diff options
| author | mo khan <mo@mokhan.ca> | 2025-06-26 15:30:41 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-06-26 15:30:41 -0600 |
| commit | 187c02e9bf32f152cbca9fd5790f4a6070dbb37d (patch) | |
| tree | 77a8cefe9c95d4f67522d02f0247194c3b39f173 /etc | |
| parent | 91a989b761f97a70e76031988cf570ad5d209f47 (diff) | |
refactor: try to move policy files to /etc/authzd/
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/authzd/policy0.cedar | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/etc/authzd/policy0.cedar b/etc/authzd/policy0.cedar new file mode 100644 index 00000000..e01182c5 --- /dev/null +++ b/etc/authzd/policy0.cedar @@ -0,0 +1,19 @@ +permit(principal, action == Action::"check", resource) +when { + context has bearer_token && + context.bearer_token == "valid-token" +}; + +permit(principal, action == Action::"check", resource) +when { + context has path && + (context.path like "*.css" || + context.path like "*.js" || + context.path like "*.ico" || + context.path like "*.png" || + context.path like "*.jpg" || + context.path like "*.jpeg" || + context.path like "*.gif" || + context.path like "*.bmp" || + context.path like "*.html") +}; |