diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-10 14:28:12 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-10 14:28:12 -0600 |
| commit | 501fbdd53312a2a449891386a7982f324ccfe23a (patch) | |
| tree | 9e54b52a3d020d73f1798d8485a49c41ee03c7af /src | |
| parent | b7338b400eea2ce06de362f046da927ed135d048 (diff) | |
feat: provide the http method and path as the action and resource
Diffstat (limited to 'src')
| -rw-r--r-- | src/authorization/cedar_authorizer.rs | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs index 0f53dacb..662aafeb 100644 --- a/src/authorization/cedar_authorizer.rs +++ b/src/authorization/cedar_authorizer.rs @@ -89,21 +89,21 @@ impl CedarAuthorizer { fn permission_from( &self, - _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, + http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> { Ok(cedar_policy::EntityUid::from_type_name_and_id( cedar_policy::EntityTypeName::from_str("Action")?, - cedar_policy::EntityId::from_str("check")?, + cedar_policy::EntityId::from_str(&http_request.method)?, )) } fn resource_from( &self, - _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, + http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest, ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> { Ok(cedar_policy::EntityUid::from_type_name_and_id( cedar_policy::EntityTypeName::from_str("Resource")?, - cedar_policy::EntityId::from_str("resource")?, + cedar_policy::EntityId::from_str(&http_request.path)?, )) } |