summaryrefslogtreecommitdiff
path: root/etc/authzd
diff options
context:
space:
mode:
Diffstat (limited to 'etc/authzd')
-rw-r--r--etc/authzd/policy1.cedar7
-rw-r--r--etc/authzd/spice.schema7
2 files changed, 14 insertions, 0 deletions
diff --git a/etc/authzd/policy1.cedar b/etc/authzd/policy1.cedar
index 15776ab7..966bbcfb 100644
--- a/etc/authzd/policy1.cedar
+++ b/etc/authzd/policy1.cedar
@@ -28,3 +28,10 @@ when
context.host == "sparkle.staging.runway.gitlab.net" &&
principal has username
};
+
+permit (
+ principal == User::"1",
+ action == Action::"GET",
+ resource == Resource::"/dashboard"
+)
+when { context has host && context.host == "localhost:10000" };
diff --git a/etc/authzd/spice.schema b/etc/authzd/spice.schema
new file mode 100644
index 00000000..0d6a6482
--- /dev/null
+++ b/etc/authzd/spice.schema
@@ -0,0 +1,7 @@
+definition user {}
+definition project {
+ relation developer: user
+ relation maintainer: user
+ permission read = developer + maintainer
+ permission write = maintainer
+}
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 21:34:36 +0000