | 82af1fdea2e90b9e8de0f99ff8ece9f5d4dfb94f /etc/authzd | |
| parent | 43ea56f31f1f00b5f6dfb84682ef40b716a327a4 (diff) | |
feat: allow access from production sparkle
Diffstat (limited to 'etc/authzd')
| -rw-r--r-- | etc/authzd/policy0.cedar | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/etc/authzd/policy0.cedar b/etc/authzd/policy0.cedar index a7a0ccb5..18a48476 100644 --- a/etc/authzd/policy0.cedar +++ b/etc/authzd/policy0.cedar @@ -22,19 +22,24 @@ when { permit(principal, action, resource) when { context has host && context has method && context has path && ( - context.host == "sparkle.staging.runway.gitlab.net" && ( - context.method == "GET" && ( - context.path == "/" || - context.path == "/callback" || - context.path == "/dashboard/nav" || - context.path == "/health" || - context.path == "/signout" || - context.path == "/sparkles" || - context.path == "/callback" - ) - ) || ( - context.method == "POST" && ( - context.path == "/sparkles/restore" + ( + context.host == "sparkle.staging.runway.gitlab.net" || + context.host == "sparkle.runway.gitlab.net" + ) && ( + ( + context.method == "GET" && ( + context.path == "/" || + context.path == "/callback" || + context.path == "/dashboard/nav" || + context.path == "/health" || + context.path == "/signout" || + context.path == "/sparkles" || + context.path == "/callback" + ) + ) || ( + context.method == "POST" && ( + context.path == "/sparkles/restore" + ) ) ) ) |