refactor: remove duplication from cedar policy

author: mo khan <mo@mokhan.ca> 2025-07-05 11:36:43 -0600
committer: mo khan <mo@mokhan.ca> 2025-07-05 11:36:43 -0600
commit: 3d821c356af75cdddddf72d8dc9d877972ee8d20 (patch)
tree: e8195d9594ba205ca6858c5cdd04f81e37d70d53 /etc
parent: 2dd12b6a8109f05f508f382604f49744158d2080 (diff)
1 files changed, 1 insertions, 10 deletions
diff --git a/etc/authzd/policy0.cedar b/etc/authzd/policy0.cedar
index e1037457..a7a0ccb5 100644
--- a/etc/authzd/policy0.cedar
+++ b/etc/authzd/policy0.cedar
@@ -6,7 +6,7 @@ when {
 
 permit(principal, action == Action::"check", resource)
 when {
-  context has path && (
+  context has path && context has method && context.method == "GET" && (
     context.path like "*.css" ||
     context.path like "*.js" ||
     context.path like "*.ico" ||
@@ -30,15 +30,6 @@ when {
         context.path == "/health" ||
         context.path == "/signout" ||
         context.path == "/sparkles" ||
-        context.path like "*.bmp" ||
-        context.path like "*.css" ||
-        context.path like "*.gif" ||
-        context.path like "*.html" ||
-        context.path like "*.ico" ||
-        context.path like "*.jpeg" ||
-        context.path like "*.jpg" ||
-        context.path like "*.js" ||
-        context.path like "*.png" ||
         context.path == "/callback"
       )
     ) || (
author	mo khan <mo@mokhan.ca>	2025-07-05 11:36:43 -0600
committer	mo khan <mo@mokhan.ca>	2025-07-05 11:36:43 -0600
commit	3d821c356af75cdddddf72d8dc9d877972ee8d20 (patch)
tree	e8195d9594ba205ca6858c5cdd04f81e37d70d53 /etc
parent	2dd12b6a8109f05f508f382604f49744158d2080 (diff)